CentOS 7 安装kubernetes

发表于   |   分类于   |     |   次阅读

Kubernetes is an open source container management system that allows the deployment, orchestration, and scaling of container applications and micro-services across multiple hosts. This tutorial will describe the installation and configuration of a multi-node Kubernetes cluster on CentOS 7.

A single master host will manage the cluster and run several core Kubernetes services.

  • API Server - The REST API endpoint for managing most aspects of the Kubernetes cluster.
  • Replication Controller - Ensures the number of specified pod replicas are always running by starting or shutting down pods.
  • Scheduler - Finds a suitable host where new pods will be reside.
    etcd - A distributed key value store where Kubernetes stores information about itself, pods, services, etc.
  • Flannel - A network overlay that will allow containers to communicate across multiple hosts.

The minion hosts will run the following services to manage containers and their network.

  • Kubelet - Host level pod management; determines the state of pod containers based on the pod manifest received from the Kubernetes master.
  • Proxy - Manages the container network (IP addresses and ports) based on the network service manifests received from the Kubernetes master.
  • Docker - An API and framework built around Linux Containers (LXC) that allows for the easy management of containers and their images.
  • Flannel - A network overlay that will allow containers to communicate across multiple hosts.

Note: Flannel, or another network overlay service, is required to run on the minions when there is more than one minion host. This allows the containers which are typically on their own internal subnet to communicate across multiple hosts. As the Kubernetes master is not typically running containers, the Flannel service is not required to run on the master.

环境

相关环境

主机 域名 组件 备注
192.168.56.101 kube-master kubernetes,etcd kubernetes node
192.168.56.102 kube-minion1 kubernetes,flannel,docker kubernetes node
192.168.56.103 kube-minion2 kubernetes,flannel,docker kubernetes node

暂时禁用防火墙

#
systemctl stop firewalld
systemctl disable firewalld
yum -y install ntp
systemctl start ntpd
systemctl enable ntpd

域名解析

Using hostname resolution will help clarify the relationship between all the hosts. Add the following mapping to the /etc/hosts file to allow proper DNS resolution across all hosts.

192.168.56.101 kube-master
192.168.56.102 kube-minion1
192.168.56.103 kube-minion2

安装 k8s master 节点

#
yum install kubernetes-master etcd -y

配置etcd

#
grep -vE '^$|^#' /etc/etcd/etcd.conf
ETCD_NAME=default
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.1.248:2379"

启动服务

#
systemctl enable etcd
systemctl start etcd

查看当前集群成员

#
etcdctl member list

配置k8s文件

# grep -vE '^$|^#' /etc/kubernetes/config
KUBE_LOGTOSTDERR="--logtostderr=true"
KUBE_LOG_LEVEL="--v=0"
KUBE_ALLOW_PRIV="--allow_privileged=false"
KUBE_MASTER="--master=http://kube-master:8080"

配置API 文件

#
grep -vE '^$|^#' /etc/kubernetes/apiserver
KUBE_API_ADDRESS="--address=0.0.0.0"
KUBE_ETCD_SERVERS="--etcd_servers=http://kube-master:2379"
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
KUBE_API_ARGS=""

配置控制 文件

#
grep -vE '^$|^#' /etc/kubernetes/controller-manager
KUBE_CONTROLLER_MANAGER_ARGS=""

启动相关服务

#
for SERVICES in kube-apiserver kube-controller-manager kube-scheduler; do
    systemctl restart $SERVICES
    systemctl enable $SERVICES
    systemctl status $SERVICES
done

安装 k8s Minions 节点

#
yum install kubernetes-node flannel etcd docker -y

Minion 配置文件修改

#
grep -vE '^$|^#' /etc/kubernetes/config
KUBE_LOGTOSTDERR="--logtostderr=true"
KUBE_LOG_LEVEL="--v=0"
KUBE_ALLOW_PRIV="--allow_privileged=false"
KUBE_MASTER="--master=http://kube-master:8080"
#
grep -vE '^$|^#' /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_HOSTNAME="--hostname_override=192.168.56.103"
KUBELET_API_SERVER="--api_servers=http://kube-master:8080"
KUBELET_ARGS=""
#
cat /usr/lib/systemd/system/kubelet.service
[Unit]
Description=Kubernetes Kubelet Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=docker.service
Requires=docker.service

[Service]
WorkingDirectory=/var/lib/kubelet
EnvironmentFile=-/etc/kubernetes/config
EnvironmentFile=-/etc/kubernetes/kubelet
ExecStart=/usr/bin/kubelet \
	    $KUBE_LOGTOSTDERR \
	    $KUBE_LOG_LEVEL \
	    $KUBELET_API_SERVER \
	    $KUBELET_ADDRESS \
	    $KUBELET_PORT \
	    $KUBELET_HOSTNAME \
	    $KUBE_ALLOW_PRIV \
	    $KUBELET_ARGS
Restart=on-failure

[Install]
WantedBy=multi-user.target

启动相关服务

#
systemctl daemon-reload
for SERVICES in kube-proxy kubelet flanneld docker; do
    systemctl restart $SERVICES
    systemctl enable $SERVICES
    systemctl status $SERVICES
done

配置flannel

配置 flannel 通信网段

# etcdctl mk /coreos.com/network/config '{"Network":"172.17.0.0/16"}'
# etcdctl get /coreos.com/network/config
{"Network":"172.17.0.0/16"}
# grep -vE '^$|^#' /etc/sysconfig/flanneld
FLANNEL_ETCD="http://kube-master:2379"
FLANNEL_ETCD_KEY="/atomic.io/network"
systemctl enable flanenld
systemctl restart flanneld

集群状态

K8s Master

#
#  kubectl get nodes
NAME             LABELS                                  STATUS
192.168.56.103   kubernetes.io/hostname=192.168.56.103   Ready

etcd 集群

# etcdctl --peers 192.168.56.101:2379 member list
ce2a822cea30bfca: name=default peerURLs=http://localhost:2380,http://localhost:7001 clientURLs=http://kube-master:2379