kubernetes 1.6.2安装记录

来源：互联网发布：打印机端口号怎么看编辑：程序博客网时间：2024/06/06 08:27

kubernetes 1.6.2 安装记录

kubeadm安装不能用于生产环境。

1.制作rpm包，时间比较长。

git clone https://github.com/kubernetes/release.gitcd /root/release/rpm./docker-build.sh

2.安装rpm

cd /root/release/rpm/output/x86_64

rpm 下载地址：https://pan.baidu.com/s/1c2OoprU

[root@k8s-master x86_64]# lskubeadm-1.6.2-0.x86_64.rpm  kubectl-1.6.2-0.x86_64.rpm  kubelet-1.6.2-0.x86_64.rpm  kubernetes-cni-0.5.1-0.x86_64.rpm  repodata[root@k8s-master x86_64]# rpm -ivh kubectl-1.6.2-0.x86_64.rpm kubelet-1.6.2-0.x86_64.rpm kubernetes-cni-0.5.1-0.x86_64.rpm kubeadm-1.6.2-0.x86_64.rpm  --nodeps --force准备中...                          ################################# [100%]正在升级/安装...  1:kubernetes-cni-0.5.1-0           ################################# [ 33%]  2:kubelet-1.6.2-0                  ################################# [ 67%]  3:kubectl-1.6.2-0                  ################################# [ 80%]  4:kubeadm-1.6.2-0                  ################################# [100%]systemctl enable docker.servicesystemctl enable kubelet.servicesystemctl start docker.servicesystemctl start kubelet.service

3.GFW原因，先准备镜像
官网上的镜像列表：

Image NameVersiongcr.io/google_containers/kube-apiserver-amd64v1.6.0gcr.io/google_containers/kube-controller-manager-amd64v1.6.0gcr.io/google_containers/kube-scheduler-amd64v1.6.0gcr.io/google_containers/kube-proxy-amd64v1.6.0gcr.io/google_containers/etcd-amd643.0.17gcr.io/google_containers/pause-amd643.0gcr.io/google_containers/k8s-dns-sidecar-amd641.14.1gcr.io/google_containers/k8s-dns-kube-dns-amd641.14.1gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd641.14.1

（1）在国外主机上安装并初始化（方法见https://kubernetes.io/docs/getting-started-guides/kubeadm/），查看主机镜像
如果没有国外主机此处也可以直接初始化，但是肯定会卡主，终断后，查看配置文件中的docker地址，想办法搞到这些镜像。
（2）把这些镜像改名推送到自建harbor仓库

docker images | sed 's/gcr.io\/google_containers\//harbor.test.com\/kubernetes_images\//' | awk '{print "docker tag "$3" "$1":"$2}' | tail -6 | shdocker images | grep harbor.test.com | awk '{print "docker push "$1":"$2}' | sh

（3）拉取镜像

cat sh  | grep harbor.test.comharbor.test.com/kubernetes_images/kube-proxy-amd64                v1.6.2              7a1b61b8f5d4        8 days ago          109.2 MBharbor.test.com/kubernetes_images/kube-controller-manager-amd64   v1.6.2              c7ad09fe3b82        8 days ago          132.7 MBharbor.test.com/kubernetes_images/kube-apiserver-amd64            v1.6.2              e14b1d5ee474        8 days ago          150.5 MBharbor.test.com/kubernetes_images/kube-scheduler-amd64            v1.6.2              b55f2a2481b9        8 days ago          76.76 MBharbor.test.com/kubernetes_images/etcd-amd64                      3.0.17              243830dae7dd        9 weeks ago         168.9 MBharbor.test.com/kubernetes_images/pause-amd64                     3.0                 99e59f495ffa        11 months ago       746.9 kB

cat sh  | grep harbor.test.com | awk '{print "docker pull "$1":"$2}' | sh

（4）改回原名
步骤同（2）第1步
（5）查看

[root@k8s-master ~]# docker images | grep gcrgcr.io/google_containers/kube-proxy-amd64                           v1.6.2              7a1b61b8f5d4        8 days ago          109.2 MBgcr.io/google_containers/kube-apiserver-amd64                       v1.6.2              e14b1d5ee474        8 days ago          150.5 MBgcr.io/google_containers/kube-controller-manager-amd64              v1.6.2              c7ad09fe3b82        8 days ago          132.7 MBgcr.io/google_containers/kube-scheduler-amd64                       v1.6.2              b55f2a2481b9        8 days ago          76.76 MBgcr.io/google_containers/etcd-amd64                                 3.0.17              243830dae7dd        9 weeks ago         168.9 MBgcr.io/google_containers/pause-amd64                                3.0                 99e59f495ffa        11 months ago       746.9 kB

