k8s-1. 手动安装1. Disable SELinux & setup firewall rules 2.

k8s install on centos7

1. Disable SELinux & setup firewall rules

hostnamectl set-hostname 'k8s-master'
exec bash
setenforce 0
sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
systemctl stop firewalld
systemctl disable firewalld
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

2. yum repo

#docker yum源 
cat >> /etc/yum.repos.d/docker.repo <<EOF 
[docker-repo] 
name=Docker Repository 
baseurl=http://mirrors.aliyun.com/docker-engine/yum/repo/main/centos/7 
enabled=1 
gpgcheck=0 
EOF

#docker yum源 可选择清华源
cat >> /etc/yum.repos.d/docker.repo <<EOF
[dockerrepo]
name=Docker Repository
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker/yum/repo/centos7
enabled=1
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker/yum/gpg
EOF

#kubernetes yum源 
cat >> /etc/yum.repos.d/kubernetes.repo <<EOF 
[kubernetes] 
name=Kubernetes 
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ 
enabled=1 
gpgcheck=0 
EOF

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

yum clean all & yum makecache

3. install docker & kubernetes

#查看docker版本 
yum list docker-engine –showduplicates 
#安装docker 
yum install -y docker-engine-1.12.6-1.el7.centos.x86_64
#查看版本
yum list kubeadm –showduplicates
yum list kubernetes-cni –showduplicates
yum list kubelet –showduplicates
yum list kubectl –showduplicates
#安装软件
yum install -y kubernetes-cni-0.5.1-0.x86_64 kubelet-1.7.2-0.x86_64 kubectl-1.7.2-0.x86_64 kubeadm-1.7.2-0.x86_64

4. 配置kubelet

配置pod的基础镜像

cat > /etc/systemd/system/kubelet.service.d/20-pod-infra-image.conf <<EOF
[Service]
Environment="KUBELET_EXTRA_ARGS=--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/szss_k8s/pause-amd64:3.0"
EOF

安装docker 1.12.6及版本需要设置cgroup-driver=cgroupfs sed -i 's/cgroup-driver=systemd/cgroup-driver=cgroupfs/g' /etc/systemd/system/kubelet.service.d/10-kubeadm.conf 说明：github.com/kubernetes/… 此处有说明

5. 启动相关组件

systemctl enable docker
systemctl enable kubelet
systemctl start docker
systemctl start kubelet

6. 创建集群

创建集群首先在master上执行init操作,api-advertise-addresses为master ip，pod-network-cidr指定IP段需要和kube-flannel.yml文件中配置的一致（kube-flannel.yaml在下面flannel的安装中会用到）

export KUBE_REPO_PREFIX="registry.cn-hangzhou.aliyuncs.com/szss_k8s"
export KUBE_ETCD_IMAGE="registry.cn-hangzhou.aliyuncs.com/szss_k8s/etcd-amd64:3.0.17"
kubeadm init --apiserver-advertise-address=172.25.58.1 --kubernetes-version=v1.14.1 --pod-network-cidr=10.244.0.0/12 --service-cidr=10.1.0.0/16 --image-repository registry.aliyuncs.com/google_containers

7. 配置kubectl的kubeconfig

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

8. 安装flannel

在master节点安装flannel

kubectl --namespace kube-system apply -f https://raw.githubusercontent.com/coreos/flannel/v0.8.0/Documentation/kube-flannel-rbac.yml
rm -rf kube-flannel.yml
wget https://raw.githubusercontent.com/coreos/flannel/v0.8.0/Documentation/kube-flannel.yml
sed -i 's/quay.io\/coreos\/flannel:v0.8.0-amd64/registry.cn-hangzhou.aliyuncs.com\/szss_k8s\/flannel:v0.8.0-amd64/g' ./kube-flannel.yml
kubectl --namespace kube-system apply -f ./kube-flannel.yml

9. master节点安装验证

通过命令验证：

$kubectl get cs
NAME                 STATUS    MESSAGE              ERROR
scheduler            Healthy   ok                   
controller-manager   Healthy   ok                   
etcd-0               Healthy   {"health": "true"}

10. node节点安装和加入集群

node的节点需要执行1~5的安装步骤，安装完后执行下面的命令将node的节点加入集群：

export KUBE_REPO_PREFIX="registry.cn-hangzhou.aliyuncs.com/szss_k8s"
export KUBE_ETCD_IMAGE="registry.cn-hangzhou.aliyuncs.com/szss_k8s/etcd-amd64:3.0.17"
kubeadm join --token 242b80.86d585ebd6358b08 172.16.120.151:6443 --skip-preflight-checks

11. node节点安装验证

通过命令验证：

$kubectl get nodes
NAME         STATUS    AGE       VERSION
k8s-node01   Ready     9h        v1.7.2
k8s-node02   Ready     9h        v1.7.2

12. 卸载

kubeadm reset
iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X
systemctl stop kubelet
systemctl stop docker
iptables --flush
iptables -tnat --flush
systemctl start kubelet
systemctl start docker

kubespary安装k8s

ansible节点：

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum install ansible python-netaddr
cat << 'EOF' >> /etc/hosts
10.110.17.198 master
10.110.17.199 node1
10.110.17.200 node2
EOF
ssh-keygen
ssh-copy-id root@master
ssh-copy-id root@node1
ssh-copy-id root@node2
git clone https://github.com/wiselyman/kubespray
kubespray/inventory/inventory.cfg
ansible-playbook -u centos -b -i inventory/inventory.cfg cluster.yml

主从节点：

hostnamectl set-hostname master
systemctl stop firewalld
systemctl disable firewalld
yum install python-netaddr

问题：

cache issue: I install with kubespray, and I exactly do the swapoff -aon my all machine, and the error still output fatal: [master]: FAILED! => { "assertion": "ansible_swaptotal_mb == 0", "changed": false, "evaluated_to": false } resolve: Have you deleted your ansible fact caches? The config in this repo sets "fact_caching_connection = /tmp".

参考

blog.jsjs.org/?p=414