Kubernetes安装部署

来源：互联网发布：mastercam车床编程教程编辑：程序博客网时间：2024/06/11 02:02

Kubernetes是Google开源的容器集群管理系统。它构建Ddocker技术之上，为容器化的应用提供资源调度、部署运行、服务发现、扩容缩容等整一套功能，本质上可看作是基于容器技术的mini-PaaS平台。本文旨在梳理Kubernetes的架构、概念及基本工作流，并且通过运行一个简单的示例应用来介绍如何使用Kubernetes。

优点：
—轻量级、简单
—公有云、私有云、混合云部署
—模块化、可插拔化、可挂接、可组合
—自动恢复、自动重启、自动复制

Kubernetes架构

内网系统中建议关闭防火墙服务：

# systemctl disable firewalld# systemctl stop firewalld

修改/etc/hosts文件

# 192.168.123.201 kubernetes-master# 192.168.123.202 kubernetes-node1# 192.168.123.203 kubernetes-node2

关闭selinux

# vim /etc/selinux/configSELINUX=disabled

关闭docker的selinux功能

# vim /etc/sysconfig/dockerOPTIONS='--selinux-enabled=false'

1.Master上配置kube-apiserver,kube-controller-manager,kube-scheduler服务

(1) kube-apiserver服务
先确认etcd服务已经安装正确并启动，配置Kube-apiserver的启动参数

# yum install -y etcd# vim /etc/etcd/etcd.confETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"# yum install -y kubernetes# vim /usr/lib/systemd/system/kube-apiserver.service[Unit]Description=Kubernetes API ServerDocumentation=https://github.com/GoogleCloudPlatform/kubernetesWants=etcd.serviceAfter=etcd.service[Service]EnvironmentFile=-/etc/kubernetes/configEnvironmentFile=-/etc/kubernetes/apiserverUser=kubeExecStart=/usr/bin/kube-apiserver \        $KUBE_LOGTOSTDERR \        $KUBE_LOG_LEVEL \        $KUBE_ETCD_SERVERS \        $KUBE_API_ADDRESS \        $KUBE_API_PORT \        $KUBELET_PORT \        $KUBE_ALLOW_PRIV \        $KUBE_SERVICE_ADDRESSES \        $KUBE_ADMISSION_CONTROL \        $KUBE_API_ARGSRestart=on-failureType=notifyLimitNOFILE=65536[Install]WantedBy=multi-user.target

配置文件/etc/kubernetes/config，文件的内容为所有服务都需要的参数

KUBE_LOGTOSTDERR="--logtostderr=true"KUBE_LOG_LEVEL="--v=0"KUBE_ALLOW_PRIV="--allow_privileged=false"KUBE_MASTER="--master=http://kubernetes-master:8080"

配置文件/etc/kubernetes/apiserver，内容包括：绑定主机的IP地址、端口号、etcd服务地址、Service所需的Cluster IP池、一系列admission控制策略等

KUBE_API_ADDRESS="--address=0.0.0.0"KUBE_API_PORT="--port=8080"KUBE_ETCD_SERVERS="--etcd_servers=http://127.0.0.1:2379"KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"KUBE_API_ARGS=""

(2) kube-controller-manager服务
kube-controller-manager服务依赖于etcd和kube-apiserver服务

# vim /usr/lib/systemd/system/kube-controller-manager.service[Unit]Description=Kubernetes Controller ManagerDocumentation=https://github.com/GoogleCloudPlatform/kubernetesAfter=etcd.serviceAfter=kube-apiserver.serviceRequires=etcd.serviceRequires=kube-apiserver.service[Service]EnvironmentFile=-/etc/kubernetes/configEnvironmentFile=-/etc/kubernetes/controller-managerUser=kubeExecStart=/usr/bin/kube-controller-manager \        $KUBE_LOGTOSTDERR \        $KUBE_LOG_LEVEL \        $KUBE_MASTER \        $KUBE_CONTROLLER_MANAGER_ARGSRestart=on-failureLimitNOFILE=65536[Install]WantedBy=multi-user.target

