Kubernetes

外部 service

指定 Endpoint

kind: Endpoints
apiVersion: v1
metadata:
  name: minio
subsets:
  - addresses:
    - ip: 172.16.1.18
    ports:
    - port: 9000

---
kind: Service
apiVersion: v1
metadata:
  name: minio
spec:
  ports:
  - port: 80
    targetPort: 9000

ExternalName

kind: Service
apiVersion: v1
metadata:
  name: m
spec:
  type: ExternalName
  externalName: bf-dev-databag.oss-cn-hangzhou-internal.aliyuncs.com

安装

# 1. 设置免密登录
ip="10.4.34.47" && \
ssh root@${ip} 'mkdir -p ~/.ssh' && \
cat ~/.ssh/id_rsa.pub | ssh root@${ip} 'cat >> ~/.ssh/authorized_keys' && \
ssh root@${ip} 'chmod 600 .ssh/authorized_keys'

# 2. 设置网络、hostname
chkconfig NetworkManager on
systemctl start NetworkManager.service
nmtui

# 3. 安装常用的工具
yum update -y && \
yum install -y tree git wget nfs-utils zsh net-tools ntp vim bind-utils traceroute

# 4. 安装 zsh 和插件
sh -c "$(wget https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh -O -)"
git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting
git clone https://github.com/zsh-users/zsh-autosuggestions $ZSH_CUSTOM/plugins/zsh-autosuggestions

vi ~/.zshrc 
	change theme to af-magic
	zsh-syntax-highlighting
	zsh-autosuggestions
	alias vi="vim"
source ~/.zshrc	

# 5. 关闭防火墙
systemctl stop firewalld
systemctl disable firewalld

# 6. 关闭内存交换
swapoff -a
vi /etc/fstab 

free -h

# 7. 安装 docker
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine

rm -rf /var/lib/docker

yum install -y yum-utils \
device-mapper-persistent-data \
lvm2

cat <<EOF > /etc/yum.repos.d/docker-ce.repo
[docker-ce-stable]
name=Docker CE Stable - \$basearch
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/\$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
EOF
yum makecache fast

yum list docker-ce --showduplicates | sort -r
yum install -y --setopt=obsoletes=0 docker-ce-17.03.2.ce docker-ce-selinux-17.03.2.ce-1.el7.centos
iptables -P FORWARD ACCEPT
systemctl enable docker && systemctl start docker

yum-config-manager --disable docker-ce-stable

# 8. 安装 Kuberntes
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
        http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum makecache fast

yum list kubelet --showduplicates | sort -r
yum list kubeadm --showduplicates | sort -r
yum list kubectl --showduplicates | sort -r

setenforce 0
vi /etc/selinux/config
	SELINUX=disabled

yum install -y kubernetes-cni-0.6.0 kubelet-1.11.0 kubectl-1.11.0 kubeadm-1.11.0
systemctl enable kubelet && systemctl start kubelet
yum-config-manager --disable kubernetes

cat <<EOF >  /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

sysctl net.bridge.bridge-nf-call-iptables=1

sysctl --system

# docker info | grep cgroup
# cat /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
# sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf

DOCKER_CGROUPS=$(docker info | grep 'Cgroup' | cut -d' ' -f3)
echo $DOCKER_CGROUPS
cat >/etc/sysconfig/kubelet<<EOF
KUBELET_EXTRA_ARGS="--cgroup-driver=$DOCKER_CGROUPS --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/bimface_common/pause-amd64:3.1"
EOF

systemctl daemon-reload && systemctl restart kubelet

# master初始化
kubeadm init --config kubeadm/kubeadm.yaml

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

# 安装网络插件
kubectl apply -f flannel/kube-flannel.yml

# 重置 master
kubeadm reset -f
ifconfig cni0 down
ip link delete cni0
ifconfig flannel.1 down
ip link delete flannel.1
rm -rf /var/lib/cni/
rm -rf $HOME/.kube
rm -rf /etc/kubernetes

# 查看 kubelet 日志
journalctl -l -u kubelet

# 确认 kubernetes 安装成功
curl http://kubernetes-dashboard.kube-system/api/v1/login/status

# 重新生产 join token
kubeadm token list
kubeadm token create
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
# or
kubeadm token create --print-join-command

Previousv2ray NextGit

Last updated 6 years ago

Was this helpful?

