阿里云-云小站(无限量代金券发放中)
【腾讯云】云服务器、云数据库、COS、CDN、短信等热卖云产品特惠抢购

CentOS 7.5单机安装Kubernetes

221次阅读
没有评论

共计 15305 个字符,预计需要花费 39 分钟才能阅读完成。

1. 系统配置

CentOS 7.5

Docker 1.13.1

2. 关闭防火墙,selinux,swapoff

systemctl disable firewalld
systemctl stop firewalld

swapoff -a
 
# 临时关闭
$ setenforce 0 
# 永久关闭
$ vim /etc/selinux/config
SELINUX=disabled
 

3.yum 安装 k8s

[root@localhost yum.repos.d]# pwd
/etc/yum.repos.d
[root@localhost yum.repos.d]# cat kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
      http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
[root@localhost yum.repos.d]#

安装

[root@localhost yum.repos.d]#yum remove etcd kubernetes

[root@localhost yum.repos.d]# yum install -y etcd kubernetes
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
 * base: mirrors.cqu.edu.cn
 * extras: mirrors.nwsuaf.edu.cn
 * updates: mirrors.cqu.edu.cn
Resolving Dependencies
–> Running transaction check
—> Package etcd.x86_64 0:3.3.11-2.el7.centos will be installed
—> Package kubernetes.x86_64 0:1.5.2-0.7.git269f928.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

============================================================================================================================================================================
 Package                                Arch                              Version                                                Repository                          Size
============================================================================================================================================================================
Installing:
 etcd                                  x86_64                            3.3.11-2.el7.centos                                    extras                              10 M
 kubernetes                            x86_64                            1.5.2-0.7.git269f928.el7                                extras                              36 k

Transaction Summary
============================================================================================================================================================================
Install  2 Packages

Total download size: 10 M
Installed size: 45 M
Downloading packages:
(1/2): kubernetes-1.5.2-0.7.git269f928.el7.x86_64.rpm                                                                                                |  36 kB  00:00:00   
(2/2): etcd-3.3.11-2.el7.centos.x86_64.rpm                                                                                                          |  10 MB  00:00:06   
—————————————————————————————————————————————————————————-
Total                                                                                                                                      1.6 MB/s |  10 MB  00:00:06   
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : kubernetes-1.5.2-0.7.git269f928.el7.x86_64                                                                                                              1/2
  Installing : etcd-3.3.11-2.el7.centos.x86_64                                                                                                                          2/2
  Verifying  : etcd-3.3.11-2.el7.centos.x86_64                                                                                                                          1/2
  Verifying  : kubernetes-1.5.2-0.7.git269f928.el7.x86_64                                                                                                              2/2

Installed:
  etcd.x86_64 0:3.3.11-2.el7.centos                                              kubernetes.x86_64 0:1.5.2-0.7.git269f928.el7                                             

Complete!

修改配置
/etc/sysconfig/docker 修改 OPTIONS=’–selinux-enabled=false –insecure-registry gcr.io’ 并重启 docker
/etc/kubernetes/apiserver KUBE_ADMISSION_CONTROL 项删除 ServiceAccount

[root@localhost yum.repos.d]# vi /etc/sysconfig/docker

# /etc/sysconfig/docker

# Modify these options if you want to change the way the docker daemon runs
##OPTIONS=’–selinux-enabled –log-driver=journald –signature-verification=false’
OPTIONS=’–selinux-enabled=false –insecure-registry gcr.io’
if [-z “${DOCKER_CERT_PATH}” ]; then
    DOCKER_CERT_PATH=/etc/docker
fi

# Do not add registries in this file anymore. Use /etc/containers/registries.conf
# instead. For more information reference the registries.conf(5) man page.

