目录
4、下载一些常用软件并禁用防火墙、selinux、swap分区
6、安装docker,有很多安装方式,可以去官网看。不要下最新版,不兼容
一:什么是RKE
RKE是一款经过CNCF认证的开源Kubernetes发行版,可以在Docker容器内运行。它通过删除大部分主机依赖项,并为部署、升级和回滚提供一个稳定的路径,从而解决了Kubernetes最常见的安装复杂性问题。
二:k8s主机master的准备工作
| OS | hostname | IP |
| centos7 | k8s-master | 192.168.149.164 |
| centos7 | k8s-node1 | 192.168.149.165 |
| centos7 | k8s-node2 | 192.168.149.166 |
1、修改master主机名(先配置一台,克隆另外两台)
vi /etc/hostname或者hostnamectl set-hostname k8s-master[root@k8s-master ~]# cat /etc/hostname
k8s-master
[root@k8s-master ~]#
2、配置静态ip地址
vi /etc/sysconfig/network-scripts/ifcfg-ens33
BOOTPROTO="static"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.149.164
PREFIX=24
GATEWAY=192.168.149.2
DNS1=114.114.114.114改完后service network restart重启网络服务
3、修改域名解析地址
cat >> /etc/hosts << EOF
192.168.149.164 k8s-master
192.168.149.165 k8s-node1
192.168.149.166 k8s-node2
EOF4、下载一些常用软件并禁用防火墙、selinux、swap分区
yum install -y lrzsz
yum install -y net-tools
yum install -y wget
yum install -y vim-enhanced
yum install -y bash-completion
yum install -y git
yum install -y telnet
yum install -y telnet-server
####全部建议永久关闭,避免重启后服务报错
# 关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
# 关闭selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 临时
# 关闭swap
swapoff -a # 临时
sed -ri 's/.*swap.*/#&/' /etc/fstab # 永久
5、删除全部docker文件及依赖包、镜像、容器、卷
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
rm –rf /var/lib/docker/
6、安装docker,有很多安装方式,可以去官网看。不要下最新版,不兼容
官网提供多种方式安装:Redirecting…
yum install docker -y
[root@k8s-master ~]# docker -v
Docker version 1.13.1, build 7d71120/1.13.17、修改docker配置
mkdir /etc/docker
vi /etc/docker/daemon.json
添加:
{
"registry-mirrors": [
"https://registry.docker-cn.com"
],
"dns":[
"114.114.114.114",
"8.8.8.8",
"8.8.4.4"
]
}
然后使之生效:systemctl daemon-reload
设置开机自启:systemctl enable docker
启动:systemctl start docker
测试:docker run hello-world
显示 Hello from Docker! 即表示安装成功
8、建一个用户并添加权限。
useradd xxx
passwd xxx
usermod -aG docker xxx
vi /etc/sudoers
找到这一行:"root ALL=(ALL) ALL",
在下面添加"xxx ALL=(ALL) ALL"(这里的xxx是你的用户名)
9、启动ipv4转发
/etc/sysctl.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
使之生效sudo sysctl -p二:克隆两台机器,并修改IP地址和主机名
1、同master主机一样修改IP地址和主机名
2、建立SSH免密通道
master主机这边切换到普通用户su - xxx
ssh-keygen #三次回车 生成秘钥
ssh-copy-id 用户名@机器IP #输入yes和密码 发送公钥,用户名都是xxx
ssh 用户名@机器IP #测试免密
三:RKE安装及部署k8s
1、安装RKE
下载地址:Release Release v0.2.4 · rancher/rke · GitHub
使用xftp拖下来:
2、授权并创建cluster.yml
改名并赋予可执行权限
[yuan@k8s-master ~]$ ls
cluster.rkestate cluster.yml kube_config_cluster.yml rke
[yuan@k8s-master ~]$ chmod +x rke
同目录下创建cluster.yml文件
[yuan@k8s-master ~]$ cat cluster.yml
nodes:
- address: 192.168.149.164
user: yuan
role: [controlplane,etcd]
- address: 192.168.149.165
user: yuan
role: [etcd,worker]
- address: 192.168.149.166
user: yuan
role: [etcd,worker]
[yuan@k8s-master ~]$
3、安装(幂等操作)
./rke up --config cluster.yml
如果报错Failed to get job complete status for job rke-network-plugin-deploy-job in namespace kube-system,检查ssh免密通道是否建好,重新执行一遍。
完成后当前目录下回生成kube_config_cluster.yml和cluster.rkestate文件
4、master主机上安装kubectl交互工具。
下载v1.15.0,或者官网Install Tools | Kubernetes
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
赋予可执行权限,放入bin目录
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
拷贝文件kube_config_cluster.yml并重命名
#将集群认证凭据文件添加到系统变量
echo export KUBECONFIG=/home/rke/kube_config_cluster.yml >> ~/.bash_profile
source ~/.bash_profile
kubectl get node #测试
查看集群状态和系统容器
kubectl get nodes -o wide
kubectl get pods -A四:创建pod并开启nginx服务(可以在root用户)
1、创建两个.yml文件
[root@k8s-master ~]# cat nginx-dep.yml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
spec:
selector:
matchLabels:
app: nginx
replicas: 2
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:alpine
ports:
- containerPort: 80
[root@k8s-master ~]#[root@k8s-master ~]# cat nginx-svc.yml
apiVersion: v1
kind: Service
metadata:
name: nginx-service
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30080
type: NodePort
[root@k8s-master ~]#2、创建pod并查看状态
kubectl apply -f nginx-dep.yml
kubectl get deployment nginx-deployment -o wide
[root@k8s-master ~]# kubectl get deployment nginx-deployment -o wide
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
nginx-deployment 4/4 4 4 2d nginx nginx:alpine app=nginx
[root@k8s-master ~]# 3、启动service暴露端口
# 启动服务
kubectl apply -f nginx-svc.yml
# 查看
[root@k8s-master ~]# kubectl get svc nginx-service -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
nginx-service NodePort 10.43.222.41 <none> 80:30080/TCP 2d app=nginx
# 详细
[root@k8s-master ~]# kubectl describe svc nginx-service
Name: nginx-service
Namespace: default
Labels: <none>
Annotations: <none>
Selector: app=nginx
Type: NodePort
IP Families: <none>
IP: 10.43.222.41
IPs: <none>
Port: <unset> 80/TCP
TargetPort: 80/TCP
NodePort: <unset> 30080/TCP
Endpoints: 10.42.1.15:80,10.42.1.18:80,10.42.2.18:80 + 1 more...
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
4、浏览器验证
五:补充
查看节点信息:kubectl get nodes -o wide
查看有哪些pod:kubectl get pods -o wide
查看pod详细信息:kubectl describe pod nginx-deployment-7b45b4c665-78kj6
查看pod日志:kubectl logs nginx-deployment-7b45b4c665-78kj6
扩缩:kubectl scale deployment/nginx-deployment --replicas=10
回滚:kubectl rollout undo deployment/k8s-nginx-1.18
版本升级:kubectl set image deployment/k8s-nginx-1.18 nginx=nginx:2.10.1