一、CentOS 7 基础环境准备
centos 7 默认服务目录
/usr/lib/systemd/systemsystemctl服务开机启动链接存贮目录:/etc/systemd/system/basic.target.wants/列出所有开机自启的服务systemctl list-unit-files|grep enabled
1、Centos7 防火墙 默认是 firewall
想和centos 6 一样配置 iptables;直接 yum update iptables
也可以直接安装 yum install iptables iptables-server
Systemctl stop firewalldSystemctl disable firewalldsystemctl restart iptables.servicesystemctl status iptables.servicesystemctl enable iptables.service
2、网络设置network
使用 static 地址和配置DNSCentos 7 的网卡名称从默认eth更改为ifcfg-en开头的CentOS6 及之前以太网网卡进行顺序命名的;多网卡如:eth0,eth1 依次。Centos7 则不同,命名规则默认是基于固件、拓扑、位置信息来分配。# ip addr show 如果用户不习惯可以更新 ifconfig 然后再查看;# yum update ifconfig
3、关闭selinux
#sed -i ‘/^SELINUX=/cSELINUX=disabled‘ /etc/sysconfig/selinux
4、更新 yum 源
# cat /etc/yum.repos.d/virt7-docker-common-release.repo[virt7-docker-common-release]name=virt7-docker-common-releasebaseurl=http://cbs.centos.org/repos/virt7-docker-common-release/x86_64/os/gpgcheck=0
5、时间校验
# yum install ntp systemctl restart ntpd.service
也可以部署时间服务器进行校验
6、规划分布
10.100.10.100 master10.100.10.105 minion1 (node1)10.100.10.106 minion2 (node2)
也可以去绑定主机头 /etc/hosts
二 、kubernetes
三、master 服务端:
IP : 10.100.10.100# yum install etcd flannel docker kubernetes
1、etcd
etcd.conf 文件配置示例 :
# cat etcd.confETCD_NAME=defaultETCD_DATA_DIR="/var/lib/etcd/default.etcd"ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379"启动 :systemctl start etcd.services
2、虚拟网络(可以供docker虚拟网络)
可以使用 flannel,或者openvswitch
在etcd里定义创建flannel网络配置:# etcdctl mk /atomic.io/network/config ‘{"Network":"172.16.0.0/16"}‘3、etcdctl 常用命令;
????backup ?????????备份目录 ????cluster-health ?集群健康检测 ????mk ?????????????创建一个键值设置属性 ?????mkdir ??????????创建目录 ????rm ?????????????删除 ????rmdir ??????????如果目录为空 删除所有 ????get ????????????查看键的属性
4、kubernetes -master 配置;
4.1、config配置示例:
# cat /etc/kubernetes/config |grep -v ^$ |grep -v ^#KUBE_LOGTOSTDERR="--logtostderr=true"KUBE_LOG_LEVEL="--v=0"KUBE_ALLOW_PRIV="--allow-privileged=false"KUBE_MASTER="--master=http://docker-master:8080"
4.2、apiserver 配置示例:
# cat /etc/kubernetes/apiserver |grep -v ^$ |grep -v ^#KUBE_API_ADDRESS="--address=0.0.0.0"KUBE_API_PORT="--port=8080"KUBE_MASTER="--master=http://docker-master:8080"KUBELET_PORT="--kubelet-port=10250"KUBE_ETCD_SERVERS="--etcd-servers=http://127.0.0.1:2379"KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"KUBE_API_ARGS=""
4.3、kubelet配置示例:
# cat /etc/kubernetes/kubelet |grep -v ^$ |grep -v ^#KUBELET_ADDRESS="--address=127.0.0.1"KUBELET_HOSTNAME="--hostname-override=127.0.0.1"KUBELET_API_SERVER="--api-servers=http://127.0.0.1:8080"KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"KUBELET_ARGS=""
5、添加启动项、启动、并查看状态:
# cat start-kube.sh for SERVICES in etcd docker kube-apiserver kube-controller-manager kube-scheduler; dosystemctl enable $SERVICESsystemctl restart $SERVICESsystemctl status $SERVICESdone
7、服务检测:
1. 检测端口;ss -tln 2. 查看 docker 网络# ifconfig docker 查看docker网络 172.16.0.0/16 网络3. master 检测节点(暂时没有):# kubectl get nodesNAME STATUS AGE4. 异常排错:可以根据提示进行查看启动运行异常的信息# journalctl -xe 查看错误信息dhcp 问题 DNS问题镜像下载问题ca认证问题
