基础环境说明

本实验要求Kubernetes版本为1.18.1
实验基于先电Docker及Harbor仓库部署流程搭建环境

部署Kubernetes集群

安装Kubeadm工具

# yum install -y kubelet-1.18.1 kubeadm-1.18.1 kubectl-1.18.1
# systemctl restart kubelet && systemctl enable kubelet

初始化master节点

# kubelet init --kubernetes-version=1.18.1 --apiserver-advertise-address=10.16.106.50 --imager-repository 10.16.106.50/library --pod-network-cidr=10.244.0.0/16
# mkdir -p /root/.kube
# cp -i /etc/kubernetes/admin.conf /root/.kube/config
# chown root:root /root/.kube/config
# kubectl get pod -n kube-system -owide

部署flannel网络

# sed -i "s/quay.io\/coreos/10.16.106.50\/library/g" /opt/yaml/flannel/kube-flannel.yaml
# kubectl apply -f /opt/yaml/flannnel/kube-flannel.yaml

部署dashboard

创建证书
# mkdir dashboard-certs && cd dashboard-certs
# kubectl create -out dashboard.key 2048
# kubectl create namespace kubernetes-dashboard
# openssl genrsa -out dashboard.key 2048
# openssl req -days 36000 -new -out dashboard.csr -key dashboard.key -subj '/CN=dashboard-cert' 
# openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt
# kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard
# sed -i "s/kubernetesui/10.16.106.50\/library/g" /opt/yaml/dashboard/recommended.yaml
安装dashboard
# kubectl apply -f /opt/yaml/dashboard/recommended.yaml
# kubeclt apply -f /opt/yaml/dashboard/dashboard-adminuser.yaml

去除污点

出于安全考虑,默认配置下Kubernetes不会将Pod调度到Master节点。如果希望将master也当作Node节点使用,可以去除污点

# kubectl taint nodes master node-role.kubernetes.io/master-
污点详解

查看污点节点

# kubectl describe node node-name

节点添加污点

# kubectl taint nodes node-name node-role.kubernetes.io/master:NoSchedule

# kubectl taint nodes node-name node-role.kubernetes.io/master:NoExecute

# kubectl taint nodes node-name node-role.kubernetes.io/master:PreferNoSchedule
  • NoSchedule :表示k8s将不会将Pod调度到具有该污点的Node上
  • PreferNoSchedule :表示k8s将尽量避免将Pod调度到具有该污点的Node上
  • NoExecute :表示k8s将不会将Pod调度到具有该污点的Node上,同时会将Node上已经存在的Pod驱逐出去

节点去除污点

//最后一个'-'代表去除
# kubectl taint nodes k8s-master02 node-role.kubernetes.io/master-

Web访问集群

dashboard地址:https://$:30000

获取登陆令牌

# kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep dashboard-admin | awk '{print $1}')

node节点加入集群

//在master节点运行
# kubeadm token create --print-join-command --ttl 0
//运行完出现一条命令,在node执行这条命令
kubeadm join 10.16.106.50:6443 --token 2027js.rsvzvlycmlvhes5n     --discovery-token-ca-cert-hash sha256:60bbb881fde6d3fe45e54d1087906d7eea9c403c369fdbef7a5497eefd7bc9b5
//在master查看是否加入集群
# kubectl get nodes

Q.E.D.


你笑的时候一晃便是经年