kubernetes Ubuntu Install
Kubernetes作为一款社区最火的容器管理调度软件,它主要解决了两方面的问题:
- 容器的编排调度
从原来的AIO的应用变成容器化应用微服务化应用,带来的好处就是服务解耦,可以快速扩展服务,带来的不好就是用户管理成本增加,kuebrnetes很好地解决了这个问题,帮助我们实现了应用层面的管理抽象,根据不同业务应用,使用不同的部署类型。
- kubernetes的一致性能力
虽然云计算现在在多云场景下还不具备真正的一个“build once,run any cloud provider”,但这个趋势已经开始呈现了,大家遵循kubernetes的API,保障API的一致性,想想多年前的运维要在多云厂商环境下部署服务的处境,考虑不同的操作系统、不同的操作系统版本、内核版本、网络差异还有一些诡异的问题等等,通过kubernetes已经开始有了一个很好地发展趋势,面向用户运维更加的友好。
kubernetes架构图
在ubuntu16.04中安装配置
安装脚本
# ubuntu 16.04替换源
cat << EOF> /etc/apt/sources.list
deb-src http://archive.ubuntu.com/ubuntu xenial main restricted
deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted multiverse universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted multiverse universe
deb http://mirrors.aliyun.com/ubuntu/ xenial universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe
deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/xenial-backports main restricted universe multiverse
deb http://archive.canonical.com/ubuntu xenial partner
deb-src http://archive.canonical.com/ubuntu xenial partner
deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted multiverse universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-security multiverse
EOF
apt-get update
# 关闭防火墙
ufw disable
apt install selinux-utils
setenforce 0
cat << EOF>> /etc/selinux/conifg
SELINUX=disabled
EOF
# 设置网络:
cat << EOF>> /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
modprobe br_netfilter
# 查看 ipv4 与 v6 配置是否生效:
sysctl --system
# 配置 iptables:
iptables -P FORWARD ACCEPT
cat << EOF>> /etc/rc.local
/usr/sbin/iptables -P FORWARD ACCEPT
EOF
# 永久关闭 swap 分区:
sed -i 's/.*swap.*/#&/' /etc/fstab
# 安装docker
apt-get install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt-get update
apt-get purge docker-ce docker docker-engine docker.io && rm -rf /var/lib/docker
apt-get autoremove docker-ce docker docker-engine docker.io
apt-get install -y docker-ce
# 安装 k8s
apt-get update && apt-get install -y apt-transport-https curl firewalld
curl -s https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat << EOF> /etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main
EOF
apt-get update
apt-get purge kubelet kubeadm kubectl
apt-get autoremove kubelet kubeadm kubectl
apt-get install -y kubelet kubeadm kubectl
apt-mark hold kubelet kubeadm kubectl
# 启动服务并设置开机自动重启:
systemctl enable kubelet && sudo systemctl start kubelet
# 查看kubeadm镜像
# kubeadm config images list
for i in `kubeadm config images list`; do
imageName=${i#k8s.gcr.io/}
docker pull registry.aliyuncs.com/google_containers/$imageName
docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
docker rmi registry.aliyuncs.com/google_containers/$imageName
done;
# 开机启动 && 启动服务
systemctl enable kubelet && systemctl start kubelet
# k8s集群初始化
firewall-cmd --zone=public --add-port=6443/tcp --permanent && firewall-cmd --reload
firewall-cmd --zone=public --add-port=10250/tcp --permanent && firewall-cmd --reload
# kubeadm 启动配置
cat >> init.yaml << EOF
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: v1.19.0
imageRepository: k8s.gcr.io
networking:
podSubnet: "10.244.0.0/16"
EOF
kubeadm init --config init.yml
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
# 启动flannel网络服务
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yaml
# master node参与工作负载
## 查看污点标记 node-role.kubernetes.io/master:NoSchedule
kubectl describe node k8s.docker.internal |grep Taint
## 执行命令去除标记
kubectl taint nodes k8s.docker.internal node-role.kubernetes.io/master:NoSchedule-
# 检测集群状态
kubectl get cs
更多信息可以star [github]: https://github.com/darebeat/k8s.git
