Once again, the architecture is clear: three virtual machine CentOS 7.4 systems, Docker 17, IP 10.10.90.105 to 107, 105-bit master, and the next master-related components installed on this machine.
The ETCD cluster is 3 units, which are reused for each of the 3 virtual machines.grafana smtp configuration kubernetes
As the core of k8s,kubernetes pod configuration file the master node consists of three components, namely:
Three components:
kube-apiserverkube-schedulerkube-controller-manager
This three components are closely linked configure docker registry in kubernetes
1. Create a TLS certificate
These certificates we have created in the first article, a total of 8, here to check whether the number is correct, as to whether the certificate is correct reference to the first article of the note implementation. Location: 105 Virtual Machine Master node
ls /etc/kubernetes/ssladmin-key.pem admin.pem ca-key.pem Ca.pem Kube-proxy-key.pem Kube-proxy.pem kubernetes-key.pem Kubernetes.pem
2. Get k8s server-side files and install kubernetes application configuration
We get the tar package, unzip or binary using the way we download it on GitHub. Description: The latest version of 1.9 is used here.
wget https://dl.k8s.io/v1.9.0/kubernetes-server-linux-amd64.tar.gztar -XZVF Kubernetes-server-linux-amd64. Tar . GZCD kubernetes tar -xzvf kubernetes-src. Tar. gz
Copy the binary file to/usr/bin, may prompt overwrite, because the front installed KUBECTL will be installed part, the direct overwrite is good, the following statement uses the-R to overwrite, does not add-R prompts, and this server contains server and client files Without having to download the client package separately and pod configuration kubernetes
CP -R server/bin/{kube-apiserver,kube-controller-manager,kube-scheduler,kubectl,kube-proxy,kubelet}/usr /local/bin/
At this point some of the necessary binary command files have been obtained, the next one to make 3 components of the service program and configuration file
3. SYSTEMD unit files and configuration files produced
To create a service file:
Service configuration file/usr/lib/systemd/system/kube-apiserver.service content:configure kubernetes
[Unit]description=Kubernetes API servicedocumentation=https://github.com/googlecloudplatform/kubernetesAfter=Network.targetafter=Etcd.service[service]environmentfile=-/etc/kubernetes/Configenvironmentfile=-/etc/kubernetes/Apiserverexecstart=/usr/local/bin/kube-apiserver $KUBE _logtostderr $KUBE _log_level $KUBE _etcd_servers $KUBE _api_address $KUBE _api_port $KUBELET _port $KUBE _allow_priv $KUBE _service_addresses $KUBE _admission_c Ontrol $KUBE _api_argsrestart=on-Failuretype=Notifylimitnofile=65536[Install]wantedby=multi-user.target
The/etc/kubernetes/config file is created with the following contents:
# # # Kubernetes System config## The following values is used to configure various aspects of all# kubernetes Services , including## kube-apiserver.service# kube-controller-manager.service# kube-scheduler.service# kubelet.service# kube-proxy.service# Logging to stderr means we get itinchThe systemd journalkube_logtostderr="--logtostderr=true"# Journal message level,0is debugkube_log_level="--v=0"# Should this cluster is allowed to run privileged Docker Containerskube_allow_priv="--allow-privileged=true"# how the Controller-manager, scheduler, and ProxyFindThe apiserver#kube_master="--master=http://sz-pg-oam-docker-test-001.tendcloud.com:8080"Kube_master="--master=http://10.10.90.105:8080"
The Kube-apiserver configuration file/etc/kubernetes/apiserver content is:
# # # Kubernetes System config## The following values is used to configure the Kube-apiserver## the address on the local server to listen. Kube_api_address="--advertise-address=10.10.90.105--bind-address=10.10.90.105"# The port on the local server to listen on. #KUBE_API_PORT="--port=8080"# Port Minions listen on# Kubelet_port="--kubelet-port=10250"# Comma separated list of nodesinchThe etcd clusterkube_etcd_servers="--etcd-servers=https://10.10.90.105:2379,https://10.10.90.106:2379,https://10.10.90.107:2379"# Address Range to use forserviceskube_service_addresses="--SERVICE-CLUSTER-IP-RANGE=10.254.0.0/16"# Default Admission Control Policieskube_admission_control="--admission-control=serviceaccount,namespacelifecycle,namespaceexists,limitranger,resourcequota"# ADD your own!Kube_api_args="--authorization-mode=rbac--runtime-config=rbac.authorization.k8s.io/v1alpha1--kubelet-https=true-- Token-auth-file=/etc/kubernetes/token.csv--service-node-port-range=30000-32767--tls-cert-file=/etc/kubernetes/ Ssl/kubernetes.pem--tls-private-key-file=/etc/kubernetes/ssl/kubernetes-key.pem--client-ca-file=/etc/ Kubernetes/ssl/ca.pem--service-account-key-file=/etc/kubernetes/ssl/ca-key.pem--etcd-cafile=/etc/kubernetes/ Ssl/ca.pem--etcd-certfile=/etc/kubernetes/ssl/kubernetes.pem--etcd-keyfile=/etc/kubernetes/
Set the boot up and start the Apiserver component:
Systemctl daemon-reloadsystemctl enable Kube-apiserversystemctl start kube-Apiserversystemctl Status Kube-apiserver
SS-TANL check ports, 6443 and 8080 ports should be monitored successfully, on behalf of Apiserver installation success.
