您的位置: 首页  >  文章  >  K8S后台及DashBoard安装

K8S后台及DashBoard安装

分类: 文章 2022-10-23 16:09:31

1、关闭防火墙、关闭selinux

All servers

#防火墙
systemctl disable firewalld.service

#关闭Selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
## 或者
/etc/selinux/config
#将其中的 SELINUX=*处修改为如下
SELINUX=disabled
#重启服务器或setenforce 0 
#运行命令getenforce 确保 selinux 为disable


2、设置host

All servers

#添加所有节点IP和域名
[[email protected] ~]# cat /etc/hosts
172.18.240.243 master
172.18.240.245 slave
[[email protected] ~]# cat /etc/hostname
master
[[email protected] ~]# hostname master

 

3、创建k8s.conf

All servers

#修改内核参数
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
#执行sysctl -p /etc/sysctl.d/k8s.conf生效(sysctl --system)
sysctl -p /etc/sysctl.d/k8s.conf

#如果有如下报错:
sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-ip6tables: No such file or directory
sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-iptables: No such file or directory
#解决方法:
#安装bridge-util软件,加载bridge模块,加载br_netfilter模块
yum install -y bridge-utils.x86_64
modprobe bridge
modprobe br_netfilter

#关闭swap
swapoff -a
echo "vm.swappiness=0" >> /etc/sysctl.d/k8s.conf
#使生效
sysctl -p /etc/sysctl.d/k8s.conf
 

 

4、安装软件源配置

All servers

#配置k8s软件源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

 

5、安装docker

All servers

##先校正时间 否则 无法运行docker!!!!
# 1.安装ntpdate工具
sudo yum -y install ntp ntpdate
# 2.设置系统时间与网络时间同步
sudo ntpdate cn.pool.ntp.org
# 3.将系统时间写入硬件时间
sudo hwclock --systohc
# 4.查看系统时间
timedatectl

#安装docker
yum install -y docker-io
#启动docker并设置开机启动
systemctl enable docker && systemctl start docker

 

6、安装kurbenets

All servers

#查看软件包版本
yum list --showduplicates | grep 'kubeadm\|kubectl\|kubelet'

#安装最新版本
yum install -y kubelet
yum install -y kubeadm
yum install -y kubectl

#安装指定版本
yum install -y kubelet-1.16.2 kubeadm-1.16.2 kubectl-1.16.2

#启动服务并设置开机自启
systemctl start kubelet && systemctl enable kubelet

 

7、修改配置

All servers

#kubernetes 配置
#/usr/bin 目录下 执行以下操作
## kubelet kubeadm kubectl更新权限
cd /usr/bin && chmod a+x kubelet kubeadm kubectl
export KUBECONFIG=/etc/kubernetes/admin.conf
iptables -P FORWARD ACCEPT

#docker 配置
##编辑 /lib/systemd/system/docker.service 在[Service] 下添加下面一行
ExecStartPost=/sbin/iptables -P FORWARD ACCEPT
##重启docker
systemctl daemon-reload
systemctl restart docker

 

8、拉取镜像并tag

All servers

#查看所需镜像及版本

[[email protected] bin]# kubeadm config images list
W0108 19:53:17.464386 10103 version.go:101] could not fetch a Kubernetes version from the internet: unable to get URL "https://dl.k8s.io/release/stable-1.txt": Get https://dl.k8s.io/release/stable-1.txt: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
W0108 19:53:17.464460 10103 version.go:102] falling back to the local client version: v1.16.2
k8s.gcr.io/kube-apiserver:v1.16.2
k8s.gcr.io/kube-controller-manager:v1.16.2
k8s.gcr.io/kube-scheduler:v1.16.2
k8s.gcr.io/kube-proxy:v1.16.2
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.3.15-0
k8s.gcr.io/coredns:1.6.2
 

#拉取对应镜像

## 对应上面版本号
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.16.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.16.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.16.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.16.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.15-0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.2
 

#tag镜像

docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.16.2 k8s.gcr.io/kube-apiserver:v1.16.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.16.2 k8s.gcr.io/kube-controller-manager:v1.16.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.16.2 k8s.gcr.io/kube-scheduler:v1.16.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.16.2 k8s.gcr.io/kube-proxy:v1.16.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.15-0 k8s.gcr.io/etcd:3.3.15-0
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.2 k8s.gcr.io/coredns:1.6.2
 

9、使用kubeadm init初始化集群(仅master)

详细参数查询地址: https://kubernetes.io/zh/docs/reference/setup-tools/kubeadm/kubeadm-init/

kubeadm init \
--apiserver-advertise-address=172.18.240.243 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.17.1 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16 \
--ignore-preflight-errors=NumCPU

#参数说明
--apiserver-advertise-address string
API 服务器所公布的其正在监听的 IP 地址。如果未设置,则使用默认网络接口。
--image-repository string 默认值:"k8s.gcr.io"
选择用于拉取控制平面镜像的容器仓库
--kubernetes-version string 默认值:"stable-1"
为控制平面选择一个特定的 Kubernetes 版本。
--service-cidr string 默认值:"10.96.0.0/12"
为服务的虚拟 IP 地址另外指定 IP 地址段
--pod-network-cidr string
指明 pod 网络可以使用的 IP 地址段。如果设置了这个参数,控制平面将会为每一个节点自动分配 CIDRs。
--ignore-preflight-errors
忽略对应错误

初始化成功,显示类似:

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.1.86:6443 --token pwwmps.9cds2s34wlpiyznv \
--discovery-token-ca-cert-hash sha256:a3220f1d2384fe5230cad2302a4ac1f233b03ea24c19c165adb5824f9c358336

然后在执行如下命令:

# 等待命令执行完毕后执行如下命令
## 在master上执行以下命令
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

##安装flannel网络组件
## 在master上执行以下命令
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

## 若出现无法下载安装flannel组件

##查看节点
kubectl get node
##查看集群状态
kubectl get cs
# 可能会出现node notready的情况 在master执行
kubectl get pod --all-namespaces -o wide
 

10、安装DashBoard

master

#获取最新或对应版本yaml文件:https://github.com/kubernetes/dashboard,并为service添加NotePort模式:
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort
  ports:
    - port: 443
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard

#创建dashboard
kubectl create -f recommended.yaml

#验证
[[email protected] home]# kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-7b64584c5c-7xt8f 1/1 Running 0 22d
kubernetes-dashboard-566f567dc7-znrxh 1/1 Running 0 22d

[[email protected] home]# kubectl get svc -n kubernetes-dashboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dashboard-metrics-scraper ClusterIP 10.96.139.163 <none> 8000/TCP 22d
kubernetes-dashboard NodePort 10.100.236.150 <none> 443:31281/TCP 22d

31281为访问的端口

11、创建admin用户

master

#创建yaml文件
[[email protected] ~]# cat admin.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard

---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard

#创建admin用户
kubectl create -f admin.yaml

#获取token
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')

12、访问Dashboard界面:https://{masterIP}:31281, token登录

K8S后台及DashBoard安装

附录

##查看节点 在master执行
kubectl get nodes

##查看集群状态 在master执行
kubectl get cs

# 可能会出现node notready的情况 在master执行
kubectl get pod --all-namespaces -o wide

相关推荐