2017年2月9日 星期四

CentOS 7 部署 Kubernetes

Kubernetes 架構主機環境:
在 /etc/hosts 新增:
192.168.60.153 c7-k8s01    #master
192.168.60.154 c7-k8s02
192.168.60.155 c7-k8s03
192.168.60.156 c7-k8s04

關閉防火牆
systemctl stop firewalld
systemctl disable firewalld

安裝 ntp 套件
yum install ntp
systemctl start ntpd
systemctl enable ntpd

設定 kubernetes master:
安裝 kubernetes 套件
yum install -y etcd kubernetes flannel

修改 /etc/etcd/etcd.conf
ETCD_NAME=default
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://192.168.60.153:2380"
ETCD_LISTEN_CLIENT_URLS="http://192.168.60.153:2379 "

ETCD_ADVERTISE_CLIENT_URLS="http://192.168.60.153:2379"

修改 /etc/sysconfig/docker
OPTIONS='--selinux-enabled=false --insecure-registry gcr.io --log-driver=journald'

修改 /etc/kubernetes/config
KUBE_LOGTOSTDERR="--logtostderr=true"
KUBE_LOG_LEVEL="--v=0"
KUBE_ALLOW_PRIV="--allow-privileged=false"
KUBE_MASTER="--master=http://192.168.60.153:8080"

修改 /etc/kubernetes/apiserver
KUBE_API_ADDRESS="--address=0.0.0.0"
KUBE_MASTER="--master=http://192.168.60.153:8080"
KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.60.153:2379"
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"
KUBE_API_ARGS=""

修改 /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_PORT="--port=10250"
KUBELET_HOSTNAME="--hostname-override=c7-k8s01"
KUBELET_API_SERVER="--api-servers=http://127.0.0.1:8080"
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
KUBELET_ARGS=""

啟動 ETCD、kubernetes 服務
for SERVICES in etcd docker kube-apiserver kube-controller-manager kube-scheduler kubelet kube-proxy; do
    systemctl restart $SERVICES
    systemctl enable $SERVICES
    systemctl status $SERVICES
done

修改 /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://192.168.60.153:2379"

設定 etcd.conf 結合 flannel 服務
etcdctl mk /atomic.io/network/config '{"Network":"172.17.0.0/16"}'

再重啟動 ETCD、kubernetes 服務
for SERVICES in etcd flanneld docker kube-apiserver kube-controller-manager kube-scheduler kubelet kube-proxy; do
    systemctl restart $SERVICES
    systemctl enable $SERVICES
    systemctl status $SERVICES
done

檢查 kubernetes master 是否正常運作
kubectl get nodes      #出現 kubetnetes master node 名稱

遇到的問題:
/var/log/messages 一直出現:
the cluster IP 172.16.0.1 for service kubernetes/default is not within the service CIDR 10.254.0.0/16; please recreate
利用 kubectl get services --all-namespaces 顯示與設定的 cluster ip 網段不同
所以利用 kubectl delete services/kubernetes 將原來的設定刪除,kubernetes 會自動產生新的
再用 kubectl get services --all-namespaces 檢查一遍
/var/log/messages 己無錯誤訊息


以下所有安裝、設定步驟需在每一台 kubernetes nodes 上執行(在不同台 node 執行時會特別標註)
設定 kubernetes nodes:
安裝 flannel、kubernetes
yum install -y flannel kubernetes

修改 /etc/sysconfig/flanneld
FLANNEL_ETCD_ENDPOINTS="http://192.168.60.153:2379"      #新版本改為 FLANNEL_ETCD_ENDPOINTS 參數

修改 /etc/kubernetes/config
KUBE_MASTER="--master=http://192.168.60.153:8080"      #輸入 kubernetes master 主機 IP

修改 /etc/kubernetes/kubelet    #在 c7-k8s02 修改
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_PORT="--port=10250"
KUBELET_HOSTNAME="--hostname_override=c7-k8s02"
KUBELET_API_SERVER="--api_servers=http://192.168.60.153:8080"
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
KUBELET_ARGS=""

修改 /etc/kubernetes/kubelet    #在 c7-k8s03 修改
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_PORT="--port=10250"
KUBELET_HOSTNAME="--hostname_override=c7-k8s03"
KUBELET_API_SERVER="--api_servers=http://192.168.60.153:8080"
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"
KUBELET_ARGS=""

設定啟動 kube-proxy kubelet docker flanneld
systemctl daemon-reload
for SERVICES in kubelet kube-proxy docker flanneld; do
    systemctl restart $SERVICES
    systemctl enable $SERVICES
    systemctl status $SERVICES
done
或者
systemctl daemon-reload
for SERVICES in kubelet kube-proxy docker flanneld; do
    systemctl restart $SERVICES
    systemctl status $SERVICES
done

遇到的問題:
/var/log/messages 一直出現:
unable to communicate with Rkt api service: rkt: cannot tcp Dial rkt api service: dial tcp 127.0.0.1:15441: getsockopt

解決方法:在安裝、設定 flannel 之前,docker 己經先安裝並設定好了,有可能會出現上面的錯訊訊息,這時必須刪掉舊的 docker 網路介面:
systemctl stop docker
ip link delete docker0
systemctl start docker
ip -4 a|grep inet


kubernetes 內建的主機狀態監控網頁
https://host_ip:4194

沒有留言:

張貼留言

Nutanix平台虛擬機(UBUNTU),利用Veeam備份移轉至VMware平台,安裝套件、系統更新出現錯誤

 mount: /var/lib/grub/esp: special device /dev/disk/by-id/scsi-SNUTANIX_VDISK_NFS_4_0_7672_2d41cbaa_025e_4fac_849c_9e620eff5bff-part1 does n...