环境准备

服务器之间时间同步

1. 关闭防火墙

systemctl stop firewalld

setenforce 0

2. 设置yum源   三台机器都要设置一个master两个node节点

下载docker镜像yum源
cd /etc/yum.repos.d 
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

vi kubernetes.repo 

[kubernetes]

name=Kubernetes Repo

baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/

enabled=1

gpgcheck=1

gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

执行yum repolist 查看镜像是否成功

3. 安装docker 生产用版本 1.7.03  所有节点安装

yum install -y docker

设置开机启动docker
  systemctl enable docker

草,网上很多文章说不需要kubeadm,导致8080一直报错,官网又让安装

You will install these packages on all of your machines:

kubeadm: the command to bootstrap the cluster.

kubelet: the component that runs on all of the machines in your cluster and does things like starting pods and containers.

kubectl: the command line util to talk to your cluster.

4. 安装kubeadm

yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
systemctl enable --now kubelet

启动docker

systemctl start docker

启动  systemctl enable kubelet && systemctl start kubelet

查看docker信息

docker version  或者docker info

查看kubeadm版本

kubeadm version 

查看kubelet信息

rpm -ql kubelet

查看kubelet的状态

systemctl status kubelet

查看日志

tail /var/log/messages

a. 关于忽略swap  可省略

Kubernetes 1.8开始要求关闭系统的Swap,如果不关闭,默认配置下kubelet将无法启动。 
      可以通过kubelet的启动参数–fail-swap-on=false更改这个限制。

设置 swapoff -a

查看cat /etc/sysconfig/kubelet

修改kubelet中内容为  KUBELET_EXTRA_ARGS="--fail-swap-on=false"

配置转发参数

cat  /etc/sysctl.d/k8s.conf

net.bridge.bridge-nf-call-ip6tables =

net.bridge.bridge-nf-call-iptables =

vm.swappiness=

b. 编写脚本下载必需的镜像  vi images.sh

#!/bin/bash
images="kube-apiserver:v1.14.0 kube-scheduler:v1.14.0 kube-controller-manager:v1.14.0 kube-proxy:v1.14.0
etcd:3.3.10 pause:3.1"
for imageName in $images
do
echo $imageName
docker pull docker.io/mirrorgooglecontainers/$imageName
docker tag docker.io/mirrorgooglecontainers/$imageName k8s.gcr.io/$imageName
docker rmi docker.io/mirrorgooglecontainers/$imageName
done
others="coredns:1.3.1"
for other in $others
do
docker pull docker.io/coredns/$other
docker tag docker.io/coredns/$other k8s.gcr.io/$other
docker rmi docker.io/coredns/$other
done

chmod 777 images.sh

c. kubeadm初始化

kubeadm init --kubernetes-version=v1.14.0 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap

记录以下信息用于node节点连接到master

kubeadm join 172.19.68.9:6443 --token mhg1pv.wpsv2mmou2pat7ug \
--discovery-token-ca-cert-hash sha256:4f315d48cf4fb954e76e25d3683577ef87f248377aa2bafbae514073eb43fffc

d. 执行命令

mkdir -p $HOME/.kube

cp -i /etc/kubernetes/admin.conf $HOME/.kube/config 

状态命令检查kubectl get cs

检查节点 kubectl get nodes

e. 部署网络插件 flannel

https://github.com/coreos/flannel

执行命令 kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

查看flannel镜像 docker image ls

查看pods是否启动 kubectl get pods -n kube-system

kubectl get pods -n kube-system -o wide 打印更多信息

查看命令空间 kubectl get ns

最后一步 配置node结点

下载必需镜像 如果不下载pause,master结点中node结点一直在noready状态

docker pull mirrorgooglecontainers/pause:3.1

docker tag docker.io/mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1

docker rmi docker.io/mirrorgooglecontainers/pause:3.1

docker pull mirrorgooglecontainers/kube-proxy:v1.14.0

docker tag docker.io/mirrorgooglecontainers/kube-proxy:v1.14.0 k8s.gcr.io/kube-proxy:v1.14.0

docker rmi docker.io/mirrorgooglecontainers/kube-proxy:v1.14.0

查看master上面结点信息

kubectl get pods -n kube-system -o wide

查看错误原因的命令 kubectl describe pod kubernetes-dashboard-5f7b999d65-klr7j -n kube-system

删除不了的原因是因为没有添加命名空间

首先删除deployment再删除pod

管理平台界面

首先下载官方的yaml文件
wgethttps://raw.githubusercontent.com/kubernetes/dashboard/v1.10.0/src/deploy/recommended/kubernetes-dashboard.yaml

sed -i 's#k8s.gcr.io#gcrxio#g' kubernetes-dashboard.yaml

kubectl apply -f kubernetes-dashboard.yaml

# Copyright  The Kubernetes Authors.

#

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

#

#     http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.

# ------------------- Dashboard Secret ------------------- #

apiVersion: v1

kind: Secret

metadata:

  labels:

    k8s-app: kubernetes-dashboard

  name: kubernetes-dashboard-certs

  namespace: kube-system

type: Opaque

---

# ------------------- Dashboard Service Account ------------------- #

apiVersion: v1

kind: ServiceAccount

metadata:

  labels:

    k8s-app: kubernetes-dashboard

  name: kubernetes-dashboard

  namespace: kube-system

---

# ------------------- Dashboard Role & Role Binding ------------------- #

kind: Role

apiVersion: rbac.authorization.k8s.io/v1

metadata:

  name: kubernetes-dashboard-minimal

  namespace: kube-system

rules:

  # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.

