Kubernetes快速部署

kubernetes简介

kubernetes,是一个全新的基于容器技术的分布式架构领先方案,是谷歌严格保密十几年的秘密武器----Borg系统的一个开源版本,于2014年9月发布第一个版本,2015年7月发布第一个正式版本。

kubernetes的本质是一组服务器集群,它可以在集群的每个节点上运行特定的程序,来对节点中的容器进行管理。目的是实现资源管理的自动化,主要提供了如下的主要功能:

  • 自我修复:一旦某一个容器崩溃,能够在1秒中左右迅速启动新的容器
  • 弹性伸缩:可以根据需要,自动对集群中正在运行的容器数量进行调整
  • 服务发现:服务可以通过自动发现的形式找到它所依赖的服务
  • 负载均衡:如果一个服务起动了多个容器,能够自动实现请求的负载均衡
  • 版本回退:如果发现新发布的程序版本有问题,可以立即回退到原来的版本
  • 存储编排:可以根据容器自身的需求自动创建存储卷

kubernetes组件

一个kubernetes集群主要是由控制节点(master)工作节点(node)构成,每个节点上都会安装不同的组件。

master:集群的控制平面,负责集群的决策 ( 管理 )

ApiServer : 资源操作的唯一入口,接收用户输入的命令,提供认证、授权、API注册和发现等机制

Scheduler : 负责集群资源调度,按照预定的调度策略将Pod调度到相应的node节点上

ControllerManager : 负责维护集群的状态,比如程序部署安排、故障检测、自动扩展、滚动更新等

Etcd :负责存储集群中各种资源对象的信息

node:集群的数据平面,负责为容器提供运行环境 ( 干活 )

Kubelet : 负责维护容器的生命周期,即通过控制docker,来创建、更新、销毁容器

KubeProxy : 负责提供集群内部的服务发现和负载均衡

Docker : 负责节点上容器的各种操作

下面,以部署一个nginx服务来说明kubernetes系统各个组件调用关系:

  1. 首先要明确,一旦kubernetes环境启动之后,master和node都会将自身的信息存储到etcd数据库中

  2. 一个nginx服务的安装请求会首先被发送到master节点的apiServer组件

  3. apiServer组件会调用scheduler组件来决定到底应该把这个服务安装到哪个node节点上

    在此时,它会从etcd中读取各个node节点的信息,然后按照一定的算法进行选择,并将结果告知apiServer

  4. apiServer调用controller-manager去调度Node节点安装nginx服务

  5. kubelet接收到指令后,会通知docker,然后由docker来启动一个nginx的pod

    pod是kubernetes的最小操作单元,容器必须跑在pod中至此,

  6. 一个nginx服务就运行了,如果需要访问nginx,就需要通过kube-proxy来对pod产生访问的代理

这样,外界用户就可以访问集群中的nginx服务了

kubernetes概念

Master:集群控制节点,每个集群需要至少一个master节点负责集群的管控

Node:工作负载节点,由master分配容器到这些node工作节点上,然后node节点上的docker负责容器的运行

Pod:kubernetes的最小控制单元,容器都是运行在pod中的,一个pod中可以有1个或者多个容器

Controller:控制器,通过它来实现对pod的管理,比如启动pod、停止pod、伸缩pod的数量等等

Service:pod对外服务的统一入口,下面可以维护者同一类的多个pod

Label:标签,用于对pod进行分类,同一类pod会拥有相同的标签

NameSpace:命名空间,用来隔离pod的运行环境

Kubernetes快速部署

安装要求

在开始之前,部署Kubernetes集群机器需要满足以下几个条件:

-至少3台机器,操作系统 CentOS7+

  • 硬件配置:2GB或更多RAM,2个CPU或更多CPU,硬盘20GB或更多
  • 集群中所有机器之间网络互通
  • 可以访问外网,需要拉取镜像
  • 禁止swap分区

环境

名称 IP 系统
k8s-master 192.168.78.144 centos8
k8s-node1 192.168.78.145 centos8
k8s-node2 192.168.78.146 centos8 

