4.需要可以连接互联网
5.每个节点需要有唯一的主机名
6.需要开放部分端口
7.需要禁用Swap功能
开放端口:
端口
用途
6443*
API
2379-2380
etcd API
10250
API
10251
Kube-
10252
Kube–
node
端口
用途
10250
API
30000-32767
†
二、安装
1、安装,设置存储库。工作节点都进行安装
[root@k8s ~]# sudo yum install -y yum-utils
[root@k8s ~]# sudo yum-config-manager
--add-repo
https://download.docker.com/linux/centos/docker-ce.repo2、启用存储库,如需关闭将参数– 改为 —
[root@k8s ~]# sudo yum-config-manager --enable docker-ce-nightly3、启用测试通道,如需关闭将参数– 改为 —
[root@k8s ~]# sudo yum-config-manager --enable docker-ce-test4、安装引擎
[root@k8s ~]# sudo yum install docker-ce docker-ce-cli containerd.io5、启动
[root@k8s ~]# sudo systemctl start docker6、检测是否正确安装
[root@k8s ~]# sudo docker run hello-world
Unableto find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
0e03bdcc26d7: Pull complete
Digest:sha256: 1a523af650137b8accdaed439c17d684df61ee4d74feac151b5b337bd29e7eec
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.安装网址:
#-using-the-
三、使用工具安装集群
安装集群可以借助三种工具分别是、Kops、。这里我们使用来进行安装。
1、 安装
(1)关闭swap
[root@k8s101 ~]# swapoff -a(2)配置yum源
[root@k8s101 ~]# cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpghttps://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF(3)安装相关工具
[root@k8s101 ~]# yum install -y kubelet kubeadm kubectl(4)后去init.初始化文件
[root@k8s101 ~]# kubeadm config print init-defaults >init.default.yaml(5)编辑init.文件,修改仓库,修改pod的地址范围
[root@k8s101 ~]# vim init.default.yaml
imageRepository:registry.aliyuncs.com/google_containers
kind:ClusterConfiguration
kubernetesVersion:v1.20.0
networking:
podSubnet:"192.168.0.0/16"
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
scheduler:{}(6)下载的相关镜像
[root@k8s101 ~]# kubeadm config images pull --config=init.default.yaml
[config/images]Pulled registry.aliyuncs.com/google_containers/kube-apiserver:v1.20.0
[config/images]Pulled registry.aliyuncs.com/google_containers/kube-controller-manager:v1.20.0
[config/images]Pulled registry.aliyuncs.com/google_containers/kube-scheduler:v1.20.0
[config/images]Pulled registry.aliyuncs.com/google_containers/kube-proxy:v1.20.0
[config/images]Pulled registry.aliyuncs.com/google_containers/pause:3.2
[config/images]Pulled registry.aliyuncs.com/google_containers/etcd:3.4.13-0
[config/images]Pulled registry.aliyuncs.com/google_containers/coredns:1.7.0(7)启动,并设置开机自启,设置
[root@k8s101 ~]# vim /etc/docker/daemon.json
{
"exec-opts":["native.cgroupdriver=systemd"]
}
[root@k8s101 ~]# vim /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf--kubeconfig=/etc/kubernetes/kubelet.conf --cgroup-driver=systemd"
[root@k8s101 ~]# systemctl daemon-reload
[root@k8s101 ~]# systemctl restart docker
[root@k8s101 ~]# systemctl enable docker
[root@k8s101 ~]# systemctl enable kubelet(8) init命令初始化集群集,集群先设置–pod–cidr=192.168.0.0/16参数,关闭网络功能
[root@k8s101 ~]#kubeadm init --image-repositoryregistry.aliyuncs.com/google_containers --kubernetes-version=v1.20.0--pod-network-cidr=192.168.0.0/16(9)执行命令,最后提示安装成功,记下token
kubeadmjoin 172.26.64.121:6443 --token c4r8zo.38zrpieopx6l51re
--discovery-token-ca-cert-hashsha256:5fae9d62bf7d6e7a7759784aa8585103b82e5a2368ab5e11e2bca8ede6187c8a(10)按照图片提示,创建k8s用户,将配置文件复制到普通用户下.如果是root则导出
[root@k8s software]# useradd k8s
[root@k8s software]# passwd k8s
[root@k8s ~]# usermod -aG docker k8s
[root@k8s ~]# vim /etc/sudoers
k8s ALL=(ALL) ALL
[root@k8s101 ~]# su k8s
[k8s@k8s101 ~]$ mkdir -p $HOME/.kube
