andre/kuboard-press
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
05359c6e49ab70ea987cb6f868302611fcec2416
kuboard-press/docs/install/install-kubernetes.html
huanqing.shao 05359c6e49 优化install-k8s,增加安装kubectl
2019-07-27 00:01:26 +08:00

125 lines
33 KiB
HTML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en-US">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<title>安装 Kubernetes 高可用 | Kuboard</title>
<meta name="description" content="A cool Kubernetes Dashboard">
<meta name="keywords" content="Kubernetes, Docker, Dashboard, Kuboard, Linux, K8S, cluster, 分布式, 集群, 容器, 高可用">
<meta property="article:modified_time" content="Fri Jul 26 2019 15:11:28 GMT+0800 (GMT+08:00)"><meta property="og:site_name" content="Kuboard"><meta property="og:title" content="安装 Kubernetes 高可用"><meta property="og:type" content="website"><meta property="og:url" content="/install/install-kubernetes.html"><meta name="twitter:title" content="安装 Kubernetes 高可用"><meta name="twitter:url" content="/install/install-kubernetes.html"><meta name="twitter:card" content="summary_large_image">
<link rel="preload" href="/assets/css/0.styles.9b5fe284.css" as="style"><link rel="preload" href="/assets/js/app.9679f13c.js" as="script"><link rel="preload" href="/assets/js/11.41e3e39b.js" as="script"><link rel="preload" href="/assets/js/2.4586c502.js" as="script"><link rel="preload" href="/assets/js/21.1036120c.js" as="script"><link rel="prefetch" href="/assets/js/10.f84e0625.js"><link rel="prefetch" href="/assets/js/12.1f9d6063.js"><link rel="prefetch" href="/assets/js/13.4979c917.js"><link rel="prefetch" href="/assets/js/14.eba5f5bb.js"><link rel="prefetch" href="/assets/js/15.7948d814.js"><link rel="prefetch" href="/assets/js/16.1660a571.js"><link rel="prefetch" href="/assets/js/17.d3f3f290.js"><link rel="prefetch" href="/assets/js/18.c87c981a.js"><link rel="prefetch" href="/assets/js/19.d53988a0.js"><link rel="prefetch" href="/assets/js/20.590c602b.js"><link rel="prefetch" href="/assets/js/22.0159df03.js"><link rel="prefetch" href="/assets/js/23.235430f5.js"><link rel="prefetch" href="/assets/js/24.49a47aa2.js"><link rel="prefetch" href="/assets/js/25.e09469dc.js"><link rel="prefetch" href="/assets/js/26.fd2ceefd.js"><link rel="prefetch" href="/assets/js/27.9d3982b3.js"><link rel="prefetch" href="/assets/js/28.e716a025.js"><link rel="prefetch" href="/assets/js/29.1bcc7d82.js"><link rel="prefetch" href="/assets/js/3.ba785c2d.js"><link rel="prefetch" href="/assets/js/30.737b8460.js"><link rel="prefetch" href="/assets/js/31.fc5a4b53.js"><link rel="prefetch" href="/assets/js/32.c4d0c120.js"><link rel="prefetch" href="/assets/js/33.a519d521.js"><link rel="prefetch" href="/assets/js/34.b3933640.js"><link rel="prefetch" href="/assets/js/35.a925606f.js"><link rel="prefetch" href="/assets/js/36.3cb7735a.js"><link rel="prefetch" href="/assets/js/37.b6d3d7f2.js"><link rel="prefetch" href="/assets/js/38.03c8a0cd.js"><link rel="prefetch" href="/assets/js/39.d474e5e7.js"><link rel="prefetch" href="/assets/js/4.5c8766b1.js"><link rel="prefetch" href="/assets/js/5.6a9be03b.js"><link rel="prefetch" href="/assets/js/6.45f7efe6.js"><link rel="prefetch" href="/assets/js/7.c07a84ef.js"><link rel="prefetch" href="/assets/js/8.24f70e94.js"><link rel="prefetch" href="/assets/js/9.99bb379d.js">
<link rel="stylesheet" href="/assets/css/0.styles.9b5fe284.css">
</head>
<body>
