pod=$(kubectl get pods –selector=”name=bad-frontend” –output=jsonpath={.items..metadata.name})
kubectl describe pod $pod
未命名
未命名
使用kubeadm 启用一个多节点的集群
初始化 Master
kubeadm init –token=102952.1a7dd4cc8d1f4cc5
把另一个节点加到集群
kubeadm join –token=102952.1a7dd4cc8d1f4cc5 172.17.0.44:6443
在master上查看 集群信息
sudo cp /etc/kubernetes/admin.conf $HOME/
sudo chown $(id -u):$(id -g) $HOME/admin.conf
export KUBECONFIG=$HOME/admin.conf
kubectl get nodes
部署docker 网络接口
在mster上
curl -L https://git.io/weave-kube-1.6 -o /opt/weave-kube
cat /opt/weave-kube
kubectl apply -f /opt/weave-kube
kubectl get pod -n kube-system
部署pod
kubectl run http –image=katacoda/docker-http-server:latest –replicas=1
kubectl get pods
在节点主机上执行,可以看到真实的容器
docker ps | head -n2
在远程工作
cat /etc/kubernetes/admin.conf
scp root@
kubectl –kubeconfig ./admin.conf get nodes
部署图形界面
kubectl create clusterrolebinding permissive-binding –clusterrole=cluster-admin –user=admin –user=kubelet –group=system:serviceaccounts;
kubectl apply -f dashboard.yaml
kubectl get pods -n kube-system
未命名
k8s 集成calico网络
下载:
http://hn-1251586848.cosgz.myqcloud.com/calico_node_v1.2.1.tar
- calico/node 容器 必须在master和每个节点
- calico/kube-policy-controller 容器
- The calico-cni network plugin binaries
docker pull quay.io/calico/node:v1.2.1
Download and install calicoctl
wget http://www.projectcalico.org/builds/calicoctl
sudo chmod +x calicoctl
Run the calico/node container
sudo ETCD_ENDPOINTS=http://
未命名
yum 安装的 Etcd 默认配置文件在 /etc/etcd/etcd.conf,以下为 etcd0 上的样例(etcd1、etcd2同理):
编辑配置文件
vim /etc/etcd/etcd.conf
样例配置如下
节点名称
ETCD_NAME=etcd0
数据存放位置
ETCD_DATA_DIR=”/var/lib/etcd/etcd0”
监听其他 Etcd 实例的地址
ETCD_LISTEN_PEER_URLS=”http://0.0.0.0:2380“
监听客户端地址
ETCD_LISTEN_CLIENT_URLS=”http://0.0.0.0:2379,http://0.0.0.0:4001“
通知其他 Etcd 实例地址
ETCD_INITIAL_ADVERTISE_PEER_URLS=”http://192.168.1.154:2380“
初始化集群内节点地址
ETCD_INITIAL_CLUSTER=”etcd0=http://192.168.1.154:2380,etcd1=http://192.168.1.156:2380,etcd2=http://192.168.1.249:2380“
初始化集群状态,new 表示新建
ETCD_INITIAL_CLUSTER_STATE=”new”
初始化集群 token
ETCD_INITIAL_CLUSTER_TOKEN=”mritd-etcd-cluster”
通知 客户端地址
ETCD_ADVERTISE_CLIENT_URLS=”http://192.168.1.154:2379,http://192.168.1.154:4001“
systemctl restart etcd && systemctl enabled etcd
查看排错:
journalctl -u etcd.service –since today
etcdctl cluster-health
etcdctl –debug member list
未命名
————fedora
#!/bin/sh
echo ‘hello123’ | passwd –stdin root
echo ‘hello123’ | passwd –stdin fedora
sed -i ‘s/PasswordAuthentication no/PasswordAuthentication yes/g’ /etc/ssh/sshd_config
sed -i ‘s/PermitRootLogin yes/PermitRootLogin no/g’ /etc/ssh/sshd_config
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config
systemctl restart sshd
——————————ubuntu
#!/bin/sh
passwd ubuntu<<EOF
hello123
hello123
EOF
sed -i ‘s/PasswordAuthentication no/PasswordAuthentication yes/g’ /etc/ssh/sshd_config
service ssh restart
fedora 配置使用阿里的yum源-使用curl
创建备份目录
mkdir -p /etc/yum.repos.d/bak把老的配置移到备份目录
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak/清楚yum缓存
yum clean all- 下载yum源配置
curl -o /etc/repo.tar.gz http://hn-1251586848.cosgz.myqcloud.com/repo.tar.gz
tar xf /etc/repo.tar.gz -C /etc/
curl -o /etc/yum.repos.d/fedora.repo http://mirrors.aliyun.com/repo/fedora.repo
curl -o /etc/yum.repos.d/fedora-updates.repo http://mirrors.aliyun.com/repo/fedora-updates.repo
- 重新生成缓存
dnf makecache
fedora 配置使用阿里的yum源-使用curl
创建备份目录
mkdir -p /etc/yum.repos.d/bak把老的配置移到备份目录
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak/清楚yum缓存
yum clean all下载yum源配置
sed -i ‘s/archive.ubuntu.com/mirrors.ustc.edu.cn/g’ /etc/apt/sources.list
- 重新生成缓存
- debian 简单软件包管理
- apt-get clean && sudo apt-get autoclean 清理仓库
- apt-get update 更新源
- apt-cache search package 搜索包
- apt-get install 安装
dnf install docker-engine
未命名
172.16.6.66 centos7.1
172.16.6.58 fedora25
ssh fedora@172.16.199.224 monkey2
未命名
fedora 安装单节点环境
dnf download kubernetes-master –destdir ./k8s
设定时间区
timedatectl set-timezone Asia/Shanghai
- 安装
dnf install kubernetes docker
会安装以下软件包
conntrack-tools
container-selinux
docker
