【容器化】Kubernetes+Docker 容器化集群搭建

一、运行环境说明

服务器版本:centos7
Kubernetes版本:v1.10.11
Docker版本:docker-ce-17.12.1.ce-1.el7.centos
Kubernetes网络模型:Calico
容器镜像仓库私服为:59.61.92.150:8888,运行脚本时需改为当前环境的仓库

二、部署Kubernetes集群

初始化脚本下载地址:https://github.com/ShemgXu/k8s-env

1、脚本说明

脚本 说明
init_master.sh Kubernetes Master节点初始化脚本
init_node.sh Kubernetes Node节点初始化脚本
init_register.sh Kubernetes 镜像仓库节点初始化脚本(不怎么好用,可用Nexus3或其它替代)
init_k8s_master_images.sh Kubernetes Master节点环境镜像初始化脚本
init_k8s_node_images.sh Kubernetes Node节点环境镜像初始化脚本
init_register_images Kubernetes 镜像仓库节点环境镜像初始化脚本

2、初始化Master节点

init_master.sh脚本:

#!/bin/bash
#docker镜像仓库地址(修改为自己搭建的镜像仓库)
register_addr="59.61.92.150:8888"
#local_ip=$(ip addr | grep ens | grep inet | awk '{print $2}'|awk -F '/' '{print $1}')
if [ "$1" = "" ]; then
	echo "请输入参数1(节点hostname,命名需满足DNS规则,不能包含下划线,不能为localhost)"
elif [ "$2" = "" ]; then
	echo "请输入参数2(本机IP):"
else
	local_ip=$2
    #设置docker和kubernetes安装源
	chmod -R +x *
	mkdir -p /data/ent/docker /data/ent/kubernetes
	cp docker-ce.repo /etc/yum.repos.d
	cp kubernetes.repo /etc/yum.repos.d
    #设置主机名
	hostnamectl --static set-hostname $1
    #关闭防火墙
	systemctl disable firewalld.service
	systemctl stop firewalld.service
	echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/k8s.conf
	sysctl -p /etc/sysctl.d/k8s.conf
	yum install -y yum-utils device-mapper-persistent-data lvm2 bash-completion
	yum makecache fast
    #安装docker
	yum install -y --setopt=obsoletes=0 docker-ce-17.12.1.ce-1.el7.centos
    #设置ip转发
	iptables -P FORWARD ACCEPT
	sed -i "s#.*ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd --insecure-registry $register_addr#gi" /usr/lib/systemd/system/docker.service
	systemctl enable docker && systemctl start docker
	swapoff -a
	sed -i "s#59.61.92.150:8888#$register_addr#" init_k8s_master_images.sh
	#这里设置自己的镜像仓库私服
	docker login -u gnwpubdev -p pubdev777 59.61.92.150:8888
	bash init_k8s_master_images.sh
    #安装kubernetes、kubeadm和kubectl
	yum install -y kubernetes-cni-0.6.0 kubelet-1.10.11 kubeadm-1.10.11 kubectl-1.10.11 
    #设置kubernetes配置文件
	sed -i "s#--cgroup-driver=systemd#--cgroup-driver=cgroupfs#" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
	echo 'Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"' >> /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
	systemctl enable kubelet && systemctl start kubelet 
    #使用kubeadm初始化
	kubeadm init --kubernetes-version=v1.10.11 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/16 --apiserver-advertise-address=$local_ip --ignore-preflight-errors=all
	echo "join command do not forget add this: --ignore-preflight-errors=all"
	echo "join cluster kubeadm token(ttl 0):" && kubeadm token create --ttl 0
	mkdir -p $HOME/.kube
	cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
	chown $(id -u):$(id -g) $HOME/.kube/config
	#设置calico网络
	#sed -i 's@.*etcd_endpoints:.*@\ \ etcd_endpoints:\ \"http://'$local_ip':2379\"@gi' calico.yaml
	sed -i "s#59.61.92.150:8888#$register_addr#" calico/init_calico_images.sh
	bash calico/init_calico_images.sh
	kubectl apply -f calico/rbac.yaml
	kubectl apply -f calico/calico.yaml
	#设置DNS
	kubectl create -f dns/kube-dns.yaml
	#安装heapster监控组件
	sed -i "s#59.61.92.150:8888#$register_addr#" heapster/k8s-heapster.sh
	bash heapster/k8s-heapster.sh
	kubectl create -f heapster/
	#创建dashboard
	kubectl apply -f dashboard/kubernetes-dashboard.yaml
	kubectl create -f dashboard/kubernetes-dashboard-admin.rbac.yaml
	kubectl patch svc kubernetes-dashboard -p '{"spec":{"type":"NodePort"}}' -n kube-system
	echo "dashboard管理后台地址:""https://"$local_ip":"$(kubectl get svc -n kube-system -owide | grep kubernetes-dashboard | awk '{print $5}' | sed 's#443:##' | sed 's#/TCP##')
	echo "dashboard管理后台登录token:" && kubectl describe secret | grep token:
	kubectl create clusterrolebinding --user system:serviceaccount:default:default default-sa-admin --clusterrole cluster-admin	
	#配置kubectl命令自动补全
	source /usr/share/bash-completion/bash_completion
	source <(kubectl completion bash)
fi