# Location used for temporary files, such as those created by
# docker load and build operations. Default is /var/lib/docker/tmp
# Can be overriden by setting the following environment variable.
# DOCKER_TMPDIR=/var/tmp

# Controls the /etc/cron.daily/docker-logrotate cron job status.
# To disable, uncomment the line below.
# LOGROTATE=false

# docker-latest daemon can be used by starting the docker-latest unitfile.
# To use docker-latest client, uncomment below lines
Entering Ex mode.  Type “visual” to go to Normal mode.
:wq
“/etc/sysconfig/docker” 27L, 1157C written
[root@localhost yum.repos.d]# service docker restart
Redirecting to /bin/systemctl restart docker.service
[root@localhost yum.repos.d]# vi /etc/kubernetes/apiserver

###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#

# The address on the local server to listen to.
KUBE_API_ADDRESS=”–insecure-bind-address=127.0.0.1″

# The port on the local server to listen on.
# KUBE_API_PORT=”–port=8080″

# Port minions listen on
# KUBELET_PORT=”–kubelet-port=10250″

# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS=”–etcd-servers=http://127.0.0.1:2379″

# Address range to use for services
KUBE_SERVICE_ADDRESSES=”–service-cluster-ip-range=10.254.0.0/16″

# default admission control policies
#KUBE_ADMISSION_CONTROL=”–admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota”
KUBE_ADMISSION_CONTROL=”–admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota”

Entering Ex mode.  Type “visual” to go to Normal mode.
:wq
“/etc/kubernetes/apiserver” 27L, 894C written

4. 启动服务
启动服务:systemctl start serviceName 或者 service serviceName start
查看状态:systemctl status serviceName 或者 service serviceName status

systemctl start etcd
systemctl start docker
systemctl start kube-apiserver
systemctl start kube-controller-manager
systemctl start kube-scheduler
systemctl start kubelet
systemctl start kube-proxy

 验证

[root@localhost .kube]# kubectl version
Client Version: version.Info{Major:”1″, Minor:”10″, GitVersion:”v1.10.3″, GitCommit:”2bba0127d85d5a46ab4b778548be28623b32d0b0″, GitTreeState:”clean”, BuildDate:”2018-05-21T09:17:39Z”, GoVersion:”go1.9.3″, Compiler:”gc”, Platform:”linux/amd64″}
Server Version: version.Info{Major:”1″, Minor:”5″, GitVersion:”v1.5.2″, GitCommit:”269f928217957e7126dc87e6adfa82242bfe5b1e”, GitTreeState:”clean”, BuildDate:”2017-07-03T15:31:10Z”, GoVersion:”go1.7.4″, Compiler:”gc”, Platform:”linux/amd64″}
[root@localhost .kube]# kubectl get componentstatus
NAME                STATUS    MESSAGE            ERROR
etcd-0              Healthy  {“health”:”true”} 
scheduler            Healthy  ok                 
controller-manager  Healthy  ok 
[root@localhost .kube]# ps -ef|grep kube
root      14558  16233  0 15:17 pts/0    00:00:00 kubectl proxy –port=8443
kube      22748      1  1 15:28 ?        00:00:10 /usr/bin/kube-apiserver –logtostderr=true –v=0 –etcd-servers=http://127.0.0.1:2379 –insecure-bind-address=127.0.0.1 –allow-privileged=false –service-cluster-ip-range=10.254.0.0/16 –admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota
kube      22885      1  2 15:29 ?        00:00:20 /usr/bin/kube-controller-manager –logtostderr=true –v=0 –master=http://127.0.0.1:8080
kube      22983      1  0 15:29 ?        00:00:02 /usr/bin/kube-scheduler –logtostderr=true –v=0 –master=http://127.0.0.1:8080
root      23856      1  1 15:37 ?        00:00:05 /usr/bin/kube-proxy –logtostderr=true –v=0 –master=http://127.0.0.1:8080
root      38641      1  2 10:26 ?        00:01:10 /usr/bin/kubelet –logtostderr=true –v=0 –api-servers=http://127.0.0.1:8080 –address=127.0.0.1 –hostname-override=127.0.0.1 –allow-privileged=false –pod-infra-container-image=registry.access.RedHat.com/rhel7/pod-infrastructure:latest
root      29656  16233  0 15:46 pts/0    00:00:00 grep –color=auto kube

[root@localhost shell]# kubectl cluster-info
Kubernetes master is running at http://localhost:8080

To further debug and diagnose cluster problems, use ‘kubectl cluster-info dump’.

