国内环境安装k8s

环境准备

1. 配置/etc/hosts文件，将所有机器配置成通过主机名可以访问。

2. 如果环境中有代理，请一定要在环境变量中将no_proxy配置正确。

3.  master还需要执行下面的命令

#创建/etc/sysctl.d/k8s.conf文件，添加如下内容：
net.bridge.bridge-nf-call-ip6tables =
net.bridge.bridge-nf-call-iptables =
net.ipv4.ip_forward =
#执行命令使修改生效。
modprobe br_netfilter
sysctl -p /etc/sysctl.d/k8s.conf

安装 kubeadm, kubelet, kubectl

ubuntu

apt-get update && apt-get install -y apt-transport-https
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubelet kubeadm kubectl

centos

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=
gpgcheck=
repo_gpgcheck=
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
# 安装
yum install -y kubelet kubeadm kubectl

Master机器下载apiserver, schedule, etcd, controller-manager, coredns镜像

#!/bin/bash
#获取所需的镜像
k8s_images=`kubeadm config images list`

#更改镜像下载位置

images_cn=`echo $k8s_images | sed -e "s/k8s.gcr.io/docker.io\/mirrorgooglecontainers/g"`

#docker pull下载镜像, 并重新将docker.io/mirrorgooglecontainers改变成k8s.grc.io

for image in images_cn
do
  docker pull $image
  docker tag $image `echo $image | sed -e "s/docker.io\/mirrorgooglecontainers/k8s.gcr.io/"`
done

所有node，master关闭swap，selinux

swapoff -a

修改/etc/fstab文件，注销掉swap相关的行

kubeadm init进行初始化master组件

kubeadm init --pod-network-cidr=10.244.0.0/16

Master应用flannel overlay network

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

普通用户使用kubectl

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

node节点加入master集群

加入前的准备

1. 将前面在master上下载的pause，flannel，kube-proxy的镜像都用load到node机器上的docker daemon里。

kubeadm init初始化成功后会打印出node 加入master的命令，如下：

kubeadm join 10.239.44.68: --token 8jxvj4.5lop20zjbu48h6kl  \
   --discovery-token-ca-cert-hash sha256:1ca8f0a098601b94d7c2a9b4a3758ff0880a0213db813336dec0e9272ed55a78

注意：kubeadm init生成的token有效期只有1天，如果你的node节点在使用kubeadm join时出现如下错误

[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
error execution phase preflight: unable to fetch the kubeadm-config ConfigMap: failed to get config map: Unauthorized

请到master上检查你所使用的token是否有效，kubeadm token list

49y4v3.jxq5w76jj5hh028u   <invalid>   --13T15::-:   authentication,signing   The default bootstrap token generated by 'kubeadm init'.   system:bootstrappers:kubeadm:default-node-token
8jxvj4.5lop20zjbu48h6kl   23h         --25T10::-:   authentication,signing   <none>                                                     system:bootstrappers:kubeadm:default-node-token

生成不过期的token

kubeadm token create --ttl  --print-join-command

join成功后node节点执行docker ps可以看到

[root@webrtc-skylake-msdk zhenqi]# docker ps
CONTAINER ID        IMAGE                  COMMAND                  CREATED             STATUS              PORTS               NAMES
b29e46c58033        ff281650a721           "/opt/bin/flanneld -…"    minutes ago      Up  minutes                           k8s_kube-flannel_kube-flannel-ds-amd64-j6dwl_kube-system_f7597ab9-66a4-11e9-ac72-d45ddf09a4df_0
07e0d45931cb        20a2d7035165           "/usr/local/bin/kube…"    minutes ago      Up  minutes                           k8s_kube-proxy_kube-proxy-jsqqv_kube-system_f759af51-66a4-11e9-ac72-d45ddf09a4df_0
48c858ea21ee        k8s.gcr.io/pause:3.1   "/pause"                  minutes ago      Up  minutes                           k8s_POD_kube-proxy-jsqqv_kube-system_f759af51-66a4-11e9-ac72-d45ddf09a4df_0
d4b2ce6ecaa2        k8s.gcr.io/pause:3.1   "/pause"                  minutes ago      Up  minutes                           k8s_POD_kube-flannel-ds-amd64-j6dwl_kube-system_f7597ab9-66a4-11e9-ac72-d45ddf09a4df_0

master上执行kubectl get node

[webrtc@webrtc53 images]$ kubectl get node
NAME                  STATUS   ROLES    AGE   VERSION
webrtc-skylake-msdk   Ready    <none>   42m   v1.14.1
webrtc53              Ready    master   11d   v1.14.1

kubeadm 常用的命令

 help        Help about any command
  init        Run this command in order to set up the Kubernetes control plane. # master上执行，初始化所有的master组件
  join        Run this on any machine you wish to join an existing cluster # node上执行，加入master
  reset       Run this to revert any changes made to this host by 'kubeadm init' or 'kubeadm join'. # 清理 init，join的环境
  token       Manage bootstrap tokens. # token的增删查
  upgrade     Upgrade your cluster smoothly to a newer version with this command. # 更新集群
  version     Print the version of kubeadm

如何debug 安装过程中的问题？

1. 查看系统log，一般都能解决了。

2. 注意网络问题，特别是有代理的情况下。

3. images的下载。