在Master节点运行如下命令进行初始化

chmod +x init_master.sh 
bash init_master.sh 节点主机名 本机ip | tee init.log

安装完成后,控制台会输出kubeadm join...的命令,如下所示,保存待node节点初始化后使用,加入kubernetes集群。

kubeadm join 192.168.245.141:6443 --token i5nul8.r0yvid0o0i6q7fa8 --discovery-token-ca-cert-hash sha256:33b2989161f8e561f70d3be2b515e2a10a6a37e45b2c174818170ee710b0bccc --ignore-preflight-errors=all

3、初始化Node节点

init_node.sh脚本:

#!/bin/bash
#docker镜像仓库地址(修改为自己搭建的镜像仓库)
register_addr="59.61.92.150:8888"
if [ "$1" = "" ]; then
	echo "请输入hostname"
else
	chmod -R +x *
	mkdir -p /data/ent/docker /data/ent/kubernetes
	cp docker-ce.repo /etc/yum.repos.d
	cp kubernetes.repo /etc/yum.repos.d
    #设置主机名
	hostnamectl --static set-hostname $1
    #关闭防火墙
	systemctl disable firewalld.service
	systemctl stop firewalld.service
	echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/k8s.conf
	sysctl -p /etc/sysctl.d/k8s.conf
	yum install -y yum-utils device-mapper-persistent-data lvm2
	yum makecache fast
    #安装docker
	yum install -y --setopt=obsoletes=0 docker-ce-17.12.1.ce-1.el7.centos
    #设置ip转发
	iptables -P FORWARD ACCEPT
	sed -i "s#.*ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd --insecure-registry $register_addr#gi" /usr/lib/systemd/system/docker.service
	systemctl enable docker && systemctl start docker
	swapoff -a
	sed -i "s#59.61.92.150:8888#$register_addr#" init_k8s_node_images.sh
	#这里设置自己的镜像仓库私服
	docker login -u gnwpubdev -p pubdev777 59.61.92.150:8888
	bash init_k8s_node_images.sh
	sed -i "s#59.61.92.150:8888#$register_addr#" calico/init_calico_images.sh
	bash calico/init_calico_images.sh
    #安装kubernetes、kubeadm和kubectl
	yum install -y kubernetes-cni-0.6.0 kubelet-1.10.11 kubeadm-1.10.11 kubectl-1.10.11
    #设置kubernetes配置文件
	sed -i "s#--cgroup-driver=systemd#--cgroup-driver=cgroupfs#" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
	echo 'Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false"' >> /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
	systemctl enable kubelet && systemctl start kubelet 
	echo "请输入从master节点初始化得到的join命令:"
	#kubeadm join 192.168.245.141:6443 --token i5nul8.r0yvid0o0i6q7fa8 --discovery-token-ca-cert-hash sha256:33b2989161f8e561f70d3be2b515e2a10a6a37e45b2c174818170ee710b0bccc --ignore-preflight-errors=all
fi

在node节点运行如下命令进行初始化

chmod +x init_node.sh
bash init_node.sh 节点主机名 | tee init.log

安装完成后,运行初始化Master后保存的kubeadm join命令,加入集群。