[root@localhost software]# kubectl get nodes
NAME STATUS AGE
127.0.0.1 Ready 1h
[root@localhost software]#

 5. 入门实验

先拉取纯净 centos 镜像 docker pull centos 慢问题的解决方案

dockerfile 制作自己的镜像 docker 利用 Dockerfile 来制作镜像

部署自己的镜像

[root@localhost software]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
base_tomcat tomcat-centos 0bed71f53b94 52 minutes ago 612 MB
docker.io/centos latest 9f38484d220f 2 weeks ago 202 MB

[root@localhost software]# kubectl run myk8s-pod –image=base_tomcat –replicas=2 –port=80
deployment “myk8s-pod” created
[root@localhost software]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myk8s-pod-1394982580-11h8h 0/1 ContainerCreating 0 30s
myk8s-pod-1394982580-37wlc 0/1 ContainerCreating 0 30s

[root@localhost software]# kubectl run myk8s-pod-2 –image=base_tomcat –replicas=5 –port=8070
deployment “myk8s-pod-2” created
[root@localhost software]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myk8s-pod-1394982580-11h8h 0/1 ContainerCreating 0 2m
myk8s-pod-1394982580-37wlc 0/1 ContainerCreating 0 2m
myk8s-pod-2-2707079129-1305m 0/1 ContainerCreating 0 5s
myk8s-pod-2-2707079129-2nvff 0/1 ContainerCreating 0 5s
myk8s-pod-2-2707079129-dk9m5 0/1 ContainerCreating 0 5s
myk8s-pod-2-2707079129-mwn3g 0/1 ContainerCreating 0 5s
myk8s-pod-2-2707079129-r282t 0/1 ContainerCreating 0 5s

[root@localhost software]# kubectl get deployments
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
myk8s-pod 2 2 2 0 13m
myk8s-pod-2 5 5 5 0 11m

发现 pod 状态无论多久都是处于 pending。READY 字段一直是 0 /1, 服务部署失败的原因是”中国墙“的问题导致无法下载 pod 启动时需要的谷歌镜像,所以我们得间接的创建所需的镜像。

补充:Pending 状态表示 API Server 已经创建 Pod,但 Pod 内还有一个或者多个容器没有创建,或者正在下载镜像的过程。详细的参考 Pod 声明周期和重启策略

查看 pod 信息

[root@localhost software]# kubectl describe pod myk8s-pod-1394982580-11h8h
Name:          myk8s-pod-1394982580-11h8h
Namespace:      default
Node:          127.0.0.1/127.0.0.1
Start Time:    Fri, 29 Mar 2019 11:21:03 +0800
Labels:        pod-template-hash=1394982580
                run=myk8s-pod
Status:        Pending
IP:
Controllers:    ReplicaSet/myk8s-pod-1394982580
Containers:
  myk8s-pod:
    Container ID:
    Image:                      base_tomcat
    Image ID:
    Port:                      80/TCP
    State:                      Waiting
      Reason:                  ContainerCreating
    Ready:                      False
    Restart Count:              0
    Volume Mounts:              <none>
    Environment Variables:      <none>
Conditions:
  Type          Status
  Initialized  True
  Ready        False
  PodScheduled  True
No volumes.
QoS Class:      BestEffort
Tolerations:    <none>
Events:
  FirstSeen    LastSeen        Count  From                    SubObjectPath  Type            Reason          Message
  ———    ——–        —–  —-                    ————-  ——–        ——          ——-
  15m          15m            1      {default-scheduler}                    Normal          Scheduled      Successfully assigned myk8s-pod-1394982580-11h8h to 127.0.0.1
  15m          4m              7      {kubelet 127.0.0.1}                    Warning        FailedSync      Error syncing pod, skipping: failed to “StartContainer” for “POD” with ErrImagePull: “image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request.  details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)”