  2. //关闭所有主机的防火墙
  3. [root@k8s-master ~]# systemctl disable --now firewalld
  4. Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
  5. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
  6. [root@k8s-master ~]# setenforce 0
  7. [root@k8s-master ~]# vim /etc/selinux/config
  8. [root@k8s-node1 ~]# systemctl disable --now firewalld
  9. Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
  10. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
  11. [root@k8s-node1 ~]# setenforce 0
  12. [root@k8s-node1 ~]# vim /etc/selinux/config
  13. [root@k8s-node2 ~]# systemctl disable --now firewalld
  14. Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
  15. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
  16. [root@k8s-node2 ~]# setenforce 0
  17. [root@k8s-node2 ~]# vim /etc/selinux/config
  18. //关闭所有主机的swap分区:
  19. # vim /etc/fstab
  20. //注释掉swap分区
  21. [root@k8s-master ~]# free -m
  22.               total        used        free      shared  buff/cache   available
  23. Mem:           3752         556        2656          10         539        2956
  24. Swap:          4051           0        4051
  25. [root@k8s-master ~]# vim /etc/fstab
  26. [root@k8s-node1 ~]# free -m
  27.               total        used        free      shared  buff/cache   available
  28. Mem:           1800         550         728          10         521        1084
  29. Swap:          2047           0        2047
  30. [root@k8s-node1 ~]# vim /etc/fstab
  31. [root@k8s-node2 ~]# free -m
  32.               total        used        free      shared  buff/cache   available
  33. Mem:           1800         559         711          10         529        1072
  34. Swap:          2047           0        2047
  35. [root@k8s-node2 ~]# vim /etc/fstab
  36. //在hosts文件里面添加主机信息
  37. [root@k8s-master ~]# cat >> /etc/hosts << EOF
  38. 192.168.78.144 k8s-master
  39. 192.168.78.145 k8s-node1
  40. 192.168.78.146 k8s-node2
  41. EOF
  42. [root@k8s-node1 ~]# cat >> /etc/hosts << EOF
  43. > 192.168.78.144 k8s-master
  44. > 192.168.78.145 k8s-node1
  45. > 192.168.78.146 k8s-node2
  46. > EOF
  47. [root@k8s-node2 ~]# cat >> /etc/hosts << EOF
  48. > 192.168.78.144 k8s-master
  49. > 192.168.78.145 k8s-node1
  50. > 192.168.78.146 k8s-node2
  51. > EOF
  52. //ping测试
  53. [root@k8s-master ~]# ping k8s-master
  54. PING k8s-master (192.168.78.144) 56(84) bytes of data.
  55. 64 bytes from k8s-master (192.168.78.144): icmp_seq=1 ttl=64 time=0.072 ms
  56. 64 bytes from k8s-master (192.168.78.144): icmp_seq=2 ttl=64 time=0.080 ms
  57. ^C
  58. --- k8s-master ping statistics ---
  59. 2 packets transmitted, 2 received, 0% packet loss, time 41ms
  60. rtt min/avg/max/mdev = 0.072/0.076/0.080/0.004 ms
  61. [root@k8s-master ~]# ping k8s-node1
  62. PING k8s-node1 (192.168.78.145) 56(84) bytes of data.
  63. 64 bytes from k8s-node1 (192.168.78.145): icmp_seq=1 ttl=64 time=0.512 ms
  64. 64 bytes from k8s-node1 (192.168.78.145): icmp_seq=2 ttl=64 time=0.285 ms
  65. ^C
  66. [root@k8s-master ~]# ping k8s-node2
  67. PING k8s-node2 (192.168.78.146) 56(84) bytes of data.
  68. 64 bytes from k8s-node2 (192.168.78.146): icmp_seq=1 ttl=64 time=1.60 ms
  69. 64 bytes from k8s-node2 (192.168.78.146): icmp_seq=2 ttl=64 time=0.782 ms
  70. 64 bytes from k8s-node2 (192.168.78.146): icmp_seq=3 ttl=64 time=1.32 ms
  72. [root@k8s-master ~]#  cat > /etc/sysctl.d/k8s.conf << EOF
  73. > net.bridge.bridge-nf-call-ip6tables = 1
  74. > net.bridge.bridge-nf-call-iptables = 1
  75. > EOF
  76. [root@k8s-master ~]# sysctl --system
  77. #省略过程
  78. * Applying /etc/sysctl.d/99-sysctl.conf ...
  79. * Applying /etc/sysctl.d/k8s.conf ...
  80. * Applying /etc/sysctl.conf ...
  81. //时间同步
  82. [root@k8s-master ~]# vim /etc/chrony.conf
  83. # Use public servers from the pool.ntp.org project.
  84. # Please consider joining the pool (http://www.pool.ntp.org/join.html).
  85. pool time1.aliyun.com iburst
  86. [root@k8s-master ~]# systemctl enable chronyd
  87. [root@k8s-master ~]# systemctl restart chronyd
  88. [root@k8s-master ~]# systemctl status chronyd
  89.  chronyd.service - NTP client/server
  90.    Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enab>
  91.    Active: active (running) since Tue 2022-09-06 15:54:27 CST; 9s ago
  92. [root@k8s-node1 ~]# vim /etc/chrony.conf
  93. [root@k8s-node1 ~]# systemctl enable chronyd
  94. [root@k8s-node1 ~]# systemctl restart chronyd
  95. [root@k8s-node1 ~]# systemctl status chronyd
  96.  chronyd.service - NTP client/server
