kubernetes集群搭建

环境准备

准备2台虚拟机，系统：CentOS 7.4，关闭防火墙
1
2
systemctl stop firewalld
systemctl disable firewalld
禁用SELINUX：
1
setenforce 0

永久关闭

1 2	vi /etc/selinux/config SELINUX=disabled

安装 Docker

添加 yum 源

yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo

查看Docker版本：

1	yum list docker-ce.x86_64 --showduplicates \|sort -r

安装

yum makecache fast
yum install -y docker-ce docker-ce-selinux
systemctl start docker
systemctl enable docker

安装kubeadm和kubelet

添加yum源，此处用的google，墙内的可以用阿里云

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
        https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

安装

1 2	yum makecache fast yum install -y kubelet kubeadm kubectl

启动
1
systemctl enable kubelet.service
Kubernetes 1.8开始要求关闭系统的Swap，如果不关闭，默认配置下kubelet将无法启动。可以通过kubelet的启动参数–fail-swap-on=false更改这个限制。用命令可临时关闭
1
swapoff -a
修改/etc/sysctl.d/k8s.conf添加下面一行，执行sysctl -p /etc/sysctl.d/k8s.conf使修改生效，关闭swap分区。或vim /etc/fstab文件，注释swap分区的挂载
1
vm.swappiness=0

使用kubeadm 初始化

执行init

kubeadm init \
  --kubernetes-version=v1.11.0 \
  --pod-network-cidr=172.20.0.0/16 \
  --apiserver-advertise-address=192.168.11.129

记录以下信息，加入节点时要用

1	kubeadm join 192.168.11.129:6443 --token czip6m.2oc4vtdj6y84me85 --discovery-token-ca-cert-hash sha256:b0343be5f206ed7a834e83e2bb06a6da0435d59e419af3c41bdacd5b603ee077

查看集群状态，节点状态
1
2
kubectl get cs
kubectl get nodes

安装Pod Network

mkdir -p ~/k8s/
cd ~/k8s
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f  kube-flannel.yml

节点操作

节点加入集群

1	kubeadm join 192.168.11.129:6443 --token czip6m.2oc4vtdj6y84me85 --discovery-token-ca-cert-hash sha256:b0343be5f206ed7a834e83e2bb06a6da0435d59e419af3c41bdacd5b603ee077

从集群移除节点，master上执行：

1 2	kubectl drain node2 --delete-local-data --force --ignore-daemonsets kubectl delete node node2

在node2上执行：
1
kubeadm reset

dashboard插件部署

下载部署文件

1	wget https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml

新建文件：kubernetes-dashboard-admin.rbac.yaml,

---
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-admin
  namespace: kube-system
  
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: kubernetes-dashboard-admin
  labels:
    k8s-app: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: kubernetes-dashboard-admin
  namespace: kube-system

修改kubernetes-dashboard.yml 146行：

1	serviceAccountName: kubernetes-dashboard-admin

启动：

1 2	kubectl apply -f kubernetes-dashboard.yaml -f kubernetes-dashboard-admin.rbac.yaml kubectl proxy --address='192.168.11.129' --accept-hosts='^192\.168'

查看登录token：

1	kubectl -n kube-system describe secret $(kubectl -n kube-system get secret \| grep kubernetes-dashboard-admin \| awk '{print $1}')

登录地址：

1	http://192.168.11.129:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

heapster部署

mkdir -p ~/k8s/heapster
cd ~/k8s/heapster
wget https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/grafana.yaml
wget https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/rbac/heapster-rbac.yaml
wget https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/heapster.yaml
wget https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/influxdb.yaml

kubectl create -f ./

附录

引用：