1.系统环境:
CentOS Linux release 7.6.1810 (Core)
3.10.0-957.12.2.el7.x86_64 #这个很重要,内核版本必须3.10以上
先在/etc/hosts上做好各个机器的host解析
2.master安装:
#安装相关依赖
yum install -y yum-utils device-mapper-persistent-data lvm2
#添加阿里云kubernetes的repo
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
#添加阿里云docker-ce的repo
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#关闭selinux
setenforce 0
#安装docer-ce kubelet kubeadm kubectl
yum install docker-ce kubelet kubeadm kubectl
#添加环境变量屏蔽因开启swap导致的报错
vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
systemctl enable kubelet docker #设置kubelet docker开机自启动
systemctl docker start #启动docker
#初始化kubernetes集群
kubeadm init --kubernetes-version=1.15.2 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12
初始化的时候会报错:
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-apiserver:v1.15.2: output: Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-controller-manager:v1.15.2: output: Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-scheduler:v1.15.2: output: Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-proxy:v1.15.2: output: Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/pause:3.1: output: Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/etcd:3.3.10: output: Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/coredns:1.3.1: output: Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
, error: exit status 1
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
这是因为因为不可描述的网络原因,k8s下载不到需要的docker镜像,解决方法有两个:
1.可以自己pull下载需要的镜像到本机,然后改tag为k8s需要的;
2.在docker配置文件中添加HTTPS_PROXY的代理解决(在/usr/lib/systemd/system/docker.service中添加Environment="HTTPS_PROXY=http://www.ik8s.io:10080
Environment="NO_PROXY 127.0.0.1/8,172.20.0.0/16");
(此处因为代理不可用了,所以选用第一个解决方法)
根据上面报错时提示的相应版本在docker hub上找到对应镜像下载到本地:
#根据上面报错的提示选择相应的版本
docker pull mirrorgooglecontainers/kube-apiserver:v1.15.2
docker pull mirrorgooglecontainers/kube-controller-manager:v1.15.2-beta.0
docker pull mirrorgooglecontainers/kube-scheduler:v1.15.2-beta.0
docker pull mirrorgooglecontainers/kube-proxy:v1.15.2
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.3.10
docker pull coredns/coredns:1.3.1
#改tag
docker tag mirrorgooglecontainers/kube-apiserver:v1.15.2 k8s.gcr.io/kube-apiserver:v1.15.2
docker tag mirrorgooglecontainers/kube-controller-manager:v1.15.2-beta.0 k8s.gcr.io/kube-controller-manager:v1.15.2
docker tag mirrorgooglecontainers/kube-scheduler:v1.15.2-beta.0 k8s.gcr.io/kube-scheduler:v1.15.2
docker tag mirrorgooglecontainers/kube-proxy:v1.15.2 k8s.gcr.io/kube-proxy:v1.15.2
docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag mirrorgooglecontainers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10
docker tag coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
#清理镜像
docker rmi mirrorgooglecontainers/kube-apiserver:v1.15.2
docker rmi mirrorgooglecontainers/kube-controller-manager:v1.15.2-beta.0
docker rmi mirrorgooglecontainers/kube-scheduler:v1.15.2-beta.0
docker rmi mirrorgooglecontainers/kube-proxy:v1.15.2
docker rmi mirrorgooglecontainers/pause:3.1
docker rmi mirrorgooglecontainers/etcd:3.3.10
docker rmi coredns/coredns:1.3.1
使用docker image ls查看下载的镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
k8s.gcr.io/kube-proxy v1.15.2 167bbf6c9338 7 days ago 82.4MB
k8s.gcr.io/kube-apiserver v1.15.2 34a53be6c9a7 7 days ago 207MB
k8s.gcr.io/kube-scheduler v1.15.2 38d61dd6e105 3 weeks ago 81.1MB
k8s.gcr.io/kube-controller-manager v1.15.2 575346c7506b 3 weeks ago 159MB
