背景

安装步骤

安装docker包

$ sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
software-properties-common
添加docker官方GPG秘钥

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
安装稳定版仓库

sudo add-apt-repository \
“deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable”
再次更新源

sudo apt-get update
安装docker-ce

参考
apt-cache madison docker-ce

sudo apt-get install docker-ce=

.默认情况下这个配置文件夹并不存在，我们要创建它
$ mkdir -p /etc/systemd/system/docker.service.d

系统初始化

echo “127.0.0.1 ww-server-32” >> /etc/hosts

关闭swap

如果不关闭，默认配置下kubelet将无法启动
swapoff -a

设置系统参数

修改内核参数

cat < /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

修改后，及时生效
sysctl –system

安装相应软件

配置apt-get的源
cat kube_apt_key.gpg | apt-key add -

echo "deb [arch=amd64] https://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main main" >> /etc/apt/sources.list

apt-get install -y kubelet kubeadm kubectl kubernetes-cni

安装镜像

如果下载自己的或者dockerhub的镜像。可以利用脚本，批量替换镜像imagename
docker images | sed ‘s/foxchan/gcr.io\/google_containers/‘| awk ‘{print “docker tag “$3” “$1”:”$2}’

docker的cgroup driver与 –cgroup-driver要一致。 可以用 docker info |grep Cgroup 查看，有可能是systemd 或者 cgroupfs

配置kubelet

配置pod的基础镜像

cat > /etc/systemd/system/kubelet.service.d/10-kubeadm.conf <<EOF
[Service]
Environment="KUBELET_EXTRA_ARGS=--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/szss_k8s/pause-amd64:3.0"
EOF

启动kubelet

systemctl daemon-reload
systemctl restart kubelet

使用kubelet version参看可以看到已经启动

systemctl status kubelet.service

需要具体信息可以使用参看
journalctl -u kubelet -f

kubelet version –runtime-cgroups=/systemd/system.slice –kubelet-cgroups=/systemd/system.slice

执行以下命令可以重启kubelet

systemctl restart kubelet
systemctl daemon-reload

ps -ef | grep kubelet

/usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --pod-manifest-path=/etc/kubernetes/manifests --allow-privileged=true --network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin --cluster-dns=10.96.0.10 --cluster-domain=cluster.local --authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/ca.crt --cadvisor-port=0 --rotate-certificates=true --cert-dir=/var/lib/kubelet/pki --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64:3.1

重新配置

systemctl stop kubelet;
docker rm -f $(docker ps -q);
mount | grep “/var/lib/kubelet/*” | awk ‘{print $3}’ | xargs umount 1>/dev/null 2>/dev/null;
rm -rf /var/lib/kubelet /etc/kubernetes /var/lib/etcd /etc/cni;
systemctl start kubelet;
kubeadm init –token=

使用kubeadm初始化集群

export KUBE_REPO_PREFIX="registry.cn-hangzhou.aliyuncs.com/szss_k8s"
export KUBE_ETCD_IMAGE="registry.cn-hangzhou.aliyuncs.com/szss_k8s/etcd-amd64:3.0.17"
kubeadm init  --kubernetes-version=v1.9.0 --skip-preflight-checks

kubeadm init –kubernetes-version=v1.9.2 –skip-preflight-checks

kubeadm init –pod-network-cidr=172.30.0.0/20 –kubernetes-version=v1.9.0 –skip-preflight-checks

如果kubeadm出错，修改完成之后需要 kubeadm reset在重启初始化

让master节点参与调度

默认情况下，为了保证master的安全，master是不会被调度到app的。你可以取消这个限制通过输入。

kubectl taint nodes --all node-role.kubernetes.io/master-

检查master安装

kubectl get componentstatuses

里面有其他的文件
/etc/kubernetes/manifests

配置kubectl的kubeconfig

最新的kubectl链接api server不是通过8080端口连接的，而是通过6443端口，可以在admin.conf查看
kubectl get nodes
The connection to the server localhost:8080 was refused - did you specify the right host or port?

