k8s部署

时间 2020-04-28

标签 k8s 部署繁體版

原文原文链接

1.1 配置主机名添加hosts解析

cat <<EOF >>/etc/hosts
> 192.168.252.1 master
> 192.168.252.2 node01
> EOFnode

1.2 关闭防火墙、selinux

systemctl stop firewalld

systemctl disable firewalld

setenforce 0

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

1.3 配置内核参数，将桥接的IPv4流量传递到iptables的链

cat > /etc/sysctl.d/k8s.conf <<EOF

net.bridge.bridge‐nf‐call‐ip6tables= 1

net.bridge.bridge‐nf‐call‐iptables= 1

EOF

1.4 配置国内yum源

yum install ‐y wget mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak

wget ‐O /etc/yum.repos.d/CentOS‐Base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo

wget ‐O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel‐7.repo

yum clean all && yum makecache

1.5 配置国内kubernetes源

cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF

安装软件

1.1 配置不检查swap

vim /etc/sysconfig/kubelet

KUBELET_EXTRA_ARGS="‐‐fail‐swap‐on=false"
KUBE_PROXY_MODE=ipvs #让集群支持ipvs
ip_vs,ip_vs_rr,ip_vs_wrr,ip_vs_sh,nf_conntrack_ipv4linux

1.2 安装相关软件

yum install kubectl kubelet kubeadm
初始化
kubeadm init --kubernetes-version=1.18.0  --apiserver-advertise-address=0.0.0.0   --image-repository registry.aliyuncs.com/google_containers  --service-cidr=10.10.0.0/16 --pod-network-cidr=10.122.0.0/16 --ignore-preflight-errors=all
复制

1.3配置kubectl工具

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
source <(kubectl completion bash)
kubectl get nodevim

1.4安装网络插件centos

kubectl apply -f https://docs.projectcalico.org/manifests/calico.yamlapi

1.5安装kubernetes-dashboard

kubectl create -f recommended.yaml

1.6获取到token进行登录

建立 token
kubectl create sa dashboard-admin -n kube-system
受权token 访问权限
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
获取token
ADMIN_SECRET=$(kubectl get secrets -n kube-system | grep dashboard-admin | awk '{print $1}')
获取dashboard.kubeconfig 使用token 值
DASHBOARD_LOGIN_TOKEN=$(kubectl describe secret -n kube-system ${ADMIN_SECRET} | grep -E '^token' | awk '{print $2}')
echo ${DASHBOARD_LOGIN_TOKEN}bash