docker-common
iptables
kubernetes
kubernetes-client
kubernetes-master
kubernetes-node
libnetfilter_conntrack
libnetfilter_cthelper
libnetfilter_cttimeout
libnetfilter_queue
libnfnetlink
socat
安装etcd
dnf -y install etcd自定义dns
echo “172.16.6.58 fed-master
172.16.199.224 fed-node” >> /etc/hosts编辑/etc/kubernetes/config 指定master是哪个(每台主机都要修改)
sed -i ‘/KUBE_MASTER/s/127.0.0.1:8080/fed-master:8080/g’ /etc/kubernetes/config
grep KUBE_MASTER /etc/kubernetes/config
- 关闭防火墙
systemctl disable iptables-services firewalld
systemctl stop iptables-services firewalld
- 在master主机上编辑
(1) /etc/kubernetes/apiserver
sed -i ‘/KUBE_API_ADDRESS/s/127.0.0.1/0.0.0.0/g’ /etc/kubernetes/apiserver
grep KUBE_API_ADDRESS /etc/kubernetes/apiserver
(2) /etc/etcd/etcd.conf 设置etd侦听所有网络,如果你不设置 你可能会收到“connection refused”这样的错误
sed -i ‘/ETCD_LISTEN_CLIENT_URLS/s/localhost:2379/0.0.0.0:2379/g’ /etc/etcd/etcd.conf
grep -v ‘#’ /etc/etcd/etcd.conf
在master上启动 如下服务
for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler; do
systemctl restart $SERVICES
systemctl enable $SERVICES
systemctl status $SERVICES
done如下命令 添加节点:
{
“apiVersion”: “v1”,
“kind”: “Node”,
“metadata”: {
“name”: “fed-node”,
“labels”:{ “name”: “fed-node-label”}
},
“spec”: {
“externalID”: “fed-node”
}
}
$ kubectl create -f ./node.json
$ kubectl get nodes
NAME STATUS AGE
fed-node Unknown 4h
编辑/etc/kubernetes/config
sed -i ‘/KUBELET_ADDRESS/s/–address=127.0.0.1/–address=0.0.0.0/g’ /etc/kubernetes/kubelet
sed -i ‘/KUBELET_HOSTNAME/s/127.0.0.1/fed-node/g’ /etc/kubernetes/kubelet
sed -i ‘/KUBELET_API_SERVER/s/127.0.0.1:8080/fed-master:8080/g’ /etc/kubernetes/kubelet
在node节点上启动服务
for SERVICES in kube-proxy kubelet docker; do
systemctl restart $SERVICES
systemctl enable $SERVICES
systemctl status $SERVICES
done
配置正常的话在minion主机可以看到:
[root@monkey2 ~]# kubectl version
Client Version: version.Info{Major:”1”, Minor:”5”, GitVersion:”v1.5.3”, GitCommit:”029c3a408176b55c30846f0faedf56aae5992e9b”, GitTreeState:”clean”, BuildDate:”2017-03-09T11:55:06Z”, GoVersion:”go1.7.5”, Compiler:”gc”, Platform:”linux/amd64”}
Server Version: version.Info{Major:”1”, Minor:”5”, GitVersion:”v1.5.3”, GitCommit:”029c3a408176b55c30846f0faedf56aae5992e9b”, GitTreeState:”clean”, BuildDate:”2017-03-09T11:55:06Z”, GoVersion:”go1.7.5”, Compiler:”gc”, Platform:”linux/amd64”}
报错处理:
[root@monkey2 kubernetes]# kubectl version
Client Version: version.Info{Major:”1”, Minor:”5”, GitVersion:”v1.5.3”, GitCommit:”029c3a408176b55c30846f0faedf56aae5992e9b”, GitTreeState:”clean”, BuildDate:”2017-03-09T11:55:06Z”, GoVersion:”go1.7.5”, Compiler:”gc”, Platform:”linux/amd64”}
The connection to the server localhost:8080 was refused - did you specify the right host or port?
可以指定api-server的ip
kubectl -s http://apiserverIP:8080 version
alias kubectl=” kubectl -s http://fed-master:8080“
dashboard安装
镜像地址:
https://hub.docker.com/u/googlecontainer/
#下载dashboard 配置
curl -o kubernetes-dashboard.yaml https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard-no-rbac.yaml
kubectl create -f kubernetes-dashboard.yaml
kubectl get -f kubernetes-dashboard.yaml
1.6.1 镜像下载地址:
vi kubernetes-dashboard.yaml
配置使用本地镜像源和apiserver地址
- –apiserver-host=http://fed-master:8080
查看k8s的命令
kubectl get deployment kubernetes-dashboard –namespace=kube-system
kubectl get svc kubernetes-dashboard –namespace=kube-system
排错:
kubectl get events –namespace=kube-system
可以查看到 有哪些容器
kubectl –namespace=kube-system logs kubernetes-dashboard-911386560
kubectl get pod –all-namespaces -o wide
kubectl get service –all-namespaces
[root@monkey1 conf]# kubectl get pod –namespace=kube-system
NAME READY STATUS RESTARTS AGE
kubernetes-dashboard-2692392454-ps3ks 0/1 ContainerCreating 0 5m
kubectl describe pod kubernetes-dashboard-2692392454-ps3ks –namespace=kube-system
docker load < /tmp/kubernetes-dashboard-amd64_v1.6.1.tar.gz
docker load < pause-amd64_3.0.tar
未命名
- 开放端口
firewall-cmd –zone=public –add-port=80/tcp –permanent
firewall-cmd –reload
未命名
https://console.cloud.google.com —> 选容器注册表