  97.    Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enab>
  98.    Active: active (running) since Tue 2022-09-06 15:57:52 CST; 8s ago
  99. [root@k8s-node2 ~]# vim /etc/chrony.conf
  100. [root@k8s-node2 ~]# systemctl enable chronyd
  101. [root@k8s-node2 ~]# systemctl restart chronyd
  102. [root@k8s-node2 ~]# systemctl status chronyd
  103.  chronyd.service - NTP client/server
  104.    Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enab>
  105.    Active: active (running) since Tue 2022-09-06
  106. //配置免密登录
  107. [root@k8s-master ~]# ssh-keygen -t rsa
  108. Generating public/private rsa key pair.
  109. Enter file in which to save the key (/root/.ssh/id_rsa):
  110. Created directory '/root/.ssh'.
  111. Enter passphrase (empty for no passphrase):
  112. Enter same passphrase again:
  113. Your identification has been saved in /root/.ssh/id_rsa.
  114. Your public key has been saved in /root/.ssh/id_rsa.pub.
  115. The key fingerprint is:
  116. SHA256:LZeVhmrafNhs4eAGG8dNQltVYcGX/sXbKj/dPzR/wNo root@k8s-master
  117. The key's randomart image is:
  118. +---[RSA 3072]----+
  119. |        . ...o=o.|
  120. |       . o . o...|
  121. |        o o + .o |
  122. |       . * +   .o|
  123. |      o S *  .  =|
  124. |       @ O .  o+o|
  125. |      o * *  o.++|
  126. |       . o  o E.=|
  127. |             o..=|
  128. +----[SHA256]-----+
  129. [root@k8s-master ~]# ssh-copy-id k8s-master
  130. /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
  131. The authenticity of host 'k8s-master (192.168.106.16)' can't be established.
  132. ECDSA key fingerprint is SHA256:1x2Tw0BYQrGTk7wpwsIy+TtFN72hWbHYYiU6WtI/Ojk.
  133. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
  134. /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
  135. /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
  136. root@k8s-master's password: 
  138. Number of key(s) added: 1
  140. Now try logging into the machine, with:   "ssh 'k8s-master'"
  141. and check to make sure that only the key(s) you wanted were added.
  143. [root@k8s-master ~]# ssh-copy-id k8s-node1
  144. /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
  145. The authenticity of host 'k8s-node1 (192.168.106.20)' can't be established.
  146. ECDSA key fingerprint is SHA256:75svPGZTNSPdFX6K4lCDkoQfG10Y478mu0NzQD7HpnA.
  147. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
  148. /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
  149. /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
  150. root@k8s-node1's password: 
  152. Number of key(s) added: 1
  154. Now try logging into the machine, with:   "ssh 'k8s-node1'"
  155. and check to make sure that only the key(s) you wanted were added.
  157. [root@k8s-master ~]# ssh-copy-id k8s-node2
  158. /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
  159. The authenticity of host 'k8s-node2 (192.168.106.21)' can't be established.
  160. ECDSA key fingerprint is SHA256:75svPGZTNSPdFX6K4lCDkoQfG10Y478mu0NzQD7HpnA.
  161. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
  162. /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
  163. /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
  164. root@k8s-node2's password: 
  166. Number of key(s) added: 1
  168. Now try logging into the machine, with:   "ssh 'k8s-node2'"
  169. and check to make sure that only the key(s) you wanted were added.
  171. [root@k8s-master ~]# ssh k8s-master
  172. Activate the web console with: systemctl enable --now cockpit.socket
  174. This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
  175. To register this system, run: insights-client --register
  177. Last login: Tue Sep  6 15:10:17 2022 from 192.168.106.1
  178. [root@k8s-master ~]# ssh k8s-node1
  179. Activate the web console with: systemctl enable --now cockpit.socket
  181. This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
  182. To register this system, run: insights-client --register
  184. Last login: Tue Sep  6 15:10:18 2022 from 192.168.106.1
  185. [root@k8s-node1 ~]# exit
  186. 注销
  187. Connection to k8s-node1 closed.
  188. [root@k8s-master ~]# ssh k8s-node2
  189. Activate the web console with: systemctl enable --now cockpit.socket
  191. This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
  192. To register this system, run: insights-client --register
  194. Last login: Tue Sep  6 15:10:18 2022 from 192.168.106.1
  195. [root@k8s-node2 ~]# exit
  196. 注销
  197. Connection to k8s-node2 closed.
  198. [root@k8s-master ~]# reboot   //重启确保他永久生效

