版本:1.20.9-0
Kubernetes 这个名字源于希腊语,意为“舵手”或“飞行员”。k8s 这个缩写是因为 k 和 s 之间有八个字符的关系。
官网:https://kubernetes.io/zh/docs/concepts/overview/what-is-kubernetes/
组件介绍
kubernetes 集群有很多节点组成,这些节点有两种类型:
1. 主(master)节点:kubernetes 控制 和 管理整个集群系统的控制面板。
2. 工作(worker)节点:部署实际应用。
master 节点组件:
1. kubernetes API Server,用来和控制面板组件通信交互的组件
2. scheculer 应用调度组件
3. Controller manager 执行集群级别功能(复制组件、跟踪worker节点、处理节点失败)的节点
4. etcd 一个可靠的分布式数据存储,保存集群配置
worker 节点组件:
1. kubelet 与 API 服务器通信,管理当前 worker 节点的容器
2. kube-proxy (kubernetes Service Proxy) 负责组件质检的负载均衡网络流量
docker版本:安装参考《Docker安装》
yum install docker-ce-19.03.5 docker-ce-cli-19.03.5 containerd.io-1.2.10
kubernetes 安装
需要禁用交换分区,及其他遇到的问题:《kubernetes1.20.9安装过程中遇到的问题》
1. 【所有节点需执行】设置 kubernetes 国内镜像,编辑 /etc/yum.repos.d/kubernetes.repo 内容如下
[kubernetes] name=Kubernetes baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg exclude=kubelet kubeadm kubectl
2. 【所有节点需执行】安装 kubelet、kubectl、kubeadm
yum install -y kubelet-1.20.9 kubeadm-1.20.9 kubectl-1.20.9
3. 【所有节点需执行】启动 kubelet,并设置开机启动
systemctl enable kubelet --now
4. 【所有节点需执行】下载需要的 docker 镜像
docker pull kube-apiserver:v1.20.9 docker pull kube-proxy:v1.20.9 docker pull kube-controller-manager:v1.20.9 docker pull kube-scheduler:v1.20.9 docker pull coredns:1.7.0 docker pull etcd:3.4.13-0 docker pull pause:3.2
其中 master 节点需要下载所有镜像,worker 节点需要下载 kube-proxy,pause 镜像。
5. 【master 节点需执行】初始化 master 节点
kubeadm init \ --apiserver-advertise-address=192.168.31.160 \ --control-plane-endpoint=cluster-endpoint \ --image-repository registry.cn-beijing.aliyuncs.com/miselehe \ --kubernetes-version v1.20.9 \ --service-cidr=10.96.0.0/24 \ --pod-network-cidr=10.244.0.0/16
apiserver-advertise-address:master IP地址,一般是内网地址。
service-cidr:k8s服务暴露端口时的IP网段。
pod-network-cidr:k8s集群内 Pod 间通信用网段。
此三个网络不能再同一网段。
初始化完成提示:
Your Kubernetes control-plane has initialized successfully! # 1. 需要执行以下指令 To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config Alternatively, if you are the root user, you can run: export KUBECONFIG=/etc/kubernetes/admin.conf # 2. 需要安装 Pod 之间交互的网络插件 You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ # 3. 在其他节点执行以下指令,将其他节点作为 master 节点加入当前节点 You can now join any number of control-plane nodes by copying certificate authorities and service account keys on each node and then running the following as root: kubeadm join cluster-endpoint:6443 --token 82xo0l.jklbj4dtvfbyqrxx \ --discovery-token-ca-cert-hash sha256:ed1e58c58995f0ee7da7dd25522b6edfb895a944e59aa8ea5d1a9e720db18608 \ --control-plane # 4. 在其他节点执行以下指令,将其他节点作为 worker 节点加入当前节点 Then you can join any number of worker nodes by running the following on each as root: kubeadm join cluster-endpoint:6443 --token 82xo0l.jklbj4dtvfbyqrxx \ --discovery-token-ca-cert-hash sha256:ed1e58c58995f0ee7da7dd25522b6edfb895a944e59aa8ea5d1a9e720db18608
加入 master 节点指令默认24小时有效,超出24小时可使用如下指令重新获取加入节点的指令
kubeadm token create --print-join-command
6. master 节点安装 Pod 需要的 calico 网络插件
下载 calico 网络插件 yaml 文件
curl https://docs.projectcalico.org/manifests/calico.yaml -O
修改 calico 配置文件内容
- name: CALICO_IPV4POOL_CIDR # value: "192.168.0.0/16"
将网段修改为 master 初始化时 pod-network-cidr 参数的网段(10.244.0.0/16),注意 yaml 文件格式!
根据 master 节点初始化提示指令,安装 calico 插件
kubectl apply -f calico.yaml
7. 将 worker 节点加入 master 节点
增加 master 节点映射
echo '192.168.31.160 cluster-endpoint' >> /etc/hosts
执行初始化 master 节点提示指令,将 node1-k8s,node2-k8s 作为 worker 节点加入 master-k8s 节点
kubeadm join cluster-endpoint:6443 --token 82xo0l.jklbj4dtvfbyqrxx \ --discovery-token-ca-cert-hash sha256:ed1e58c58995f0ee7da7dd25522b6edfb895a944e59aa8ea5d1a9e720db18608
加入成功提示
sudo chown $(id -u):$(id -g) $HOME/.kube/config[preflight] Running pre-flight checks [preflight] Reading configuration from the cluster... [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml' [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" [kubelet-start] Starting the kubelet [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap... This node has joined the cluster: * Certificate signing request was sent to apiserver and a response was received. * The Kubelet was informed of the new secure connection details. Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
8. 查看集群信息
# 查看集群信息 # kubectl cluster-info Kubernetes control plane is running at https://cluster-endpoint:6443 KubeDNS is running at https://cluster-endpoint:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'. # 查看集群节点信息 # kubectl get nodes -A NAME STATUS ROLES AGE VERSION master-k8s.localdomain Ready control-plane,master 4d20h v1.20.9 node1-k8s.localdomain Ready <none> 4d20h v1.20.9 node2-k8s.localdomain Ready <none> 4d20h v1.20.9 # kubectl get nodes -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME master-k8s.localdomain Ready control-plane,master 9d v1.20.9 192.168.31.160 <none> CentOS Linux 7 (Core) 3.10.0-1062.el7.x86_64 docker://19.3.5 node1-k8s.localdomain Ready <none> 9d v1.20.9 192.168.31.161 <none> CentOS Linux 7 (Core) 3.10.0-1062.el7.x86_64 docker://19.3.5 node2-k8s.localdomain Ready <none> 9d v1.20.9 192.168.31.162 <none> CentOS Linux 7 (Core) 3.10.0-1062.el7.x86_64 docker://19.3.5 # 查看节点详情 # kubectl describe node node1-k8s.localdomain