二进制部署kubernetes1.7.4

部署结构

• 172.16.7.71 Master节点
• 172.16.7.72-73 node节点
• 172.16.7.71、72、73ETCD集群

ETCD

1、将etcd、etcdctl拷贝到/usr/bin目录下

2、新增/usr/lib/systemd/system/etcd.service

[Unit]Description=Etcd ServerAfter=network.targetAfter=network-online.targetWants=network-online.target[Service]Type=notifyWorkingDirectory=/var/lib/etcd/EnvironmentFile=-/etc/etcd/etcd.conf# set GOMAXPROCS to number of processorsExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/bin/etcd --name=\"${ETCD_NAME}\" --data-dir=\"${ETCD_DATA_DIR}\" --listen-client-urls=\"${ETCD_LISTEN_CLIENT_URLS}\""Restart=on-failureLimitNOFILE=65536[Install]WantedBy=multi-user.target

3、新增配置文件/etc/etcd/etcd.conf

 [member]ETCD_NAME=etcd3ETCD_DATA_DIR="/var/lib/etcd/etcd3" #ETCD_WAL_DIR=""#ETCD_SNAPSHOT_COUNT="10000"#ETCD_HEARTBEAT_INTERVAL="100"#ETCD_ELECTION_TIMEOUT="1000"ETCD_LISTEN_PEER_URLS="http://172.16.7.73:2380"ETCD_LISTEN_CLIENT_URLS="http://172.16.7.73:2379,http://127.0.0.1:2379"#ETCD_MAX_SNAPSHOTS="5"#ETCD_MAX_WALS="5"#ETCD_CORS=""##[cluster]ETCD_INITIAL_ADVERTISE_PEER_URLS="http://172.16.7.73:2380"# if you use different ETCD_NAME (e.g. test), set ETCD_INITIAL_CLUSTER value for this name, i.e. "test=http://..."ETCD_INITIAL_CLUSTER="etcd1=http://172.16.7.71:2380,etcd2=http://172.16.7.72:2380,etcd3=http://172.16.7.73:2380"ETCD_INITIAL_CLUSTER_STATE="new33"ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster33"ETCD_ADVERTISE_CLIENT_URLS="http://172.16.7.73:2379"#ETCD_DISCOVERY=""#ETCD_DISCOVERY_SRV=""#ETCD_DISCOVERY_FALLBACK="proxy"#ETCD_DISCOVERY_PROXY=""#ETCD_STRICT_RECONFIG_CHECK="false"#ETCD_AUTO_COMPACTION_RETENTION="0"##[proxy]#ETCD_PROXY="off"#ETCD_PROXY_FAILURE_WAIT="5000"#ETCD_PROXY_REFRESH_INTERVAL="30000"#ETCD_PROXY_DIAL_TIMEOUT="1000"#ETCD_PROXY_WRITE_TIMEOUT="5000"#ETCD_PROXY_READ_TIMEOUT="0"##[security]#ETCD_CERT_FILE=""#ETCD_KEY_FILE=""#ETCD_CLIENT_CERT_AUTH="false"#ETCD_TRUSTED_CA_FILE=""#ETCD_AUTO_TLS="false"#ETCD_PEER_CERT_FILE=""#ETCD_PEER_KEY_FILE=""#ETCD_PEER_CLIENT_CERT_AUTH="false"#ETCD_PEER_TRUSTED_CA_FILE=""#ETCD_PEER_AUTO_TLS="false"##[logging]#ETCD_DEBUG="false"# examples for -log-package-levels etcdserver=WARNING,security=DEBUG#ETCD_LOG_PACKAGE_LEVELS=""

注意ETCD_NAME、ETCD_DATA_DIR每个节点配置成不同，
ETCD_INITIAL_CLUSTER_STATE、ETCD_INITIAL_CLUSTER_TOKEN每个集群最好配置成不同

4、systemctl daemon-reload 然后 systemctl start etcd即可，注意要多个节点同时运行，否则集群初始化会失败

5、验证

[root@localhost ~]# etcdctl member list855390a4542535be: name=etcd3 peerURLs=http://172.16.7.73:2380 clientURLs=http://172.16.7.73:2379 isLeader=false973d9cab4aa5f1ba: name=etcd1 peerURLs=http://172.16.7.71:2380 clientURLs=http://172.16.7.71:2379 isLeader=true9ecaf535a6810487: name=etcd2 peerURLs=http://172.16.7.72:2380 clientURLs=http://172.16.7.72:2379 isLeader=false