在所有节点安装Docker/kubeadm/kubelet

安装Docker

  1. ##注意所有docker的版本要一致,
  2. //所有主机都做下面的操作
  3. [root@k8s-master yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
  4. --2022-09-06 16:31:03--  https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
  5. 正在解析主机 mirrors.aliyun.com (mirrors.aliyun.com)... 45.253.17.211, 45.253.17.216, 45.253.17.213, ...
  6. 正在连接 mirrors.aliyun.com (mirrors.aliyun.com)|45.253.17.211|:443... 已连接。
  7. 已发出 HTTP 请求,正在等待回应... 200 OK
  8. 长度:2081 (2.0K) [application/octet-stream]
  9. 正在保存至: “/etc/yum.repos.d/docker-ce.repo
  11. /etc/yum.repos.d/docke 100%[=========================>]   2.03K  --.-KB/s  用时 0.002s  
  13. 2022-09-06 16:31:04 (1.05 MB/s) - 已保存 “/etc/yum.repos.d/docker-ce.repo [2081/2081])
  15. [root@k8s-master ~]# dnf list all|grep docker
  16. containerd.io.x86_64                                              1.6.8-3.1.el8                                          @docker-ce-stable
  17. docker-ce.x86_64     //这个                                             3:20.10.17-3.el8                                       @docker-ce-stable
  18. docker-ce-cli.x86_64                                              1:20.10.17-3.el8                                       @docker-ce-stable
  19. [root@k8s-master ~]# systemctl enable --now docker
  20. Created symlink /etc/systemd/system/multi-user.target.wants/docker.service  /usr/lib/systemd/system/docker.service.
  21. [root@k8s-master ~]# docker version
  22. Client: Docker Engine - Community
  23.  Version:           20.10.17      //版本要统一
  24.  API version:       1.41
  25.  Go version:        go1.17.11
  26.  Git commit:        100c701
  27.  Built:             Mon Jun  6 23:03:11 2022
  28.  OS/Arch:           linux/amd64
  29.  Context:           default
  30.  Experimental:      true
  32. Server: Docker Engine - Community
  33.  Engine:
  34.   Version:          20.10.17
  35.   API version:      1.41 (minimum version 1.12)
  36.   Go version:       go1.17.11
  37.   Git commit:       a89b842
  38.   Built:            Mon Jun  6 23:01:29 2022
  39.   OS/Arch:          linux/amd64
  40.   Experimental:     false
  41.  containerd:
  42.   Version:          1.6.8
  43.   GitCommit:        9cd3357b7fd7218e4aec3eae239db1f68a5a6ec6
  44.  runc:
  45.   Version:          1.1.4
  46.   GitCommit:        v1.1.4-0-g5fd4c4d
  47.  docker-init:
  48.   Version:          0.19.0
  49.   GitCommit:        de40ad0
  50. [root@k8s-master ~]#
  51. //配置加速器
  52. [root@k8s-master ~]# cat > /etc/docker/daemon.json << EOF
  53. > {
  54. >   "registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"],
  55. >   "exec-opts": ["native.cgroupdriver=systemd"],
  56. >   "log-driver": "json-file",
  57. >   "log-opts": {
  58. >     "max-size": "100m"
  59. >   },
  60. >   "storage-driver": "overlay2"
  61. > }
  62. > EOF
  63. [root@k8s-master ~]# cat /etc/docker/daemon.json
  64. {
  65.   "registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"],  //加速器
  66.   "exec-opts": ["native.cgroupdriver=systemd"],   //驱动
  67.   "log-driver": "json-file",   //格式
  68.   "log-opts": {
  69.     "max-size": "100m"    //100m开始运行
  70.   },
  71.   "storage-driver": "overlay2"    //存储驱动
  72. }