# 1. 设置免密登录 ip="10.4.34.47" && \ ssh root@${ip} 'mkdir -p ~/.ssh' && \ cat ~/.ssh/id_rsa.pub | ssh root@${ip} 'cat >> ~/.ssh/authorized_keys' && \ ssh root@${ip} 'chmod 600 .ssh/authorized_keys' # 2. 设置网络、hostname chkconfig NetworkManager on systemctl start NetworkManager.service nmtui # 3. 安装常用的工具 yum update -y && \ yum install -y tree git wget nfs-utils zsh net-tools ntp vim bind-utils traceroute # 4. 安装 zsh 和插件 sh -c "$(wget https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh -O -)" git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting git clone https://github.com/zsh-users/zsh-autosuggestions $ZSH_CUSTOM/plugins/zsh-autosuggestions vi ~/.zshrc change theme to af-magic zsh-syntax-highlighting zsh-autosuggestions alias vi="vim" source ~/.zshrc # 5. 关闭防火墙 systemctl stop firewalld systemctl disable firewalld # 6. 关闭内存交换 swapoff -a vi /etc/fstab free -h # 7. 安装 docker yum remove docker \ docker-client \ docker-client-latest \ docker-common \ docker-latest \ docker-latest-logrotate \ docker-logrotate \ docker-selinux \ docker-engine-selinux \ docker-engine rm -rf /var/lib/docker yum install -y yum-utils \ device-mapper-persistent-data \ lvm2 cat <<EOF > /etc/yum.repos.d/docker-ce.repo [docker-ce-stable] name=Docker CE Stable - \$basearch baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/\$basearch/stable enabled=1 gpgcheck=1 gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg EOF yum makecache fast yum list docker-ce --showduplicates | sort -r yum install -y --setopt=obsoletes=0 docker-ce-17.03.2.ce docker-ce-selinux-17.03.2.ce-1.el7.centos iptables -P FORWARD ACCEPT systemctl enable docker && systemctl start docker yum-config-manager --disable docker-ce-stable # 8. 安装 Kuberntes cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF yum makecache fast yum list kubelet --showduplicates | sort -r yum list kubeadm --showduplicates | sort -r yum list kubectl --showduplicates | sort -r setenforce 0 vi /etc/selinux/config SELINUX=disabled yum install -y kubernetes-cni-0.6.0 kubelet-1.11.0 kubectl-1.11.0 kubeadm-1.11.0 systemctl enable kubelet && systemctl start kubelet yum-config-manager --disable kubernetes cat <<EOF > /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF sysctl net.bridge.bridge-nf-call-iptables=1 sysctl --system # docker info | grep cgroup # cat /etc/systemd/system/kubelet.service.d/10-kubeadm.conf # sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf DOCKER_CGROUPS=$(docker info | grep 'Cgroup' | cut -d' ' -f3) echo $DOCKER_CGROUPS cat >/etc/sysconfig/kubelet<<EOF KUBELET_EXTRA_ARGS="--cgroup-driver=$DOCKER_CGROUPS --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/bimface_common/pause-amd64:3.1" EOF systemctl daemon-reload && systemctl restart kubelet # master初始化 kubeadm init --config kubeadm/kubeadm.yaml mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config # 安装网络插件 kubectl apply -f flannel/kube-flannel.yml # 重置 master kubeadm reset -f ifconfig cni0 down ip link delete cni0 ifconfig flannel.1 down ip link delete flannel.1 rm -rf /var/lib/cni/ rm -rf $HOME/.kube rm -rf /etc/kubernetes # 查看 kubelet 日志 journalctl -l -u kubelet # 确认 kubernetes 安装成功 curl http://kubernetes-dashboard.kube-system/api/v1/login/status # 重新生产 join token kubeadm token list kubeadm token create openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //' # or kubeadm token create --print-join-command