docker安装包下载地址:花几个积分,还是值得的吧,哈哈哈
https://download.csdn.net/download/qq_38187437/13755761
中文文档地址
http://docs.kubernetes.org.cn/227.html#Kubernetes
三台服务器
1.服务器版本
Ubuntu 20.04 64位
2.修改主节点hostname
vi /etc/hostname
master001
3.修改主节点hosts
vi /etc/hosts
172.17.93.204 master001 master001
4.修改子节点1 hostname
vi /etc/hostname
slave001
5.修改主节点1 hosts
vi /etc/hosts
172.17.93.205 slave001 slave001
6.修改子节点2 hostname
vi /etc/hostname
slave002
7.修改主节点2 hosts
vi /etc/hosts
172.17.93.195 slave002 slave002
8.主版本必须保持?一致
uname -r
5.4.0-54-generic
9.安装docker
上传docker安装包,使用tar包安装
同步到其他节点
scp docker-20.10.1.tgz 172.17.93.207:/root
tar -zxvf docker-20.10.1.tgz
cd
cp /root/docker/* /usr/local/bin
//编辑docker.service配置文件
vi /lib/systemd/system/docker.service//配置文件
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=docker.socket
Requires=docker.socket[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
EnvironmentFile=-/etc/default/docker
ExecStart=/usr/local/bin/dockerd --storage-driver=overlay -H fd:// $DOCKER_OPTS $DOCKER_OPT_BIP $DOCKER_OPT_MTU $DOCKER_OPT_IPMASQ
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process[Install]
WantedBy=multi-user.target
vi /lib/systemd/system/docker.socket
[Unit]
Description=Docker Socket for the API
PartOf=docker.service[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=root
SocketGroup=root[Install]
WantedBy=sockets.target
//docker配置
vi /etc/default/docker
DOCKER_OPTS="--selinux-enabled --insecure-registry local-registry.com"
systemctl enable dockersystemctl start docker
10.编辑docker配置源
vi /etc/docker/daemon.json
{
"registry-mirrors":["https://ozcouv1b.mirror.aliyuncs.com"]
}
重启docker服务
# 重载所有修改过的配置?文件
sudo systemctl daemon-reload
# 重启Docker服务
sudo systemctl restart docker# 测试
docker ps -a
11.配置并安装k8s国内源
1. 创建配置?文件 sudo touch /etc/apt/sources.list.d/kubernetes.list2. 添加写权限sudo chmod 666 /etc/apt/sources.list.d/kubernetes.list3.修改文件vi /etc/apt/sources.list.d/kubernetes.list再添加,内容如下:deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main4. 执?行? sudo apt update 更?新操作系统源,开始会遇?见如下错误sudo apt update
Get:1 http://mirrors.ustc.edu.cn/kubernetes/apt
kubernetes-xenial InRelease [8,993 B]
Err:1 http://mirrors.ustc.edu.cn/kubernetes/apt
kubernetes-xenial InRelease
The following signatures couldn't be verified
because the public key is not available: NO_PUBKEY
6A030B21BA07F4FB
Hit:2 http://mirrors.aliyun.com/ubuntu cosmic
InRelease
Hit:3 http://mirrors.aliyun.com/ubuntu cosmic-
updates InRelease
Hit:4 http://mirrors.aliyun.com/ubuntu cosmic-
backports InRelease
Hit:5 http://mirrors.aliyun.com/ubuntu cosmic-
security InRelease
Err:6 https://mirrors.ustc.edu.cn/docker-
ce/linux/ubuntu cosmic InRelease
Could not wait for server fd - select (11:
Resource temporarily unavailable) [IP:
202.141.176.110 443]
Reading package lists... Done
W: GPG error:
http://mirrors.ustc.edu.cn/kubernetes/apt
kubernetes-xenial InRelease: The following
signatures couldn't be verified because the public
key is not available: NO_PUBKEY 6A030B21BA07F4FB
E: The repository
'http://mirrors.ustc.edu.cn/kubernetes/apt
kubernetes-xenial InRelease' is not signed.
N: Updating from such a repository can't be done
securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository
creation and user configuration details.