四、kubernettes - minion 节点
1. 环境安装yum -y install flannel docker kubernetes2. 配置flannel# cat /etc/sysconfig/flanneldFLANNEL_ETCD_ENDPOINTS="http://10.100.10.100:2379"# etcd 节点名称FLANNEL_ETCD_PREFIX="/atomic.io/network"# flannel网络 可以设置成master主机IP
1、kubernetes minion 端配置示例参考;
主要也是这个文件 config kubetle apiserver (minion 配置基本一样的,kubelet 中 KUBELET_HOSTNAME 设置为本机IP 地址)
1.1、apiserver 文件
# cat apiserver |grep -v ^$ |grep -v ^#KUBE_API_ADDRESS="--address=127.0.0.1"KUBE_ETCD_SERVERS="--etcd_servers=http://10.100.10.100:2379"KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
1.2、config 文件
# cat config |grep -v ^$ |grep -v ^#KUBE_LOGTOSTDERR="--logtostderr=true"KUBE_LOG_LEVEL="--v=0"KUBE_ALLOW_PRIV="--allow_privileged=false"KUBE_MASTER="--master=http://10.100.10.100:8080"KUBE_ETCD_SERVERS="--etcd-servers=http://10.100.10.100:2379"
1.3、kubelet 文件
# cat kubelet |grep -v ^$ |grep -v ^#KUBELET_ADDRESS="--address=0.0.0.0"KUBELET_PORT="--port=10250"KUBELET_HOSTNAME="--hostname-override=10.100.10.105"
# KUBELET_HOSTNAME 设置minion端主机IP (node2 就是设置为 10.100.10.106)KUBELET_API_SERVER="--api-servers=http://10.100.10.100:8080"KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
2、minion 端添加启动项、启动、并查看状态;
# cat minion-kube.shfor SERVICES in kube-proxy kubelet docker flanneld; dosystemctl enable $SERVICESsystemctl restart $SERVICESsystemctl status $SERVICES done
3、检测服务
ss -tln # 检测进程端口;# ifconfig docker
查看docker网络 172.16.0.0/16 网络;
再返回 master 端检测节点:# kubectl get nodesNAME STATUS AGE
五、Kubernetes Web UI搭建
1、创建kubernetes-dashboard.yaml
从官网下载 yaml 文件;wget https://rawgit.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml
2、编辑 kubernetes-dashboard.yaml 文件;
配置示例(版本不是最新,可按照部署最新进行编辑修改):
# cat kubernetes-dashboard.yaml # Copyright 2015 Google Inc. All Rights Reserved.## Licensed under the Apache License, Version 2.0 (the "License");# you may not use this file except in compliance with the License.# You may obtain a copy of the License at## ????http://www.apache.org/licenses/LICENSE-2.0## Unless required by applicable law or agreed to in writing, software# distributed under the License is distributed on an "AS IS" BASIS,# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.# See the License for the specific language governing permissions and# limitations under the License.# Configuration to deploy release version of the Dashboard UI.## Example usage: kubectl create -f <this_file>kind: DeploymentapiVersion: extensions/v1beta1metadata: ?labels: ???app: kubernetes-dashboard ?name: kubernetes-dashboard ?namespace: kube-systemspec: ?replicas: 1 ?selector: ???matchLabels: ?????app: kubernetes-dashboard ?template: ???metadata: ?????labels: ???????app: kubernetes-dashboard ?????# Comment the following annotation if Dashboard must not be deployed on master ?????annotations: ???????scheduler.alpha.kubernetes.io/tolerations: | ?????????[ ???????????