k8s之安装与配置_单机_二进制.md 8.4 KB
k8s之安装与配置_单机_二进制
环境
| 说明 | |
|---|---|
| 操作系统 | CentOS Linux release 7.7.1908 (Core) |
| Docker | 18.06.3-ce |
| Kubernetes | v1.16.2 |
| Etcd | v3.3.15 |
主机规划
| 主机名 | IP | 角色 | 安装应用 |
|---|---|---|---|
| k8s-demo3 | 192.168.206.117 | master | kube-apiserver/kube-scheduler/kube-controller-manager/etcd |
| k8s-demo3 | 192.168.206.117 | node | docker/kubelet/kube-proxy |
注: 以上为了说明master和node安装的应用区别才分开写,单机安装所有应用安装一起。
下载
非常重要: 下载安装包前请阅读 https://kubernetes.io/docs/setup/release/notes/#dependencies
下载docker离线安装包
https://download.docker.com/linux/static/stable/x86_64/
下载k8s
https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.16.md#downloads-for-v1162
下载etcd
https://github.com/etcd-io/etcd/releases/tag/v3.3.15
下载flanneld
https://github.com/coreos/flannel/releases
安装前环境初始化
#防火墙
systemctl stop firewalld
systemctl disable firewalld
#selinux
vi /etc/selinux/config
将SELINUX=enforcing改为SELINUX=disabled,wq保存退出
#关闭swap
swapoff -a
vi /etc/fstab
将swap那一行注释掉
#目录初始化
mkdir -p /etc/etcd/
mkdir -p /var/lib/etcd/
mkdir -p /etc/kubernetes/
mkdir -p /var/log/kubernetes/
mkdir -p /var/lib/kubelet/
#hosts
echo "127.0.0.1 $(hostname)" >> /etc/hosts
安装Docker
chmod +x ~/install_docker.sh
~/install_docker.sh docker-18.06.3-ce.tgz
部署 Master&Node 服务
# 安装命令
tar -zxvf kubernetes-server-linux-amd64.tar.gz
cp ~/kubernetes/server/bin/{kube-apiserver,kube-controller-manager,kube-scheduler,kubectl,kube-proxy,kubelet} /usr/bin/
tar -zxvf etcd-v3.3.15-linux-amd64.tar.gz
cp ~/etcd-v3.3.15-linux-amd64/{etcd,etcdctl} /usr/bin/
etcd安装
#系统服务配置
cat>/usr/lib/systemd/system/etcd.service<<EOF
[Unit]
Description=etcd.service
[Service]
Type=notify
TimeoutStartSec=0
Restart=always
WorkingDirectory=/var/lib/etcd
ExecStart=/usr/bin/etcd \
--name=ETCDServer \
--data-dir=/var/lib/etcd/ \
--listen-client-urls=http://0.0.0.0:2379 \
--advertise-client-urls=http://192.168.206.117:2379
[Install]
WantedBy=multi-user.target
EOF
# 启动服务
systemctl daemon-reload
systemctl enable etcd.service --now
etcdctl cluster-health
kube-apiserver安装
#系统服务配置
cat>/usr/lib/systemd/system/kube-apiserver.service<<EOF
[Unit]
Description=Kubernetes API Server
After=etcd.service
Wants=etcd.service
[Service]
#EnvironmentFile=/etc/kubernetes/apiserver
ExecStart=/usr/bin/kube-apiserver \
--etcd-servers=http://192.168.206.117:2379 \
--insecure-bind-address=0.0.0.0 \
--port=8080 \
--service-cluster-ip-range=10.2.0.0/16 \
--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota
Restart=on-failure
Type=notify
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
EOF
#启动服务
systemctl daemon-reload
systemctl enable kube-apiserver.service --now
systemctl status kube-apiserver.service
kube-controller-manager安装
#系统服务配置
cat>/usr/lib/systemd/system/kube-controller-manager.service<<EOF
[Unit]
Description=Kubernetes Controller Manager
After=kube-apiserver.service
Requires=kube-apiserver.service
[Service]
#EnvironmentFile=-/etc/kubernetes/controller-manager
ExecStart=/usr/bin/kube-controller-manager \
--master=http://192.168.206.117:8080 \
--service-cluster-ip-range=10.2.0.0/16
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
EOF
#启动服务
systemctl daemon-reload
systemctl enable kube-controller-manager.service --now
systemctl status kube-controller-manager.service
kube-scheduler安装
#系统服务配置
cat>/usr/lib/systemd/system/kube-scheduler.service<<EOF
[Unit]
Description=Kubernetes Scheduler
After=kube-apiserver.service
Requires=kube-apiserver.service
[Service]
User=root
#EnvironmentFile=/etc/kubernetes/scheduler
ExecStart=/usr/bin/kube-scheduler --master=http://192.168.206.117:8080
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
EOF
#启动服务
systemctl daemon-reload
systemctl enable kube-scheduler.service --now
systemctl status kube-scheduler.service
kube-proxy安装
#系统服务配置
cat>/usr/lib/systemd/system/kube-proxy.service<<EOF
[Unit]
Description=Kubernetes Kube-Proxy Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=network.target
Requires=network.service
[Service]
#EnvironmentFile=/etc/kubernetes/proxy
ExecStart=/usr/bin/kube-proxy --master=http://192.168.206.117:8080
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
EOF
#启动服务
systemctl daemon-reload
systemctl enable kube-proxy.service --now
systemctl status kube-proxy.service
kubelet安装
#系统服务配置
cat>/usr/lib/systemd/system/kubelet.service<<EOF
[Unit]
Description=Kubernetes Kubelet Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=docker.service
Requires=docker.service
[Service]
WorkingDirectory=/var/lib/kubelet
EnvironmentFile=/etc/kubernetes/kubelet
ExecStart=/usr/bin/kubelet \
--address=0.0.0.0 \
--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 \
--enable-server=true \
--enable-debugging-handlers=true \
--fail-swap-on=false \
--kubeconfig=/var/lib/kubelet/kubeconfig
Restart=on-failure
KillMode=process
[Install]
WantedBy=multi-user.target
EOF
#kubeconfig配置
cat>/var/lib/kubelet/kubeconfig<<EOF
apiVersion: v1
kind: Config
users:
- name: kubelet
clusters:
- name: kubernetes
cluster:
server: http://192.168.206.117:8080
contexts:
- context:
cluster: kubernetes
user: kubelet
name: default
current-context: default
EOF
#加载/etc/kubernetes/kubelet中需要的docker镜像
docker load -i ~/pause-amd64.tar
#启动服务
swapoff -a
systemctl daemon-reload
systemctl enable kubelet.service --now
systemctl status kubelet.service
验证
问题解决
问题1: 创建POD,kube-controller-manager组件提示“No API token found for service account "default", retry after the token is automatically created and added to the service account”
解决方法
#首先生成密钥
openssl genrsa -out /etc/kubernetes/serviceaccount.key 2048
#kube-apiserver添加参数
KUBE_API_ARGS="--service_account_key_file=/etc/kubernetes/serviceaccount.key"
#kube-controller-manager添加参数
KUBE_CONTROLLER_MANAGER_ARGS="--service_account_private_key_file=/etc/kubernetes/serviceaccount.key"
问题2: 创建POD后 kubectl describe 查看提示"kubelet does not have ClusterDNS IP configured and cannot create Pod using "ClusterFirst" policy. Falling back to "Default" policy"
解决方法
#kubelet添加参数
--hostname-override=all