此处可以使用 tmux 打开五个终端窗口进行,并行输入,也可以在五台机器上分开执行
[root@centos7-a ~]# cd k8s-scripts [root@centos7-a k8s-scripts]# vim install-proxy.sh [root@centos7-a k8s-scripts]# bash install-proxy.sh ${HOSTNAME}脚本内容如下
#!/bin/bash HOSTNAME=${1:-"`hostname`"} cat <<EOF >/opt/kubernetes/cfg/kube-proxy.conf KUBE_PROXY_OPTS="--logtostderr=false \\ --v=2 \\ --log-dir=http://www.likecs.com/opt/kubernetes/logs/kube-proxy \\ --config=http://www.likecs.com/opt/kubernetes/cfg/kube-proxy-config.yml" EOF cat <<EOF >/opt/kubernetes/cfg/kube-proxy-config.yml kind: KubeProxyConfiguration apiVersion: kubeproxy.config.k8s.io/v1alpha1 address: 0.0.0.0 # 监听地址 metricsBindAddress: 0.0.0.0:10249 # 监控指标地址,监控获取相关信息 就从这里获取 clientConnection: kubeconfig: /opt/kubernetes/cfg/kube-proxy.kubeconfig # 读取配置文件 hostnameOverride: ${HOSTNAME} # 注册到k8s的节点名称唯一 clusterCIDR: 10.244.0.0/16 mode: iptables # 使用iptables模式 # 使用 ipvs 模式 #mode: ipvs # ipvs 模式 #ipvs: # scheduler: "rr" #iptables: # masqueradeAll: true EOF cat <<EOF >/usr/lib/systemd/system/kube-proxy.service [Unit] Description=Kubernetes Proxy After=network.target [Service] EnvironmentFile=-/opt/kubernetes/cfg/kube-proxy.conf ExecStart=http://www.likecs.com/opt/kubernetes/bin/kube-proxy \$KUBE_PROXY_OPTS Restart=on-failure [Install] WantedBy=multi-user.target EOF systemctl daemon-reload systemctl enable kube-proxy systemctl restart kube-proxy 3.10 安装 kubelet拷贝对应包至所有节点
[root@centos7-nginx ~]# cd k8s-1.18.3/kubernetes/server/bin/ [root@centos7-nginx bin]# ansible k8s -m copy -a "src=./kubelet dest=http://www.likecs.com/opt/kubernetes/bin mode=755"此处可以使用 tmux 打开五个终端窗口进行,并行输入,也可以在五台机器上分开执行
[root@centos7-a ~]# cd k8s-scripts [root@centos7-a k8s-scripts]# vim install-kubelet.sh [root@centos7-a k8s-scripts]# bash install-kubelet.sh 10.96.0.10 ${HOSTNAME} cluster.local脚本内容如下
#!/bin/bash DNS_SERVER_IP=${1:-"10.96.0.10"} HOSTNAME=${2:-"`hostname`"} CLUETERDOMAIN=${3:-"cluster.local"} cat <<EOF >/opt/kubernetes/cfg/kubelet.conf KUBELET_OPTS="--logtostderr=false \\ --v=2 \\ --log-dir=http://www.likecs.com/opt/kubernetes/logs/kubelet \\ --hostname-override=${HOSTNAME} \\ --kubeconfig=http://www.likecs.com/opt/kubernetes/cfg/kubelet.kubeconfig \\ --bootstrap-kubeconfig=http://www.likecs.com/opt/kubernetes/cfg/bootstrap.kubeconfig \\ --config=http://www.likecs.com/opt/kubernetes/cfg/kubelet-config.yml \\ --cert-dir=http://www.likecs.com/opt/kubernetes/ssl \\ --network-plugin=cni \\ --cni-conf-dir=http://www.likecs.com/etc/cni/net.d \\ --cni-bin-dir=http://www.likecs.com/opt/cni/bin \\ --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0 \\ --system-reserved=memory=300Mi \\ --kube-reserved=memory=400Mi" EOF cat <<EOF >/opt/kubernetes/cfg/kubelet-config.yml kind: KubeletConfiguration # 使用对象 apiVersion: kubelet.config.k8s.io/v1beta1 # api版本 address: 0.0.0.0 # 监听地址 port: 10250 # 当前kubelet的端口 readOnlyPort: 10255 # kubelet暴露的端口 cgroupDriver: cgroupfs # 驱动,要与docker info显示的驱动一致 clusterDNS: - ${DNS_SERVER_IP} clusterDomain: ${CLUETERDOMAIN} # 集群域 failSwapOn: false # 关闭swap # 身份验证 authentication: anonymous: enabled: false webhook: cacheTTL: 2m0s enabled: true x509: clientCAFile: /opt/kubernetes/ssl/ca.pem # 授权 authorization: mode: Webhook webhook: cacheAuthorizedTTL: 5m0s cacheUnauthorizedTTL: 30s # Node 资源保留 evictionHard: imagefs.available: 15% memory.available: 300Mi nodefs.available: 10% nodefs.inodesFree: 5% evictionPressureTransitionPeriod: 5m0s # 镜像删除策略 imageGCHighThresholdPercent: 85 imageGCLowThresholdPercent: 80 imageMinimumGCAge: 2m0s # 旋转证书 rotateCertificates: true # 旋转kubelet client 证书 featureGates: RotateKubeletServerCertificate: true RotateKubeletClientCertificate: true maxOpenFiles: 1000000 maxPods: 110 EOF cat <<EOF >/usr/lib/systemd/system/kubelet.service [Unit] Description=Kubernetes Kubelet After=docker.service Requires=docker.service [Service] EnvironmentFile=-/opt/kubernetes/cfg/kubelet.conf ExecStart=http://www.likecs.com/opt/kubernetes/bin/kubelet \$KUBELET_OPTS Restart=on-failure KillMode=process [Install] WantedBy=multi-user.target EOF systemctl daemon-reload systemctl enable kubelet systemctl restart kubelet 3.11 查看节点个数等待一段时间后出现
[root@centos7-a ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION centos7-a NotReady <none> 7m v1.18.3 centos7-b NotReady <none> 6m v1.18.3 centos7-c NotReady <none> 6m v1.18.3 centos7-d NotReady <none> 6m v1.18.3 centos7-e NotReady <none> 5m v1.18.3 3.12 安装网络插件 3.12.1 安装 flannel [root@centos7-nginx ~]# mkdir flannel [root@centos7-nginx flannel]# wget https://github.com/coreos/flannel/releases/download/v0.12.0/flannel-v0.12.0-linux-amd64.tar.gz [root@centos7-nginx flannel]# tar xf flannel-v0.12.0-linux-amd64.tar.gz [root@centos7-nginx flannel]# ll 总用量 43792 -rwxr-xr-x. 1 lyj lyj 35253112 3月 13 08:01 flanneld -rw-r--r--. 1 root root 9565406 6月 16 19:41 flannel-v0.12.0-linux-amd64.tar.gz -rwxr-xr-x. 1 lyj lyj 2139 5月 29 2019 mk-docker-opts.sh -rw-r--r--. 1 lyj lyj 4300 5月 29 2019 README.md [root@centos7-nginx flannel]# vim remove-docker0.sh #!/bin/bash # Copyright 2014 The Kubernetes Authors All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Delete default docker bridge, so that docker can start with flannel network. # exit on any error set -e rc=0 ip link show docker0 >/dev/null 2>&1 || rc="$?" if [[ "$rc" -eq "0" ]]; then ip link set dev docker0 down ip link delete docker0 fi