[k8s@k8s101 ~]$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[k8s@k8s101 ~]$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
[k8s@k8s101 ~]$ exit
[root@k8s101 ~]# export KUBECONFIG=/etc/kubernetes/admin.conf(11)这个时候已经安装完毕,但是缺少NODE,并且没有容器网络功能,验证安装是否成功:
[root@k8s101 ~]# kubectl get -n kube-system configmap
NAME DATA AGE
coredns 1 22m
extension-apiserver-authentication 6 22m
kube-proxy 2 22m
kube-root-ca.crt 1 22m
kubeadm-config 2 22m
kubelet-config-1.20 1 22m2、 安装Node加入集群
(1)安装Node前置工作和安装一样都要安装,设置开机自启
(2)安装完之后同样安装相关工具
[root@k8s102 ~]#cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpghttps://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
[root@k8s102 ~]# yum install -y kubelet kubeadmkubectl
[root@k8s103 ~]#cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpghttps://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
[root@k8s103 ~]# yum install -y kubelet kubeadmkubectl
[root@k8s102 ~]# vim /etc/docker/daemon.json
{
"exec-opts":["native.cgroupdriver=systemd"]
}
[root@k8s102 ~]# vim /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf--kubeconfig=/etc/kubernetes/kubelet.conf --cgroup-driver=systemd"
[root@k8s102 ~]# systemctl daemon-reload
[root@k8s102 ~]# systemctl enable docker.service
[root@k8s102 ~]# systemctl restart docker
[root@k8s102 ~]# systemctl enable kubelet
[root@k8s103 ~]# vim /etc/docker/daemon.json
{
"exec-opts":["native.cgroupdriver=systemd"]
}
[root@k8s103 ~]# vim /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf--kubeconfig=/etc/kubernetes/kubelet.conf --cgroup-driver=systemd"
[root@k8s103 ~]# systemctl daemon-reload
[root@k8s103 ~]# systemctl enable docker.service
[root@k8s103 ~]# systemctl restart docker
[root@k8s103 ~]# systemctl enable kubelet(3)加入,创建join-.ymal。为地址,token为上面创建完毕后生成记录的token
[root@k8s102 ~]# vim join-config.ymal
apiVersion:kubeadm.k8s.io/v1beta2
kind:JoinConfiguration
discovery:
bootstrapToken:
apiServerEndpoint: 172.26.64.121:6443
token: c4r8zo.38zrpieopx6l51re
unsafeSkipCAVerification: true
tlsBootstrapToken: c4r8zo.38zrpieopx6l51re
[root@k8s102 ~]# kubeadm join --config join-config.ymal
(4)提示成功,103也执行同样操作,分发join-.ymal,执行join命令
[root@k8s102 ~]# scp join-config.ymal 172.26.64.120:/root/
[root@k8s103 ~]# kubeadm join --config join-config.ymal
3、 安装网络插件
(1)查看状态,此时可以看到节点都已经有了,但是都是状态,原因就是没有安装CNI网络插件
[root@k8s101 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s101 NotReady control-plane,master 78m v1.20.1
k8s102 NotReady 5m v1.20.1
k8s103 NotReady 2m38s v1.20.1(2)安装CNI网络插件,选择weave插件
[root@k8s101 ~]# docker pull quay.io/coreos/flannel:v0.9.1-amd64
[root@k8s101 ~]# mkdir -p /etc/cni/net.d/
[root@k8s101 ~]# cat < /etc/cni/net.d/10-flannel.conf
{"name":"cbr0","type":"flannel","delegate":{"isDefaultGateway": true}}
EOF
[root@k8s101 ~]# mkdir /usr/share/oci-umount/oci-umount.d -p
[root@k8s101 ~]# mkdir /run/flannel/
[root@k8s101 ~]# kubectl apply -f"https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64| tr -d 'n')"(3)验证集群是否安装成功。安装weave跟节点网速有关,可能会非常慢,需要等待
[root@k8s101 ~]# kubectl get pods --all-namespaces
集群安装成功。如果中途装失败了想重新安装可以使用 reset命令重置,再次进行安装。
4、 配置镜像加速
(1)首先登陆阿里云服务,搜索容器镜像服务
(2)进入到镜像服务后点击镜像加速器
(3)根据网站提示,给每台机器都配置镜像加速
[root@k8s101 root]$ vim /etc/docker/daemon.json
{
"registry-mirrors":["https://bl562v6z.mirror.aliyuncs.com"],
"exec-opts":["native.cgroupdriver=systemd"]