（6）删除无效镜像

docker images | grep harbor.test.com | awk '{print "docker rmi "$1":"$2}' | sh

4.现在已经可以初始化,准备了上面的镜像后，初始化速度很快，保存好初始化日志

[root@k8s-master ~]#  kubeadm init --pod-network-cidr 10.244.0.0/16 --kubernetes-version=v1.6.2[kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters.[init] Using Kubernetes version: v1.6.2[init] Using Authorization mode: RBAC[preflight] Running pre-flight checks[preflight] WARNING: kubelet service is not enabled, please run 'systemctl enable kubelet.service'[preflight] WARNING: socat not found in system path[preflight] Starting the kubelet service[certificates] Generated CA certificate and key.[certificates] Generated API server certificate and key.[certificates] API Server serving cert is signed for DNS names [k8s-master kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 192.168.1.200][certificates] Generated API server kubelet client certificate and key.[certificates] Generated service account token signing key and public key.[certificates] Generated front-proxy CA certificate and key.[certificates] Generated front-proxy client certificate and key.[certificates] Valid certificates and keys now exist in "/etc/kubernetes/pki"[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/admin.conf"[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/controller-manager.conf"[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/scheduler.conf"[apiclient] Created API client, waiting for the control plane to become ready[apiclient] All control plane components are healthy after 22.268662 seconds[apiclient] Waiting for at least one node to register[apiclient] First node has registered after 5.502850 seconds[token] Using token: 52c854.aaaaaaaaaaaaa[apiconfig] Created RBAC rules[addons] Created essential addon: kube-proxy[addons] Created essential addon: kube-dnsYour Kubernetes master has initialized successfully!To start using your cluster, you need to run (as a regular user): sudo cp /etc/kubernetes/admin.conf $HOME/ sudo chown $(id -u):$(id -g) $HOME/admin.conf export KUBECONFIG=$HOME/admin.confYou should now deploy a pod network to the cluster.Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: http://kubernetes.io/docs/admin/addons/You can now join any number of machines by running the following on each nodeas root: kubeadm join --token 52c854.aaaaaaaaaaaaa 192.168.1.200:6443

# 5.修改docker的cgroup驱动（不需要操作）
# kubelet
# 看到最后一行：error: failed to run Kubelet: failed to create kubelet: misconfiguration: kubelet cgroup driver: "cgroupfs" is different from docker cgroup driver: "systemd"

# vim /lib/systemd/system/docker.service
# 将 --exec-opt native.cgroupdriver=systemd 修改为：
# --exec-opt native.cgroupdriver=cgroupfs
# systemctl daemon-reload
# systemctl restart docker.service
# kubelet显示正常

6.创建从节点并加入到集群
将rpm包拷贝到从节点并安装：

kubeadm-1.6.2-0.x86_64.rpm  kubectl-1.6.2-0.x86_64.rpm  kubelet-1.6.2-0.x86_64.rpm  kubernetes-cni-0.5.1-0.x86_64.rpmrpm -ivh * --force --nodepssystemctl enable docker.servicesystemctl enable kubelet.servicesystemctl start docker.servicesystemctl start kubelet.servicedocker pull harbor.test.com/kubernetes_images/pause-amd64:3.0docker pull harbor.test.com/kubernetes_images/flannel:v0.7.1-amd64docker pull harbor.test.com/kubernetes_images/kube-proxy-amd64:v1.6.2docker tag 7a1b61b8f5d4 gcr.io/google_containers/kube-proxy-amd64:v1.6.2docker tag 99e59f495ffa gcr.io/google_containers/pause-amd64:3.0docker tag cd4ae0be5e1b quay.io/coreos/flannel:v0.7.1-amd64

加入集群：

kubeadm join --token 52c854.5d25a1ca09b39157 192.168.1.200:6443

在master上查看节点状态：
[root@k8s-master ~]# kubectl get nodes
The connection to the server localhost:8080 was refused - did you specify the right host or port?

在/etc/kubernetes/manifests/kube-apiserver.yaml中：
--insecure-port=0
kube-apiserver的选项--insecure-port=0，也就是说kubeadm 1.6.0初始化的集群，kube-apiserver没有监听默认的http 8080端口。kube-apiserver只监听了https的6443端口。
为了使用kubectl访问apiserver，在~/.bash_profile中追加下面的环境变量：

export KUBECONFIG=/etc/kubernetes/admin.confsource ~/.bash_profilekubectl get nodes

查看所有节点上的pod：

kubectl get pod --all-namespaces -o wide

5 0