Kubeadm 部署 Kubernetes 单主节点集群(Ubuntu)
May 15, 2019 23:50 · 1146 words · 3 minute read
2+ 台机器:
- 64 位 Ubuntu Linux 系统
- 机器网络互通
- 可以访问外网(拉取镜像时要访问 gcr.io)
- 2Core+ CPU、4GB+ RAM
以下所有操作在 root 账号上进行。
推荐使用 kubeadm-ansible 来加速集群初始化 😊
- 设置主机名
- 关闭防火墙
- 更新包
- 安装 Docker
- 安装 Kubernetes
- 关闭系统交换分区
一步直达 🚀!
或者选择艰难的路 👇
1. master 节点
设置主机名
$ hostnamectl set-hostname kube-master
$ hostname
kube-master
1.2 关防火墙
$ ufw disable
1.3 更新包
$ apt-get update
$ apt-get upgrade -y
1.4 安装 Docker
$ apt-get install -y apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
$ apt-key fingerprint 0EBFCD88
$ add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
$ apt-get update
$ apt-get install -y docker-ce
$ systemctl start docker
$ docker info | grep Cgroup
Cgroup Driver: cgroupfs
同样要配置 Docker 使用 systemd 作为默认 Cgroup 驱动:
$ cat <<EOF > /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
$ systemctl restart docker
$ docker info | grep Cgroup
Cgroup Driver: systemd
使 Docker 开机自启动:
$ systemctl enable docker
Synchronizing state of docker.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable docker
1.5 安装 Kubernetes 全家桶
$ curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
$ cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://apt.kubernetes.io/ kubernetes-xenial main
EOF
$ apt-get update
$ apt-get install -y kubelet kubeadm kubectl
1.6 关闭系统交换区
$ swapoff -a
$ sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
1.7 初始化 master 节点
- 如果使用 calico 作为网络插件,要给
kubeadm init带上--pod-network-cidr=192.168.0.0/16 - 如果使用 flannel 作为网络插件,要给
kubeadm init带上--pod-network-cidr=10.244.0.0/16
开始初始化:
$ kubeadm init
[init] Using Kubernetes version: v1.14.1
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
......
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.211.55.86:6443 --token 96we7u.s9fzr0hes09nzh31 \
--discovery-token-ca-cert-hash sha256:92bd946186fdfec3080d7570bca4bad6183f8cb19782784d2c855649e2832107
按照提示所说的:
$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
现在 kubectl 工具可以正常使用了!
Kubeadm 输出的 join 命令要记下来,用来添加工作节点:
kubeadm join 10.211.55.86:6443 --token 96we7u.s9fzr0hes09nzh31 \
--discovery-token-ca-cert-hash sha256:92bd946186fdfec3080d7570bca4bad6183f8cb19782784d2c855649e2832107
检查一下 master 节点的状态
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
kube-master NotReady master 113s v1.14.1
NotReady 的原因和在 CentOS 上部署时如出一辙:还没有安装网络插件。
1.8 部署网络插件
这里列出了一些可用的插件和对应的安装说明: https://kubernetes.io/docs/concepts/cluster-administration/addons/
这里选择 Weave Net:
$ kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
Flannel(可选):
$ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
Calico(可选):
$ kubectl apply -f https://docs.projectcalico.org/v2.0/getting-started/kubernetes/installation/hosted/kubeadm/calico.yaml
检查 Pod 的状态
kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-fb8b8dccf-6nppk 1/1 Running 0 6m50s
coredns-fb8b8dccf-gg8nc 1/1 Running 0 6m50s
etcd-kube-master 1/1 Running 0 5m44s
kube-apiserver-kube-master 1/1 Running 0 5m45s
kube-controller-manager-kube-master 1/1 Running 0 5m57s
kube-proxy-x7lhj 1/1 Running 0 6m50s
kube-scheduler-kube-master 1/1 Running 0 5m52s
weave-net-4d9dv 2/2 Running 0 111s
这样所有的 Pod 都正常运行了!刚刚部署的 Weave 网络插件在 kube-system 下新建了一个名为 weave-net-4d9dv 的 Pod。
检查 master 节点的状态
$ kubectl get nodes kube-master
NAME STATUS ROLES AGE VERSION
kube-master Ready master 8m14s v1.14.1
master 节点现在已经是 Ready 状态了!接下来添加一个 worker 节点到集群中。
2. worker 节点
首先也要设置 hostname:
$ hostnamectl set-hostname kube-worker
$ hostname
kube-worker
初始化的操作和 master 节点完全一致:
- 关闭防火墙
- 更新包
- 安装 Docker
- 安装 Kubernetes
- 关闭系统交换分区
然后要用到刚才记下的 join 指令:
$ kubeadm join 10.211.55.86:6443 --token 96we7u.s9fzr0hes09nzh31 \
--discovery-token-ca-cert-hash sha256:92bd946186fdfec3080d7570bca4bad6183f8cb19782784d2c855649e2832107
[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.14" ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Activating the kubelet service
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
这时我们再回 master 节点上查看节点状态:
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
kube-master Ready master 37m v1.14.1
kube-worker1 Ready <none> 66s v1.14.1
这个 worker 节点成功加入到了集群中,一个单主点 kubernetes 集群就搭建好了 👏
尝试使用 kubeadm-ansible playbook 4 Ubuntu 来加速集群初始化 😊