十二、kubernetes集群搭建

来源：互联网发布：python全栈开发编辑：程序博客网时间：2024/05/22 17:51

虚拟机：
CentOS Linux release 7.3.1611 (Core)
3.10.0-514.el7.x86_64
1核 1G
docker1.13
参考文档：
https://kubernetes.io/docs/getting-started-guides/centos/centos_manual_config/

IP： 192.168.101.201 master
IP： 192.168.101.202 node

kube各组件的架构以及作用：

这里写图片描述

一、准备阶段

编辑所有节点的hosts文件echo "192.168.101.201  docker-master192.168.101.202  docker-node1" >> /etc/hosts

创建yum仓库echo "[virt7-docker-common-release]name=virt7-docker-common-releasebaseurl=http://cbs.centos.org/repos/virt7-docker-common-release/x86_64/os/gpgcheck=0 enabled=1" >/etc/yum.repos.d/virt7-docker-common-release.repo

安装kubernetes etcd flannelyum -y install --enablerepo=virt7-docker-common-release kubernetes etcd flannel

编辑kubernetes配置文件 使所有节点保持一致# logging to stderr means we get it in the systemd journalKUBE_LOGTOSTDERR="--logtostderr=true"# journal message level, 0 is debugKUBE_LOG_LEVEL="--v=0"# Should this cluster be allowed to run privileged docker containersKUBE_ALLOW_PRIV="--allow-privileged=false"# How the replication controller and scheduler find the kube-apiserverKUBE_MASTER="--master=http://docker-master:8080"

关闭主节点以及边缘节点的防火墙，在此之前要先关selinux，不然centos不会允许你关闭防火墙。同时，docker和一些其他的防火墙规则不兼容。setenforce 0systemctl disable iptables-services firewalldsystemctl stop iptables-services firewalld

二、主节点配置

编辑etcd配置文件 # [member]ETCD_NAME=defaultETCD_DATA_DIR="/var/lib/etcd/default.etcd"ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"#[cluster]ETCD_ADVERTISE_CLIENT_URLS="http://0.0.0.0:2379"编辑kube的api服务# The address on the local server to listen to.KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"# The port on the local server to listen on.KUBE_API_PORT="--port=8080"# Port kubelets listen onKUBELET_PORT="--kubelet-port=10250"# Comma separated list of nodes in the etcd clusterKUBE_ETCD_SERVERS="--etcd-servers=http://docker-master:2379"# Address range to use for servicesKUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"# Add your own!KUBE_API_ARGS=""10.254.0.0/16网段为创建service时分配的地址**在主节点上启动相应的服务**for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler docker; do    systemctl restart $SERVICES    systemctl enable $SERVICES    systemctl status $SERVICESdone启动完毕后你将看到如下进程：(忽略进程pid 只为了粘贴方便)13093/etcd         1913/master        13182/kube-schedule13127/kube-apiserve13093/etcd         13156/kube-controll13127/kube-apiserve

三、配置节点上的Kubernetes服务。

编辑/etc/kubernetes/kubelet# The address for the info server to serve onKUBELET_ADDRESS="--address=0.0.0.0"# The port for the info server to serve onKUBELET_PORT="--port=10250"# You may leave this blank to use the actual hostname# Check the node number!KUBELET_HOSTNAME="--hostname-override=docker-node1"# Location of the api-serverKUBELET_API_SERVER="--api-servers=http://docker-master:8080"# Add your own!KUBELET_ARGS=""在节点(docker-node1)上启动适当的服务for SERVICES in kube-proxy kubelet docker; do    systemctl restart $SERVICES    systemctl enable $SERVICES    systemctl status $SERVICESdone配置kubectl(直接执行)kubectl config set-cluster default-cluster --server=http://docker-master:8080kubectl config set-context default-context --cluster=default-cluster --user=default-adminkubectl config use-context default-context

四、验证

[root@origin ~]# kubectl get nodesNAME           STATUS    AGEdocker-node1   Ready     7m

五、容器通信依赖的解决(网桥)

yum install unzip wget -ywget https://github.com/jpetazzo/pipework/archive/master.zipunzip pipework-master.zipmv pipework-master pipeworkcp -rp pipework/pipework /usr/local/bin/安装bridge-utils，次插件可以给容器分配固定ip地址让docker使用固定的网桥vim /etc/sysconfig/docker-network# /etc/sysconfig/docker-networkDOCKER_NETWORK_OPTIONS="-b=br0"

阅读全文

0 0