- apiGroups: [""]

  resources: ["secrets"]

  verbs: ["create"]

  # Allow Dashboard to create 'kubernetes-dashboard-settings' config map.

- apiGroups: [""]

  resources: ["configmaps"]

  verbs: ["create"]

  # Allow Dashboard to get, update and delete Dashboard exclusive secrets.

- apiGroups: [""]

  resources: ["secrets"]

  resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"]

  verbs: ["get", "update", "delete"]

  # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.

- apiGroups: [""]

  resources: ["configmaps"]

  resourceNames: ["kubernetes-dashboard-settings"]

  verbs: ["get", "update"]

  # Allow Dashboard to get metrics from heapster.

- apiGroups: [""]

  resources: ["services"]

  resourceNames: ["heapster"]

  verbs: ["proxy"]

- apiGroups: [""]

  resources: ["services/proxy"]

  resourceNames: ["heapster", "http:heapster:", "https:heapster:"]

  verbs: ["get"]

---

apiVersion: rbac.authorization.k8s.io/v1

kind: RoleBinding

metadata:

  name: kubernetes-dashboard-minimal

  namespace: kube-system

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: Role

  name: kubernetes-dashboard-minimal

subjects:

- kind: ServiceAccount

  name: kubernetes-dashboard

  namespace: kube-system

---

# ------------------- Dashboard Deployment ------------------- #

kind: Deployment

apiVersion: apps/v1beta2

metadata:

  labels:

    k8s-app: kubernetes-dashboard

  name: kubernetes-dashboard

  namespace: kube-system

spec:

  replicas:

  revisionHistoryLimit:

  selector:

    matchLabels:

      k8s-app: kubernetes-dashboard

  template:

    metadata:

      labels:

        k8s-app: kubernetes-dashboard

    spec:

      containers:

      - name: kubernetes-dashboard

        image: gcrxio/kubernetes-dashboard-amd64:v1.10.0

        ports:

        - containerPort:

          protocol: TCP

        args:

          - --auto-generate-certificates

          # Uncomment the following line to manually specify Kubernetes API server Host

          # If not specified, Dashboard will attempt to auto discover the API server and connect

          # to it. Uncomment only if the default does not work.

          # - --apiserver-host=http://my-address:port

        volumeMounts:

        - name: kubernetes-dashboard-certs

          mountPath: /certs

          # Create on-disk volume to store exec logs

        - mountPath: /tmp

          name: tmp-volume

        livenessProbe:

          httpGet:

            scheme: HTTPS

            path: /

            port:

          initialDelaySeconds:

          timeoutSeconds:

      volumes:

      - name: kubernetes-dashboard-certs

        secret:

          secretName: kubernetes-dashboard-certs

      - name: tmp-volume

        emptyDir: {}

      serviceAccountName: kubernetes-dashboard

      # Comment the following tolerations if Dashboard must not be deployed on master

      tolerations:

      - key: node-role.kubernetes.io/master

        effect: NoSchedule

---

# ------------------- Dashboard Service ------------------- #

kind: Service

apiVersion: v1

metadata:

  labels:

    k8s-app: kubernetes-dashboard

  name: kubernetes-dashboard

  namespace: kube-system

spec:

  type: NodePort    # 新增

  ports:

    - port:

      targetPort:

  selector:

    k8s-app: kubernetes-dashboard

查看暴露的端口

kubectl get svc -n kube-system

查看dash-board的输出信息

kubectl -n kube-system edit svc kubernetes-dashboard

问题1

查看dash-board的错误信息 kubectl logs kubernetes-dashboard-7b64bfd466-hxqtj -n kube-system

登录 https://47.102.46.176:32147/#!/login

登录方式使用tocken

https://blog.csdn.net/mr_rsq/article/details/87914766

dashboard登录不成功排查方式

执行命令如下:

kubectl get pods --all-namespaces -o wide

kubectl get services --all-namespaces

k8s基础环境搭建的更多相关文章

  1. Spark入门实战系列--2.Spark编译与部署(上)--基础环境搭建

    [注] 1.该系列文章以及使用到安装包/测试数据 可以在<倾情大奉送--Spark入门实战系列>获取: 2.Spark编译与部署将以CentOS 64位操作系统为基础,主要是考虑到实际应用 ...