或者出现Unable to connect to the server: x509:

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get nodes

NAME           STATUS     ROLES     AGE       VERSION
ww-server-32   NotReady   master    3m        v1.9.0

kube-dns镜像

使用 kubectl get nodes参看NotReady 没有发现kube-dns镜像

要配置pod的网络，这里使用了flannel网络

kubectl create -f kube-flannel-rbac.yml

# Create the clusterrole and clusterrolebinding:
# $ kubectl create -f kube-flannel-rbac.yml
# Create the pod using the same namespace used by the flannel serviceaccount:
# $ kubectl create --namespace kube-system -f kube-flannel.yml
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: flannel
rules:
  - apiGroups:
      - ""
    resources:
      - pods
    verbs:
      - get
  - apiGroups:
      - ""
    resources:
      - nodes
    verbs:
      - list
      - watch
  - apiGroups:
      - ""
    resources:
      - nodes/status
    verbs:
      - patch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: flannel
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: flannel
subjects:
- kind: ServiceAccount
  name: flannel
  namespace: kube-system

sudo kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

安装其他主机

kubeadm init –apiserver-advertise-address=172.16.120.200 –pod-network-cidr=192.168.0.0/16 –ignore-preflight-errors ‘Swap’
主要目的是下载k8s相关组件d

使用flanne，需要设置–pod-network-cidr参数，10.244.0.0/16是kube-flannel.yml文件配置的默认网段，如果需要修改，–pod-network-cidr和kube-flannel.yml文件需要保持一致。
kubeadm init –kubernetes-version=v1.9.0 –pod-network-cidr=10.244.0.0/16 –skip-preflight-checks

查看集群状态

机器的端口如下：

参数	解释
Kubernetes API server	6443*
etcd server client API	2379-2380
Kubelet API	10250
kube-scheduler	10251
kube-controller-manager	10252
Read-only Kubelet API	10255

默认的端口范围:https://kubernetes.io/docs/concepts/services-networking/service/

kubectl查看node和pod的状态

kubectl get nodes

node节点安装和加入集群

export KUBE_REPO_PREFIX=”registry.cn-hangzhou.aliyuncs.com/szss_k8s”
export KUBE_ETCD_IMAGE=”registry.cn-hangzhou.aliyuncs.com/szss_k8s/etcd-amd64:3.0.17”
kubeadm join –token 242b80.86d585ebd6358b08 172.16.120.151:6443 –skip-preflight-checks

kubeadm join –token 0cb8d6.bc8e73f8d69d3110 10.168.1.111:6443 –discovery-token-ca-cert-hash sha256:96015707712d4b6a27c1d63ebfae0e0a22015c38f7c7b1c4983a93fae43d4060

node节点安装验证
kubectl get nodes

部署Dashboard

学习
http://www.dockerinfo.net/4468.html
在开启TLS的Kubernetes1.6集群上安装Dashboard
https://www.kubernetes.org.cn/3238.html

wget https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml

kubectl create -f kubernetes-dashboard.yml

kubectl get secret –all-namespaces | grep kubernetes-dashboard-admin
kubectl describe secret kubernetes-dashboard-admin-token-xxnml -n kube-system

https://10.168.1.111:32270/#!/overview?namespace=default
https://10.168.1.111:30865/#!/overview?namespace=default

10.168.1.111:8080/api/v1/proxy/namespaces/kube-system/services/kubernetes-dashboard

kubectl proxy –address=’10.168.1.111’ –port=8086 –accept-hosts=’^*$’

http://10.168.1.111:8086/ui可以访问

参考
https://blog.csdn.net/chenleiking/article/details/79316171
https://www.cnblogs.com/zhenyuyaodidiao/p/6500897.html
https://www.cnblogs.com/xinhaige/p/8595259.html

kubectl apply -f kubernetes-dashboard.yml
kubectl apply -f kubernetes-dashboard-rbac-admin.yml

kubectl delete deployment kubernetes-dashboard –namespace=kube-system
kubectl delete svc kubernetes-dashboard –namespace=kube-system

kubectl get svc –all-namespaces
http://10.101.36.111:8055

错误

Kubernetes failed to get imageFs info: unable to find data for container

一个简单的流程

kubectl create -f mysql-rc.yaml

kubectl get rc

kubectl get pods

查询原因
kubectl describe pods mysql

参考

每天5分支
http://www.cnblogs.com/CloudMan6/tag/Docker/default.html?page=3

https://www.jianshu.com/p/33b3fa304797

https://mritd.me/2016/10/29/set-up-kubernetes-cluster-by-kubeadm/

https://github.com/EagleChen/kubernetes_init/blob/master/install.sh
编译安装
https://www.kubernetes.org.cn/3336.html

https://www.kubernetes.org.cn/3336.html

Kubernetes创建可外部访问的mysql容器
https://www.58jb.com/html/133.html

https://www.jianshu.com/p/21a39ee86311
https://blog.csdn.net/zhuchuangang/article/details/76572157