【容器化】Kubernetes+Docker 容器化集群搭建
一、运行环境说明
服务器版本:centos7
Kubernetes版本:v1.10.11
Docker版本:docker-ce-17.12.1.ce-1.el7.centos
Kubernetes网络模型:Calico
容器镜像仓库私服为:59.61.92.150:8888,运行脚本时需改为当前环境的仓库
二、部署Kubernetes集群
初始化脚本下载地址:https://github.com/ShemgXu/k8s-env
1、脚本说明
脚本 | 说明 |
---|---|
init_master.sh | Kubernetes Master节点初始化脚本 |
init_node.sh | Kubernetes Node节点初始化脚本 |
init_register.sh | Kubernetes 镜像仓库节点初始化脚本(不怎么好用,可用Nexus3或其它替代) |
init_k8s_master_images.sh | Kubernetes Master节点环境镜像初始化脚本 |
init_k8s_node_images.sh | Kubernetes Node节点环境镜像初始化脚本 |
init_register_images | Kubernetes 镜像仓库节点环境镜像初始化脚本 |
2、初始化Master节点
init_master.sh脚本:
#!/bin/bash
#docker镜像仓库地址(修改为自己搭建的镜像仓库)
register_addr="59.61.92.150:8888"
#local_ip=$(ip addr | grep ens | grep inet | awk '{print $2}'|awk -F '/' '{print $1}')
if [ "$1" = "" ]; then
echo "请输入参数1(节点hostname,命名需满足DNS规则,不能包含下划线,不能为localhost)"
elif [ "$2" = "" ]; then
echo "请输入参数2(本机IP):"
else
local_ip=$2
#设置docker和kubernetes安装源
chmod -R +x *
mkdir -p /data/ent/docker /data/ent/kubernetes
cp docker-ce.repo /etc/yum.repos.d
cp kubernetes.repo /etc/yum.repos.d
#设置主机名
hostnamectl --static set-hostname $1
#关闭防火墙
systemctl disable firewalld.service
systemctl stop firewalld.service
echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/k8s.conf
sysctl -p /etc/sysctl.d/k8s.conf
yum install -y yum-utils device-mapper-persistent-data lvm2 bash-completion
yum makecache fast
#安装docker
yum install -y --setopt=obsoletes=0 docker-ce-17.12.1.ce-1.el7.centos
#设置ip转发
iptables -P FORWARD ACCEPT
sed -i "s#.*ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd --insecure-registry $register_addr#gi" /usr/lib/systemd/system/docker.service
systemctl enable docker && systemctl start docker
swapoff -a
sed -i "s#59.61.92.150:8888#$register_addr#" init_k8s_master_images.sh
#这里设置自己的镜像仓库私服
docker login -u gnwpubdev -p pubdev777 59.61.92.150:8888
bash init_k8s_master_images.sh
#安装kubernetes、kubeadm和kubectl
yum install -y kubernetes-cni-0.6.0 kubelet-1.10.11 kubeadm-1.10.11 kubectl-1.10.11
#设置kubernetes配置文件
sed -i "s#--cgroup-driver=systemd#--cgroup-driver=cgroupfs#" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
echo 'Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"' >> /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
systemctl enable kubelet && systemctl start kubelet
#使用kubeadm初始化
kubeadm init --kubernetes-version=v1.10.11 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/16 --apiserver-advertise-address=$local_ip --ignore-preflight-errors=all
echo "join command do not forget add this: --ignore-preflight-errors=all"
echo "join cluster kubeadm token(ttl 0):" && kubeadm token create --ttl 0
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
#设置calico网络
#sed -i 's@.*etcd_endpoints:.*@\ \ etcd_endpoints:\ \"http://'$local_ip':2379\"@gi' calico.yaml
sed -i "s#59.61.92.150:8888#$register_addr#" calico/init_calico_images.sh
bash calico/init_calico_images.sh
kubectl apply -f calico/rbac.yaml
kubectl apply -f calico/calico.yaml
#设置DNS
kubectl create -f dns/kube-dns.yaml
#安装heapster监控组件
