通过kubeadm安装k8s v1.11

快速通过 kubeadm部署 k8s v1.11版本

初始化环境

安装Docker

推荐: Version 17.03

apt-get update
apt-get install -y apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
add-apt-repository "deb https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") $(lsb_release -cs) stable"
apt-get update && apt-get install -y docker-ce=$(apt-cache madison docker-ce | grep 17.03 | head -1 | awk '{print $3}')

可以配置代理优化安装,参考Configure VPS Proxy

安装kubeadm, kubelet and kubectl

kubeadm: the command to bootstrap the cluster.
kubelet: the component that runs on all of the machines in your cluster and does things like starting pods and containers.
kubectl: the command line util to talk to your cluster.

apt-get update && apt-get install -y apt-transport-https
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
touch /etc/apt/sources.list.d/kubernetes.list 
echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" |  tee -a /etc/apt/sources.list.d/kubernetes.list
apt-get update
apt-get install -y kubelet kubeadm kubectl

配置cgroup driver

确保 kubelet cgroup driver 和 docker 的保持一致.

➜  ~ docker info | grep -i cgroup

WARNING: No swap limit support
Cgroup Driver: cgroupfs

修改 kubelet 启动参数,

# /etc/default/kubelet
KUBELET_EXTRA_ARGS=--fail-swap-on=false --cgroup-driver=cgroupfs

# 重启 kubelet
systemctl daemon-reload
systemctl restart kubelet

安装k8s

kubeadm config images pull
kubeadm init --pod-network-cidr=192.168.0.0/16  --service-cidr=10.96.0.0/12 --apiserver-advertise-address=10.10.10.2  --ignore-preflight-errors=Swap

安装完成后

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

 c2 ➜  ~ kubectl get node
NAME      STATUS     ROLES     AGE       VERSION
c1        NotReady   <none>    30s       v1.11.0
c2        NotReady   master    4m        v1.11.0

安装网络组件

kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml
kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml

查看集群状态

 c2 ➜  ~ kubectl get node
NAME      STATUS    ROLES     AGE       VERSION
c1        Ready     <none>    1m        v1.11.0
c2        Ready     master    5m        v1.11.0
 c2 ➜  ~ kubectl get cs
NAME                 STATUS    MESSAGE              ERROR
controller-manager   Healthy   ok
scheduler            Healthy   ok
etcd-0               Healthy   {"health": "true"}

测试集群 dns 服务

 c2 ➜  ~ kubectl run curl --image=radial/busyboxplus:curl -i --tty
If you don't see a command prompt, try pressing enter.
[ root@curl-87b54756-z6dtr:/ ]$ cat /etc/resolv.conf
nameserver 10.96.0.10
search default.svc.cluster.local svc.cluster.local cluster.local
options ndots:5
[ root@curl-87b54756-z6dtr:/ ]$ nslookup kubernetes.default
Server:    10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local

Name:      kubernetes.default
Address 1: 10.96.0.1 kubernetes.default.svc.cluster.local
[ root@curl-87b54756-z6dtr:/ ]$ nslookup blog.spanda.io
Server:    10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local

Name:      blog.spanda.io
Address 1: 150.95.181.48 c3.cloud.node.spanda.io

master节点调度

允许 master 节点调度

kubectl taint nodes --all node-role.kubernetes.io/master-

安装 Weave Scope

curl https://raw.githubusercontent.com/ysicing/kube-addons/master/weavescope/scope.yaml -sL -o k8s/scope.yaml
kubectl apply -f k8s/scope.yaml
# 访问c2:30110

安装 dashboard

curl https://raw.githubusercontent.com/ysicing/kube-addons/master/dashboard/kubernetes-dashboard.yaml -sL -o k8s/kubernetes-dashboard.yaml
curl https://raw.githubusercontent.com/ysicing/kube-addons/master/dashboard/admin_role.yaml -sL -o k8s/admin_role.yaml
kubectl apply -f k8s/kubernetes-dashboard.yaml
kubectl apply -f k8s/admin_role.yaml
# 访问 https://c2:30111
# 登录的 token
kubectl -n kube-system get secret | grep admin | awk '{print "secret/"$1}' | xargs kubectl describe -n kube-system | grep token: | awk -F: '{print $2}' | xargs echo

部署 traefik

curl https://raw.githubusercontent.com/ysicing/kube-addons/master/traefik/traefik-rbac.yaml -sL -o k8s/traefik-rbac.yaml
curl https://raw.githubusercontent.com/ysicing/kube-addons/master/traefik/traefik-deployment.yaml -sL -o k8s/traefik-deployment.yaml
curl https://raw.githubusercontent.com/ysicing/kube-addons/master/traefik/ui.yaml -sL -o k8s/ui.yaml
kubectl apply -f k8s/traefik-rbac.yaml
kubectl apply -f k8s/traefik-deployment.yaml
kubectl apply -f k8s/ui.yaml
# 访问 ui c2:30112