記錄下GFW內k8s的部署流程,備忘。
1、各節點上配置hostname,配置resole.conf
echo "titan1" > /etc/hostnamesysctl kernel.hostname="titan1"echo "nameserver x.x.x.x" >> /etc/resolv.conf2、各節點上加k8s的repo
tee /etc/yum.repos.d/mritd.repo << EOF[mritdrepo]name=Mritd Repositorybaseurl=https://rpm.mritd.me/centos/7/x86_64enabled=1gpgcheck=0EOF3、各節點上裝基礎包
yum install -y docker kubelet kubectl kubernetes-cni kubeadm4、各節點上配置docker mirror
修改 /usr/lib/systemd/system/docker.service,加上 --registry-mirror=https://ocez8l09.mirror.aliyuncs.com:
ExecStart=/usr/bin/docker-current daemon --registry-mirror=https://ocez8l09.mirror.aliyuncs.com\ --exec-opt native.cgroupdriver=systemd \ $OPTIONS \並重新載入配置,並重啟docker服務
systemctl daemon-reloadsystemctl restart docker.service5、各節點上拉取k8s的包並tag為gcr.io
#!/bin/bashimages=(kube-proxy-amd64:v1.5.1 kube-discovery-amd64:1.0 kubedns-amd64:1.9 kube-scheduler-amd64:v1.5.1 kube-controller-manager-amd64:v1.5.1 kube-apiserver-amd64:v1.5.1 etcd-amd64:3.0.14-kubeadm kube-dnsmasq-amd64:1.4 exechealthz-amd64:1.2 pause-amd64:3.0 kubernetes-dashboard-amd64:v1.5.0 dnsmasq-metrics-amd64:1.0)for imageName in ${images[@]} ; do docker pull ist0ne/$imageName docker tag ist0ne/$imageName gcr.io/google_containers/$imageName docker rmi ist0ne/$imageNamedone6、在master上:
kubeadm init --pod-network-cidr 10.244.0.0/16 --use-kubernetes-version v1.5.1注意flannel網路方案必須要設定–pod-network-cidr 10.244.0.0/16。
最終kubectl get pods –all-namespaces 可以看到除了kube-dns外其他的都RUNNING狀態。kube-dns要等到下面flannel部署ok了以後才能RUNNING。
7、部署flannel
所有節點上:
docker pull docker.io/fenghan/flannel:v0.7.0-amd64docker tag docker.io/fenghan/flannel:v0.7.0-amd64 quay.io/coreos/flannel:v0.7.0-amd64docker rmi docker.io/fenghan/flannel:v0.7.0-amd64master上:
kubectl create -f kube-flannel.yml此時只有master上有flannel,kubectl get pods –all-namespaces -o wide可以看到kube-flannel和kube-dns都RUNNING。
8、各節點上配置防火牆,準備接入minio節點
iptables -I INPUT -p tcp -m tcp --dport 8472 -j ACCEPTiptables -I INPUT -p tcp -m tcp --dport 6443 -j ACCEPTiptables -I INPUT -p tcp -m tcp --dport 9898 -j ACCEPTiptables -I INPUT -p tcp -m tcp --dport 10250 -j ACCEPT其中8472是flannel使用,9898和6443是minio訪問master使用。centos必須配置,否則iptables -L -vn|more會看到INPUT的reject-with icmp-host-prohibited計數一直在增加。10250是kubectl exec使用的,不加會報“Error from server: error dialing backend: dial tcp 192.168.128.164:10250: getsockopt: no route to host”。
9、minio節點加入k8s叢集
kubeadm join --token=ce91a6.91890123c3be69b1 192.168.128.15810、最終狀態
[root@titan1 k8s]# kubectl get pods --all-namespacesNAMESPACE NAME READY STATUS RESTARTS AGEdefault kube-flannel-ds-0zmt9 2/2 Running 2 3ddefault kube-flannel-ds-90gk5 2/2 Running 2 3ddefault kube-flannel-ds-cw5z4 2/2 Running 0 3dkube-system dummy-2088944543-n4t7k 1/1 Running 0 3dkube-system etcd-titan1 1/1 Running 1 3dkube-system kube-apiserver-titan1 1/1 Running 0 3dkube-system kube-controller-manager-titan1 1/1 Running 0 3dkube-system kube-discovery-1769846148-tnfhv 1/1 Running 0 3dkube-system kube-dns-2924299975-8b8t7 4/4 Running 462 3dkube-system kube-proxy-86pbd 1/1 Running 0 3dkube-system kube-proxy-tqqkv 1/1 Running 1 3dkube-system kube-proxy-vsxmr 1/1 Running 1 3dkube-system kube-scheduler-titan1 1/1 Running 0 3dkube-system kubernetes-dashboard-3109525988-z637x 1/1 Running 15 3dkube-flannel在default命名空間裡。下次部署我要改成kube-system。
11、部署dashboard
docker pull fenghan/kubernetes-dashboard-amd64:v1.5.1docker tag docker.io/fenghan/kubernetes-dashboard-amd64:v1.5.1 gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1docker rmi docker.io/fenghan/kubernetes-dashboard-amd64:v1.5.1wget https://rawgit.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml
因為已經本地已經有鏡像了,所以將 imagePullPolicy: Always 改為 imagePullPolicy: IfNotPresent
kubectl create -f kubernetes-dashboard.yaml
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
