本文共 6438 字,大约阅读时间需要 21 分钟。
一、环境配置
master 172.16.101.199 docker,apiserver, controller-manager, scheduler
etcd 172.16.101.199 etcd node1 172.16.101.221 flannel, docker, kubelet, kube-proxy node2 172.16.101.221 flannel, docker, kubelet, kube-proxy1/设置hosts文件
172.16.101.199 master172.16.101.199 etcd172.16.101.220 node1172.16.101.221 node22、基础设置
2、1 关闭防火墙2、2 关闭selinux2、3 设置hosts2.4 启用iPv4转发CentOS7 下可编辑配置文件/etc/sysctl.confnet.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
执行sudo sysctl -p 立刻生效。
2.5 禁用SWAP:永久禁用swap可以直接修改/etc/fstab文件,注释掉swap项2.6 免秘钥登录2、master:
(1)、安装docker
CentOS7
#卸载方法一
yum remove docker-cerm -rf /var/lib/docker#卸载docker方法二:
yum list installed | grep docker删除安装包sudo yum -y remove docker-engine.x86_64(2)安装kubernets.flannel.etcd
yum install kubernetes-master etcd flannel-y(3)配置etcdcat /etc/etcd/etcd.conf |egrep -v "^#|^$"ETCD_NAME=default
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"ETCD_LISTEN_CLIENT_URLS="" ## 监听地址端口ETCD_ADVERTISE_CLIENT_URLS="" ## etcd集群配置;多个etcd服务器,直接在后面加url##启动etcd服务
#systemctl start etcd(4)配置kubernetes
#cat /etc/kubernetes/kubernetes.confKUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0" ## kube启动时绑定的地址KUBE_ETCD_SERVERS="--etcd-servers=" ## kube调用etcd的urlKUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=172.17.0.0/16" ## 此地址是docker容器的地址段KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"KUBE_API_ARGS=""#cat config |egrep -v "^#|^$"
KUBE_LOGTOSTDERR="--logtostderr=true"KUBE_LOG_LEVEL="--v=0"KUBE_ALLOW_PRIV="--allow-privileged=false"KUBE_MASTER="--master=" ## kube master api url(5)配置flanned#cat /etc/sysconfig/flanneldFLANNEL_ETCD_ENDPOINTS=""
FLANNEL_ETCD_PREFIX="/kube/network" 注意:kubeetcdctl mk /kube/network/config '{"Network":"172.17.0.0/16"}' ## 注意此处的ip和上文中出现的ip地址保持一致.
报错问题:
E0808 11:09:44.387201 10537 network.go:102] failed to retrieve network config: 100: Key not found (/kube) [3]3、node1-2 安装
1). 安装软件包.
#yum install kubernetes-node flannel -y #默认安装docker-1.13.1版本,其需要启动docker就可以了systemctl enable dockersystemctl start dockerdocker version2)配置flannel#cat /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS=""
FLANNEL_ETCD_PREFIX="/kube/network" 注意:kubesystemctl start flanneld
3)配置kubelet
#cd /etc/kubernetes#cat config |egrep -v "^#|^$"KUBE_LOGTOSTDERR="--logtostderr=true"KUBE_LOG_LEVEL="--v=0"KUBE_ALLOW_PRIV="--allow-privileged=false"KUBE_MASTER="--master=" ## kube master api url#cat kubelet |egrep -v "^#|^$"
KUBELET_ADDRESS="--address=0.0.0.0" ## kubelet 启动后绑定的地址KUBELET_PORT="--port=10250" ## kubelet 端口KUBELET_HOSTNAME="--hostname-override=172.16.101.220" ##kubelet的hostname,在master执行kubectl get nodes显示的名字KUBELET_API_SERVER="--api-servers=" ## kube master api urlKUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"KUBELET_ARGS=""node:
systemctl start docker.servicesystemctl start kube-proxysystemctl start kubelet5、检测配置正确性
访问http://kube-apiserver:port 查看所有请求url 查看健康状况6、开启k8s dashboard:
master:
1). 在master上验证服务.
#kubectl get nodes ## 获取k8s客户端.NAME STATUS AGE172.16.101.220 Ready 1h172.16.101.221 Ready 1h#kubectl get namespace ## 获取k8s所有命名空间
NAME STATUS AGEdefault Active 1hkube-system Active 1h新建kube-dashboard.yaml
cd /usr/local/src/docker/
kubectl delete -f kubernetes-dashboard.yaml
kubectl get pods --namespace=kube-systemkubectl get pod --all-namespaces
kubectl describe pods kubernetes-dashboard-2215670400-w0j11 --namespace=kube-system客户端:
systemctl restart flanneldsystemctl start kube-proxysystemctl start kubelet客户端执行:
yum install python-rhsmyum install rhsmwget rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pemdocker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
#基础命令
kubectl get po/svc/cm/rc : 查看容器kubectl describe po name :查看详情kubectl delete po name :删除资源-o wide : 多显示几列信息--all-namespaces : 所有命名空间-n name : 指定命名空间(default可以不带此参数)kubectl apply/create -f aaa.yaml : 执行yml文件kubectl exec 容器名称 -it -- bash : 进入容器exit : 退出kubectl delete po name :删除资源
1、问题一
解决不能删除问题:[root@localhost docker]# kubectl create -f kubernetes-dashboard.yamlError from server (AlreadyExists): error when creating "kubernetes-dashboard.yaml": deployments.extensions "kubernetes-dashboard" already existsError from server (AlreadyExists): error when creating "kubernetes-dashboard.yaml": services "kubernetes-dashboard" already exists解决方法:kubectl delete namespace kube-systemkubectl delete -f kubernetes-dashboard.yaml2、问题二
解决超时问题:Error: 'dial tcp 172.17.71.2:9090: getsockopt: no route to host'Trying to reach: ''getsockopt: connection timed out’问题如果安装的docker版本为1.13及以上,并且网络畅通,flannel、etcd都正常,但还是会出现getsockopt: connection timed out'的错误,则可能是iptables配置问题。具体问题:
Error: 'dial tcp 10.233.50.3:8443: getsockopt: connection timed out
如果安装的docker版本为1.13及以上,并且网络畅通,flannel、etcd都正常,但还是会出现getsockopt: connection timed out'的错误,则可能是iptables配置问题。具体问题:
Error: 'dial tcp 10.233.50.3:8443: getsockopt: connection timed out
docker从1.13版本开始,可能将iptables FORWARD chain的默认策略设置为DROP,从而导致ping其他Node上的Pod IP失败,遇到这种问题时,需要手动设置策略为ACCEPT:
sudo iptables -P FORWARD ACCEPT
使用iptables -nL命令查看,发现Forward的策略还是drop,可是我们明明执行了iptables -P FORWARD ACCEPT。原来,docker是在这句话执行之后启动的,需要每次在docker之后再执行这句话。。。这么做有点太麻烦了,所以我们修改下docker的启动脚本:
vi /usr/lib/systemd/system/docker.service
[Service]
Type=notifyExecStart=/usr/bin/dockerd $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS $DOCKER_DNS_OPTIONS
#添加这行操作,在每次重启docker之前都会设置iptables策略为ACCEPT
ExecStartPost=/sbin/iptables -I FORWARD -s 0.0.0.0/0 -j ACCEPTExecReload=/bin/kill -s HUP $MAINPID
在启动文件中的 [Service] 下添加一行配置,即上面代码中的配置即可。
然后重启docker,再次查看dashboard网页。
这个问题在实在解决不了
master装一个node客户端转载于:https://blog.51cto.com/guoshaoliang789/2156509