一、安装环境准备
1 安装ansible 并配置所有节点对master信任 (配置ansible后续补上给出链接)
yum install ansible
ansible all -m ping 测试通过
2 同步master和node时间
sytemctl restart chronyd
ansible node* -m shell -a "sytemctl restart chronyd"
3 主机名称解析
4 关闭iptables或firewalld服务
systemctl disable firewalld
systemctl stop firewalld
ansible node* -m shell -a "systemctl disable firewalld ; systemctl stop firewalld"
5 关闭selinux
getenforce
sed -i '/^SELINUX=/cSELINUX=disabled' /etc/selinux/config (需要重启)
6 禁用Swap(交换分区)
swapoff -a (临时关闭)
sed -i '/swap/s/^/\#/' /etc/fstab (永久关闭 需要重启)
7 启用ipvs内核模块
cat <<EOF > /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
ipvsmodsdir="/usr/lib/modules/$(uname -r)/kernel/net/netfilter/ipvs"
for mod in $(ls $ipvsmodsdir | grep -o "^[^.]"); do
/sbin/modinfo -F filename $mod &> /dev/null
if [ $? -eq 0 ]; then
/sbin/modprobe $mod
fi
done
bash /etc/sysconfig/modules/ipvs.modules
8 安装docker (随便选一个方法安装)
安装方法一:
推荐RPM安装
下载地址:https://download.docker.com/linux/centos/7/x86_64/stable/Packages/
yum install docker-ce-selinux-17.03.1.ce-1.el7.centos.noarch.rpm docker-ce-17.03.1.ce-1.el7.centos.x86_64.rpm
安装方法二:
安装最后的稳定版本
wget https://download.docker.com/linux/centos/docker-ce.repo ; mv docker-ce.repo /etc/yum.repos.d/
curl -O https://download.docker.com/linux/centos/docker-ce.repo ; mv docker-ce.repo /etc/yum.repos.d/
yum install docker-ce docker-ce-cli containerd.io
安装方法三:
脚本安装
curl -fsSL https://get.docker.com/ | sh
9 启动docker
systemctl start docker
systemctl enable docker
ansible node* -m shell -a "systemctl start docker ; systemctl enable docker"
10 下载镜像为安装做准备
docker pull denefer/kube-proxy:v1.14.2
docker pull denefer/kube-apiserver:v1.14.2
docker pull denefer/kube-controller-manager:v1.14.2
docker pull denefer/kube-scheduler:v1.14.2
docker pull denefer/coredns:v1.3.1
docker pull denefer/etcd:v3.3.10
docker pull denefer/pause:v3.1
11 查看一下信息
docker info
iptables -vnL
12 确认net.bridge.bridge-nf-call-iptables 配置开启
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p /etc/sysctl
ansible node* -m copy -a "src=/etc/sysctl.d/k8s.conf dest=/etc/sysctl.d/"
ansible node* -m shell -a "sysctl -p /etc/sysctl"
13 准备阿里云yum仓库 安装 kubeadm kubectl kubelet
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes Repository
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
EOF
yum list all | grep ^kube 查看一下版本
14 安装 kubeadm kubectl kubelet
yum install kubeadm kubectl kubelet -y
ansible node* -m copy -a "src=/etc/yum.repos.d/kubernetes.repo dest=/etc/yum.repos.d/"
ansible node* -m yum -a "name=kubeadm,kubectl" node上只安装 kubeadm和kubectl便可
ansible all -m shell -a "systemctl enable kubelet"
15 配置 /etc/sysconfig/kubelet 使得启用了swap分区时安装不报错 (假如你不想禁用swap又不想安装报错)
cat <<EOF > /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
EOF
ansible node* -m copy -a "src=/etc/sysconfig/kubelet dest=/etc/sysconfig/"
16 初始化集群(只在master上执行)
kubeadm init --kubernetes-version="1.14.2" --pod-network-cidr="10.244.0.0/16" --dry-run 会报未禁用交换分区的错误
kubeadm init --kubernetes-version="1.14.2" --pod-network-cidr="10.244.0.0/16" --dry-run --ignore-preflight-errors=Swap 会报CPU不够用错误(我master使用的是单核CPU)
17 解决了镜像问题后执行下面的命令就会初始化kubeadm了
kubeadm init --kubernetes-version="1.14.2" --pod-network-cidr="10.244.0.0/16" --ignore-preflight-errors=Swap --ignore-preflight-errors=NumCPU 应该可以顺利初始化了
初始化完成后会看到如下信息:
Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.54.125:6443 --token cnq3so.cih6vziikltvco6y \
--discovery-token-ca-cert-hash sha256:502d305dd69932d6dbb9416ce33e76a34bbe18a532072eb530c7e4a2584337b9
在node节点上需要执行:kubeadm join 192.168.54.125:6443 --token cnq3so.cih6vziikltvco6y --discovery-token-ca-cert-hash sha256:502d305dd69932d6dbb9416ce33e76a34bbe18a532072eb530c7e4a2584337b9 --ignore-preflight-errors=Swap 最后的参数是忽略SWAP未禁用的警告
18 创建普通用户并执行以下命令
useradd kubeuser
chmod 640 /etc/kubernetes/admin.conf
su kubeuser
cd
mkdir .kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
kubectl get nodes 此时nodes应该是是NotReady
19 部署flannel插件 参考:https://github.com/coreos/flannel
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
flannel插件运行后 nodes应该变为了Ready状态
自此k8s集群部署完成!

下面利用集群部署一个dashboard
参考:https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/
yaml文件:https://github.com/denefer/kubernetes-yaml/blob/master/k8s-dashboard/kubernetes-dashboard.yaml
kubectl apply -f kubernetes-dashboard.yaml
kubectl get svc -n kube-system 查看一下nodeport 如下图
kubeadm安装k8s
可以使用地址:https://192.168.54.125:32723 访问部署好的dashboard
kubeadm安装k8s
使用Token方式登录 Token获取使用命令:
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
如下图:
kubeadm安装k8s
将后面的长串复制到Token下便可以登录