{ ?????????????"key": "dedicated", ?????????????"operator": "Equal", ?????????????"value": "master", ?????????????"effect": "NoSchedule" ???????????} ?????????] ???spec: ?????containers: ?????- name: kubernetes-dashboard ???????image: docker.io/mritd/kubernetes-dashboard-amd64
# 如果有网络问题,images 也可以自己创建 docker 私有库;地址写成自己的; ????????#imagePullPolicy: Always ???????imagePullPolicy: IfNotPresent
# 不存在 就下载 ???????ports: ???????- containerPort: 9090 ?????????protocol: TCP ???????args: ?????????# Uncomment the following line to manually specify Kubernetes API server Host ?????????# If not specified, Dashboard will attempt to auto discover the API server and connect ?????????# to it. Uncomment only if the default does not work. ?????????# - --apiserver-host=http://my-address:port ?????????- --apiserver-host=http://10.100.10.100:8080
# master 主机 apiserver ???????livenessProbe: ?????????httpGet: ???????????path: / ???????????port: 9090 ?????????initialDelaySeconds: 30 ?????????timeoutSeconds: 30---kind: ServiceapiVersion: v1metadata: ?labels: ???app: kubernetes-dashboard ?name: kubernetes-dashboard ?namespace: kube-systemspec: ?type: NodePort ?ports: ?- port: 80 ???targetPort: 9090 ?selector: ???app: kubernetes-dashboard3、创建 Pod (image 位置;设置下载地址有关 需要等一会)
# kubectl create -f kubernetes-dashboard.yaml
# 创建 pod 失败删除
# 可以使用 kuectl delete -f kubernetes-dashboard.yaml 删除
4、检测 pods
pods
# kubectl get pods --all-namespacesNAMESPACE NAME READY STATUS RESTARTS AGEkube-system kubernetes-dashboard-3713835017-4nbkp 1/1 Running 1 5m
services# kubectl get services --all-namespacesNAMESPACE NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGEdefault kubernetes 10.254.0.1 <none> 443/TCP 33mkube-system kubernetes-dashboard 10.254.211.205 <nodes> 80:30491/TCP 5m
5、查看 service 信息
# kubectl describe service/kubernetes-dashboard --namespace="kube-system"Name:kubernetes-dashboardNamespace:kube-systemLabels:app=kubernetes-dashboardSelector:app=kubernetes-dashboardType:NodePortIP:10.254.211.205Port:<unset>80/TCPNodePort:<unset>30491/TCPEndpoints:172.16.4.4:9090Session Affinity:None
6、异常处理
可以查看pods信息描述;# kubectl describe pod/kubernetes-dashboard-3713835017-4nbkp --namespace="kubectl-system"查看日志信息;# kubectl logs -f kubernetes-dashboard-3713835017-4nbkp --namespace=kube-system
7、测试访问:
http://master:8080/ui/
六、kubectl 常用命令:
1. 检测信息命令# 查看集群信息kubectl cluster-info# 查看各组件信息kubectl -s http://localhost:8080 get componentstatuses# 查看pods所在的运行节点kubectl get pods -o wide# 查看pods定义的详细信息kubectl get pods -o yaml# 查看Replication Controller信息kubectl get rc# 查看service的信息kubectl get service# 查看节点信息kubectl get nodes# 按selector名来查找podkubectl get pod --selector name=redis# 查看运行的pod的环境变量kubectl exec pod名 env2.操作类命令# 创建kubectl create -f 文件名# 重建kubectl replace -f 文件名 [--force]# 删除kubectl delete -f 文件名kubectl delete pod pod名kubectl delete rc rc名kubectl delete service service名kubectl delete pod --all
kubernetes 集群
原文地址:https://www.cnblogs.com/sharesdk/p/8358694.html