<div id="app" data-server-rendered="true"><div class="theme-container" data-v-79c95b4d><header class="navbar"><div class="sidebar-button"><svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" role="img" viewBox="0 0 448 512" class="icon"><path fill="currentColor" d="M436 124H12c-6.627 0-12-5.373-12-12V80c0-6.627 5.373-12 12-12h424c6.627 0 12 5.373 12 12v32c0 6.627-5.373 12-12 12zm0 160H12c-6.627 0-12-5.373-12-12v-32c0-6.627 5.373-12 12-12h424c6.627 0 12 5.373 12 12v32c0 6.627-5.373 12-12 12zm0 160H12c-6.627 0-12-5.373-12-12v-32c0-6.627 5.373-12 12-12h424c6.627 0 12 5.373 12 12v32c0 6.627-5.373 12-12 12z"></path></svg></div> <a href="/" class="home-link router-link-active"><!----> <span class="site-name">Kuboard</span></a> <div class="links"><div class="search-box"><input aria-label="Search" autocomplete="off" spellcheck="false" value=""> <!----></div> <nav class="nav-links can-hide"><div class="nav-item"><a href="/overview/" class="nav-link">简介</a></div><div class="nav-item"><a href="/install/" class="nav-link router-link-active">安装</a></div><div class="nav-item"><a href="/guide/" class="nav-link">使用</a></div><div class="nav-item"><a href="/support/" class="nav-link">支持</a></div> <!----></nav></div></header> <div class="sidebar-mask"></div> <aside class="sidebar"><div data-v-79c95b4d><div style="text-align:center;margin-top:20px;" data-v-79c95b4d><div class="side-nav-item" style="margin-left:0;" data-v-79c95b4d><a href="/overview/" class="nav-link" data-v-79c95b4d>简介</a></div> <div class="side-nav-item" style="border-bottom:2px solid #0b85ff;" data-v-79c95b4d><a href="/install/" class="nav-link router-link-exact-active router-link-active" data-v-79c95b4d>安装</a></div> <div class="side-nav-item" data-v-79c95b4d><a href="/guide/" class="nav-link" data-v-79c95b4d>使用</a></div> <div class="side-nav-item" data-v-79c95b4d><a href="/support/" class="nav-link" data-v-79c95b4d>支持</a></div></div></div> <ul class="sidebar-links"><li><section class="sidebar-group depth-0"><p class="sidebar-heading"><span>概述</span> <!----></p> <ul class="sidebar-links sidebar-group-items"><li><a href="/install/" class="sidebar-link">概述</a></li></ul></section></li><li><section class="sidebar-group depth-0"><p class="sidebar-heading open"><span>安装 Kubernetes</span> <!----></p> <ul class="sidebar-links sidebar-group-items"><li><a href="/install/install-k8s.html" class="sidebar-link">安装 Kubernetes 单Master节点</a></li><li><a href="/install/install-kubernetes.html" class="active sidebar-link">安装 Kubernetes 高可用</a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#制作标准机镜像" class="sidebar-link">制作标准机镜像</a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#安装docker" class="sidebar-link">安装docker</a></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#安装-nfs-utils" class="sidebar-link">安装 nfs-utils</a></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#k8s基本配置" class="sidebar-link">K8S基本配置</a></li></ul></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#初始化api-server" class="sidebar-link">初始化API Server</a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#创建-apiserver-的-elb私网" class="sidebar-link">创建 ApiServer 的 ELB私网</a></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#初始化第一个master节点" class="sidebar-link">初始化第一个master节点</a></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#初始化第二、三个master节点" class="sidebar-link">初始化第二、三个master节点</a></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#检查-apiserver初始化结果" class="sidebar-link">检查 apiserver初始化结果</a></li></ul></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#初始化-worker节点" class="sidebar-link">初始化 