4. Configuring and Starting Kube-controller-manager
The service definition file/usr/lib/systemd/system/kube-controller-manager.service content is:
Note that some files may already exist, we just need to check the content.
[Unit]description=Kubernetes Controller managerdocumentation=https://github.com/ Googlecloudplatform/kubernetes[service]environmentfile=-/etc/kubernetes/ Configenvironmentfile=-/etc/kubernetes/controller-managerexecstart=/usr/local/bin/ kube-controller-Manager $KUBE _logtostderr $KUBE _log_level $KUBE _master $KUBE _controller_ Manager_argsrestart=on-failurelimitnofile=65536[Install]wantedby= Multi-user.target
Related profile configuration file/etc/kubernetes/controller-manager content:
# # # # Following values is used to configure the Kubernetes controller-manager# defaults from config and a Piserver should be adequate# Add your own! Kube_controller_manager_args="--address=127.0.0.1--service-cluster-ip-range=10.254.0.0/ --cluster-name=kubernetes--cluster-signing-cert-file=/etc/kubernetes/ssl/ca.pem--cluster-signing-key-file=/ Etc/kubernetes/ssl/ca-key.pem --service-account-private-key-file=/etc/kubernetes/ssl/ca-key.pem-- Root-ca-file=/etc/kubernetes/ssl/ca.pem--leader-elect=true"
Set boot up and start Controller-manager
Systemctl daemon-reloadsystemctl enable Kube-controller-managersystemctl start Kube- Controller-manager
5. Configuring and Starting Kube-scheduler
The service definition file/usr/lib/systemd/system/kube-scheduler.service content is:
[Unit]description=Kubernetes Scheduler plugindocumentation=https://github.com/ Googlecloudplatform/kubernetes[service]environmentfile=-/etc/kubernetes/ Configenvironmentfile=-/etc/kubernetes/scheduleruser=kubeexecstart=/usr/bin/kube- Scheduler $KUBE _logtostderr $KUBE _log_level $KUBE _master $KUBE _scheduler_argsrestart= on-failurelimitnofile=65536[Install]wantedby=multi-user.target
The relevant configuration file/etc/kubernetes/scheduler content is:
# # # # Kubernetes Scheduler config# Default Config should be adequate# Add your own! Kube_scheduler_args="--leader-elect=true--address=127.0.0.1"
Set boot up and start:
Systemctl daemon-reloadsystemctl enable Kube-schedulersystemctl start kube-scheduler
6, all services after the start of authentication services
First SS-TANL look at the port: my following:
Get component information using the KUBECTL get command: Make sure all components are OK and healthy status is true
[Email Protected]_master ~]# kubectl get componentstatusesname STATUS MESSAGE errorscheduler Healthy OK Controller-Manager Healthy OK etcd-2Healthy {" Health":"true"} ETCD-1Healthy {" Health":"true"} ETCD-0Healthy {" Health":"true"}
At this point, the master node installation is complete, in the process of creating a configuration file must be information, if found error, use Journalctl-xe-u service name to view the relevant error and view/var/log/message to see more detailed error situation, specific situation can be solved.
Kubernetes (k8s) Installation deployment process (iv)--master node installation