使用Kubeadm快速搭建kubernetes集群

---

使用kubeadm快速安装kubernetes 1.4

前置条件

系统：CentOS7
配置代理：全局参考、Docker代理

配置yum源

在所有节点执行以下操作：

# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://yum.kubernetes.io/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

安装kubernetes

在所有节点执行以下操作：

# setenforce 0
# yum install -y docker kubelet kubeadm kubectl kubernetes-cni
# systemctl enable docker && systemctl start docker
# systemctl enable kubelet && systemctl start kubelet

注：此时kubelet会隔几秒钟重启一次，等待kueadmin的连接

初始化管理节点

在管理节点执行以下操作：

# kubeadm init

注1：通过添加参数--api-advertise-addresses=<ip-address>来指定网卡接口
注2：以上操作，会自动在master节点安装etcd,kubectl
注3：为避免等待时间过长，可在相关节点上预先拉取相关镜像，相关容器镜像版本请自行调整

# docker pull gcr.io/google_containers/kube-controller-manager-amd64:v1.4.0
# docker pull gcr.io/google_containers/kube-scheduler-amd64:v1.4.0
# docker pull gcr.io/google_containers/kube-apiserver-amd64:v1.4.0
# docker pull gcr.io/google_containers/etcd-amd64:2.2.5

# docker pull gcr.io/google_containers/kube-proxy-amd64:v1.4.0
# docker pull gcr.io/google_containers/kubedns-amd64:1.7
# docker pull gcr.io/google_containers/kube-discovery-amd64:1.0
# docker pull gcr.io/google_containers/pause-amd64:3.0
# docker pull gcr.io/google_containers/exechealthz-amd64:1.3

注4：kubeadm help

kubeadm: easily bootstrap a secure Kubernetes cluster.

    ┌──────────────────────────────────────────────────────────┐
    │ KUBEADM IS ALPHA, DO NOT USE IT FOR PRODUCTION CLUSTERS! │
    │                                                          │
    │ But, please try it out! Give us feedback at:             │
    │ https://github.com/kubernetes/kubernetes/issues          │
    │ and at-mention @kubernetes/sig-cluster-lifecycle         │
    └──────────────────────────────────────────────────────────┘

Example usage:

    Create a two-machine cluster with one master (which controls the cluster),
    and one node (where workloads, like pods and replica sets run).

    ┌──────────────────────────────────────────────────────────┐
    │  On the first machine                                    │
    ├──────────────────────────────────────────────────────────┤
    │ master# kubeadm init                                     │
    └──────────────────────────────────────────────────────────┘

    ┌──────────────────────────────────────────────────────────┐
    │ On the second machine                                    │
    ├──────────────────────────────────────────────────────────┤
    │ node# kubeadm join --token=<token> <ip-of-master>        │
    └──────────────────────────────────────────────────────────┘

    You can then repeat the second step on as many other machines as you like.

Usage:
  kubeadm [command]

Available Commands:
  init        Run this in order to set up the Kubernetes master.
  join        Run this on any machine you wish to join an existing cluster.
  version     Print the version of kubeadm

Use "kubeadm [command] --help" for more information about a command.

加入NODE

在每一个NODE上运行以下命令，将NODE加入集群：

# kubeadm join --token <token> <master-ip>
<util/tokens> validating provided token
<node/discovery> created cluster info discovery client, requesting info from "http://xxx.xxx.xxx.xxx:9898/cluster-info/v1/?token-id=0f8588"
<node/discovery> cluster info object received, verifying signature using given token
<node/discovery> cluster info signature and contents are valid, will use API endpoints [https://xxx.xxx.xxx.xxx:443]
<node/csr> created API client to obtain unique certificate for this node, generating keys and certificate signing request
<node/csr> received signed certificate from the API server, generating kubelet configuration
<util/kubeconfig> created "/etc/kubernetes/kubelet.conf"

Node join complete:
* Certificate signing request sent to master and response
  received.
* Kubelet informed of new secure connection details.

Run 'kubectl get nodes' on the master to see this machine join.

安装POD网络

# kubectl apply -f https://git.io/weave-kube
daemonset "weave-net" created

附

kubeadm init后重新执行kubeadm，需要先清除相关容器及设置。

# systemctl stop kubelet;
# docker rm -f $(docker ps -q); mount | grep "/var/lib/kubelet/*" | awk '{print $3}' | xargs umount 1>/dev/null 2>/dev/null;
# rm -rf /var/lib/kubelet /etc/kubernetes /var/lib/etcd /etc/cni;
# ip link set cbr0 down; ip link del cbr0;
# ip link set cni0 down; ip link del cni0;
# systemctl start kubelet