worker节点</a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#获得-join命令参数" class="sidebar-link">获得 join命令参数</a></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#初始化worker" class="sidebar-link">初始化worker</a></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#检查-apiserver初始化结果-2" class="sidebar-link">检查 apiserver初始化结果</a></li></ul></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#移除-worker-节点" class="sidebar-link">移除 worker 节点</a></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#安装-ingress-controller" class="sidebar-link">安装 Ingress Controller</a><ul class="sidebar-sub-headers"><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#在-apple-master-a-1-上执行" class="sidebar-link">在 apple-master-a-1 上执行</a></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#在iaas云控制台完成如下配置公网elb" class="sidebar-link">在IaaS云控制台完成如下配置公网ELB</a></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#配置域名解析" class="sidebar-link">配置域名解析</a></li><li class="sidebar-sub-header"><a href="/install/install-kubernetes.html#验证配置" class="sidebar-link">验证配置</a></li></ul></li></ul></li><li><a href="/install/install-kubectl.html" class="sidebar-link">从客户端电脑远程管理 Kubernetes</a></li></ul></section></li><li><section class="sidebar-group depth-0"><p class="sidebar-heading"><span>安装 Kuboard</span> <!----></p> <ul class="sidebar-links sidebar-group-items"><li><a href="/install/install-dashboard.html" class="sidebar-link">安装 Kuboard</a></li></ul></section></li></ul> <div style="text-align: center; margin-top: 5vh;"><strong>在线体验</strong> <div><a target="_blank" href="http://demo.eip.work/#/login?isReadOnly=true&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJvYXJkLXZpZXdlci10b2tlbi02djZiZiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJvYXJkLXZpZXdlciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjhiYTU3YmI1LWFiMTctNDM1NS1hNTM0LTQ0Njk4NGY0NzFlZiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJvYXJkLXZpZXdlciJ9.DcXNIp0RKha1zkV4ga_QlGfcvMLGx2LOyzX-0VeboC3FojKFhxnfBeoda-zTeh6ugJlSM4kQYrRcof1Kx8Mg3-UgofNmgRySbDEVKtJZyMUoHqLmySKUIn8sbX8q83RNcqwcvY-fM8-w8HSuzU7Td7WWNuZrlCL4q_LQDYIBet1nlQ83YsENKNE8rsZQFDw8YM0MH6BEZLdwyhaboy_jjYbsU7kv8gks3aIX4lh1Fs9ZFQpC_6B0_MZvb7rEeG2M8QWXoUkDoL5JCKu6Wot5GlWf0kDMxIsViggP0NmSDTKh6kIvCkT2FZ2I4guEcjE_EjBpdOS6Abta22tzLlPKhg"><p><img src="/assets/img/image-20190723104717575.f44900d3.png" style="width: 226px; height: 127px;"></p></a></div> <strong>在线提问</strong> <p><img src="/assets/img/kuboard_qq.45e78dbf.png"></p></div></aside> <main class="page"> <div class="theme-default-content content__default"><h1 id="安装-kubernetes-高可用"><a href="#安装-kubernetes-高可用" aria-hidden="true" class="header-anchor">#</a> 安装 Kubernetes 高可用</h1> <div class="tip custom-block"><p>推荐初学者按照 <a href="install-k8s">安装Kubernetes 单Master节点</a> 文档进行 Kubernetes 集群搭建</p></div> <h1 id="介绍"><a href="#介绍" aria-hidden="true" class="header-anchor">#</a> 介绍</h1> <p>kubernetes 安装有多种选择,本文档描述的集群安装具备如下特点:</p> <ul><li>使用 kubernetes 1.15.0</li> <li>三个 master 组成主节点集群,通过内网 loader balancer 实现负载均衡</li> <li>多个 worker 组成工作节点集群,通过外网 loader balancer 实现负载均衡</li> <li>使用 calico 作为网络插件</li> <li>使用 nginx-ingress 作为 kubernetes ingress controller</li></ul> <p><a href="https://promotion.aliyun.com/ntms/yunparter/invite.html?userCode=obezo3pg" target="_blank" rel="noopener noreferrer">领取阿里云最高2000元红包<svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg></a></p> <p>下图为 kubernetes 安装的拓扑图</p> <p><img src="/assets/img/image-20190713075717350.df5244cd.png" alt="image-20190713075717350"></p> <ul><li>标准机用于制作 