  14m  11s    63      {kubelet 127.0.0.1}            Warning FailedSync      Error syncing pod, skipping: failed to “StartContainer” for “POD” with
 ImagePullBackOff: “Back-off pulling image \”registry.access.redhat.com/rhel7/pod-infrastructure:latest\””

[root@localhost software]#

## 百度 pod ContainerCreating

[root@localhost shell]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure …
sha256:92d43c37297da3ab187fc2b9e9ebfb243c1110d446c783ae1b989088495db931: Pulling from registry.access.redhat.com/rhel7/pod-infrastructure
26e5ed6899db: Pull complete
66dbe984a319: Pull complete
9138e7863e08: Pull complete
Digest: sha256:92d43c37297da3ab187fc2b9e9ebfb243c1110d446c783ae1b989088495db931
Status: Image is up to date for registry.access.redhat.com/rhel7/pod-infrastructure:latest

## 制作新镜像,因 kubectl describe pod myk8s-pod-2-2707079129-1305m 提示找不到 docker.io/base-tomcat,那么我们就制作一个

[root@localhost registry.access.redhat.com]# docker tag base_tomcat:tomcat-centos docker.io/base-tomcat:v1

[root@localhost registry.access.redhat.com]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
base_tomcat tomcat-centos 0bed71f53b94 3 hours ago 612 MB
docker.io/base-tomcat v1 0bed71f53b94 3 hours ago 612 MB
docker.io/centos latest 9f38484d220f 2 weeks ago 202 MB
registry.access.redhat.com/rhel7/pod-infrastructure latest 99965fb98423 17 months ago 209 MB
[root@localhost registry.access.redhat.com]#

[root@localhost registry.access.redhat.com]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myk8s-pod-2-2707079129-1305m 0/1 ImagePullBackOff 0 2h
myk8s-pod-2-2707079129-2nvff 0/1 ImagePullBackOff 0 2h
myk8s-pod-2-2707079129-dk9m5 0/1 ImagePullBackOff 0 2h
myk8s-pod-2-2707079129-mwn3g 0/1 ImagePullBackOff 0 2h
myk8s-pod-2-2707079129-r282t 0/1 ImagePullBackOff 0 2h
[root@localhost registry.access.redhat.com]# kubectl run myk8s-pod-3 –image=docker.io/base-tomcat:v1 –replicas=3 –port=8060
deployment “myk8s-pod-3” created
[root@localhost registry.access.redhat.com]# kubectl get pods
NAME READY STATUS RESTARTS AGE
myk8s-pod-2-2707079129-1305m 0/1 ImagePullBackOff 0 2h
myk8s-pod-2-2707079129-2nvff 0/1 ImagePullBackOff 0 2h
myk8s-pod-2-2707079129-dk9m5 0/1 ImagePullBackOff 0 2h
myk8s-pod-2-2707079129-mwn3g 0/1 ImagePullBackOff 0 2h
myk8s-pod-2-2707079129-r282t 0/1 ErrImagePull 0 2h
myk8s-pod-3-4228761222-5gdvr 1/1 Running 0 22s
myk8s-pod-3-4228761222-dngwc 1/1 Running 0 22s
myk8s-pod-3-4228761222-hl85l 1/1 Running

 
 

删除 pod, 再次查看 pods, 结果 replication 重新生成了一个 pod myk8s-pod-1394982580-n8sv6 , 这样 deployment myk8s-pod 始终保持两个