(3) kube-scheduler服务
kube-scheduler服务也依赖于etcd和kube-apiserve

# vim /usr/lib/systemd/system/kube-scheduler.service[Unit]Description=Kubernetes Scheduler PluginDocumentation=https://github.com/GoogleCloudPlatform/kubernetesAfter=etcd.serviceAfter=kube-apiserver.serviceRequires=etcd.serviceRequires=kube-apiserver.service[Service]EnvironmentFile=-/etc/kubernetes/configEnvironmentFile=-/etc/kubernetes/schedulerUser=kubeExecStart=/usr/bin/kube-scheduler \        $KUBE_LOGTOSTDERR \        $KUBE_LOG_LEVEL \        $KUBE_MASTER \        $KUBE_SCHEDULER_ARGSRestart=on-failureLimitNOFILE=65536[Install]WantedBy=multi-user.target

完成后，通过systemctl start命令启动3个服务。同时，使用systemctl enable命令将服务加入开机启动列表中。

# systemctl daemon-reload# systemctl start etcd kube-apiserver.service kube-controller-manager kube-scheduler# systemctl enable etcd kube-apiserver.service kube-controller-manager kube-scheduler

通过systemctl status 来验证服务启动的状态。

2.Node上配置kubelet,kube-proxy服务

(1) kubelet服务
配置kubelet服务，它依赖于Docker服务

# vim /usr/lib/systemd/system/kubelet.service[Unit]Description=Kubernetes Kubelet ServerDocumentation=https://github.com/GoogleCloudPlatform/kubernetesAfter=docker.serviceRequires=docker.service[Service]WorkingDirectory=/var/lib/kubeletEnvironmentFile=-/etc/kubernetes/configEnvironmentFile=-/etc/kubernetes/kubeletExecStart=/usr/bin/kubelet \            $KUBE_LOGTOSTDERR \            $KUBE_LOG_LEVEL \            $KUBELET_API_SERVER \            $KUBELET_ADDRESS \            $KUBELET_PORT \            $KUBELET_HOSTNAME \            $KUBE_ALLOW_PRIV \            $KUBELET_ARGSRestart=on-failure[Install]WantedBy=multi-user.target

修改配置文件/etc/kubernetes/kubelet，内容包括：绑定主机IP地址、端口号、apiserver的地址及其他参数

KUBELET_ADDRESS="--address=0.0.0.0"KUBELET_PORT="--port=10250"KUBELET_HOSTNAME="--hostname_override=kubernetes-node1"KUBELET_API_SERVER="--api_servers=http://kubernetes-master:8080"KUBELET_ARGS=""

(2) kube-proxy服务
配置kube-proxy服务，它依赖于Linux的network服务

# vim /usr/lib/systemd/system/kube-proxy.service[Unit]Description=Kubernetes Kube-Proxy ServerDocumentation=https://github.com/GoogleCloudPlatform/kubernetesAfter=network.target[Service]EnvironmentFile=-/etc/kubernetes/configEnvironmentFile=-/etc/kubernetes/proxyExecStart=/usr/bin/kube-proxy \            $KUBE_LOGTOSTDERR \            $KUBE_LOG_LEVEL \            $KUBE_MASTER \            $KUBE_PROXY_ARGSRestart=on-failureLimitNOFILE=65536[Install]WantedBy=multi-user.target

配置文件/etc/kubernetes/proxy无须特别的参数设置
kubelet和kube-proxy都需要的配置文件/etc/kubernetes/config的内容示例如下：

KUBE_LOGTOSTDERR="--logtostderr=true"KUBE_LOG_LEVEL="--v=0"KUBE_ALLOW_PRIV="--allow_privileged=false"KUBE_MASTER="--master=http://kubernetes-master:8080"

配置完成后，通过systemctl启动服务：

# systemctl daemon-reload# systemctl start kubelet.service kube-proxy docker# systemctl enable kubelet.service kube-proxy docker

kubelet默认采用向Master自注册的机制，在Master上查看名Node的状态(# kubelet get nodes)，状态为Ready表示Node向Master注册成功。

0 0