添加kubernetes yum软件源


  2. [root@k8s-master ~]#  cat > /etc/yum.repos.d/kubernetes.repo << EOF
  3. [kubernetes]
  4. name=Kubernetes
  5. baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
  6. enabled=1
  7. gpgcheck=0
  8. repo_gpgcheck=0
  9. gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
  10. EOF

安装kubeadm,kubelet和kubectl

  1. //下载版本要一致
  2. [root@k8s-master ~]# dnf list all|grep kubelet
  3. kubelet.x86_64                                                    1.25.0-0                                               kubernetes
  4. [root@k8s-master ~]# dnf list all|grep kubeadm
  5. kubeadm.x86_64                                                    1.25.0-0                                               kubernetes
  6. [root@k8s-master ~]# dnf list all|grep kubectl
  7. kubectl.x86_64                                                    1.25.0-0                                               kubernetes
  8. [root@k8s-master ~]# dnf -y install kubelet kubeadm kubectl
  9. [root@k8s-master ~]# systemctl enable kubelet
  10. Created symlink /etc/systemd/system/multi-user.target.wants/kubelet.service  /usr/lib/systemd/system/kubelet.service.
  11. [root@k8s-master ~]# systemctl status kubelet
  12.  kubelet.service - kubelet: The Kubernetes Node Agent
  13.    Loaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor>
  14.   Drop-In: /usr/lib/systemd/system/kubelet.service.d

在master部署Kubernetes Master

  1. [root@k8s-master ~]# kubeadm init -h     //看帮助文档
  2. [root@k8s-master ~]# cd /etc/containerd/
  3. [root@k8s-master containerd]# containerd config default > config.toml    //生成
  4. [root@k8s-master containerd]# vim config.toml
  5. sandbox_image = "k8s.gcr.io/pause:3.6"     //改为  sandbox_image = "registry.cn-beijing.aliyuncs.com/abcdocker/pause:3.6"
  6. [root@k8s-master manifests]# systemctl stop kubelet
  7. [root@k8s-master manifests]# systemctl restart containerd
  8. [root@k8s-master manifests]# kubeadm init --apiserver-advertise-address 192.168.70.134 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.25.0 --service-cidr 10.96.0.0/12 --pod-network-cidr 10.244.0.0/1
  9. Your Kubernetes control-plane has initialized successfully!
  11. To start using your cluster, you need to run the following as a regular user:
  13.   mkdir -p $HOME/.kube
  14.   sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  15.   sudo chown $(id -u):$(id -g) $HOME/.kube/config
  17. Alternatively, if you are the root user, you can run:
  19.   export KUBECONFIG=/etc/kubernetes/admin.conf    
  21. You should now deploy a pod network to the cluster.
  22. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:        //配置网络插件
  23.   https://kubernetes.io/docs/concepts/cluster-administration/addons/       
  25. Then you can join any number of worker nodes by running the following on each as root:
  27. kubeadm join 192.168.70.134:6443 --token h9utko.9esdw3ge9j0urwae \
  28.         --discovery-token-ca-cert-hash sha256:8c36d378e51b8d01f1fe904e51e1b5d7215fc76dcbaf105c798c4cda70e84ca1
  29. //初始化成功
  31. //设置环境变量
  32. [root@k8s-master ~]# vim /etc/profile.d/k8s.sh
  33. [root@k8s-master ~]# cat /etc/profile.d/k8s.sh
  34. export KUBECONFIG=/etc/kubernetes/admin.conf
  35. [root@k8s-master ~]# source /etc/profile.d/k8s.sh
  36. [root@k8s-master ~]# echo $KUBECONFIG
  37. /etc/kubernetes/admin.conf
  1. //指定阿里云镜像仓库地址
  2.  mkdir -p $HOME/.kube
  3.  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  4.  sudo chown $(id -u):$(id -g) $HOME/.kube/config
  5.  kubectl get nodes
  6. [root@k8s-master ~]# kubectl get nodes
  7. NAME         STATUS     ROLES           AGE   VERSION
  8. k8s-master   NotReady   control-plane   14m   v1.25.0