其中:
The following signatures couldn't be verified
because the public key is not available: NO_PUBKEY
6A030B21BA07F4FB
签名认证失败,需要重新?生成。记住上?面的NO_PUBKEY
6A030B21BA07F4FB添加认证key
运?行?如下命令,添加错误中对应的key(错误中NO_PUBKEY后?面
的key的后8位)gpg --keyserver keyserver.ubuntu.com --recv-keys BA07F4FB接着运?行?如下命令,确认看到OK,说明成功,之后进?行?安装:gpg --export --armor BA07F4FB | sudo apt-key add -sudo apt update12.安装k8s
apt update && apt-get install -y kubelet=1.20.1-00 kubernetes-cni=0.8.7-00 kubeadm=1.20.1-00 kubectl=1.20.1-00
13.初始化并且启动
关闭swap
# 成功
$ sudo swapoff -a
# 永久关闭swap分区
$ sudo sed -i 's/.*swap.*/#&/' /etc/fstab
主节点安装k8s基础环境
安装Kubernetes ?目前安装版本 v1.13.1
mkdir -p /home/glory/working
cd /home/glory/working/
apt-get install kubectl kubelet kubeadm && systemctl enable kubelet && systemctl start kubelet
14.以上内容三个节点都需要安装
15.主节点安装k8s
安装k8s
kubeadm init --kubernetes-version=1.20.0 \
--apiserver-advertise-address=172.17.93.204 \
--image-repository registry.aliyuncs.com/google_containers \
--service-cidr=10.10.0.0/16 --pod-network-cidr=10.122.0.0/16
16.更?多kubeadm配置?文件参数详?见
kubeadm config print-defaults
17.k8s启动成功输出内容较多,但是记住末尾的内容
Your Kubernetes control-plane has initialized successfully!To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/configAlternatively, if you are the root user, you can run:export KUBECONFIG=/etc/kubernetes/admin.confYou should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:https://kubernetes.io/docs/concepts/cluster-administration/addons/Then you can join any number of worker nodes by running the following on each as root:kubeadm join 172.17.93.204:6443 --token u87mbu.jg2kvejo5r8cjwsm \--discovery-token-ca-cert-hash sha256:9bb29a3b13f12b6dc58730cc45fbb13ae67500267e5c4e89a86f960d7e1c3481 kubeadm join 172.17.93.204:6443 --token u87mbu.jg2kvejo5r8cjwsm \--discovery-token-ca-cert-hash sha256:9bb29a3b13f12b6dc58730cc45fbb13ae67500267e5c4e89a86f960d7e1c3481
18.按照官?方提示,执?行?以下操作。
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config19.创建系统服务并启动
# 启动kubelet 设置为开机?自启动
$ sudo systemctl enable kubelet
# 启动k8s服务程序
$ sudo systemctl start kubelet
20.验证输?入,注意显示master状态是 NotReady ,证明初始化服务器?成功
kubectl get nodesNAME STATUS ROLES AGE VERSION
master NotReady master 12m v1.13.1
21.查看当前k8s集群状态
$ kubectl get cs
NAME STATUS MESSAGE
ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health": "true"}
?目前只有?一个master,还没有node,?而且是NotReady状态,那
么我们需要将node加?入到master管理?的集群中来。在加?入之前,
我们需要先配置k8s集群的内部通信?网络,这?里?采?用的是calico网
络。
22.添加其他节点到k8s集群中
其他节点分布执行
主节点生成的
kubeadm join 172.17.93.204:6443 --token u87mbu.jg2kvejo5r8cjwsm \--discovery-token-ca-cert-hash sha256:9bb29a3b13f12b6dc58730cc45fbb13ae67500267e5c4e89a86f960d7e1c3481
23.开启calico服务
主需要在主节点执行
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
24.等待安装完成
root@iZ2ze3rugpmg6ym2u7ntpoZ:/home/glory/working# kubectl get pods -o wide --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-system calico-kube-controllers-744cfdf676-8m26q 0/1 Pending 0 21s <none> <none> <none> <none>
kube-system calico-node-4k5w2 0/1 Init:2/3 0 21s 172.17.93.208 iz2zej54990oq4ayss6nrkz <none> <none>
kube-system calico-node-6d2bx 0/1 Init:2/3 0 22s 172.17.93.204 iz2ze3rugpmg6ym2u7ntpoz <none> <none>
kube-system calico-node-7sctg 0/1 Init:2/3 0 21s 172.17.93.207 iz2zej54990oq4ayss6nrjz <none> <none>
kube-system coredns-7f89b7bc75-4khb8 0/1 Pending 0 3m36s <none> <none> <none> <none>
kube-system coredns-7f89b7bc75-r6rf2 0/1 Pending 0 3m36s <none> <none> <none> <none>
