Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Modified document of deploying Kubernetes with kubeadm. #2

Merged
merged 1 commit into from
Jan 7, 2020
Merged

Modified document of deploying Kubernetes with kubeadm. #2

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
91 changes: 57 additions & 34 deletions doc/deploy-k8s-manual.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,12 +12,24 @@
```bash
sudo curl -o /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
```

2. 安装 docker

```bash
sudo yum install docker-ce -y
```
3. 启动 docker

3. 配置 Docker 使用 systemd 作为默认 Cgroup 驱动

```bash
cat <<EOF > /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
```

4. 启动 docker

```bash
sudo systemctl start docker && sudo systemctl enable docker
Expand Down Expand Up @@ -45,37 +57,47 @@
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
enable=1
```

2. 安装 kubeadm 等

```bash
sudo yum install -y kubelet kubeadm kubectl
sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes # https://github.com/kubernetes/kubeadm/issues/954
```
3. load k8s image 离线镜像

```console
3. 设置 kubelet 开机自启动

```bash
systemctl enable --now kubelet
```

4. load k8s image 离线镜像(可选)

```bash
# 假设 k8simg.tar 为 docker image 的压缩包,离线提供。
# sudo docker load < k8simg.tar
sudo docker load < k8simg.tar
```
[下载链接](https://seafile.sh.99cloud.net/f/829d5212ca404db2a908/?dl=1)

4. 关闭 swap 分区(如果有的话)
[下载链接](https://seafile.sh.99cloud.net/f/829d5212ca404db2a908/?dl=1)

```console
# swapoff -a
5. 关闭 swap 分区(如果有的话)

```bash
swapoff -a
# 注释掉 /etc/fstab 中的自动挂载。
```、
5. 设置内核参数
```

6. 设置内核参数

```console
# 使用 root 账户,或者使用 sudo 执行以下命令。
[root@k8s-master ~]# cat /proc/sys/net/bridge/bridge-nf-call-iptables
0
[root@k8s-master ~]# cat /proc/sys/net/bridge/bridge-nf-call-ip6tables
0
#如果这两个值为 1,则不需要操作,如果是 0,按照如下修改
echo "net.bridge.bridge-nf-call-iptables = 1" >>/etc/sysctl.conf
echo "net.bridge.bridge-nf-call-ip6tables = 1" >>/etc/sysctl.conf
#使生效
# 如果这两个值为 1,则不需要操作,如果是 0,按照如下修改
[root@k8s-master ~]# echo "net.bridge.bridge-nf-call-iptables = 1" >>/etc/sysctl.conf
[root@k8s-master ~]# echo "net.bridge.bridge-nf-call-ip6tables = 1" >>/etc/sysctl.conf
# 使生效
[root@k8s-master ~]# sysctl -p
```

Expand All @@ -84,13 +106,13 @@
1. 使用 kubeadm 初始化集群

```bash
#使用的是flannel网络
# 网络插件使用的是 flannel
kubeadm init --pod-network-cidr=10.244.0.0/16
```

2. 根据提示拷贝配置文件到对应的目录

``` bash
```bash
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Expand All @@ -101,13 +123,14 @@
```bash
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/62e44c867a2846fefb68bd5f178daf4da3095ccb/Documentation/kube-flannel.yml
```

4. 检查部署之后的环境

```
# kubectl get nodes
```console
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
openshift2.shared Ready master 69m v1.15.3
[root@openshift2 bin]# kubectl get pods --all-namespaces
[root@k8s-master ~]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-5c98db65d4-5wgb6 1/1 Running 0 68m
kube-system coredns-5c98db65d4-fv6nb 1/1 Running 0 68m
Expand All @@ -117,34 +140,34 @@
kube-system kube-flannel-ds-amd64-vfhn2 1/1 Running 0 63m
kube-system kube-proxy-vvgjv 1/1 Running 0 68m
kube-system kube-scheduler-openshift2.shared 1/1 Running 0 67m
[root@openshift2 bin]#
```

## 添加节点

1. 在另一台机器上,完成上述“部署k8s集群"之前所有操作
1. 在另一台机器上,完成上述“部署 k8s 集群”之前所有操作
2. 在 master 执行 kubeadm init 之后会有加入集群的提示,如下图

![join](../image/join.png)
![join](../images/join.png)

4. 内容如下:
3. 内容如下:

```console
[centos@k8s-slave ~]$ kubeadm join 192.168.11.15:6443 --token 8lrj88.951kc5gn2hgrppts \--discovery-token-ca-cert-hash sha256:eaf73dff349a3e2b7ba91961a89eed4617746fb8d85d7e79761b32106cb640b6
```bash
kubeadm join 192.168.11.15:6443 --token 8lrj88.951kc5gn2hgrppts \
--discovery-token-ca-cert-hash sha256:eaf73dff349a3e2b7ba91961a89eed4617746fb8d85d7e79761b32106cb640b6
Comment on lines +154 to +156
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

这个用console更好,console能看出是哪台机器上执行

```

5. 如果没有保存上一个步骤,则执行如下命令获取( 在 master 节点上 )
4. 如果没有保存上一个步骤,则执行如下命令获取( 在 master 节点上 )

```console
#获取token
[centos@k8s-master ~]$ kubeadm token list
#获取 ca 的 hash 值
[centos@k8s-master ~]$ openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
# 获取token
[centos@k8s-master ~]# kubeadm token list
# 获取 ca 的 hash 值
[centos@k8s-master ~]# openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
```

6. 拼接join命令
5. 拼接 join 命令

```bash
#使用上面查询到的结果,分别替代 `$token` 和 `$ca_hash` 值
kubeadm join $master_ip:6443 --token $token --discovery-token-ca-cert-hash sha256:$ca_hash
# 使用上面查询到的结果,分别替代 `$token` 和 `$ca_hash` 值
[centos@k8s-worker ~]# kubeadm join $master_ip:6443 --token $token --discovery-token-ca-cert-hash sha256:$ca_hash
```