复制

  1. //看到说明成功
  2. [root@k8s-master ~]# kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
  3. namespace/kube-flannel created
  4. clusterrole.rbac.authorization.k8s.io/flannel created
  5. clusterrolebinding.rbac.authorization.k8s.io/flannel created
  6. serviceaccount/flannel created
  7. configmap/kube-flannel-cfg created
  8. daemonset.apps/kube-flannel-ds created

加入集群

  1. [root@k8s-master ~]# kubectl get nodes
  2. NAME         STATUS   ROLES           AGE   VERSION
  3. k8s-master   Ready    control-plane   15h   v1.25.0
  4. [root@k8s-node2 containerd]# ls
  5. config.toml
  6. [root@k8s-node2 containerd]# mv config.toml{,.bak}
  7. [root@k8s-node2 containerd]# ls
  8. config.toml.bak
  9. [root@k8s-master ~]# cd /etc/containerd/
  10. [root@k8s-master containerd]# ls
  11. config.toml
  12.  //将文件传过去
  13. [root@k8s-master containerd]# scp /etc/containerd/config.toml k8s-node1:/etc/containerd/
  14. config.toml                        100% 6952     3.4MB/s   00:00
  15. [root@k8s-master containerd]# scp /etc/containerd/config.toml k8s-node2:/etc/containerd/
  16. config.toml                        100% 6952     3.8MB/s   00:00
  17. [root@k8s-node1 containerd]# ls
  18. config.toml
  19. [root@k8s-node1 containerd]# systemctl restart containerd
  20. [root@k8s-node1 containerd]# kubeadm join 192.168.70.134:6443 --token h9utko.9esdw3ge9j0urwae         --discovery-token-ca-cert-hash sha256:8c36d378e51b8d01f1fe904e51e1b5d7215fc76dcbaf105c798c4cda70e84ca1
  21. [preflight] Running pre-flight checks
  22. [preflight] Reading configuration from the cluster...
  23. [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
  24. [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
  25. [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
  26. [kubelet-start] Starting the kubelet
  27. [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
  29. This node has joined the cluster:    //看到下面这几行说明成功
  30. * Certificate signing request was sent to apiserver and a response was received.
  31. * The Kubelet was informed of the new secure connection details.
  33. Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
  35. [root@k8s-node2 containerd]# ls
  36. config.toml  config.toml.bak
  37. [root@k8s-node2 containerd]# systemctl restart containerd
  38. [root@k8s-node2 containerd]# kubeadm join 192.168.70.134:6443 --token h9utko.9esdw3ge9j0urwae         --discovery-token-ca-cert-hash sha256:8c36d378e51b8d01f1fe904e51e1b5d7215fc76dcbaf105c798c4cda70e84ca1
  39. [preflight] Running pre-flight checks
  40. [preflight] Reading configuration from the cluster...
  41. [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
  42. [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
  43. [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
  44. [kubelet-start] Starting the kubelet
  45. [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
  47. This node has joined the cluster:
  48. * Certificate signing request was sent to apiserver and a response was received.
  49. * The Kubelet was informed of the new secure connection details.
  51. Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
  52. [root@k8s-master containerd]# kubectl get nodes       //添加节点
  53. NAME         STATUS   ROLES           AGE     VERSION
  54. k8s-master   Ready    control-plane   15h     v1.25.0
  55. k8s-node1    Ready    <none>          4m35s   v1.25.0
  56. k8s-node2    Ready    <none>          3m17s   v1.25.0
  1. [root@k8s-node1 ~]# kubectl get nodes
  2. The connection to the server localhost:8080 was refused - did you specify the right host or port?
  3. //传变量文件
  4. [root@k8s-master ~]# scp /etc/kubernetes/admin.conf k8s-node1:/etc/kubernetes/admin.conf
  5. admin.conf                         100% 5638     2.7MB/s   00:00
  6. [root@k8s-master ~]# scp /etc/kubernetes/admin.conf k8s-node2:/etc/kubernetes/admin.conf
  7. admin.conf                         100% 5638     2.9MB/s   00:00
  8. [root@k8s-master ~]# scp /etc/profile.d/k8s.sh k8s-node2:/etc/profile.d/k8s.sh
  9. k8s.sh                             100%   45    23.6KB/s   00:00
  10. [root@k8s-master ~]# scp /etc/profile.d/k8s.sh k8s-node1:/etc/profile.d/k8s.sh
  11. k8s.sh                             100%   45     3.8KB/s   00:00
  12. //在node节点查看
  13. [root@k8s-node1 ~]# bash   //让变量生效
  14. [root@k8s-node1 ~]# echo $KUBECONFIG
  15. /etc/kubernetes/admin.conf
  16. [root@k8s-node1 ~]# kubectl get nodes     //查看节点
  17. NAME         STATUS   ROLES           AGE   VERSION
  18. k8s-master   Ready    control-plane   16h   v1.25.0
  19. k8s-node1    Ready    <none>          21m   v1.25.0
  20. k8s-node2    Ready    <none>          20m   v1.25.0
  21. [root@k8s-node2 ~]# bash
  22. [root@k8s-node2 ~]#  echo $KUBECONFIG
  23. /etc/kubernetes/admin.conf
  24. [root@k8s-node2 ~]# kubectl get nodes
  25. NAME         STATUS   ROLES           AGE   VERSION
  26. k8s-master   Ready    control-plane   16h   v1.25.0
  27. k8s-node1    Ready    <none>          21m   v1.25.0
  28. k8s-node2    Ready    <none>          20m   v1.25.0