[root@localhost software]# kubectl get pods
NAME                          READY    STATUS              RESTARTS  AGE
myk8s-pod-1394982580-11h8h    0/1      ContainerCreating  0          17m
myk8s-pod-1394982580-37wlc    0/1      ContainerCreating  0          17m
myk8s-pod-2-2707079129-1305m  0/1      ContainerCreating  0          15m
myk8s-pod-2-2707079129-2nvff  0/1      ContainerCreating  0          15m
myk8s-pod-2-2707079129-dk9m5  0/1      ContainerCreating  0          15m
myk8s-pod-2-2707079129-mwn3g  0/1      ContainerCreating  0          15m
myk8s-pod-2-2707079129-r282t  0/1      ContainerCreating  0          15m
[root@localhost software]# kubectl delete myk8s-pod-1394982580-11h8h
error: resource(s) were provided, but no name, label selector, or –all flag specified
[root@localhost software]# kubectl delete pod myk8s-pod-1394982580-11h8h
pod “myk8s-pod-1394982580-11h8h” deleted
[root@localhost software]# kubectl get pods
NAME                          READY    STATUS              RESTARTS  AGE
myk8s-pod-1394982580-37wlc    0/1      ContainerCreating  0          17m
myk8s-pod-1394982580-n8sv6    0/1      ContainerCreating  0          4s
myk8s-pod-2-2707079129-1305m  0/1      ContainerCreating  0          15m
myk8s-pod-2-2707079129-2nvff  0/1      ContainerCreating  0          15m
myk8s-pod-2-2707079129-dk9m5  0/1      ContainerCreating  0          15m
myk8s-pod-2-2707079129-mwn3g  0/1      ContainerCreating  0          15m
myk8s-pod-2-2707079129-r282t  0/1      ContainerCreating  0          15m
[root@localhost software]#

删除部署 myk8s-pod 的服务,彻底删除 pod

[root@localhost software]# kubectl get pods
NAME                          READY    STATUS              RESTARTS  AGE
myk8s-pod-1394982580-37wlc    0/1      ContainerCreating  0          20m
myk8s-pod-1394982580-n8sv6    0/1      ContainerCreating  0          3m
myk8s-pod-2-2707079129-1305m  0/1      ContainerCreating  0          18m
myk8s-pod-2-2707079129-2nvff  0/1      ContainerCreating  0          18m
myk8s-pod-2-2707079129-dk9m5  0/1      ContainerCreating  0          18m
myk8s-pod-2-2707079129-mwn3g  0/1      ContainerCreating  0          18m
myk8s-pod-2-2707079129-r282t  0/1      ContainerCreating  0          18m
[root@localhost software]# kubectl delete deployment myk8s-pod
deployment “myk8s-pod” deleted
[root@localhost software]# kubectl get pods
NAME                          READY    STATUS              RESTARTS  AGE
myk8s-pod-2-2707079129-1305m  0/1      ContainerCreating  0          19m
myk8s-pod-2-2707079129-2nvff  0/1      ContainerCreating  0          19m
myk8s-pod-2-2707079129-dk9m5  0/1      ContainerCreating  0          19m
myk8s-pod-2-2707079129-mwn3g  0/1      ContainerCreating  0          19m
myk8s-pod-2-2707079129-r282t  0/1      ContainerCreating  0          19m
[root@localhost software]# kubectl get deployments
NAME          DESIRED  CURRENT  UP-TO-DATE  AVAILABLE  AGE
myk8s-pod-2  5        5        5            0          19m

本文���久更新链接地址:https://www.linuxidc.com/Linux/2019-03/157805.htm

正文完
星哥玩云-微信公众号
post-qrcode
 0
星锅
版权声明:本站原创文章,由 星锅 于2022-01-21发表,共计15305字。
转载说明:除特殊说明外本站文章皆由CC-4.0协议发布,转载请注明出处。
【腾讯云】推广者专属福利,新客户无门槛领取总价值高达2860元代金券,每种代金券限量500张,先到先得。
阿里云-最新活动爆款每日限量供应
评论(没有评论)
验证码
【腾讯云】云服务器、云数据库、COS、CDN、短信等云产品特惠热卖中