測(cè)試環(huán)境：
節(jié)點(diǎn)名稱 節(jié)點(diǎn)IP 節(jié)點(diǎn)功能
K8s-master 10.10.1.10/24 Master、etcd、registry
K8s-node-1 10.10.1.20/24 node-1
K8s-node-2 10.10.1.30/24 node-2

步驟：
1、關(guān)閉 swap
#暫時(shí)關(guān)閉
swapoff -a
#永久關(guān)閉(注釋掉最后帶有swap的一行，前面加個(gè)#注釋)
vi /etc/fstab
關(guān)閉防火墻
#暫時(shí)關(guān)閉
systemctl stop firewalld
#永久關(guān)閉
systemctl disable firewalld
關(guān)閉SELinux
sed -i ‘s/SELINUX=permissive/SELINUX=disabled/’ /etc/sysconfig/selinux
setenforce 0

2、設(shè)置 主機(jī)名
hostnamectl --static set-hostname k8s-master

3、設(shè)置host 解析地址（每臺(tái)機(jī)器）
vi /etc/hosts
10.10.1.10 k8s-master
10.10.1.10 etcd
10.10.1.10 registry
10.10.1.20 k8s-node-1
10.10.1.30 k8s-node-2

4、部署etcd(注：本次只master節(jié)點(diǎn)安裝etcd)
4.1、yum install etcd –y
4.2、vi /etc/etcd/etcd.conf

#[Member]
#ETCD_CORS=""
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
#ETCD_WAL_DIR=""
#ETCD_LISTEN_PEER_URLS=“http://localhost:2380”
ETCD_LISTEN_CLIENT_URLS=“http://0.0.0.0:2379,http://0.0.0.0:4001”
ETCD_NAME=“master”
#[Clustering]
#ETCD_INITIAL_ADVERTISE_PEER_URLS=“http://localhost:2380”
ETCD_ADVERTISE_CLIENT_URLS=http://etcd:2379,http://etcd:4001

啟動(dòng)服務(wù)
systemctl start etcd.service
systemctl enable etcd.service

驗(yàn)證集群狀態(tài)：
etcdctl -C http://etcd:4001 cluster-health
顯示如下：
member 8e9e05c52164694d is healthy: got healthy result from http://etcd:2379
cluster is healthy

部署Master
1、安裝Docker
yum install docker
vi /etc/sysconfig/docker

# /etc/sysconfig/docker# Modify these options if you want to change the way the docker daemon runs OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false' if [ -z "${DOCKER_CERT_PATH}" ]; thenDOCKER_CERT_PATH=/etc/docker fi OPTIONS='--insecure-registry registry:5000'

2.啟動(dòng)docker服務(wù)并設(shè)置開(kāi)機(jī)啟動(dòng)
systemctl start docker.service
systemctl enable docker.service

3、安裝安裝kubernets
yum install kubernetes

4、 配置并且啟動(dòng)kubernets服務(wù)(該步驟只在master節(jié)點(diǎn))
Kubernets API Server Kubernets Controller Manager Kubernets Scheduler

vi /etc/kubernetes/apiserver

### # kubernetes system config # # The following values are used to configure the kube-apiserver ## The address on the local server to listen to. KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"# The port on the local server to listen on. KUBE_API_PORT="--port=8080"# Port minions listen on # KUBELET_PORT="--kubelet-port=10250"# Comma separated list of nodes in the etcd cluster KUBE_ETCD_SERVERS="--etcd-servers=http://etcd:2379"# Address range to use for services KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"# default admission control policies KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"# Add your own! KUBE_API_ARGS=""

vi /etc/kubernetes/config

# How the controller-manager, scheduler, and proxy find the apiserver KUBE_MASTER="--master=http://k8s-master:8080"

啟動(dòng)服務(wù)并設(shè)置開(kāi)機(jī)啟動(dòng)
[root@k8s-master ~]# systemctl enable kube-apiserver.service
[root@k8s-master ~]# systemctl start kube-apiserver.service
[root@k8s-master ~]# systemctl enable kube-controller-manager.service
[root@k8s-master ~]# systemctl start kube-controller-manager.service
[root@k8s-master ~]# systemctl enable kube-scheduler.service
[root@k8s-master ~]# systemctl start kube-scheduler.service

部署節(jié)點(diǎn)：
1、安裝并啟動(dòng) docker
2、安裝kubernets
配置：vi /etc/kubernetes/config

# How the controller-manager, scheduler, and proxy find the apiserverKUBE_MASTER="--master=http://k8s-master:8080"

配置：vi /etc/kubernetes/kubelet

KUBELET_ADDRESS="--address=0.0.0.0" KUBELET_HOSTNAME="--hostname-override=k8s-node-1" KUBELET_API_SERVER="--api-servers=http://etcd:8080"

