虚拟机及linux环境准备linux环境发行版centosversion7(x86_64-Minimal-1810)阿里云os下载地址VirtualBox安装虚拟机,cpu设置核心数大于2sethosts#vim/etc/hosts192.168.1.77master192.168.1.223node1禁用防火墙#systemctlstopfirewalld#systemctldisablefirewallddisableSELINUX#setenforce0#vim/etc/selinux/config#setSELINUX=disabledk8s.confvim/etc/sysctl.d/k8s.confnet.bridge.bridge-nf-call-ip6tables=1net.bridge.bridge-nf-call-iptables=1执行如下命令使修改生效#modprobebr_netfilter#sysctl-p/etc/sysctl.d/k8s.confinstalldockercd/etc/yum.repos.d&&wgethttps://mirrors.aliyun.com/do...yum列表docker-ce.x86_64--showduplicates|sort-r#从缓存的主机文件加载镜像速度#加载的插件:branch、fastestmirror、langpacks#docker-ce.x86_6417.03.1.ce-1.el7.centosdocker-ce-stable#docker-ce.x86_6417.03.1.ce-1.el7.centos@docker-ce-stable#docker-ce.x86_6417.03。0.ce-1.el7.centosdocker-ce-stable#可用包kages选择你要的版本,我用的是最新版本#yum-yinstalldocker-ce设置自启动#systemctlenabledocker&&systemctlstartdockerinstallkubeadm,kubelet,kubectlK8S_VERSION=v1.15.3#cat</etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64enabled=1gpgcheck=0repo_gpgcheck=0gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpghttp://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF#yuminstall-ykubeadmkubeletkubectl#kubelet--version//v1.15.3kubelet启动设置#vim/etc/sysconfig/kubeletKUBELET_EXTRA_ARGS="--fail-swap-on=false"#systemctldaemon-reloadmaster节点设置下载相关镜像#!/bin/bash#主节点shellK8S_VERSION=v1.15.3ETCD_VERSION=3.3.10DNS_VERSION=1.3.1PAUSE_VERSION=3.1FLANNEL_VERSION=v0.11.0-amd64DASHBOARD_VERSION=v1.10.1/server/下载镜像dockerpullregistry.cn-hangzhou.googletain/aliyuncs.com:$K8S_VERSIONdocker拉注册器y.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:$K8S_VERSIONdocker拉取registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:$K8S_VERSIONdocker拉取registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:$K8S_VERSIONdocker拉取registry.cn-hangzhou.aliyuncs.com/google_containers/pause:$PAUSE_VERSIONdocker拉取registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:$ETCD_VERSIONdocker拉取registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:$DNS_VERSIONdockerpulljmgao1983/flannel:$FLANNEL_VERSIONdockerpullsiriuszg/kubernetes-dashboard-amd64:$DASHBOARD_VERSION#修改tagdockertagregistry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:$K8S_VERSIONk8s.gcr.io/kube-apiserver:$K8S_VERSIONdocker标签注册中心.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:$K8S_VERSIONk8s.gcr.io/kube-controller-manager:$K8S_VERSIONdocker标签注册中心.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:$K8S_VERSIONk8s.gcr.io/kube-scheduler:$K8S_VERSIONdocker标签registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:$K8S_VERSIONk8s.gcr.io/kube-proxy:$K8S_VERSIONdocker标签registry.cn-hangzhou.aliyuncs.com/google_containers/pause:$PAUSE_VERSIONk8s.gcr.io/pause:$PAUSE_VERSIONdocker标签registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:$ETCD_VERSIONk8s.gcr.io/etcd:$ETCD_VERSIONdocker标签registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:$DNS_VERSIONk8s.gcr.io/coredns:$DNS_VERSIONdocker标签jmgao1983/flannel:$FLANNEL_VERSIONquay.io/coreos/flannel:$FLANNEL_docker标签siriuszg/kubernetes-dashboard-amd64:$DASHBOARD_VERSIONk8s.gcr.io/kubernetes-dashboard-amd64:$DASHBOARD_VERSION#删除多余镜像dockerrmiregistry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:$K8S_VERSIONdockerrmiregistry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:$K8S_VERSIONdockerrmiregistry.cn-hangzhou.aliyuncs.com/google_containers/kube-搜索结果调度器:$K8S_VERSIONdockerrmiregistry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:$K8S_VERSIONdockerrmiregistry.cn-hangzhou.aliyuncs.com/google_containers/pause:$PAUSE_VERSIONdockerrmiregistry.cn-hangzhou.com.aliyuncs/google_containers/etcd:$ETCD_VERSIONdockerrmiregistry.cn-hangzhou.aliyuncs.com/google_containers/coredns:$DNS_VERSIONdockerrmijmgao1983/flannel:$FLANNEL_VERSIONdockerrmisiriuszg/kubernetes-dashboard-amd64:$VERSIONARD集群安装在#DASHBOADkubernetes-version=v1.15.3--pod-network-cidr=10.244.0.0/16--ignore-preflight-errors=Swap#出现如下提示,安装成功YourKubernetesmaster已经初始化成功!