centos 镜像,该镜像预先安装了 docker / kubelet / kubectl / kubeadm 并预先下载了 kubernetes 所需的 docker image</li> <li>跳板机用于通过 ssh 端口访问标准机、master 节点、worker 节点的 shell如果您所使用的环境中可以直接访问各节点的 shell也可以无需跳板机</li> <li>NAT y.y.y.y将 apiserver 的6443端口映射到外网如果您始终只在 master 节点上执行 kubectl 命令,则无需做此映射</li> <li>Load Balancer z.z.z.z 是 kubernetes 的 Ingress 外网映射,通常是必须的</li></ul> <h1 id="安装步骤"><a href="#安装步骤" aria-hidden="true" class="header-anchor">#</a> 安装步骤</h1> <h2 id="制作标准机镜像"><a href="#制作标准机镜像" aria-hidden="true" class="header-anchor">#</a> 制作标准机镜像</h2> <p>通过使用标准机镜像,可以</p> <ul><li><strong>避免重复执行对测试机安装必要软件的过程</strong></li> <li><strong>以一种相对标准化的过程管理测试机的维护</strong></li></ul> <p>标准机镜像中预装了如下内容:</p> <ul><li>docker</li> <li>gitlab-runner</li> <li>kubernetes images</li></ul> <p>本文档描述的安装过程已基于 centos 7.6 验证</p> <p>标准机镜像的制作过程描述如下:</p> <h3 id="安装docker"><a href="#安装docker" aria-hidden="true" class="header-anchor">#</a> 安装docker</h3> <p><strong>卸载旧版本</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">sudo</span> yum remove docker <span class="token punctuation">\</span>
docker-client <span class="token punctuation">\</span>
docker-client-latest <span class="token punctuation">\</span>
docker-common <span class="token punctuation">\</span>
docker-latest <span class="token punctuation">\</span>
docker-latest-logrotate <span class="token punctuation">\</span>
docker-logrotate <span class="token punctuation">\</span>
docker-selinux <span class="token punctuation">\</span>
docker-engine-selinux <span class="token punctuation">\</span>
docker-engine
</code></pre></div><p><strong>下载依赖包及安装包</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">wget</span> https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm
<span class="token function">wget</span> https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-cli-18.09.7-3.el7.x86_64.rpm
<span class="token function">wget</span> https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-18.09.7-3.el7.x86_64.rpm
</code></pre></div><p><strong>安装</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">sudo</span> yum <span class="token function">install</span> -y containerd.io-1.2.6-3.3.el7.x86_64.rpm
<span class="token function">sudo</span> yum <span class="token function">install</span> -y docker-ce-cli-18.09.7-3.el7.x86_64.rpm
<span class="token function">sudo</span> yum <span class="token function">install</span> -y docker-ce-18.09.7-3.el7.x86_64.rpm
<span class="token function">sudo</span> systemctl <span class="token builtin class-name">enable</span> docker
</code></pre></div><p><strong>启动 docker 服务</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">sudo</span> systemctl start docker
</code></pre></div><p><strong>检查 docker 版本</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code>docker version
</code></pre></div><p><strong>参考文档</strong></p> <p>https://docs.docker.com/install/linux/docker-ce/centos/</p> <p>https://docs.docker.com/install/linux/linux-postinstall/</p> <h3 id="安装-nfs-utils"><a href="#安装-nfs-utils" aria-hidden="true" class="header-anchor">#</a> 安装 nfs-utils</h3> <p><strong>执行安装命令</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">sudo</span> yum <span class="token function">install</span> nfs-utils
</code></pre></div><p>必须先安装 nfs-utils 才能挂载 nfs 网络存储</p> <h3 id="k8s基本配置"><a href="#k8s基本配置" aria-hidden="true" class="header-anchor">#</a> K8S基本配置</h3> <p><strong>配置K8S的yum源</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">cat</span> <span class="token operator">&lt;&lt;</span>EOF <span class="token operator">&gt;</span> /etc/yum.repos.d/kubernetes.repo
