关闭centos 自带的防火墙服务:
systemctl stop firewalld systemctl disable firewalld
# 直接 yum update # 安装完一定要重启linux
配置kubenetes 源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [Kubernetes] baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
安装 etcd kubenetes 以下操作会自动安装docker,如果已经安装docker,会报错,卸载重装即可
yum install -y etcd kubernetes
安装好软件后,修改两个配置文件
Docker配置文件 /etc/sysconfig/docker,其中的OPTIONS的内容设置为: $ vim /etc/sysconfig/docker OPTIONS='--selinux-enabled=false --insecure-registry gcr.io'
Kubernetes修改apiserver的配置文件,在/etc/kubernetes/apiserver中 $ vim /etc/kubernetes/apiserver KUBE_ADMISSION_CONTROL="--admission_control=NamespaceLifecycle,NamespaceExists, LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota" 去掉 ServiceAccount 选项。否则会在往后的pod创建中,会出现类似以下的错误: Error from server: error when creating "mysql-rc.yaml": Pod "mysql" is forbidden: no API token found for service account default/default, retry after the token is automatically created and added to the service account
按照顺序启动
systemctl start etcd systemctl start docker systemctl start kube-apiserver systemctl start kube-controller-manager systemctl start kube-scheduler systemctl start kubelet systemctl start kube-proxy #设置开机启动 systemctl enable etcd systemctl enable docker systemctl enable kube-apiserver systemctl enable kube-controller-manager systemctl enable kube-scheduler systemctl enable kubelet systemctl enable kube-proxy
验证 kubectl version 显示如下信息说明安装成功
[root@MiWiFi-R4-srv ~]# ps -ef | grep kube kube 8579 1 0 07:24 ? 00:00:06 /usr/bin/kube-apiserver --logtostderr=true --v=0 --etcd-servers=http://127.0.0.1:2379 --insecure-bind-address=127.0.0.1 --allow-privileged=false --service-cluster-ip-range=10.254.0.0/16 --admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota kube 8596 1 1 07:25 ? 00:00:11 /usr/bin/kube-controller-manager --logtostderr=true --v=0 --master=http://127.0.0.1:8080 kube 8622 1 0 07:25 ? 00:00:01 /usr/bin/kube-scheduler --logtostderr=true --v=0 --master=http://127.0.0.1:8080 root 8641 1 1 07:25 ? 00:00:17 /usr/bin/kubelet --logtostderr=true --v=0 --api-servers=http://127.0.0.1:8080 --address=127.0.0.1 --hostname-override=127.0.0.1 --allow-privileged=false --pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest root 8717 1 1 07:25 ? 00:00:08 /usr/bin/kube-proxy --logtostderr=true --v=0 --master=http://127.0.0.1:8080 root 18353 8168 0 07:40 pts/0 00:00:00 grep --color=auto kube
[root@MiWiFi-R4-srv ~]# kubectl version Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"269f928217957e7126dc87e6adfa82242bfe5b1e", GitTreeState:"clean", BuildDate:"2017-07-03T15:31:10Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"} Server Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"269f928217957e7126dc87e6adfa82242bfe5b1e", GitTreeState:"clean", BuildDate:"2017-07-03T15:31:10Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
[root@MiWiFi-R4-srv ~]# etcdctl cluster-health member 8e9e05c52164694d is healthy: got healthy result from http://localhost:2379 cluster is healthy
到目前为止,一个单机版的Kubernetes的环境就安装启动完成了
接着我们创建一些应用
1.启动MySQL容器服务
我们先拉取mysql的服务镜像 : sudo docker pull mysql 或 docker pull hub.c.163.com/library/mysql:latest
启动MySQL服务
首先为MySQL服务创建一个RC定义文件:mysql-rc.yaml,下面给出了该文件的完整内容,路径目录自己找就可以。
apiVersion: v1 kind: ReplicationController metadata: name: mysql spec: replicas: 1 selector: app: mysql template: metadata: labels: app: mysql spec: containers: - name: mysql image: hub.c.163.com/library/mysql ports: - containerPort: 3306 env: - name: MYSQL_ROOT_PASSWORD value: "123456"
yaml定义文件说明:
- kind:表明此资源对象的类型,例如上面表示的是一个RC
- spec: 对RC的相关属性定义,比如说spec.selector是RC的Pod标签(Label)选择器,既监控和管理拥有这些表情的Pod实例,确保当前集群上始终有且 仅有replicas个Pod实例在运行。
- spec.template定义pod的模板,这些模板会在当集群中的pod数量小于replicas时,被作为依据去创建新的Pod
创建好 mysql-rc.yaml后, 为了将它发布到Kubernetes中,我们在Master节点执行命令
[root@MiWiFi-R4-srv home]# kubectl create -f mysql-rc.yaml replicationcontroller "mysql" created
接下来,我们用kuberctl命令查看刚刚创建的RC:
[root@MiWiFi-R4-srv home]# kubectl get rc NAME DESIRED CURRENT READY AGE mysql 1 0 0 14s
查看Pod的创建情况,可以运行下面的命令:
[root@MiWiFi-R4-srv home]# kubectl get pods NAME READY STATUS RESTARTS AGE mysql-b0gk0 0/1 ContainerCreating 0 3s
可见pod的状态处于ContainerCreating,我们需要耐心等待一下,直到状态为Running
NAME READY STATUS RESTARTS AGE mysql-b0gk0 1/1 Running 0 6m
最后,我们创建一个与之关联的Kubernetes Service - MySQL的定义文件:mysql-svc.yaml
apiVersion: v1 kind: Service metadata: name: mysql spec: ports: - port: 3306 selector: app: mysql
其中 metadata.name是Service的服务名,port定义服务的端口,spec.selector确定了哪些Pod的副本对应本地的服务。
运行kuberctl命令,创建service:
$ kubectl create -f mysql-svc.yaml service "mysql" created
然后我们查看service的状态
$ kubectl get svc NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes 10.254.0.1 <none> 443/TCP 18m mysql 10.254.185.20 <none> 3306/TCP 14s
注意到MySQL服务被分配了一个值为 10.254.185.20的CLUSTER-IP,这是一个虚地址,随后,Kubernetes集群中的其他新创建的Pod就可以通过Service 的CLUSTER-IP+端口6379来连接和访问它了。
