アーキテクチャーメンテナンス練習編の-アリクラウド環境はkubeadmを使用してK 8 Sクラスタをインストールする
1.1計画ノード
環境
インストールサービス
Ipドメイン名
Centos7.6
Docker,kubectl,kubeadm,kubelet,nfs-client,ansible
172.31.201.10 k8s-master
Centos7.6
Docker,kubelet,nfs-client
172.31.201.11 k8s-node01
Centos7.6
Docker,kubelet,nfs-server
172.31.201.12 k8s-node0
1.2インストール手順
yum install epel-release -y
yum install ansible -y
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.31.201.10 iZm5ehz8ds4xjbmdyu99b5Z iZm5ehz8ds4xjbmdyu99b5Z
172.31.201.10 k8s-master
172.31.201.11 k8s-node01
172.31.201.12 k8s-node0
[root@k8s-master ~]# cat/etc/ansible/hosts
[k8scluster]
k8s-master
k8s-node01
k8s-node02
[node]
k8s-node01
k8s-node02
hostname k8s-master
[root@k8s-master ~]# cat /etc/sysconfig/network
# Created by anaconda
HOSTNAME=k8s-master
###構成完了終了終了
exit
###ログオンを終了すると効果が見られます(他のノードも同様に操作します)
ssh [email protected]
ssh [email protected]
ssh-keygen -t dsa -P "" -f ~/.ssh/id_dsa
ssh-copy-id -i .ssh/id_dsa.pub root@k8s-node01
ssh-copy-id -i .ssh/id_dsa.pub root@k8s-node02
###バッチ設定
ansible all -m command -a 'setenforce 0 '
###本機にアカウントの許可を追加する
cat .ssh/id_dsa.pub
vim .ssh/authorized_keys
ssh k8s-master
ansible all -m command -a 'setenforce 0 '
ansible all -m command -a 'sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux'
cat /etc/sysconfig/selinux
systemctl stop firewalld
systemctl disable firewalld
ansible all -m command -a 'systemctl stop firewalld'
ansible all -m command -a 'systemctl disable firewalld'
ansible all -m command -a 'swapoff -a'
cat < /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
ansible node -m copy -a 'src=/etc/sysctl.d/k8s.conf dest=/etc/sysctl.d/k8s.conf'
ansible node -m command -a 'sysctl --system /etc/sysctl.d/k8s.conf '
###同期システム時間
yum install -y ntpdate
ntpdate ntp1.aliyun.com
ansible node -m command -a 'yum install -y ntpdate '
ansible node -m command -a 'ntpdate time.windows.com'
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache fast
yum -y install docker-ce
systemctl start docker
###一括操作
ansible node -m command -a 'yum install -y yum-utils device-mapper-persistent-data lvm2'
ansible node -m command -a 'yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo'
ansible node -m command -a 'yum makecache fast'
ansible node -m command -a 'yum -y install docker-ce'
ansible node -m command -a 'systemctl start docker'
cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
###一括コピー
ansible node -m copy -a 'src=/etc/yum.repos.d/kubernetes.repo dest=/etc/yum.repos.d/kubernetes.repo'
###masterインストール
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet
###ノードのインストール
ansible node -m command -a 'yum install -y kubelet kubeadm kubectl'
ansible node -m command -a 'systemctl enable kubelet && systemctl start kubelet'
kubeadm init --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.14.1 --pod-network-cidr=10.244.0.0/16
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get node
kubectl get cs
docker images
kubectl get pod
ls
tail -f /var/log/messages
wget https://raw.githubusercontent.com/coreos/flannel/a70459be0084506e4ec919aa1c114638878db11b/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
###ノードステータスの表示を続行
kubectl get node
##cni 0,flannel.1 NICが起動しているかどうかを確認する
ifconfig
###コンポーネントのステータスの表示を続行
kubectl get cs
kubectl get node
kubectl get pod --all-namespaces
###flannelが有効かどうかを確認
(coredns IP init 10.244.0.0/16 )
kubectl get pod --all-namespaces -o wide
kubectl taint nodes --all node-role.kubernetes.io/master-
###コピー構成
ansible node -m copy -a 'src=/root/.kube/config dest=/root/.kube/'
###マスターノードの追加方法の取得
###クラスタに必要なtoken情報の表示
kubeadm token create $token --print-join-command --ttl=0
[root@k8s-master ~]# kubeadm token create $token --print-join-command --ttl=0
kubeadm join 172.31.201.10:6443 --token n1hqse.zprv5gkoj4lf07gd --discovery-token-ca-cert-hash sha256:4868590cf9a834ace4710563f69d28c2a7702d685ff0ff3e008d905bdb45b40f
###一括加入
ansible node -m command -a 'kubeadm join 172.31.201.10:6443 --token n1hqse.zprv5gkoj4lf07gd --discovery-token-ca-cert-hash sha256:4868590cf9a834ace4710563f69d28c2a7702d685ff0ff3e008d905bdb45b40f
###masterのjoinコマンドに--experimental-control-planeパラメータを追加します.これがmasterクラスタの追加で、普通のnodeノードの追加ではありません.
kubeadm join 172.31.201.10:6443 --token n1hqse.zprv5gkoj4lf07gd --discovery-token-ca-cert-hash sha256:4868590cf9a834ace4710563f69d28c2a7702d685ff0ff3e008d905bdb45b40f
--experimental-control-plane
参照ドキュメント: https://kubernetes.io/zh/docs/reference/setup-tools/kubeadm/kubeadm-init/