<span class="token punctuation">[</span>kubernetes<span class="token punctuation">]</span>
<span class="token assign-left variable">name</span><span class="token operator">=</span>Kubernetes
<span class="token assign-left variable">baseurl</span><span class="token operator">=</span>http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
<span class="token assign-left variable">enabled</span><span class="token operator">=</span><span class="token number">1</span>
<span class="token assign-left variable">gpgcheck</span><span class="token operator">=</span><span class="token number">0</span>
<span class="token assign-left variable">repo_gpgcheck</span><span class="token operator">=</span><span class="token number">0</span>
<span class="token assign-left variable">gpgkey</span><span class="token operator">=</span>http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
</code></pre></div><p><strong>关闭swap、防火墙</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code>swapoff -a
</code></pre></div><p><strong>关闭SeLinux</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code>setenforce <span class="token number">0</span>
</code></pre></div><p><strong>修改 /etc/sysctl.conf</strong></p> <p><code>vim /etc/sysctl.conf</code></p> <p>向其中添加</p> <div class="language- extra-class"><pre class="language-text"><code>net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
</code></pre></div><p>如下图所示</p> <p><img src="/assets/img/image-20190715085036593.55559549.png" alt="image-20190715085036593" title=":size=600x445"></p> <p><strong>安装kubelet、kubeadm、kubectl</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code>yum <span class="token function">install</span> -y kubelet-1.15.0 kubeadm-1.15.0 kubectl-1.15.0
</code></pre></div><p><strong>修改docker Cgroup Driver为systemd</strong></p> <p><code>vim /usr/lib/systemd/system/docker.service</code></p> <p>向其中他添加</p> <p><code>--exec-opt native.cgroupdriver=systemd</code></p> <p>如下图所示</p> <p><img src="/assets/img/image2019-07-15_09.01.21.0e0d34f2.png" alt="屏幕快照 2019-07-15 09.01.21" title=":size=1000x326"></p> <p>重启 docker</p> <div class="language- extra-class"><pre class="language-text"><code>systemctl daemon-reload
systemctl restart docker
</code></pre></div><p><strong>启动kubelet</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code>systemctl <span class="token builtin class-name">enable</span> kubelet <span class="token operator">&amp;&amp;</span> systemctl start kubelet
</code></pre></div><p><strong>加载 kubernetes 镜像</strong></p> <p>由于k8s服务相关镜像在国外镜像源国内无法访问</p> <p>执行以下命令添加docker k8s国内镜像源</p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">curl</span> -sSL https://get.daocloud.io/daotools/set_mirror.sh <span class="token operator">|</span> <span class="token function">sh</span> -s http://f1361db2.m.daocloud.io
systemctl restart docker
</code></pre></div><p><strong>拉取k8s相关镜像</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code>docker pull mirrorgooglecontainers/kube-apiserver:v1.15.0
docker pull mirrorgooglecontainers/kube-controller-manager:v1.15.0
docker pull mirrorgooglecontainers/kube-scheduler:v1.15.0
docker pull mirrorgooglecontainers/kube-proxy:v1.15.0
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.3.10
docker pull coredns/coredns:1.3.1
</code></pre></div><p><strong>更改镜像名为k8s官网镜像</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code>docker tag d235b23c3570 k8s.gcr.io/kube-proxy:v1.15.0
docker tag 201c7a840312 k8s.gcr.io/kube-apiserver:v1.15.0