在Kubernetes集群中创建一个pod,验证是否正常运行

  1. //deployment:类型 ngimx:pod名称 nginx:镜像
  2. [root@k8s-master ~]# kubectl create deployment nginx --image=nginx
  3. deployment.apps/nginx created
  4. [root@k8s-master ~]# kubectl expose deployment nginx --port=80 --type=NodePort     //--part:暴露端口号 //type=NodePort:类型
  5. service/nginx exposed
  6. [root@k8s-master ~]# kubectl get pod,svc
  7. NAME                        READY   STATUS              RESTARTS   AGE
  8. pod/nginx-76d6c9b8c-6vnnf   0/1     ContainerCreating   0          17s
  10. NAME                 TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)        AGE
  11. service/kubernetes   ClusterIP   10.96.0.1     <none>        443/TCP        16h
  12. service/nginx        NodePort    10.98.79.60   <none>        80:30274/TCP   7s
  13. [root@k8s-master ~]# kubectl get pod,svc
  14. NAME                        READY   STATUS    RESTARTS   AGE
  15. pod/nginx-76d6c9b8c-6vnnf   1/1     Running   0          5m28s
  17. NAME                 TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)        AGE
  18. service/kubernetes   ClusterIP   10.96.0.1     <none>        443/TCP        16h
  19. service/nginx        NodePort    10.98.79.60   <none>        80:30274/TCP   5m18s

网页访问

Kubernetes快速部署的更多相关文章

  1. 高可用Kubernetes集群-16. ansible快速部署

    说明 本文档指导采用二进制包的方式快速部署高可用kubernetes集群. 脚本托管:k8s-ansible(持续更新) 参考:高可用kubernetes集群 组件版本 组件 版本 备注 centos ...

  2. Kubernetes探索学习001--Centos7.6使用kubeadm快速部署Kubernetes集群

    Centos7.6使用kubeadm快速部署kubernetes集群 为什么要使用kubeadm来部署kubernetes?因为kubeadm是kubernetes原生的部署工具,简单快捷方便,便于新 ...

  3. 快速部署Kubernetes集群管理

    这篇文章介绍了如何快速部署一套Kubernetes集群,下面就快速开始吧! 准备工作 //关闭防火墙 systemctl stop firewalld.service systemctl disabl ...