  2. EXT 基础环境搭建

    EXT 基础环境搭建使用 Sencha CMD 下载地址 https://www.sencha.com/products/extjs/cmd-download/ Sencha CMD 常用命令 API ...

  3. IOS开发基础环境搭建

    一.目的 本文的目的是windows下IOS开发基础环境搭建做了对应的介绍,大家可根据文档步骤进行mac环境部署: 二.安装虚拟机 下载虚拟机安装文件绿色版,点击如下文件安装 获取安装包:       ...

  4. Spark环境搭建(上)——基础环境搭建

    Spark摘说 Spark的环境搭建涉及三个部分,一是linux系统基础环境搭建,二是Hadoop集群安装,三是Spark集群安装.在这里,主要介绍Spark在Centos系统上的准备工作--linu ...

  5. 【1】windows下IOS开发基础环境搭建

    一.目的 本文的目的是windows下IOS开发基础环境搭建做了对应的介绍,大家可根据文档步骤进行mac环境部署: 二.安装虚拟机 下载虚拟机安装文件绿色版,点击如下文件安装 获取安装包:       ...

  6. Maven 学习笔记(一) 基础环境搭建

    在Java的世界里,项目的管理与构建,有两大常用工具,一个是Maven,另一个是Gradle,当然,还有一个正在淡出的Ant.Maven 和 Gradle 都是非常出色的工具,排除个人喜好,用哪个工具 ...

  7. (一)Hyperledger Fabric 1.1安装部署-基础环境搭建

    在学习和开发hyperledger fabric的时候遇到了一些坑,现将自己的一些总结和心得整理如下,以期对大家有所帮助.本次使用的宿主机环境:ubuntu,版本:Ubuntu 16.04.3 LTS ...

  8. hadoop3.1.0 window win7 基础环境搭建

    https://blog.csdn.net/wsh596823919/article/details/80774805 hadoop3.1.0 window win7 基础环境搭建 前言:在windo ...

  9. HyperLedger Fabric 1.4 基础环境搭建(7)

    学习了前面几章理论知识后,本章开始介绍实践操作,先介绍Fabric基础环境搭建,采用的操作系统为Centos 7 64位,依次介绍Docker安装.Docker-Compose安装.GO语言环境安装. ...

随机推荐

  1. unctf esayrop wp

    目录 题目基本信息 题目漏洞 思路 exp脚本 题目基本信息 题目漏洞 首先在main函数中需要绕过一个if判断才能进入漏洞函数 漏洞函数中很明显的栈溢出漏洞,同时还控制了返回地址不能超过文件映射到内 ...

  2. sonar,jiar,xray,jenkins[cli] [sudoers]

    curl -n -X POST http://52.83.39.59:8080'/job/CLA_SSO/buildWithParameters?token=11d710a8eac8012bea28b ...

  3. DNN在推荐系统中的应用参考资料

    参考资料 DSSM算法计算文本相似度:https://www.cnblogs.com/wmx24/p/10157154.html Deep Neural Network for YouTube Rec ...

  4. arcgis python 布局中所有元素信息报告

    # Author: ESRI # Date: July 5, 2010 # Version: ArcGIS 10.0 # Purpose: This script generates a report ...

  5. 微信小程序之圆形进度条(自定义组件)

    思路 使用2个canvas 一个是背景圆环,一个是彩色圆环. 使用setInterval 让彩色圆环逐步绘制. 在看我的文章前,必须先看 ,下面转的文章,因为本文是在它们基础上修改的. 它们的缺点为: ...

  6. VS Code 使用技巧[转载]

    原文:VS Code 快捷键(VS Code Shortcuts.pdf) 常用 General 按 Press 功能 Function Ctrl + Shift + P,F1 显示命令面板 Show ...

  7. PHP操作文件常用函数

    [获取文件信息的函数] basename($path[,扩展名]) 返回文件路径中去掉路径后的文件名称."/root/a.txt"输出a.txt;带上.txt输出a. dirnam ...

  8. 用python查看文件是否存在的三种方式

    目录 1.使用os模块 判断文件是否可做读写操作 2.使用Try语句 3. 使用pathlib模块 正文 通常在读写文件之前,需要判断文件或目录是否存在,不然某些处理方法可能会使程序出错.所以最好在做 ...

  9. Redis学习笔记——Redis的基本操作

    之前介绍过如何在ubuntu安装Redis服务器:https://www.cnblogs.com/zifeiy/p/9062738.html 接下来,我们在Redis上进行一些基本的操作. 所县使用命 ...

  10. CentOS设置交换分区swap

    环境查看 查看未设置交换分区之前 free -h 新加一块磁盘用于交换分区/dev/sdc 格式化 mkswap /dev/sdc 设置为交换分区 swapon /dev/sdc 再次查看 设置为重启 ...