docker tag 2d3813851e87 k8s.gcr.io/kube-scheduler:v1.15.0
docker tag 8328bb49b652 k8s.gcr.io/kube-controller-manager:v1.15.0
docker tag da86e6ba6ca1 k8s.gcr.io/pause:3.1
docker tag eb516548c180 k8s.gcr.io/coredns:1.3.1
docker tag 2c4adeb21b4f k8s.gcr.io/etcd:3.3.10
</code></pre></div><p><strong>制作镜像</strong></p> <p>请参考阿里云基于ECS <a href="https://help.aliyun.com/document_detail/35109.html?spm=5176.2020520101.0.0.75fc4df5mtdFmV" target="_blank" rel="noopener noreferrer">制作虚拟机镜像<svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg></a> 的文档</p> <h2 id="初始化api-server"><a href="#初始化api-server" aria-hidden="true" class="header-anchor">#</a> 初始化API Server</h2> <h3 id="创建-apiserver-的-elb私网"><a href="#创建-apiserver-的-elb私网" aria-hidden="true" class="header-anchor">#</a> 创建 ApiServer 的 ELB私网</h3> <p>监听端口6443 / TCP</p> <p>后端资源组:包含 apple-master-a-1, apple-master-b-1, apple-master-b-2</p> <p>后端端口6443</p> <p>开启 按源地址保持会话</p> <p>假设完成创建以后ELB的 ip 地址为 x.x.x.x</p> <h3 id="初始化第一个master节点"><a href="#初始化第一个master节点" aria-hidden="true" class="header-anchor">#</a> 初始化第一个master节点</h3> <p>在 apple-master-a-1机器上执行</p> <p><strong>配置 apiserver.apple 的域名</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">sudo</span> -i
<span class="token builtin class-name">echo</span> <span class="token string">&quot;x.x.x.x apiserver.apple&quot;</span> <span class="token operator">&gt;&gt;</span> /etc/hosts
</code></pre></div><blockquote><p>请替换其中的 x.x.x.x 为您的负载均衡服务器的实际 ip 地址</p></blockquote> <p><strong>创建 /root/k8s/kubeadm-config.yaml</strong></p> <div class="language-yaml extra-class"><pre class="language-yaml"><code><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> kubeadm.k8s.io/v1beta1
<span class="token key atrule">kind</span><span class="token punctuation">:</span> ClusterConfiguration
<span class="token key atrule">kubernetesVersion</span><span class="token punctuation">:</span> v1.14.3
<span class="token key atrule">controlPlaneEndpoint</span><span class="token punctuation">:</span> <span class="token string">&quot;apiserver.apple:6443&quot;</span>
</code></pre></div><p><strong>初始化 apiserver</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code>kubeadm init --config<span class="token operator">=</span>/root/k8s/kubeadm-config.yaml --upload-certs
</code></pre></div><p>执行结果如下图所示:</p> <p><img src="/assets/img/image2019-6-10_15-36-29.2870ee7d.png" alt="image2019-6-10_15-36-29"></p> <p><strong>初始化 gitlab-runner 用户的 kubectl 配置</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">rm</span> -rf /home/gitlab-runner/.kube/
<span class="token function">mkdir</span> /home/gitlab-runner/.kube/
<span class="token function">cp</span> -i /etc/kubernetes/admin.conf /home/gitlab-runner/.kube/config
<span class="token function">chown</span> -R gitlab-runner:gitlab-runner /home/gitlab-runner/.kube
</code></pre></div><p><strong>安装 calico</strong></p> <p>需要在安全组ServerFarm需要为集群服务器器端口6443建立安全组规则</p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">su</span> - gitlab-runner
kubectl apply -f <span class="token punctuation">\</span>
https://docs.projectcalico.org/v3.6/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml
</code></pre></div><blockquote><p>安装calico 请参考https://docs.projectcalico.org/v3.6/getting-started/kubernetes/</p></blockquote> <p><strong>等待calico安装就绪</strong></p> <p>执行如下命令等待3-10分钟直到所有的容器组处于 Running 状态</p> <div class="language-sh extra-class"><pre class="language-sh"><code><span class="token function">watch</span> kubectl get pod -n kube-system
