Kubernetes部署应用

简介

主要为master & node安装

master:192.168.3.19
node1:192.168.3.20
node2:192.168.3.21

实际安装

主从机都要安装 epel-release源
yum -y install epel-release

设置hostname
hostnamectl  set-hostname node1

关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config

最后确认状态
firewall-cmd --state

master配置

host配置

echo "192.168.3.19    master
192.168.3.20  node1
192.168.3.21  node2" >> /etc/hosts

node也要配下

服务安装

安装etcd、kubernetes-master

/etc/kubernetes/config kubernetest配置文件

# logging to stderr means we get it in the systemd journal 错误日志记录到文件还是输出到stderr
KUBE_LOGTOSTDERR="--logtostderr=true"

# journal message level, 0 is debug 日志等级
KUBE_LOG_LEVEL="--v=0"

# Should this cluster be allowed to run privileged docker containers  允许运行特权容器
KUBE_ALLOW_PRIV="--allow-privileged=false"

# How the controller-manager, scheduler, and proxy find the apiserver  apiserver的服务地址controller-manager、scheduler及kubelet都会使用
KUBE_MASTER="--master=http://192.168.3.19:8080"

/etc/etcd/etcd.conf

# [Member]
# ETCD_CORS=""

# etcd数据存储位置
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"

# ETCD_WAL_DIR=""
# ETCD_LISTEN_PEER_URLS="http://localhost:2380" 监听的端口
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
# ETCD_MAX_SNAPSHOTS="5"
# ETCD_MAX_WALS="5"

# etcd名称
ETCD_NAME="default"

# ETCD_SNAPSHOT_COUNT="100000"
# ETCD_HEARTBEAT_INTERVAL="100"
# ETCD_ELECTION_TIMEOUT="1000"
# ETCD_QUOTA_BACKEND_BYTES="0"
# ETCD_MAX_REQUEST_BYTES="1572864"
# ETCD_GRPC_KEEPALIVE_MIN_TIME="5s"
# ETCD_GRPC_KEEPALIVE_INTERVAL="2h0m0s"
# ETCD_GRPC_KEEPALIVE_TIMEOUT="20s"
#
# [Clustering]
# ETCD_INITIAL_ADVERTISE_PEER_URLS="http://localhost:2380"  集群监听的端口
ETCD_ADVERTISE_CLIENT_URLS="http://localhost:2379"

/etc/kubernetes/apiserver

###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#

# The address on the local server to listen to. 监听的接口，如果是127则只监听localhost，如果是0.0.0.0则监听全部
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"

# The port on the local server to listen on.  apiserver的监听默认8080
KUBE_API_PORT="--port=8080"

# Port minions listen on
KUBELET_PORT="--kubelet-port=10250"  kubelet的监听端口，默认10250

# Comma separated list of nodes in the etcd cluster  etcd服务地址，端口2379
KUBE_ETCD_SERVERS="--etcd-servers=http://127.0.0.1:2379"

# Address range to use for services  kubernetes可分配的ip范围，启动一个pod及service就会分配一个ip地址，将按扎个范围分配
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"

# default admission control policies  集群额外配置项
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

# Add your own!
KUBE_API_ARGS=""

启动服务，并设置自启动

etcd、kube-apiserver、kube-controller-manager、kube-scheduler等

for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler; do systemctl restart $SERVICES;systemctl enable $SERVICES;systemctl status $SERVICES ; done

定义flannel网络

etcdctl mk /atomic.io/network/config '{"Network":"172.17.0.0/16"}'

node配置

安装kubernetes Node、flannel组件

/etc/sysconfig/flanneld

为flannel网络指定etcd服务

# Flanneld configuration options  

# etcd url location.  Point this to the server where etcd runs  etcd的地址和端口
FLANNEL_ETCD_ENDPOINTS="http://192.168.3.19:2379"

# etcd config key.  This is the configuration key that flannel queries
# For address range assignment  服务范围
FLANNEL_ETCD_PREFIX="/atomic.io/network"

# Any additional options that you want to pass  其他
# FLANNEL_OPTIONS=""

/etc/kubernetes/config

###
# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
#   kube-apiserver.service
#   kube-controller-manager.service
#   kube-scheduler.service
#   kubelet.service
#   kube-proxy.service
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"

# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"

# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"

# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://192.168.3.19:8080"

/etc/kubernetes/kubelet

修改node机器的kubelet配置文件

###
# kubernetes kubelet (minion) config

# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)  minion监听的地址
KUBELET_ADDRESS="--address=0.0.0.0"

# The port for the info server to serve on  监听的端口
KUBELET_PORT="--port=10250"

# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname-override=192.168.3.20"

# location of the api-server  apiserver
KUBELET_API_SERVER="--api-servers=http://192.168.3.19:8080"

# pod infrastructure container
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"

# Add your own!
KUBELET_ARGS=""

启动服务，并设置自启动

kube-proxy,kubelet,docker,flanneld等

for SERVICES in kube-proxy kubelet docker flanneld;do systemctl restart $SERVICES;systemctl enable $SERVICES;systemctl status $SERVICES; done

返回master查看配置成功

重复组建node2即可，效果如下