kube-system etcd-iz2ze3rugpmg6ym2u7ntpoz 1/1 Running 0 3m44s 172.17.93.204 iz2ze3rugpmg6ym2u7ntpoz <none> <none>
kube-system kube-apiserver-iz2ze3rugpmg6ym2u7ntpoz 1/1 Running 0 3m44s 172.17.93.204 iz2ze3rugpmg6ym2u7ntpoz <none> <none>
kube-system kube-controller-manager-iz2ze3rugpmg6ym2u7ntpoz 1/1 Running 0 3m44s 172.17.93.204 iz2ze3rugpmg6ym2u7ntpoz <none> <none>
kube-system kube-proxy-bt5lf 1/1 Running 0 60s 172.17.93.207 iz2zej54990oq4ayss6nrjz <none> <none>
kube-system kube-proxy-c55bx 1/1 Running 0 47s 172.17.93.208 iz2zej54990oq4ayss6nrkz <none> <none>
kube-system kube-proxy-hf7jb 1/1 Running 0 3m36s 172.17.93.204 iz2ze3rugpmg6ym2u7ntpoz <none> <none>
kube-system kube-scheduler-iz2ze3rugpmg6ym2u7ntpoz 1/1 Running 0 3m44s 172.17.93.204 iz2ze3rugpmg6ym2u7ntpoz <none> <none>等待所有的都变成ready
root@iZ2ze3rugpmg6ym2u7ntpoZ:/home/glory/working# kubectl get pods -o wide --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-system calico-kube-controllers-744cfdf676-8m26q 1/1 Running 0 87s 10.122.56.65 iz2zej54990oq4ayss6nrjz <none> <none>
kube-system calico-node-4k5w2 1/1 Running 0 87s 172.17.93.208 iz2zej54990oq4ayss6nrkz <none> <none>
kube-system calico-node-6d2bx 1/1 Running 0 88s 172.17.93.204 iz2ze3rugpmg6ym2u7ntpoz <none> <none>
kube-system calico-node-7sctg 1/1 Running 0 87s 172.17.93.207 iz2zej54990oq4ayss6nrjz <none> <none>
kube-system coredns-7f89b7bc75-4khb8 1/1 Running 0 4m42s 10.122.56.66 iz2zej54990oq4ayss6nrjz <none> <none>
kube-system coredns-7f89b7bc75-r6rf2 1/1 Running 0 4m42s 10.122.135.193 iz2zej54990oq4ayss6nrkz <none> <none>
kube-system etcd-iz2ze3rugpmg6ym2u7ntpoz 1/1 Running 0 4m50s 172.17.93.204 iz2ze3rugpmg6ym2u7ntpoz <none> <none>
kube-system kube-apiserver-iz2ze3rugpmg6ym2u7ntpoz 1/1 Running 0 4m50s 172.17.93.204 iz2ze3rugpmg6ym2u7ntpoz <none> <none>
kube-system kube-controller-manager-iz2ze3rugpmg6ym2u7ntpoz 1/1 Running 0 4m50s 172.17.93.204 iz2ze3rugpmg6ym2u7ntpoz <none> <none>
kube-system kube-proxy-bt5lf 1/1 Running 0 2m6s 172.17.93.207 iz2zej54990oq4ayss6nrjz <none> <none>
kube-system kube-proxy-c55bx 1/1 Running 0 113s 172.17.93.208 iz2zej54990oq4ayss6nrkz <none> <none>
kube-system kube-proxy-hf7jb 1/1 Running 0 4m42s 172.17.93.204 iz2ze3rugpmg6ym2u7ntpoz <none> <none>
kube-system kube-scheduler-iz2ze3rugpmg6ym2u7ntpoz 1/1 Running 0 4m50s 172.17.93.204 iz2ze3rugpmg6ym2u7ntpoz <none> <none>25.查看node 集群安装成功
root@iZ2ze3rugpmg6ym2u7ntpoZ:/home/glory/working# kubectl get nodes -o wide --all-namespaces
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
iz2ze3rugpmg6ym2u7ntpoz Ready control-plane,master 5m56s v1.20.1 172.17.93.204 <none> Ubuntu 20.04.1 LTS 5.4.0-54-generic docker://20.10.1
iz2zej54990oq4ayss6nrjz Ready <none> 3m3s v1.20.1 172.17.93.207 <none> Ubuntu 20.04.1 LTS 5.4.0-54-generic docker://20.10.1
iz2zej54990oq4ayss6nrkz Ready <none> 2m50s v1.20.1 172.17.93.208 <none> Ubuntu 20.04.1 LTS 5.4.0-54-generic docker://20.10.1查看全部节点
kubectl get pod -o wide --all-namespaces
kubectl get po -A
37.测试部署应用
注意:yaml文件直接写内容 可能会错位,可以先变成其他格式的文件 在改成yaml
vi nginx.yaml
apiVersion: v1
kind: Pod
metadata:name: nginx-serverlabels:app: nginx
spec:containers:- name: nginximage: nginx:1.17.2-alpine
vi nginx-service.yaml
apiVersion: v1
kind: Service
metadata:name: web
spec:type: NodePortports:- port: 7878targetPort: 80protocol: TCPname: web80nodePort: 32333selector:app: nginx
通过任意一个节点都可访问
curl 172.17.93.204:32333
curl 172.17.93.207:32333
curl 172.17.93.208:32333