kubernetes及Dashboard实战配置

kubernetes及Dashboard配置

本文在两台部署Centos7上部署kubernetes框架以及Dashboard的配置。

• Master的IP192.169.31.159
• Node的IP192.168.31.196

---

安装必备程序

１．Master上的操作
Master需要安装：docker、 kubernetes-master、etcd、flannel

yum install -y dockeryum install -y kubernetes-master etcd flannel

２．Node上的操作
Node需要安装：docker、kubernetes-node、flannel

yum install -y dockeryum install -y kubernetes-node flannel

部署docker仓库

由于在安装Dashboard过程中没有办法下载两个镜像：kubernetes-dashboard和registry.access.redhat.com/rhel7/pod-infrastructure密码：lbyp。所以，事先下载了这两个资源，然后导入镜像，并上传到仓库，以供部署时pull。

• 部署仓库

docker pull registrydocker run -d -p 5000:5000 -v /opt/data/registry:/tmp/registry registry  #指定端口和挂载目录

• 上传镜像

docker load < dashboard.tardocker load < podinfrastructure.tardocker tag gcr.io/google_containers/kubernetes-dashboard-amd64:v1.7.1 192.168.31.159:5000/google_containers/kubernetes-dashboard-amd64:latestdocker tag registry.access.redhat.com/rhel7/pod-infrastructure:latest 192.168.31.159:5000/rhel7/pod-infrastructure:latestdocker push 192.168.31.159:5000/google_containers/kubernetes-dashboard-amd64:latestdocker push 192.168.31.159:5000/rhel7/pod-infrastructure:latest

• 在node上配置docker见下一节

• 在node(192.168.31.196)上尝试拉取镜像

docker pull 192.168.31.159:5000/google_containers/kubernetes-dashboard-amd64:latestdocker pull 192.168.31.159:5000/rhel7/pod-infrastructure:latest

配置

• Docker配置

 #vim /etc/sysconfig/docker OPTIONS='--insecure-registry 192.168.31.159:5000'if [ -z "${DOCKER_CERT_PATH}" ]; then    DOCKER_CERT_PATH=/etc/dockerfi

可以通过pull尝试拉取，以验证配置是否正确。

• Master, etcd配置

#vim /etc/etcd/etcd.confETCD_NAME=defaultETCD_DATA_DIR="/var/lib/etcd/default.etcd"ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"ETCD_ADVERTISE_CLIENT_URLS="http://192.168.31.159:2379"

• Master, flannel配置

#vim /etc/sysconfig/flanneld# Flanneld configuration options  # etcd url location.  Point this to the server where etcd runsFLANNEL_ETCD_ENDPOINTS="http://192.168.31.159:2379"#etcd地址# etcd config key.  This is the configuration key that flannel queries# For address range assignmentFLANNEL_ETCD_PREFIX="/kube/network"# Any additional options that you want to passFLANNEL_OPTIONS="-iface=enp3s0"#指定可以连同node的网络

• Master, kubernetes配置

# vim /etc/kubernetes/apiserverKUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"#0000其他地址可以访问# The port on the local server to listen on.KUBE_API_PORT="--port=8080"#指定访问端口# Port minions listen on# KUBELET_PORT="--kubelet-port=10250"＃kubelet端口，默认即可# Comma separated list of nodes in the etcd clusterKUBE_ETCD_SERVERS="--etcd-servers=http://192.168.31.159:2379"#etcd地址，这里配置在master上# Address range to use for servicesKUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=172.17.0.0/16"#服务直接所分配的ip(docker)# default admission control policies# ServiceAccountKUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"# Add your own!KUBE_API_ARGS=""

#vim /etc/kubernetes/configKUBE_LOGTOSTDERR="--logtostderr=true"# journal message level, 0 is debugKUBE_LOG_LEVEL="--v=0"# Should this cluster be allowed to run privileged docker containersKUBE_ALLOW_PRIV="--allow-privileged=false"# How the controller-manager, scheduler, and proxy find the apiserverKUBE_MASTER="--master=http://192.168.31.159:8080"

• Node, Kubernetes配置

# vim /etc/kubernetes/kubeletKUBELET_ADDRESS="--address=0.0.0.0"# The port for the info server to serve onKUBELET_PORT="--port=10250"# You may leave this blank to use the actual hostnameKUBELET_HOSTNAME="--hostname-override=192.168.31.196"# location of the api-serverKUBELET_API_SERVER="--api-servers=http://192.168.31.159:8080"# pod infrastructure containerKUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure"# Add your own!KUBELET_ARGS=""

#vim /etc/kubernetes/configKUBE_LOGTOSTDERR="--logtostderr=true"# journal message level, 0 is debugKUBE_LOG_LEVEL="--v=0"# Should this cluster be allowed to run privileged docker containersKUBE_ALLOW_PRIV="--allow-privileged=false"# How the controller-manager, scheduler, and proxy find the apiserverKUBE_MASTER="--master=http://192.168.31.159:8080"

• Node, flannel配置

#vim  vim /etc/sysconfig/flanneld FLANNEL_ETCD_ENDPOINTS="http://192.168.31.159:2379"# etcd config key.  This is the configuration key that flannel queries# For address range assignmentFLANNEL_ETCD_PREFIX="/kube/network"# Any additional options that you want to passFLANNEL_OPTIONS="-iface=eno1"

启动并验证

# mastersystemctl start dockersystemctl start etcdsystemctl start flanneldsystemctl start kube-apiserversystemctl start kube-controller-managersystemctl start kube-scheduler

#nodesystemctl start dockersystemctl start flanneldsystemctl start kube-proxysystemctl start kubelet

http://192.168.31.159:8080 查看所有请求url
http://192.168.31.159:8080/healthz/ping 查看健康状况

部署Dashboard

下载kube-dashboard.yaml
kubectl create -f kube-dashboard.yaml

遇到的问题

• 注意服务的启动顺序,特别是master,在确保etcd启动的情况下,先启动apiserver
• 注意yaml文件的格式缩进
• 如果发现访问出现timed out,可能是因为防火墙等未关闭.

# systemctl stop firewalld && systemctl disable firewalld# setenforce 0# vim /etc/selinux/configSELINUX=disabled

• 我在部署Dashboard时，无法创建kubernetes-dashboard，说是已经存在。刚开始只是简单的删除pods，发现过一会儿又重新creating。这是因为在pods之上还有deployment, service, replicas…等资源，需要将他们delete之后，才可创建新的dashboard.

---

参考：

http://www.jb51.net/article/94343.htm
http://blog.csdn.net/u010397369/article/details/42422243
https://www.kubernetes.org.cn/3096.html