}
[root@k8s101 root]$ sudo systemctl daemon-reload
[root@k8s101 root]$ sudo systemctl restart docker
[root@k8s102 ~]# vim /etc/docker/daemon.json
{
"registry-mirrors":["https://bl562v6z.mirror.aliyuncs.com"],
"exec-opts":["native.cgroupdriver=systemd"]
}
[root@k8s102 root]$ sudo systemctl daemon-reload
[root@k8s102 root]$ sudo systemctl restart docker
{
"registry-mirrors":["https://bl562v6z.mirror.aliyuncs.com"],
"exec-opts":["native.cgroupdriver=systemd"]
}
[root@k8s103 root]$ sudo systemctl daemon-reload
[root@k8s103 root]$ sudo systemctl restart docker5、 配置k8s镜像拉取
(1)根据阿里云账号(自己的阿里云账号),登录成功会在用户根目录下生成.目录和.json认证密钥
[root@k8s101 ~]# docker login --username=lzt_otzregistry.cn-zhangjiakou.aliyuncs.com
[root@k8s102 ~]# docker login --username=lzt_otzregistry.cn-zhangjiakou.aliyuncs.com
[root@k8s103 ~]# docker login --username=lzt_otzregistry.cn-zhangjiakou.aliyuncs.com(2)k8s拉取镜像并不会默认读取认证密钥所欲需要配置,根据官网提示#using-a–。将的认证密钥复制到k8s下
[root@k8s101 ~]# cd ~
[root@k8s101 ~]# cp .docker/config.json /var/lib/kubelet/
[root@k8s101 ~]# systemctl restart kubelet
[root@k8s102 ~]# cp .docker/config.json /var/lib/kubelet/
[root@k8s102 ~]# systemctl restart kubelet
[root@k8s103 ~]# cp .docker/config.json /var/lib/kubelet/
[root@k8s103 ~]# systemctl restart kubelet6、 简单任务尝试
使用K8s运行MySql
(1)编写MySql RC( )文件,注意空格对齐(很重要)
[root@k8s101~]# su k8s
[k8s@k8s101 root]$ cd ~
[k8s@k8s101 ~]$ vim mysql-rc.yaml
apiVersion:v1
kind:ReplicationController #副本控制器RC
metadata:
name: mysql #RC的名称,全局唯一
spec:
replicas: 1 #Pod副本的期待数量
selector:
app: mysql #符合目标的Pod拥有此标签
template: #根据模板创建Pod的副本(实例)
metadata:
labels:
app: mysql #Pod副本拥有的标签,对应RC的Selector
spec:
containers: #Pod内容器的定义部分
- name: mysql #容器名称
image: docker.io/library/mysql:5.7 #容器对应的Docker Image
ports:
- containerPort: 3306 #容器应用监听的端口号
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"(2)发布到集群中
[k8s@k8s101 ~]$ kubectl create -f mysql-rc.yaml
replicationcontroller/mysqlcreated(3)查看刚创建的RC
[k8s@k8s101 ~]$ kubectl get rc
NAME DESIRED CURRENT READY AGE
mysql 1 1 0 76s(4)查看Pod的创建情况
[k8s@k8s101 ~]$ kubectl get pods
NAME READY STATUS RESTARTS AGE
mysql-82pvs 1/1 Running 0 62s(5)查看详情,可以看到容器创建在了机器上,所以102上的必须配置好了镜像加速,否则mysql镜像会拉取不下来。
[k8s@k8s101 ~]$ kubectl describe pod mysql-82pvs
(6)来到机器,查看容器详情,此时会有两个mysql相关容器
[root@k8s102 ~]# docker ps |grep mysql(7)创建关联的 文件关联MySql。
[k8s@k8s101 ~]$ vim mysql-svc.yaml
apiVersion:v1
kind:Service #表名是Kubernetes Service
metadata:
name: mysql #Service的全局唯一名称
spec:
type: NodePort
ports:
- port: 3306 #Service提供服务器的端口号
nodePort: 30001 #堆外暴露端口
selector: #Service对应的Pod拥有这里定义的标签
app: mysql
[k8s@k8s101 ~]$ kubectl create -f mysql-svc.yaml
service/mysqlcreated(8)查看创建好的
[k8s@k8s101 ~]$ kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 443/TCP 24h
mysql NodePort 10.102.49.161 3306:30001/TCP 7s(9)通过客户端工具访问 30001端口,访问Mysql。这样通过k8s部署MySql就完成了
6、 动态存储管理NFS
[root@k8s101 ~]# yum -y install nfs-utils rpcbind
[root@k8s102 ~]# yum -y install nfs-utils rpcbind
[root@k8s103 ~]# yum -y install nfs-utils rpcbind
[root@k8s101 ~]# systemctl start rpcbind.service
[root@k8s101 ~]# systemctl start nfs
[root@k8s101 ~]# systemctl enable rpcbind.service
[root@k8s101 ~]# systemctl enable nfs
[root@k8s102 ~]# systemctl start rpcbind.service
[root@k8s102 ~]# systemctl start nfs
[root@k8s102 ~]# systemctl enable rpcbind.service