  4. 使用 Sealos 在 3 分钟内快速部署一个生产级别的 Kubernetes 高可用集群

    本文首发于:微信公众号「运维之美」,公众号 ID:Hi-Linux. 「运维之美」是一个有情怀.有态度,专注于 Linux 运维相关技术文章分享的公众号.公众号致力于为广大运维工作者分享各类技术文章和 ...

  5. [转帖]centos7 使用kubeadm 快速部署 kubernetes 国内源

    centos7 使用kubeadm 快速部署 kubernetes 国内源 https://www.cnblogs.com/qingfeng2010/p/10540832.html 前言 搭建kube ...

  6. 【k8s】kubeadm快速部署Kubernetes

    1.Kubernetes 架构图 kubeadm是官方社区推出的一个用于快速部署kubernetes集群的工具. 这个工具能通过两条指令完成一个kubernetes集群的部署: # 创建一个 Mast ...

  7. 快速部署一个Kubernetes集群

    官方提供的三种部署方式 minikube Minikube是一个工具,可以在本地快速运行一个单点的Kubernetes,仅用于尝试Kubernetes或日常开发的用户使用. 部署地址:https:// ...

  8. 教你在Kubernetes中快速部署ES集群

    摘要:ES集群是进行大数据存储和分析,快速检索的利器,本文简述了ES的集群架构,并提供了在Kubernetes中快速部署ES集群的样例:对ES集群的监控运维工具进行了介绍,并提供了部分问题定位经验,最 ...

  9. 第3章:快速部署一个Kubernetes集群

    kubeadm是官方社区推出的一个用于快速部署kubernetes集群的工具. 这个工具能通过两条指令完成一个kubernetes集群的部署: # 创建一个 Master 节点$ kubeadm in ...

  10. kubeadm快速部署Kubernetes单节点

    1. 安装要求 在开始之前,部署Kubernetes集群机器需要满足以下几个条件: 一台或多台机器,操作系统 CentOS7.x-86_x64 硬件配置:2GB或更多RAM,2个CPU或更多CPU,硬 ...

随机推荐

  1. 其他计算机&网络&行业知识

    互联网数据中心(IDC)   VIDC(端口映射) CVM云服务器(Cloud Virtual Machine)  IDE 集成开发环境: 开发工具 QA:Quality Assurance,直译为质 ...

  2. 关于 dangerouslySetInnerHTML

    之前不太了解react,第一次看dangerouslySetInnerHTML,以为可以用来防止xss注入. 后面看待又补充了一个DOMPurify,才知道这个东西只有一个提醒的作用,并不能防止xss ...

  3. 在CIMES中调用存储过程

    页面 调用步骤 DataTable dtResult = null; CustomDataAgent TODB_con = DBCenter.Create(AppSetting.Manufacturi ...

  4. save an excel csv to a github csv file

    :%s/\t/,/g

  5. c#怎样删除指定文件名的文件

    我有一个文件夹,里面有6个文件,我现在要删除字母B开头的三个文件,只需要剩下A开头的文件即可用C#怎样操作??? foreach (string d in Directory.GetFileSyste ...

  6. PHP基础教程(二)

    本部分列出了在 PHP 中使用的各种运算符:算数运算符 运算符 说明 例子 结果 + Addition x=2x+2 4 - Subtraction x=25-x 3 * Multiplication ...

  7. macOS完整安装包下载方法

    Python脚本下载 开源地址:macadmin-scripts 下载installinstallmacos.py到Mac,然后用python运行,如图: #    ProductID    Vers ...

  8. C#中Newtonsoft.Json.dll 的使用

    1.类库说明Newtonsoft.Json.dll是.NET 下开源的json格式序列号和反序列化的类库,利用此类库,可以方便地操作json数据,其中在反序列化时,可以直接将格式化的json数据处理成 ...

  9. 宽字符集(unicode)操作函数 (转)

    字符分类: 宽字符函数 普通C函数 描述 iswalnum() isalnum() 测试字符是否为数字或字母 iswalpha() isalpha() 测试字符是否是字母 iswcntrl() isc ...

  10. 实验:利用mqtt-spring-boot-starter实现后台云服务数据采集和远程控制

    1.资源地址及使用说明 https://search.maven.org/artifact/com.github.tocrhz/mqtt-spring-boot-starter/1.2.7/jar 2 ...