</code></pre></div><h3 id="初始化第二、三个master节点"><a href="#初始化第二、三个master节点" aria-hidden="true" class="header-anchor">#</a> 初始化第二、三个master节点</h3> <p>在 apple-master-b-1 和 apple-master-b-2 机器上执行</p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">sudo</span> -i
<span class="token builtin class-name">echo</span> <span class="token string">&quot;x.x.x.x apiserver.apple&quot;</span> <span class="token operator">&gt;&gt;</span> /etc/hosts
</code></pre></div><p>执行 (以下命令行在初始化 apple-master-a-1 时,被打印在控制台上,执行时应该使用控制台打印出的命令参数)</p> <div class="language-bash extra-class"><pre class="language-bash"><code>kubeadm <span class="token function">join</span> apiserver.apple:6443 --token ejwx62.vqwog6il5p83uk7y <span class="token punctuation">\</span>
--discovery-token-ca-cert-hash sha256:6f7a8e40a810323672de5eee6f4d19aa2dbdb38411845a1bf5dd63485c43d303 <span class="token punctuation">\</span>
--experimental-control-plane --certificate-key 70eb87e62f052d2d5de759969d5b42f372d0ad798f98df38f7fe73efdf63a13c
</code></pre></div><h3 id="检查-apiserver初始化结果"><a href="#检查-apiserver初始化结果" aria-hidden="true" class="header-anchor">#</a> 检查 apiserver初始化结果</h3> <p>在第一个master节点 apple-master-a-1 上执行</p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">sudo</span> -i
<span class="token function">su</span> - gitlab-runner
kubectl get nodes
</code></pre></div><h2 id="初始化-worker节点"><a href="#初始化-worker节点" aria-hidden="true" class="header-anchor">#</a> 初始化 worker节点</h2> <h3 id="获得-join命令参数"><a href="#获得-join命令参数" aria-hidden="true" class="header-anchor">#</a> 获得 join命令参数</h3> <p><strong>在第一个master节点 apple-master-a-1 节点执行</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">sudo</span> -i
kubeadm token create --print-join-command
</code></pre></div><p>可获取kubeadm join 命令及参数,如下所示</p> <div class="language-bash extra-class"><pre class="language-bash"><code>kubeadm <span class="token function">join</span> apiserver.apple:6443 --token mpfjma.4vjjg8flqihor4vt --discovery-token-ca-cert-hash sha256:6f7a8e40a810323672de5eee6f4d19aa2dbdb38411845a1bf5dd63485c43d303
</code></pre></div><h3 id="初始化worker"><a href="#初始化worker" aria-hidden="true" class="header-anchor">#</a> 初始化worker</h3> <p><strong>针对所有的 worker 节点执行</strong></p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">sudo</span> -i
<span class="token builtin class-name">echo</span> <span class="token string">&quot;x.x.x.x apiserver.apple&quot;</span> <span class="token operator">&gt;&gt;</span> /etc/hosts
kubeadm <span class="token function">join</span> apiserver.apple:6443 --token mpfjma.4vjjg8flqihor4vt --discovery-token-ca-cert-hash sha256:6f7a8e40a810323672de5eee6f4d19aa2dbdb38411845a1bf5dd63485c43d303
</code></pre></div><blockquote><ul><li><p>将 x.x.x.x 替换为 loader balancer 的实际 ip</p></li> <li><p>将 kubeadm join 命令后的参数替换为上一个步骤中实际从 apple-master-a-1 节点获得的参数</p></li></ul></blockquote> <h3 id="检查-apiserver初始化结果-2"><a href="#检查-apiserver初始化结果-2" aria-hidden="true" class="header-anchor">#</a> 检查 apiserver初始化结果</h3> <p>在第一个master节点 apple-master-a-1 上执行</p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">sudo</span> -i
<span class="token function">su</span> - gitlab-runner
kubectl get nodes
</code></pre></div><h2 id="移除-worker-节点"><a href="#移除-worker-节点" aria-hidden="true" class="header-anchor">#</a> 移除 worker 节点</h2> <blockquote><p>正常情况下,您无需移除 worker 节点</p></blockquote> <p>在准备移除的 worker 节点上执行</p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">sudo</span> -i
kubeadm reset