sed -i "s#59.61.92.150:8888#$register_addr#" heapster/k8s-heapster.sh
bash heapster/k8s-heapster.sh
kubectl create -f heapster/
#创建dashboard
kubectl apply -f dashboard/kubernetes-dashboard.yaml
kubectl create -f dashboard/kubernetes-dashboard-admin.rbac.yaml
kubectl patch svc kubernetes-dashboard -p '{"spec":{"type":"NodePort"}}' -n kube-system
echo "dashboard管理后台地址:""https://"$local_ip":"$(kubectl get svc -n kube-system -owide | grep kubernetes-dashboard | awk '{print $5}' | sed 's#443:##' | sed 's#/TCP##')
echo "dashboard管理后台登录token:" && kubectl describe secret | grep token:
kubectl create clusterrolebinding --user system:serviceaccount:default:default default-sa-admin --clusterrole cluster-admin
#配置kubectl命令自动补全
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
fi
在Master节点运行如下命令进行初始化
chmod +x init_master.sh
bash init_master.sh 节点主机名 本机ip | tee init.log
安装完成后,控制台会输出kubeadm join...的命令,如下所示,保存待node节点初始化后使用,加入kubernetes集群。
kubeadm join 192.168.245.141:6443 --token i5nul8.r0yvid0o0i6q7fa8 --discovery-token-ca-cert-hash sha256:33b2989161f8e561f70d3be2b515e2a10a6a37e45b2c174818170ee710b0bccc --ignore-preflight-errors=all
3、初始化Node节点
init_node.sh脚本:
#!/bin/bash
#docker镜像仓库地址(修改为自己搭建的镜像仓库)
register_addr="59.61.92.150:8888"
if [ "$1" = "" ]; then
echo "请输入hostname"
else
chmod -R +x *
mkdir -p /data/ent/docker /data/ent/kubernetes
cp docker-ce.repo /etc/yum.repos.d
cp kubernetes.repo /etc/yum.repos.d
#设置主机名
hostnamectl --static set-hostname $1
#关闭防火墙
systemctl disable firewalld.service
systemctl stop firewalld.service
echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/k8s.conf
sysctl -p /etc/sysctl.d/k8s.conf
yum install -y yum-utils device-mapper-persistent-data lvm2
yum makecache fast
#安装docker
yum install -y --setopt=obsoletes=0 docker-ce-17.12.1.ce-1.el7.centos
#设置ip转发
iptables -P FORWARD ACCEPT
sed -i "s#.*ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd --insecure-registry $register_addr#gi" /usr/lib/systemd/system/docker.service
systemctl enable docker && systemctl start docker
swapoff -a
sed -i "s#59.61.92.150:8888#$register_addr#" init_k8s_node_images.sh
#这里设置自己的镜像仓库私服
docker login -u gnwpubdev -p pubdev777 59.61.92.150:8888
bash init_k8s_node_images.sh
sed -i "s#59.61.92.150:8888#$register_addr#" calico/init_calico_images.sh
bash calico/init_calico_images.sh
#安装kubernetes、kubeadm和kubectl
yum install -y kubernetes-cni-0.6.0 kubelet-1.10.11 kubeadm-1.10.11 kubectl-1.10.11
#设置kubernetes配置文件
sed -i "s#--cgroup-driver=systemd#--cgroup-driver=cgroupfs#" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
echo 'Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"' >> /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
systemctl enable kubelet && systemctl start kubelet
echo "请输入从master节点初始化得到的join命令:"
#kubeadm join 192.168.245.141:6443 --token i5nul8.r0yvid0o0i6q7fa8 --discovery-token-ca-cert-hash sha256:33b2989161f8e561f70d3be2b515e2a10a6a37e45b2c174818170ee710b0bccc --ignore-preflight-errors=all
fi
在node节点运行如下命令进行初始化
chmod +x init_node.sh
bash init_node.sh 节点主机名 | tee init.log
安装完成后,运行初始化Master后保存的kubeadm join命令,加入集群。