master->apiServer

1、把二进制文件都拷贝到/usr/local/bin目录下，并创建日志目录/var/logs/kubernetes

2、添加配置文件/usr/lib/systemd/system/kube-apiserver.service

[Unit]Description=Kubernetes API ServiceDocumentation=https://github.com/GoogleCloudPlatform/kubernetesAfter=network.targetAfter=etcd.service[Service]EnvironmentFile=-/etc/kubernetes/configEnvironmentFile=-/etc/kubernetes/apiserverExecStart=/usr/local/bin/kube-apiserver             $KUBE_LOGTOSTDERR             $KUBE_LOG_LEVEL             $KUBE_ETCD_SERVERS             $KUBE_API_ADDRESS             $KUBE_API_PORT             $KUBELET_PORT             $KUBE_ALLOW_PRIV             $KUBE_SERVICE_ADDRESSES             $KUBE_ADMISSION_CONTROL             $KUBE_API_ARGSRestart=on-failureType=notifyLimitNOFILE=65536[Install]WantedBy=multi-user.target

3、创建配置文件 /etc/kubernetes/config

#### kubernetes system config## The following values are used to configure various aspects of all# kubernetes services, including##   kube-apiserver.service#   kube-controller-manager.service#   kube-scheduler.service#   kubelet.service#   kube-proxy.service# logging to stderr means we get it in the systemd journalKUBE_LOGTOSTDERR="--logtostderr=false  --log-dir=/var/log/kubernetes"# journal message level, 0 is debugKUBE_LOG_LEVEL="--v=0"# Should this cluster be allowed to run privileged docker containersKUBE_ALLOW_PRIV="--allow-privileged=true"# How the controller-manager, scheduler, and proxy find the apiserverKUBE_MASTER="--master=http://172.16.7.71:8080"

4、创建配置文件/etc/kubernetes/apiserver

### kubernetes system config## The following values are used to configure the kube-apiserver### The address on the local server to listen to.KUBE_API_ADDRESS="--advertise-address=172.16.7.1 --insecure-bind-address=0.0.0.0"# The port on the local server to listen on.KUBE_API_PORT="--port=8080"# Port minions listen onKUBELET_PORT="--kubelet-port=10250"# Comma separated list of nodes in the etcd clusterKUBE_ETCD_SERVERS="--etcd-servers=http://172.16.7.1:2379,http://172.16.7.2:2379,http://172.16.7.3:2379"# Address range to use for servicesKUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.96.0.0/12"# default admission control policiesKUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,LimitRanger,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota"# Add your own!KUBE_API_ARGS="--storage-backend=etcd2 --enable-swagger-ui=true --apiserver-count=3 --audit-log-maxage=30 --audit-log-maxbackup=3 --audit-log-maxsize=100 --audit-log-path=/var/lib/audit.log --event-ttl=1h"

5、把kubectl二进制文件拷贝到/usr/bin目录下

6、启动kube-apiserver

# systemctl daemon-reload# systemctl enable kube-apiserver# systemctl start kube-apiserver

7、验证

kubectl get componentstatuses

[root@localhost kubernetes]# curl 172.16.7.71:8080{  "paths": [    "/api",    。。。。。。    "/version"  ]}

master->controller-manager

1、将二进制文件拷贝到/usr/local/bin目录下

2、创建文件/usr/lib/systemd/system/kube-controller-manager.service

Description=Kubernetes Controller ManagerDocumentation=https://github.com/GoogleCloudPlatform/kubernetes[Service]EnvironmentFile=-/etc/kubernetes/configEnvironmentFile=-/etc/kubernetes/controller-managerExecStart=/usr/local/bin/kube-controller-manager             $KUBE_LOGTOSTDERR             $KUBE_LOG_LEVEL             $KUBE_MASTER             $KUBE_CONTROLLER_MANAGER_ARGSRestart=on-failureLimitNOFILE=65536[Install]WantedBy=multi-user.target

3、创建配置文件 /etc/kubernetes/controller-manager

#### The following values are used to configure the kubernetes controller-manager# defaults from config and apiserver should be adequate# Add your own!KUBE_CONTROLLER_MANAGER_ARGS="--master= --address=127.0.0.1 --service-cluster-ip-range=10.96.0.0/12 --cluster-name=kubernetes --leader-elect=true"

4、启动

# systemctl daemon-reload# systemctl enable kube-apiserver# systemctl start kube-apiserver

master->scheduler

1、将二进制文件拷贝到/uar/local/bin目录下

2、创建配置文件/usr/lib/systemd/system/kube-scheduler.service

[Unit]Description=Kubernetes Scheduler PluginDocumentation=https://github.com/GoogleCloudPlatform/kubernetes[Service]EnvironmentFile=-/etc/kubernetes/configEnvironmentFile=-/etc/kubernetes/schedulerExecStart=/usr/local/bin/kube-scheduler             $KUBE_LOGTOSTDERR             $KUBE_LOG_LEVEL             $KUBE_MASTER             $KUBE_SCHEDULER_ARGSRestart=on-failureLimitNOFILE=65536[Install]WantedBy=multi-user.target