</code></pre></div><p>在第一个 master 节点 apple-master-a-1 上执行</p> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">sudo</span> -i
<span class="token function">su</span> - gitlab-runner
kubectl delete node apple-worker-x-x
</code></pre></div><blockquote><ul><li>将 apple-worker-x-x 替换为要移除的 worker 节点的名字</li> <li>worker 节点的名字可以通过在第一个 master 节点 apple-master-a-1 上执行 kubectl get nodes 命令获得</li></ul></blockquote> <h2 id="安装-ingress-controller"><a href="#安装-ingress-controller" aria-hidden="true" class="header-anchor">#</a> 安装 Ingress Controller</h2> <blockquote><p>ingress官方文档https://kubernetes.io/docs/concepts/services-networking/ingress/</p> <p>Ingress Controllers官网介绍<a href="https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/" target="_blank" rel="noopener noreferrer">https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/<svg xmlns="http://www.w3.org/2000/svg" aria-hidden="true" x="0px" y="0px" viewBox="0 0 100 100" width="15" height="15" class="icon outbound"><path fill="currentColor" d="M18.8,85.1h56l0,0c2.2,0,4-1.8,4-4v-32h-8v28h-48v-48h28v-8h-32l0,0c-2.2,0-4,1.8-4,4v56C14.8,83.3,16.6,85.1,18.8,85.1z"></path> <polygon fill="currentColor" points="45.7,48.7 51.3,54.3 77.2,28.5 77.2,37.2 85.2,37.2 85.2,14.9 62.8,14.9 62.8,22.9 71.5,22.9"></polygon></svg></a></p> <p>本文中使用如下部署方式https://kubernetes.github.io/ingress-nginx/deploy/baremetal/#using-a-self-provisioned-edge</p> <p>kubernetes支持多种Ingress Controllers本文推荐使用</p> <p>https://github.com/nginxinc/kubernetes-ingress</p></blockquote> <h3 id="在-apple-master-a-1-上执行"><a href="#在-apple-master-a-1-上执行" aria-hidden="true" class="header-anchor">#</a> 在 apple-master-a-1 上执行</h3> <div class="language-bash extra-class"><pre class="language-bash"><code><span class="token function">su</span> - gitlab-runner
kubectl apply -f https://raw.githubusercontent.com/eip-work/eip-monitor-repository/master/dashboard/nginx-ingress.yaml
</code></pre></div><h3 id="在iaas云控制台完成如下配置公网elb"><a href="#在iaas云控制台完成如下配置公网elb" aria-hidden="true" class="header-anchor">#</a> 在IaaS云控制台完成如下配置<strong>公网ELB</strong></h3> <p>创建负载均衡 ELB</p> <p> 监听器 180 / TCP SOURCE_ADDRESS 会话保持</p> <p> 服务器资源池 1 apple-worker-x-x 的所有节点的 80端口</p> <p> 监听器 2443 / TCP SOURCE_ADDRESS 会话保持</p> <p> 服务器资源池 2 apple-worker-x-x 的所有节点的443端口</p> <p>假设刚创建的负载均衡 ELB 的 IP 地址为: z.z.z.z</p> <h3 id="配置域名解析"><a href="#配置域名解析" aria-hidden="true" class="header-anchor">#</a> 配置域名解析</h3> <p>将域名 *.apple.yourdomain.com 解析到地址负载均衡服务器 的 IP 地址 z.z.z.z</p> <h3 id="验证配置"><a href="#验证配置" aria-hidden="true" class="header-anchor">#</a> 验证配置</h3> <p>在浏览器访问 a.apple.yourdomain.com将得到 404 NotFound 错误页面</p></div> <footer class="page-edit"><!----> <div class="last-updated"><span class="prefix">更新时间: </span> <span class="time">2019-07-26 15:11:28</span></div></footer> <div class="page-nav"><p class="inner"><span class="prev">
<a href="/install/install-k8s.html" class="prev">
安装 Kubernetes 单Master节点
</a></span> <span class="next"><a href="/install/install-kubectl.html">
从客户端电脑远程管理 Kubernetes
</a>
</span></p></div> <div class="bottom-description" data-v-79c95b4d>Copyright © 2019-present HuanQing Shao</div></main></div><div class="global-ui"><!----><div class="reading-progress top" data-v-7681808f><div class="progress" data-v-7681808f></div></div></div></div>
<script src="/assets/js/app.9679f13c.js" defer></script><script src="/assets/js/11.41e3e39b.js" defer></script><script src="/assets/js/2.4586c502.js" defer></script><script src="/assets/js/21.1036120c.js" defer></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink