一、前期部署
1.虚拟机安装的注意事项
1.1处理器最低2个,不然会报错
1.2修改主机名,以master为例
1.3IP地址的配置
2.环境配置
2.1前言
推荐临时关闭与永久关闭一起配置,这样不用重启虚拟机,开机后不用再次临时关闭。
systemctl stop firewalld && systemctl disable firewalld && swapoff -a && setenforce 0
2.2关闭swap
唯一永久关闭需要重启的配置
方法1:swapoff -a //临时
方法2:用vi 或 vim 进入 /etc/fstab 把最后一行 /dev/mapper/centos-swap swap 用 # 注释掉 // 永久生效
#
# /etc/fstab
# Created by anaconda on Fri Nov 4 00:46:36 2022
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=7be6fcec-35e5-44ad-9c64-f84952a9e1c0 /boot xfs defaults 0 0
#/dev/mapper/centos-swap swap swap defaults 0 0
2.3关闭firewalld
方法1:systemctl stop firewalld // 临时生效
方法2:systemctl stop firewalld && systemctl disable firewalld // 永久生效
2.4关闭selinux
方法1:setenforce 0 // 临时生效
方法2:用 vi 或 vim 进入 /etc/selinux/config 将 enforcing 改为disabled // 永久生效
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
2.5在hosts里面添加master、node
方法1:
cat >> /etc/hosts << EOF
192.168.138.54 test-master2
192.168.138.54 test-node2
192.168.138.55 test-node3
192.168.138.56 test-node4
192.168.138.57 test-node5
192.168.138.58 test-node6
185.199.109.133 raw.githubusercontent.com
EOF
方法2:
用vi 或 vim 进入 /etc/hosts 将 master 与 node 添加在里面
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.138.24 master5
192.168.138.25 node9
192.168.138.26 node10
185.199.109.133 raw.githubusercontent.com
2.6将桥接的IPv4流量传递到iptables的链
方法1:
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system # 生效
方法2:
使用 vi 或 vim 创建 /etc/sysctl.d/k8s.conf 将 net.bridge.bridge-nf-call-ip6tables = 1 回车换行 net.bridge.bridge-nf-call-iptables = 1 添加进去
[root@master7 ~]# vi /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
sysctl --system # 生效
3.安装包
3.1安装并启动doxker
yum install -y docker && systemctl start docker
3.2添加下载源
3.2.1
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors":
["https://mfly25p6.mirror.aliyuncs.com"]
}
EOF
3.2.2
cat > /etc/yum.repos.d/kubernetes.repo<< EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yumkey.gpghttps://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
[kubernetes]
name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
EOF
3.3安装并启动K8S
yum install -y kubelet-1.18.0 kubeadm-1.18.0 kubectl-1.18.0 && systemctl enable kubelet
4.kubeadm init
4.1
kubeadm init \
--apiserver-advertise-address=192.168.138.54 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.18.0 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16
注:如一直连接超时就重启虚拟机或换网重启虚拟机。
4.2重置kubeadm init
kubeadm reset
5.使用kubectl工具
5.1一行一行的输入
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf$HOME/.kube/config
sudo chown (id -u):(id -g)$HOME/.kube/config
这三句是“第4步”运行成功后的倒数第9~7句
6.node加入集群
6.1样例
kubeadm join 192.168.227.34:6443 --token olhw2c.cmvliki84cj8mu47 \
--discovery-token-ca-cert-hash sha256:8af3429c91c8ba2cc2e38346ed9839fe1de85cf8e51a3b43fd01fd72f36c312d
这句是“第4步”运行成功的最后那两句
7.部署CNI网络插件
7.1下载
yum -y install wget && wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml && kubectl apply -f kube-flannel.yml
7.2应用
kubectl apply -f kube-flannel.yml
7.3查看
kubectl get pods -n kube-system
出现如下情况才算是成功
[root@master6 tomcat]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-7ff77c879f-7p9wg 1/1 Running 0 88m
coredns-7ff77c879f-cqtjv 1/1 Running 0 88m
etcd-master6 1/1 Running 0 89m
kube-apiserver-master6 1/1 Running 0 89m
kube-controller-manager-master6 1/1 Running 0 89m
kube-proxy-v4pqc 1/1 Running 0 87m
kube-proxy-ww2nl 1/1 Running 0 88m
kube-proxy-z7v9l 1/1 Running 0 87m
kube-scheduler-master6 1/1 Running 0 89m
8.制作dockerfile并上传远程仓库
远程仓库以阿里云为例
8.1登陆阿里云远程仓库
登陆成功
[root@node11 ~]# docker login --username=houxiongxiong registry.cn-hangzhou.aliyuncs.com
Password:
Login Succeeded
[root@node11 ~]#
8.2制作Dockerfile
cd /home && mkdir dockerfile && cd dockerfile && mkdir tomcat && cd tomcat && vi Dockerfile
FROM registry.cn-hangzhou.aliyuncs.com/houxiongxiong/centos:7.1
RUN yum -y install wget \
&& yum -y install java-1.8.0-openjdk.x86_64 \
&& wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.1.7/bin/apache-tomcat-10.1.7.tar.gz --no-check-certificate \
&& tar -xvf apache-tomcat-8.5.83.tar.gz \
&& rm -f apache-tomcat-8.5.83.tar.gz
CMD /apache-tomcat-8.5.83/bin/startup.sh \
&& tail -f /apache-tomcat-8.5.83/logs/catalina.out
8.3制作镜像
docker build -t registry.cn-hangzhou.aliyuncs.com/houxiongxiong/tomcat:3.0 .
registry.cn-hangzhou.aliyuncs.com/houxiongxiong/tomcat: 在下图寻找
用这个就不用重新打标签,节省步骤。
8.4上传镜像
docker push registry.cn-hangzhou.aliyuncs.com/houxiongxiong/tomcat:2.0
9.创建、测试pod
9.1创建pod
kubectl create deployment tomcat1 --image=registry.cn-hangzhou.aliyuncs.com/houxiongxiong/tomcat:2.0
9.2暴露pod的端口号
kubectl expose deployment tomcat1 --port=8080 --type=NodePort
9.3查看pod的端口号
kubectl get svc
10.成功
评论区