3、创建配置文件/etc/kubernetes/scheduler

#### kubernetes scheduler config# default config should be adequate# Add your own!KUBE_SCHEDULER_ARGS="--leader-elect=true --address=127.0.0.1"

4、启动

# systemctl daemon-reload# systemctl enable kube-scheduler# systemctl start kube-scheduler

5、验证

[root@localhost kubernetes]# kubectl get componentstatusesNAME                 STATUS    MESSAGE              ERRORcontroller-manager   Healthy   ok                   scheduler            Healthy   ok                   etcd-0               Healthy   {"health": "true"}   etcd-1               Healthy   {"health": "true"}   etcd-2               Healthy   {"health": "true"} 

node->kubelet

1、将kubelet放到/usr/local/bin中，确认docker已经安装完毕（最好是overlayfs驱动）

2、添加配置文件/usr/lib/systemd/system/kubelet.service

[Unit]Description=Kubernetes Kubelet ServerDocumentation=https://github.com/GoogleCloudPlatform/kubernetesAfter=docker.serviceRequires=docker.service[Service]WorkingDirectory=/var/lib/kubeletEnvironmentFile=-/etc/kubernetes/configEnvironmentFile=-/etc/kubernetes/kubeletExecStart=/usr/local/bin/kubelet             $KUBE_LOGTOSTDERR             $KUBE_LOG_LEVEL             $KUBELET_API_SERVER             $KUBELET_ADDRESS             $KUBELET_PORT             $KUBELET_HOSTNAME             $KUBE_ALLOW_PRIV             $KUBELET_POD_INFRA_CONTAINER             $KUBELET_ARGSRestart=on-failure[Install]WantedBy=multi-user.target

3、创建目录mkdir -p /etc/kubernetes/ /var/lib/kubelet/ /var/logs/kubernetes

4、创建配置文件/etc/kubernetes/config

#### kubernetes system config## The following values are used to configure various aspects of all# kubernetes services, including##   kube-apiserver.service#   kube-controller-manager.service#   kube-scheduler.service#   kubelet.service#   kube-proxy.service# logging to stderr means we get it in the systemd journalKUBE_LOGTOSTDERR="--logtostderr=false  --log-dir=/var/log/kubernetes"# journal message level, 0 is debugKUBE_LOG_LEVEL="--v=0"# Should this cluster be allowed to run privileged docker containersKUBE_ALLOW_PRIV="--allow-privileged=true"# How the controller-manager, scheduler, and proxy find the apiserverKUBE_MASTER="--master=http://172.16.7.71:8080"

5、创建配置文件/etc/kubernetes/kubelet

### kubernetes kubelet (minion) config# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)KUBELET_ADDRESS="--address=0.0.0.0"# The port for the info server to serve onKUBELET_PORT="--port=10250"# You may leave this blank to use the actual hostnameKUBELET_HOSTNAME="--hostname-override=172.16.7.72"## location of the api-serverKUBELET_API_SERVER="--api-servers=http://172.16.7.71:8080"# pod infrastructure containerKUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"# Add your own!KUBELET_ARGS="--cgroup-driver=systemd --allow-privileged=true"

6、启动kubelet

# systemctl daemon-reload# systemctl enable kubelet# systemctl start kubelet

7、验证：在master启动kubectl get no即可查看

node->kube-proxy

1、拷贝二进制文件到/usr/local/bin

2、新增配置文件/usr/lib/systemd/system/kube-proxy.service

[Unit]Description=Kubernetes Kube-Proxy ServerDocumentation=https://github.com/GoogleCloudPlatform/kubernetesAfter=network.target[Service]EnvironmentFile=-/etc/kubernetes/configEnvironmentFile=-/etc/kubernetes/proxyExecStart=/usr/local/bin/kube-proxy             $KUBE_LOGTOSTDERR             $KUBE_LOG_LEVEL             $KUBE_MASTER             $KUBE_PROXY_ARGSRestart=on-failureLimitNOFILE=65536[Install]WantedBy=multi-user.target

3、新增配置文件/etc/kubernetes/proxy

#### kubernetes proxy config# default config should be adequate# Add your own!KUBE_PROXY_ARGS="--master=http://172.16.7.1:8080 --proxy-mode=iptables --logtostderr=false --log-dir=/var/log/kubernetes --alsologtostderr=false --v=2 "

4、启动

# systemctl daemon-reload# systemctl enable kube-proxy# systemctl start kube-proxy