Centos8安装docker19.03.4,kubernetes v1.16.2,kuboard面板

下载好centos8-boot.iso.安装到虚拟机中，安装源可以采用163源或是阿里源，这就不说了。

1. 环境预设（在所有主机上操作）

关闭firewalld：

 systemctl stop firewalld && systemctl disable firewalld 

关闭SElinux：

 setenforce 0 && sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config 

关闭Swap：

swapoff -a

echo "vm.swappiness = 0">> /etc/sysctl.conf
sed -i 's/.*swap.*/#&/' /etc/fstab

sysctl -p

更新 /etc/hosts 文件：在每一台主机的该文件中添加k8s所有节点的IP和对应主机名，否则初始化的时候回出现告警甚至错误

echo "192.168.137.22 k8smaster" >> /etc/hosts 

2, 添加阿里源

[root@localhost ~]# rm -rfv /etc/yum.repos.d/*
[root@localhost ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo

2 安装常用包

[root@master01 ~]# yum install vim bash-completion net-tools gcc wget  -y

3 使用aliyun源安装docker-ce

[root@master01 ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
[root@master01 ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

 安装containerd与docker-ce :

wget https://download.docker.com/linux/centos/7/x86_64/edge/Packages/containerd.io-1.2.10-3.2.el7.x86_64.rpm
yum install  containerd.io-1.2.10-3.2.el7.x86_64.rpm

yum install -y docker-ce
systemctl enable docker --now

添加aliyundocker仓库加速器，配置docker的deamon.json【没有就新建。

  
[root@k8smaster ~]# cat /etc/docker/daemon.json
{
  "registry-mirrors": ["https://a495m8mk.mirror.aliyuncs.com"],

  "exec-opts": ["native.cgroupdriver=systemd"]
}
 

 [root@master01 ~]# systemctl daemon-reload

[root@master01 ~]# systemctl restart docker

配置k8s相关参数文件。

cat <<EOF > /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
fs.may_detach_mounts = 1
vm.overcommit_memory=1
vm.panic_on_oom=0
fs.inotify.max_user_watches=89100
fs.file-max=52706963
fs.nr_open=52706963
net.netfilter.nf_conntrack_max=2310720
EOF

sysctl --system

sudo systemctl daemon-reload
sudo systemctl restart docker

添加阿里kubernetes源

[root@master01 ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

安装kubectl kubelet kubeadmin, master与node节点，都要安装。

[root@master01 ~]# yum install kubectl kubelet kubeadm
[root@master01 ~]# systemctl enable kubelet

安装kubeadm基础环境依赖镜像， 阿里源中最新版本是k8s 1.18.3 同步的落后。

[root@apple ~]# kubeadm config images list --kubernetes-version v1.16.2

k8s.gcr.io/kube-controller-manager:v1.16.2
k8s.gcr.io/kube-scheduler:v1.16.2
k8s.gcr.io/kube-proxy:v1.16.2
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.3.15-0
k8s.gcr.io/coredns:1.6.2

我们从aliyun下载镜像，新建 一个get_k8s_images.sh 脚本
chmod +x get_k8s_images.sh
./get_k8s_images.sh

#! /bin/bashimages=(
    kube-apiserver:v1.16.2
    kube-controller-manager:v1.16.2
    kube-scheduler:v1.16.2
    kube-proxy:v1.16.2
    pause:3.1
    etcd:3.3.15-0
    coredns:1.6.2
)for imageName in ${images[@]} ; do
    docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/${imageName}
    docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/${imageName} k8s.gcr.io/${imageName}
    docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/${imageName}done

安装kubeadm、kubelet和kubectl

kubeadm不管kubelet和kubectl，所以我们需要手动安装kubelet和kubectl：

yum install -y kubeadm kubelet kubectl  --disableexcludes=kubernetes

Kubelet负责与其他节点集群通信，并进行本节点Pod和容器生命周期的管理。
Kubeadm是Kubernetes的自动化部署工具，降低了部署难度，提高效率。
Kubectl是Kubernetes集群管理工具。

最后启动kubelet：

systemctl enable kubelet --now

部署master 节点

注：在master节点上进行如下操作

在安装过程中我们发现安装的是 1.16.2版本

kubeadm version

输出

kubeadm version: &version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.2", GitCommit:"c97fe5036ef3df2967d086711e6c0c405941e14b",
GitTreeState:"clean", BuildDate:"2019-10-15T19:15:39Z", GoVersion:"go1.12.10", Compiler:"gc", Platform:"linux/amd64"}

镜像下载

https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-init/

执行 kubeadm config images list 命令就会输出如下所需版本

[root@k8smaster ~]# kubeadm config images list --kubernetes-version v1.16.2
k8s.gcr.io/kube-apiserver:v1.16.2
k8s.gcr.io/kube-controller-manager:v1.16.2
k8s.gcr.io/kube-scheduler:v1.16.2
k8s.gcr.io/kube-proxy:v1.16.2
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.3.15-0
k8s.gcr.io/coredns:1.6.2
[root@k8smaster ~]#

kubeadm基础环境依赖镜像

我们从aliyun下载镜像，新建 一个get_k8s_images.sh 脚本

chmod +x get_k8s_images.sh
./get_k8s_images.sh

#! /bin/bashimages=(
    kube-apiserver:v1.16.2
    kube-controller-manager:v1.16.2
    kube-scheduler:v1.16.2
    kube-proxy:v1.16.2
    pause:3.1
    etcd:3.3.15-0
    coredns:1.6.2
)for imageName in ${images[@]} ; do
    docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/${imageName}
    docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/${imageName} k8s.gcr.io/${imageName}
    docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/${imageName}done

systemctl enable kubelet && systemctl start kubelet
systemctl daemon-reload
systemctl restart kubelet