要开始使用您的集群,您需要以普通用户身份运行以下命令:mkdir-p$HOME/.kubesudocp-i/etc/kubernetes/admin.conf$HOME/.kube/configsudochown$(id-u):$(id-g)$HOME/.kube/config你应该现在将pod网络部署到集群。使用以下列出的选项之一运行“kubectlapply-f[podnetwork].yaml”:https://kubernetes.io/docs/concepts/cluster-administration/addons/您现在可以通过运行以下命令加入任意数量的机器oneachnodeasroot:kubeadmjoin192.168.1.16:6443--token981it6.k4kqs2i73e1bfd1p\--discovery-token-ca-cert-hashsha256:5cc5c1c2ace7b720a178840c951b2a05c679d26b8d6a1cfc81aa7e006e6a6ef9查看集群健康状况#kubectlgetcsIfthereisaproblemduringclusterinstallation,重置操作#kubeadmresetinstallnetworkplug-in#kubectlapply-fhttps://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml查看集群中的组件运行状态#kubectlgetpods--all-namespacesnode节点设置下载镜像#!/bin/bash#nodenodeshellK8S_VERSION=v1.15.3ETCD_VERSION=3.3.10DNS_VERSION=1.3.1PAUSE_VERSION=3.1FLANNEL_VERSION=v0.11.0-amd64DASHBOARD_VERSION=v110.1##节点安装插件dockerpullregistry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:$K8S_VERSIONdockerpullregistry.cn-hangzhou.aliyuncs.com/google_containers/pause:$PAUSE_VERSIONdockerpulljmgao1983/flannel:v0.11.0-amd64dockerpullsiriuszg/kubernetes-dashboard-amd64:$DASHBOARD_VERSIONdocker标签registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:$K8S_VERSIONk8s.gcr.io/kube-proxy:$K8S_VERSIONdocker标签registry.cn-hangzhou.aliyuncs.com/google_containers/pause:$PAUSE_VERSIONk8s.gcr.io/pause:$PAUSE_VERSIONdocker标签jmgao1983/flannel:$FLANNEL_VERSIONquay.io/coreos/flannel:$FLANNEL_VERSIONdocker标签siriuszg/kubernetes-dashboard-amd64:$DASHBOARD_VERSIONk8s.gcr.io/kubernetes-dashboard-amd64:$DASHBOARD_VERSIONdockerrmijmgao1983/flannel:$FLANNEL_VERSIONdockerrmiregistry.cn-hangzhou.aliyuncs.com/google_containers/pause:$PAUSE_VERSIONdockerrmiregistry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:$K8S_VERSIONdockerrmisiriuszg/kubernetes-dashboard-amd64:$DASHBOARD_VERSIONjoinnode#kubeadmjoin192.168.1.77:6443--token5oi47o.stqe7c5w1qo7wcr0-cert-tok-discoveryhashsha256:2387b0db19fa83e57ac094bf27a870a0381082c47c0f08bf9ef6277e24593fcd--ignore-preflight-errors=Swap#出现下面就ok了,master节点,kubectlgetnodesThisnodehasjoinedthecluster:*Certificatesigningrequestwassenttomasterandaresponsewasreceived.*Kubelet被告知新的安全连接细节。在主节点上运行“kubectlgetnodes”以查看此节点是否加入集群。安装dashboard组件集群配置并生成浏览器证书#Generateclient-certificate-datagrep'client-certificate-data'~/.kube/config|头-n1|awk'{print$2}'|base64-d>>kubecfg.crt#生成客户端密钥数据grep'client-key-data'~/.kube/config|头-n1|awk'{print$2}'|base64-d>>kubecfg.key#生成p12opensslpkcs12-export-clcerts-inkeykubecfg.key-inkubecfg.crt-outkubecfg.p12-name"kubernetes-client"#导入证书后,重启浏览器创建admin-user账号,并放置在kube-system命名空间下#vimadmin-user.yamlapiVersion:v1kind:ServiceAccountmetadata:name:admin-usernamespace:kube-system#kubectlcreate-fadmin-user.yaml绑定角色#vimadmin-user-role-binding.yamlapiVersion:rbac.authorization.k8s.io/v1beta1kind:ClusterRoleBindingmetadata:name:admin-userroleRef:apiGroup:rbac.authorization.k8s.iokind:ClusterRolename:cluster-adminsubjects:-kind:ServiceAccountname:admin-usernamespace:kube-system#kubectlcreate-fadmin-user-role-binding.yaml获取Token#kubectl-nkube-systemdescribesecret$(kubectl-nkube-systemgetsecret|grepadmin-user|awk'{print$1}')登录仪表板https://192.168.255.130:6443/api/v1/命名空间/kube-system/services/https:kubernetes-dashboard:/proxy/