[root@k8s102 ~]# systemctl enable nfs
[root@k8s103 ~]# systemctl start rpcbind.service
[root@k8s103 ~]# systemctl start nfs
[root@k8s103 ~]# systemctl enable rpcbind.service
[root@k8s103 ~]# systemctl enable nfs
[root@k8s101 ~]# mkdir /data/nfs -p
[root@k8s101 ~]# chown nfsnobody.nfsnobody /data/nfs
[root@k8s102 ~]# mkdir /data/nfs -p
[root@k8s102 ~]# chown nfsnobody.nfsnobody /data/nfs
[root@k8s103 ~]# mkdir /data/nfs -p
[root@k8s103 ~]# chown nfsnobody.nfsnobody /data/nfs地址
[root@k8s101 ~]# cat>>/etc/exports<<EOF
/data/nfs172.26.64.121/20(rw,sync,no_root_squash,no_all_squash)
EOF
[root@k8s101 ~]# mkdir nfs
[root@k8s101 ~]# cd nfs/
[root@k8s101nfs]# wget https://github.com/kubernetes-retired/external-storage/tree/master/nfs-client/deploy/rbac.yaml
[root@k8s101 nfs]# wgethttps://github.com/kubernetes-retired/external-storage/tree/master/nfs-client/deploy/class.yaml
[root@k8s101 nfs]# wget https://github.com/kubernetes-retired/external-storage/tree/master/nfs-client/deploy/deployment.yaml
[root@k8s101 nfs]# su k8s
[k8s@k8s101 nfs]$ kubectl apply -f class.yaml
[k8s@k8s101 nfs]$ kubectl apply -f rbac.yaml修改下载好的.yaml
[k8s@k8s101 nfs]$ vim deployment.yaml
apiVersion:apps/v1
kind:Deployment
metadata:
name: nfs-client-provisioner
labels:
app: nfs-client-provisioner
# replace with namespace where provisioner isdeployed
namespace: default
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: nfs-client-provisioner
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
serviceAccountName:nfs-client-provisioner
containers:
- name: nfs-client-provisioner
image: registry.cn-zhangjiakou.aliyuncs.com/my-bonc/nfs-client-provisioner:latest
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: fuseim.pri/ifs
- name: NFS_SERVER
value:172.26.64.121 #nfs服务的IP K8S101私有ip
- name: NFS_PATH
value: /data/nfs #nfs服务挂载目录
volumes:
- name: nfs-client-root
nfs:
server: 172.26.64.121 #nfs服务的IP k8s101
path: /data/nfs #nfs服务挂载目录导入.yaml
[k8s@k8s101 nfs]$ kubectl create -f deployment.yaml查看
[k8s@k8s101 nfs]$ kubectl get sc
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
managed-nfs-storage fuseim.pri/ifs Delete Immediate false 5m4s
[k8s@k8s101 nfs]$ kubectl get pods
NAME READY STATUS RESTARTS AGE
nfs-client-provisioner-7859c747f5-p82js 1/1 Running 0 31s
[k8s@k8s101 nfs]$ sudo vim /etc/kubernetes/manifests/kube-apiserver.yaml
- --feature-gates=RemoveSelfLink=false #在command里添加此内容测试创建pvc
[k8s@k8s101 nfs]$ vim test-pvc.yaml
kind:PersistentVolumeClaim
apiVersion:v1
metadata:
name: test-claim
annotations:
volume.beta.kubernetes.io/storage-class:"managed-nfs-storage"
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Mi导入
[k8s@k8s101 nfs]$ kubectl create -f test-pvc.yaml查看,自动创建了pvcpv
[k8s@k8s101 nfs]$ kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
test-claim Bound pvc-a22d6cad-f7e1-4b38-bcc3-7099d7a964b8 1Mi RWX managed-nfs-storage 29s
[k8s@k8s101 nfs]$ kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
pvc-a22d6cad-f7e1-4b38-bcc3-7099d7a964b8 1Mi RWX Delete Bound default/test-claim managed-nfs-storage 83s往期内容:
一网打尽Flink高频面试题
全网首发图解Flink内核源码
深度解析Flink内存管理
详解Flink组件通信——RPC协议
详解Flink通讯模型——Akka与Actor模型
———END———
限 时 特 惠: 本站每日持续更新海量各大内部创业教程,永久会员只需109元,全站资源免费下载 点击查看详情
站 长 微 信: nanadh666
声明: 本站内容转载于网络,版权归原作者所有,仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任,若侵犯到你的版权利益,请联系我们,会尽快删除处理!