因为无法直接获取到所需镜像，这里是用镜像映射，通过tag更改名称

wget https://cbs.centos.org/repos/paas7-crio-115-release/x86_64/os/Packages/cri-o-1.15.1-2.el7.x86_64.rpm

rpm -Uvh cri-o-1.15.1-2.el7.x86_64.rpm --nodeps

systemctl daemon-reload
systemctl start crio.service
systemctl daemon-reload

在master进行Kubernetes集群初始化

kubeadm init --kubernetes-version=1.16.2 --apiserver-advertise-address=192.168.137.22 --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.1.0.0/16

或是

kubeadm init --kubernetes-version=1.16.2 --apiserver-advertise-address=192.168.137.22 --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.1.0.0/16

1. –kubernetes-version: 用于指定k8s版本；

2. –apiserver-advertise-address：用于指定kube-apiserver监听的ip地址,就是 master本机IP地址。

3. –pod-network-cidr：用于指定Pod的网络范围； 10.244.0.0/16，可以不用指定，软件会自动添加。


4. –service-cidr：用于指定SVC的网络范围；

5. –image-repository: 指定阿里云镜像仓库地址。

这一步很关键，由于kubeadm 默认从官网k8s.grc.io下载所需镜像，国内无法访问，因此需要通过–image-repository指定阿里云镜像仓库地址

集群初始化成功后返回如下信息：
记录生成的最后部分内容，此内容需要在其它节点加入Kubernetes集群时执行。

Your Kubernetes control-plane has initialized successfully!To start using your cluster, 
you need to run the following as a regular user:  
mkdir -p $HOME/.kube  
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config  
sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 10.10.10.10:6443 --token kehvmq.e33d33lgkrm8h0rn \
    --discovery-token-ca-cert-hash sha256:6150e7960c44890d5dd6b160bbbb4bfa256023db22f004b54d27e1cca72b0afc 

根据以上结果，还要操作一些任务，会有一些报错，可根据自己的情况修改。

                           

Docker中的Cgroup Driver:Cgroupfs 与 Systemd            

在安装kubernetes的过程中，会出现

Copyfailed to create kubelet: misconfiguration: kubelet cgroup driver: "cgroupfs" is different from docker cgroup driver: "systemd"

文件驱动默认由systemd改成cgroupfs, 而我们安装的docker使用的文件驱动是systemd, 造成不一致, 导致镜像无法启动

docker info查看

Cgroup Driver: systemd

现在有两种方式, 一种是修改docker, 另一种是修改kubelet,

修改docker:#

修改或创建/etc/docker/daemon.json，加入下面的内容：

Copy
{
  "exec-opts": ["native.cgroupdriver=systemd"]
}

docker:

Copy
systemctl restart docker
systemctl status docker

修改kubelet:#

Copy
vim /etc/systemd/system/kubelet.service.d/10-kubeadm.conf


# Note: This dropin only works with kubeadm and kubelet v1.11+
[Service]
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"
Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"
# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically
EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env
# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use
# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file.
EnvironmentFile=-/etc/sysconfig/kubelet
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS

添加如下内容--cgroup-driver=systemd

 

或者：

# 配置kubelet使用国内pause镜像
# 配置kubelet的cgroups
# 获取docker的cgroups
$ DOCKER_CGROUPS=$(docker info | grep 'Cgroup' | cut -d' ' -f3)
$ echo $DOCKER_CGROUPS

$ cat >/etc/sysconfig/kubelet<<EOF
KUBELET_CGROUP_ARGS="--cgroup-driver=$DOCKER_CGROUPS"
KUBELET_EXTRA_ARGS="--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64:3.1"
EOF

# 启动
$ systemctl daemon-reload
$ systemctl enable kubelet && systemctl restart kubelet

或者：

Copy
DOCKER_CGROUPS=$(docker info | grep 'Cgroup' | cut -d' ' -f3)
echo $DOCKER_CGROUPS
cat >/etc/sysconfig/kubelet<<EOF
KUBELET_EXTRA_ARGS="--cgroup-driver=$DOCKER_CGROUPS --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64:3.1"
EOF

# 启动
$ systemctl daemon-reload
$ systemctl enable kubelet && systemctl restart kubelet

参考：

https://www.cnblogs.com/sparkdev/p/9523194.html

https://www.jianshu.com/p/02dc13d2f651

作者：hongda

出处：https://www.cnblogs.com/hongdada/p/9771857.html

版权：本站使用「署名 4.0 国际」创作共享协议，转载请在文章明显位置注明作者及出处。

配置kubectl工具

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

​

最后可以安装kubernetes dashborad 面板，我这里使用kuboard面板，很好用的。

kubectl apply -f https://kuboard.cn/install-script/kuboard.yaml
kubectl get svc -A
kubectl get pods -o wide -A
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}')