k8s是一个docker集群的管理工具
安装步骤
环境配置
设置主机名与时区
1
2
3
4timedatectl set-timezone Asia/Shanghai #都要执行
hostnamectl set-hostname master # 172.20.5.182
hostnamectl set-hostname node1 # 172.20.5.224
hostnamectl set-hostname node2 # 172.20.5.238添加hosts网络主机配置,三台虚拟机都要设置,方便寻找主机(X3)
1
2
3
4
5# vim /etc/hosts
172.20.5.182 master
172.20.5.224 node1
172.20.5.238 node2关闭防火墙(X3)
1
2
3
4sed -i 's/SELINUX=enforcing/SELINUX=disable/g' /etc/selinux/config
setenforce 0
systemctl disable firewalld
systemctl stop firewalld安装并启动docker(X3)
1
2
3
4
5
6
7
8yum -y install wget
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum -y install docker-ce-18.06.1.ce-3.el7
systemctl enable docker && systemctl start docker
docker --version
systemctl start docker
systemctl enable docker配置Docker的镜像加速器
1
2
3
4
5
6
7
8mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://你自己阿里加速的地址.mirror.aliyuncs.com"]
}
EOF
systemctl daemon-reload
systemctl restart docker配置阿里云的Kubernetes源(X3)
1
2
3
4
5
6
7
8
9cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF安装
kubeadm,kubelet和kubectl(X3)1
2yum install -y kubelet-1.15.0 kubeadm-1.15.0 kubectl-1.15.0
systemctl enable kubelet关闭交换区 (可以理解为虚拟内存,k8s使用时尽量不使用交换区,防止出现预料之外的问题)(X3)
1
2
3
4swapoff -a
vi /etc/fstab
#swap一行注释
# /dev/mapper/cl-swap swap swap defaults 0 0配置网桥(X3)
1
2
3
4
5
6cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
使用kubeadmin部署K8s集群
部署Kubernetes Master(在master节点执行)
1
2
3
4
5
6kubeadm init \
--apiserver-advertise-address=172.20.5.182 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.15.0 \
--service-cidr=10.1.0.0/16 \
--pod-network-cidr=10.244.0.0/16日记记录
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 172.20.5.182:6443 --token lkzogs.dka9ui4ppsvs4gx9 \
--discovery-token-ca-cert-hash sha256:e3b7ba5d1439ee0ab08f29b4ecd3d6574d0ae87b80099c74ffd435468ac20a2b使用命令
kubectl get node查看集群节点信息1
2
3[root@master softwore]# kubectl get node
NAME STATUS ROLES AGE VERSION
master Ready master 3h49m v1.15.0查看存在问题的pod,命令
kubectl get pod –all-namespaces1
2
3
4
5
6
7
8
9
10[root@master softwore]# kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-bccdc95cf-95nws 1/1 Running 0 3h56m
kube-system coredns-bccdc95cf-j69b9 1/1 Running 0 3h56m
kube-system etcd-master 1/1 Running 0 3h55m
kube-system kube-apiserver-master 1/1 Running 0 3h55m
kube-system kube-controller-manager-master 1/1 Running 0 3h55m
kube-system kube-flannel-ds-amd64-qczd8 1/1 Running 0 3h20m
kube-system kube-proxy-p46tl 1/1 Running 0 3h56m
kube-system kube-scheduler-master 1/1 Running 0 3h55m向集群添加新节点(所有的Node节点执行)。执行在kubeadm init输出的kubeadm join命令
1
2kubeadm join 172.20.5.182:6443 --token lkzogs.dka9ui4ppsvs4gx9 \
--discovery-token-ca-cert-hash sha256:e3b7ba5d1439ee0ab08f29b4ecd3d6574d0ae87b80099c74ffd435468ac20a2b
增加nginx服务
测试kubernetes集群。在Kubernetes集群中创建一个pod,运行Nginx服务,验证是否正常运行
1
2
3kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get pod,svc1
2
3
4
5
6NAME READY STATUS RESTARTS AGE
pod/nginx-554b9c67f9-llv5s 1/1 Running 0 11m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 16h
service/nginx NodePort 10.1.41.250 <none> 80:32644/TCP 10m通过浏览器访问32644端口测试是否成功
对
pod进行扩容1
2kubectl scale deployment nginx --replicas=3
kubectl get pod
常用命令
1 | 基本命令(初级): |
获取节点信息kubectl get node [-o wide]
1 | [root@master ~]# kubectl get node -o wide |
查看集群所有 pod 列表kubectl get pods --all-namespaces [-o wide]
1 | [root@master ~]# kubectl get pods --all-namespaces -o wide |
通过kubectl explain <资源名对象名>查看api字段
kubectl explain pod查看pod的大概信息kubectl explain pod --recursive查看pod的详细信息
删除pod
直接删除对应的pod是没用的,应该删除该pod对应的deployment
1 | # 查看pods |
kubectl get deployments.apps
kubectl get replicasets.apps
1 | [root@master .kube]# kubectl get deployments.apps |
获取namespace信息kubectl get namespace
1 | [root@master .kube]# kubectl get namespace |
k8s创建Pod和ReplicaSet的工作流程
参考:https://blog.csdn.net/weixin_38070561/article/details/82706973
参考
补充
timedatectl命令
timedatectl命令可以查询和更改系统时钟和设置,你可以使用此命令来设置或更改当前的日期,时间和时区,或实现与远程NTP服务器的自动系统时钟同步。
【参考】Linux下使用timedatectl命令时间时区操作详解
hostnamectl命令
永久修改主机名,是对/etc/hostname文件的内容进行修改
setenforce命令
SELinux(Security-Enhanced Linux) 是美国国家安全局(NSA)对于强制访问控制的实现,是 Linux历史上最杰出的新安全子系统。
【参考】Linux setenforce命令详解SeLinux操作
k8s 部署问题解决(节点状态为 NotReady)
使用kubectl get node查看已加入的节点出现了Status为NotReady的情况。
1 | [root@master ~]# kubectl get node |
这种情况是因为有某些关键的 pod 没有运行起来,使用如下命令查看:kubectl get pod -n kube-systemk
1 | [root@master softwore]# kubectl get pods -n kube-system |
通过手动下载镜像处理
master参考:https://blog.csdn.net/yrx420909/article/details/105667618/
node参考:http://www.voidcn.com/article/p-wpuagtbj-byy.html
kubectl的svc kube-proxy 的详细说明
参考:https://blog.csdn.net/qq_42533216/article/details/110188745