初始化主节点
【如果主节点ip改了,则要先执行kubeadm reset,然后再执行以下操作】
#主节点初始化 (直接复制执行可能会报错,先复制到txt中过滤一下代码中的不可见部分)
kubeadm init \
--apiserver-advertise-address=192.168.14.128 \
--control-plane-endpoint=cluster-endpoint \
--image-repository registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images \
--kubernetes-version v1.20.9 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=192.168.0.0/16
红色改为自己的主节点ip,主节点名称(要与/etc/hosts文件中配置的一致),仓库地址(如果这个能用不改也可以),红,蓝,绿色标注的所有网络范围不重叠,也不能相同
如果看到以下信息则表示成功,然后按照红色部分的提示执行,且将以下信息保存好,绿色是加主节点和从节点的命令,蓝色是需要安装网络插件:
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of control-plane nodes by copying certificate authorities
and service account keys on each node and then running the following as root:
kubeadm join cluster-endpoint:6443 --token rxvjig.yplqam3qf3tq6s99 \
--discovery-token-ca-cert-hash sha256:32f8bfd1e9ad11270e2d9d2d6284daef5a09476676ee27329b64d973a0f493e0 \
--control-plane
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join cluster-endpoint:6443 --token rxvjig.yplqam3qf3tq6s99 \
--discovery-token-ca-cert-hash sha256:32f8bfd1e9ad11270e2d9d2d6284daef5a09476676ee27329b64d973a0f493e0
执行完红色部分的命令后检查,已经可以看到主节点了:
[root@cluster-endpoint ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
cluster-endpoint NotReady control-plane,master 15m v1.20.9
#查看集群所有节点 kubectl get nodes #根据配置文件,给集群创建资源 kubectl apply -f xxxx.yaml #查看集群部署了哪些应用? docker ps === kubectl get pods -A # 运行中的应用在docker里面叫容器,在k8s里面叫Pod kubectl get pods -A
3、安装网络组件
curl https://docs.projectcalico.org/manifests/calico.yaml -O kubectl apply -f calico.yaml
如果报:
error: unable to recognize "calico.yaml": no matches for kind "PodDisruptionBudget" in version "policy/v1"
按这个重新执行一遍,版本问题:
curl https://docs.projectcalico.org/v3.18/manifests/calico.yaml -O
或直接下载
kubectl apply -f calico.yaml
再次检查成功:
[root@cluster-endpoint ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
cluster-endpoint Ready control-plane,master 23m v1.20.9
扩展:calico中这个值就是主节点初始化的pod-network-cidr的默认值,一改的话2个地方都要改
[root@cluster-endpoint ~]# cat calico.yaml | grep 192.168
# value: "192.168.0.0/16"
最后检查一下,都成功了:
[root@cluster-endpoint ~]# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-56c7cdffc6-6z49z 1/1 Running 0 10m
kube-system calico-node-q446p 1/1 Running 0 10m
kube-system coredns-5897cd56c4-6mc2x 1/1 Running 0 32m
kube-system coredns-5897cd56c4-jhnq5 1/1 Running 0 32m
kube-system etcd-cluster-endpoint 1/1 Running 0 33m
kube-system kube-apiserver-cluster-endpoint 1/1 Running 0 33m
kube-system kube-controller-manager-cluster-endpoint 1/1 Running 0 33m
kube-system kube-proxy-8shzk 1/1 Running 0 32m
kube-system kube-scheduler-cluster-endpoint 1/1 Running 0 33m
[root@cluster-endpoint ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
cluster-endpoint Ready control-plane,master 33m v1.20.9
4、加入node节点
kubeadm join cluster-endpoint:6443 --token rxvjig.yplqam3qf3tq6s99 \ --discovery-token-ca-cert-hash sha256:32f8bfd1e9ad11270e2d9d2d6284daef5a09476676ee27329b64d973a0f493e0
上述命令的令牌有效期为24小过,可以通过以下命令获得新令牌
kubeadm token create --print-join-command
如果加node节点报:The connection to the server localhost:8080 was refused - did you specify the right host or port?
kubectl
命令需要使用kubernetes-admin
来运行,所以需要将主节点中的/etc/kubernetes/admin.conf
文件拷贝到从节点用户目录下,然后配置环境变量:
#在Master节点运行下面命令将admin.conf文件拷贝到从节点
sudo scp /etc/kubernetes/admin.conf root@node节点ip:~
#在Node节点运行下面命令配置环境变量
export KUBECONFIG=$HOME/admin.conf
等待一会后检查,状态为ready后即成功:
[root@cluster-endpoint ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
192.168.14.129 Ready <none> 14m v1.20.9
192.168.14.130 Ready <none> 52s v1.20.9
cluster-endpoint Ready control-plane,master 55m v1.20.9
高可用部署方式,也是在这一步的时候,使用添加主节点的命令即可
5、部署dashboard(v2.3.1的启动不了,改成2.5.1的了)
kubernetes官方提供的可视化界面
https://github.com/kubernetes/dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.1/aio/deploy/recommended.yaml
如果上述文件下载不了,直接下载以下文件,其中的docker image版本已改成2.5.1然后执行命令即可:kubectl apply -f recommended.yaml
2、设置访问端口
kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard
找到文件中type: ClusterIP 将其改为 type: NodePort
kubectl get svc -A |grep kubernetes-dashboard ## 找到端口,在安全组放行
访问: https://集群任意IP:端口
https://192.168.14.128:31268/#/login
3、创建访问账号
#创建访问账号,准备一个yaml文件; vi dash.yaml apiVersion: v1 kind: ServiceAccount metadata: name: admin-user namespace: kubernetes-dashboard --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: admin-user roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: admin-user namespace: kubernetes-dashboard
kubectl apply -f dash.yaml
4、获取访问令牌
#获取访问令牌 kubectl -n kubernetes-dashboard get secret $(kubectl -n kubernetes-dashboard get sa/admin-user -o jsonpath="{.secrets[0].name}") -o go-template="{{.data.token | base64decode}}"
通过得到的令牌登录即可
- 相关文章
- 虚拟机环境搭建及各种坑及前期准备
- kubernetes集群环境搭建-公共操作
- 名称空间namespace
- kubernetes-pod
- kubernetes-deployment
- kubernetes-service
- kubernetes-ingress
- kubernetes-存储抽象pv&pvc
- kubernetes-ConfigMap
- kubernetes-Secret
- 热门文章
- win7中将文件拷贝到虚拟机linux下
- phpexcel设置行高及列宽,背景颜色,
- rabbitmq无法启动
- intellij idea不显示git push按钮
- php7中使用mongodb的aggregate进行
- centos7.4 64位下swoole安装及配置
- laravel页面静态化的方法
- navicate连接mycat报1184错误
- 单点登录sso原理及php实现方式及de
- devops-jenkins容器为pending状态
- 好评文章
- phpexcel设置行高及列宽,背景颜色,
- php7中使用mongodb的aggregate进行
- intellij idea打开文件所在文件夹
- windows下使用MongoDB Compass Com
- win7中将文件拷贝到虚拟机linux下
- laravel 中悲观锁 & 乐观锁的使用
- 单点登录sso原理及php实现方式及de
- navicate连接mycat报1184错误
- rabbitmq无法启动
- laravel整合dingo/api方法步骤:jwt
- 我的项目
- 【github】www.github.com/hurong241
- 【码云】gitee.com/hu_rong/projects
- 【docker hub】hub.docker.com/repositories/hurong241
- 【packagist】packagist.org/users/hurong241/packages
- 站点信息
- 建站时间:2011年
- 文章数:607篇
- 浏览数:949024