quay.io/coreos/flannel v0.11.0-amd64 ff281650a721 6 months ago 52.6MB
k8s.gcr.io/coredns 1.3.1 eb516548c180 7 months ago 40.3MB
k8s.gcr.io/etcd 3.3.10 2c4adeb21b4f 8 months ago 258MB
k8s.gcr.io/pause 3.1 da86e6ba6ca1 20 months ago 742kB
#根据kubeadm的提示添加配置文件
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
systemctl start kubelet #启动kubelet
#安装完成后会提示各node节点加入master的kubeadm命令
kubeadm join 10.1.129.86:6443 --token 5v5ivf.909d1t3aq0w5o8bx --discovery-token-ca-cert-hash sha256:ea52f340c37e306f36f72d1efa732d522e1f790bcf761eab6bdcb5de8f49700c
之后安装flannel插件
使用kubectl get nodes查看各node会显示master节点notready
这是因为还缺少flannel插件
#使用kubectl安装flannel插件
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
#查看kube系统名称空间各组件运行状态
kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-5c98db65d4-59f8x 1/1 Running 0 4d7h
coredns-5c98db65d4-zzfkk 1/1 Running 0 4d7h
etcd-localhost 1/1 Running 0 4d7h
kube-apiserver-localhost 1/1 Running 0 4d7h
kube-controller-manager-localhost 1/1 Running 0 4d7h
kube-flannel-ds-amd64-lnvch 1/1 Running 55 24h
kube-flannel-ds-amd64-nljvp 1/1 Running 0 26h
kube-proxy-5mftv 1/1 Running 0 4d7h
kube-proxy-fz8gd 1/1 Running 0 24h
kube-scheduler-localhost 1/1 Running 0 4d7h
至此 master节点安装完成!
3.node安装:
#安装相关依赖
yum install -y yum-utils device-mapper-persistent-data lvm2
#添加阿里云kubernetes的repo
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
#添加阿里云docker-ce的repo
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#关闭selinux
setenforce 0
#安装docer-ce kubelet kubeadm (可选kubectl)
yum install docker-ce kubelet kubeadm
systemctl enable kubelet docker #设置kubelet docker开机自启动
systemctl start docker kubelet #启动docker
node节点需要pull的镜像为pause和kube-proxy
docker pull mirrorgooglecontainers/kube-proxy:v1.15.2
docker pull mirrorgooglecontainers/pause:3.1
docker tag mirrorgooglecontainers/kube-proxy:v1.15.2 k8s.gcr.io/kube-proxy:v1.15.2
docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker rmi mirrorgooglecontainers/kube-proxy:v1.15.2
docker rmi mirrorgooglecontainers/pause:3.1
使用之前的kubeadm join命令加入kubernetes集群
可能会有报错
[root@node01 yum.repos.d]# kubeadm join 10.1.129.86:6443 --token 5v5ivf.909d1t3aq0w5o8bx \
> --discovery-token-ca-cert-hash sha256:ea52f340c37e306f36f72d1efa732d522e1f790bcf761eab6bdcb5de8f49700c ^C
[root@node01 yum.repos.d]# kubeadm join 10.1.129.86:6443 --token 5v5ivf.909d1t3aq0w5o8bx --discovery-token-ca-cert-hash sha256:ea52f340c37e306f36f72d1efa732d522e1f790bcf761eab6bdcb5de8f49700c --ignore-preflight-errors=Swap
[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[WARNING SystemVerification]: this Docker version is not on the list of validated versions: 19.03.1. Latest validated version: 18.09
[WARNING Service-Kubelet]: kubelet service is not enabled, please run 'systemctl enable kubelet.service'
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
error execution phase preflight: unable to fetch the kubeadm-config ConfigMap: failed to get config map: Unauthorized
这是因为master的token过期了,在master上重新创建token替换(kubeadm token create)加入即可
node加载完会自动下载flannel,使用docker image ls 查看下载到的镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
k8s.gcr.io/kube-proxy v1.15.2 167bbf6c9338 8 days ago 82.4MB
quay.io/coreos/flannel v0.11.0-amd64 ff281650a721 6 months ago 52.6MB
k8s.gcr.io/pause 3.1 da86e6ba6ca1 20 months ago 742kB
再在master上使用kubectl get nodes查看信息
NAME STATUS ROLES AGE VERSION
localhost Ready master 4d7h v1.15.2
node01 Ready <none> 25h v1.15.2
至此kubernete集群安装成功!
网友评论