如何在CentOS7上安装kubernetes

1、修改主机和host解析，关闭selinux

192.168.20.11  k8s-master

192.168.20.12  k8s-node-1

192.168.20.13  k8s-node-2

2、所有节点安装docker-1.12.6-68

上传安装包。

yum localinstall docker-common-1.12.6-68.gitec8512b.el7.centos.x86_64.rpm -y

yum localinstall docker-client-1.12.6-68.gitec8512b.el7.centos.x86_64.rpm -y

yum localinstall docker-1.12.6-68.gitec8512b.el7.centos.x86_64.rpm -y

链接：https://pan.baidu.com/s/1nUCPUc4yOzumJeTtriIdkQ 

提取码：o05o 

3、master节点安装etcd

yum install etcd -y

修改配置文件

vim /etc/etcd/etcd.conf

ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"

ETCD_ADVERTISE_CLIENT_URLS="http://192.168.20.11:2379"

加入开机自启动

systemctl start etcd.service

systemctl enable etcd.service 

4、测试：

etcdctl set test/test-key 0

etcdctl get test/test-key

检查集群状态

etcdctl -C http://192.168.20.11:2379 cluster-health

5、master节点安装kubernetes

yum install kubernetes-master.x86_64 -y

修改apiserver配置文件

vim /etc/kubernetes/apiserver  

KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"

KUBE_API_PORT="--port=8080"

KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.20.11:2379"

# node节点监听的端口

KUBELET_PORT="--kubelet-port=10250"

KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny ,Resour

ceQuota"

修改配置文件

vim /etc/kubernetes/config

#apiserver运行在哪，谁就是KUBE_MASTER

KUBE_MASTER="--master=http://192.168.20.11:8080" 

systemctl enable kube-apiserver.service

systemctl start kube-apiserver.service

systemctl enable kube-controller-manager.service

systemctl start kube-controller-manager.service

systemctl enable kube-scheduler.service

其中个组建的功能：

api-server：接收并相应用户的请求

controller：控制器的概念，保证docker容器存活

schedule：调度器，选择启动容器的node节点

6、两台node节点安装kubernetes

yum install kubernetes-node.x86_64 -y

修改配置文件

vim /etc/kubernetes/config 

KUBE_MASTER="--master=http://192.168.20.11:8080"

vim /etc/kubernetes/kubelet

KUBELET_ADDRESS="--address=0.0.0.0"

KUBELET_PORT="--port=10250"

# node节点主机名或IP地址

KUBELET_HOSTNAME="--hostname-override=192.168.20.12"

KUBELET_API_SERVER="--api-servers=http://192.168.20.11:8080"

systemctl enable kubelet.service

systemctl restart kubelet.service

systemctl enable kube-proxy.service

systemctl restart kube-proxy.service

其中个组建的功能：

kubelet：调用docker管理容器的生命周期

kube-proxy：提供容器的网络

7、检查能否出结果：

[root@k8s-master tools]#  kubectl get nodes

8、所有节点配置flannel网络

yum install flannel -y

vim /etc/sysconfig/flanneld

也可以使用命令替换：

sed -i 's#http://127.0.0.1:2379#http://192.168.20.11:2379#g' /etc/sysconfig/flanneld

master上操作，创建网络和子网，以及类型

etcdctl mk /atomic.io/network/config '{

  "Network": "10.2.0.0/16",

  "SubnetLen": 24,

  "Backend": {

    "Type": "vxlan"

  }

}

'

其中/atomic.io/network为

指定 etcd 存放 flannel 网络配置信息的 key

9、配置开机启动和重启k8s

master节点：

systemctl enable flanneld.service

systemctl start flanneld.service

service docker restart

systemctl restart kube-apiserver.service

systemctl restart kube-controller-manager.service

systemctl restart kube-scheduler.service

node节点：

systemctl enable flanneld.service

systemctl start flanneld.service

service docker restart

systemctl restart kubelet.service

systemctl restart kube-proxy.service

10、flanneld 启动后，宿主机网络会发生一些变化

使用ip add命令查看宿主机网络

11、每个节点启动busybox测试连通性（注意在docker 上配置加速）

[root@k8s-master tools]# docker run -it busybox /bin/bash

[root@k8s-node-1 ~]# docker run -it busybox /bin/bash

[root@k8s-node-2 ~]# docker run -it busybox /bin/sh

在master上ping其他的节点

12、配置master为镜像仓库

docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry  registry

修改连接访问仓库不使用HTTPS

master:

vim /etc/sysconfig/docker

OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false  --insecure-registry=192.168.20.11:5000'

systemctl restart docker

node节点

vim /etc/sysconfig/docker

OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --insecure-registry=192.168.20.11:5000'

systemctl restart docker

13、安装k8s完毕