3.啟動(dòng)服務(wù)并設(shè)置開(kāi)機(jī)啟動(dòng)
[root@k8s-node-1 ~]# systemctl enable kubelet.service
[root@k8s-node-1 ~]# systemctl start kubelet.service
[root@k8s-node-1 ~]# systemctl enable kube-proxy.service
[root@k8s-node-1~]# systemctl start kube-proxy.service

查看集群狀態(tài)

kubectl get node

輸出結(jié)果：
NAME STATUS AGE
k8s-node-1 Ready 14h
k8s-node-2 Ready 14h

安裝Flannel(所有節(jié)點(diǎn))(作用：使所有虛擬IP統(tǒng)一，互通）
yum install flannel
修改配置：vi /etc/sysconfig/flanneld

# Flanneld configuration options# etcd url location. Point this to the server where etcd runs FLANNEL_ETCD_ENDPOINTS="http://etcd:2379"

配置etcd中關(guān)于flannel的key (mast主機(jī)中）

etcdctl mk /atomic.io/network/config '{ "Network": "10.10.10.0/16" }'

如果內(nèi)部不通，執(zhí)行下面修改語(yǔ)句

etcdctl set /atomic.io/network/config '{"Network":"10.10.10.0/16","SubnetLen":25,"Backend":{"Type":"vxlan","VNI":1}}'

啟動(dòng)：
systemctl enable flanneld.service
systemctl start flanneld.service

管理節(jié)點(diǎn)執(zhí)行：
service docker restart
systemctl restart kube-apiserver.service
systemctl restart kube-controller-manager.service
systemctl restart kube-scheduler.service

業(yè)務(wù)節(jié)點(diǎn)執(zhí)行
service docker restart
systemctl restart kubelet.service
systemctl restart kube-proxy.service

實(shí)例運(yùn)轉(zhuǎn)操作方式：
1、業(yè)務(wù)節(jié)點(diǎn)拉取image
docker pull nginx
2、管理節(jié)點(diǎn)創(chuàng)建實(shí)例
kubectl run nginx --image=nginx --port=80
3、管理節(jié)點(diǎn)做svc映射
kubectl expose deployment nginx --port=80 --target-port=80 --external-ip=192.168.1.81

常用命令：

[root@node-1 ~]# kubectl get node -o wide
NAME STATUS AGE EXTERNAL-IP
k8s-node-1 Ready 14h
k8s-node-2 Ready 14h

[root@node-1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE
app-556711052-ps9kr 1/1 Running 3 7h 10.0.53.2 k8s-node-1
tomcat-3343039334-0z187 1/1 Running 0 2h 10.0.74.3 k8s-node-2
web-3818241055-g11q8 1/1 Running 3 8h 10.0.74.2 k8s-node-2

[root@node-1 ~]# kubectl get svc -o wide
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kubernetes 10.254.0.1 443/TCP 15h
tomcat 10.254.69.86 10.10.1.30 7777/TCP 2h run=tomcat
web 10.254.76.251 10.10.1.30 80/TCP 6h run=web

[root@node-1 ~]# kubectl get deployments
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
app 1 1 1 1 7h
tomcat 1 1 1 1 2h
web 1 1 1 1 8h

關(guān)于外網(wǎng)無(wú)法訪問(wèn)：
由于linux還有底層的iptables，所以在node上分別執(zhí)行：
[root@Node-2 ~]# vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@Node-2 ~]# sysctl -p
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -F
iptables -L -n

iptables -P FORWARD ACCEPT 如果不通 ，這個(gè)再執(zhí)行幾次，因?yàn)橛芯彺鎲?wèn)題

K8S啟動(dòng)POD問(wèn)題
mast主機(jī)

使用命令 kubectl get pods輸出no resources。解決方法是修改 apiserver 的配置文件

vim /etc/kubernetes/apiserver ... KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

去掉原先的ServiceAccount。然后重啟apiserver
systemctl restart kube-apiserver.service

節(jié)點(diǎn)
啟動(dòng)pod是，一直處于ContainerCreating狀態(tài)，需要安裝

yum install *rhsm*

查看docker日志，docker一直再拉取registry.access.redhat.com/rhel7/pod-infrastructure，且提示不存在，所以修改 kubelet 配置文件

vim /etc/kubernetes/kubeletKUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=docker.io/tianyebj/pod-infrastructure"

然后重啟kubelet

systemctl restart kubelet

總結(jié)

以上是生活随笔為你收集整理的centos7 安装 K8S 及启动 POD问题的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。