说明
之前本人的 VPS 一直使用 salt/ansible 之类工具管理以及部署。最近为了学习 kubernetes 并容器化 VPS 上服务,就打算部署一套 k8s 集群。
本文是对 https://kubernetes.io/docs/getting-started-guides/kubeadm/ 的简单翻译,并对自己遇到的问题备忘。
方便有同样需求的人参考。
需求
在 Ubuntu 16.04 上部署单节点的 k8s 集群。
机器配置
OS: Ubuntu 16.04
Kernel: 4.9.0-11-generic
CPU: 1
Memory: 2G
Note:
- kubeadm 当前只支持 16.04
- CPU & Memory 很低,让集群跑起来有额外操作,注意后续说明
部署
安装 kubeadm, docker, kubelet, kubectl, kubernetes-cni
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF > /etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y docker.io
apt-get install -y kubelet kubeadm kubectl kubernetes-cni
清除可能与 k8s 冲突的设置
关闭 SELinux
apt install -y selinux-utils
setenforce 0
清除 iptables
避免自定义 iptables 影响 k8s 服务工作,建议自定义需求通过 k8s 实现,如果满足不了,安装好 k8s 后,再配置自定义 iptables 。
iptables -t filter -F
iptables -t nat -F
iptables -t mangle -F
apt remove --purge ufw
apt remove --purge iptables-persist
部署 master
root@host:~# kubeadm init --pod-network-cidr 10.244.0.0/16
如果顺利,会有如下输出:
root@neptune:~# kubeadm init --pod-network-cidr 10.244.0.0/16
[kubeadm] WARNING: kubeadm is in alpha, please do not use it for production clusters.
[preflight] Running pre-flight checks
[init] Using Kubernetes version: v1.5.2
[tokens] Generated token: "<hidden_token>"
[certificates] Generated Certificate Authority key and certificate.
[certificates] Generated API Server key and certificate
[certificates] Generated Service Account signing keys
[certificates] Created keys and certificates in "/etc/kubernetes/pki"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/admin.conf"
[apiclient] Created API client, waiting for the control plane to become ready
[apiclient] All control plane components are healthy after 18.188856 seconds
[apiclient] Waiting for at least one node to register and become ready
[apiclient] First node is ready after 3.005080 seconds
[apiclient] Creating a test deployment
[apiclient] Test deployment succeeded
[token-discovery] Created the kube-discovery deployment, waiting for it to become ready
[token-discovery] kube-discovery is ready after 1.003269 seconds
[addons] Created essential addon: kube-proxy
[addons] Created essential addon: kube-dns
Your Kubernetes master has initialized successfully!
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
http://kubernetes.io/docs/admin/addons/
You can now join any number of machines by running the following on each node:
kubeadm join --token=<hidden_token> <hidden_ip>
让 master 节点可以部署服务
root@host:~# kubectl taint nodes --all dedicated-
如果多节点集群,并不需要 master 部署服务,可跳过。
部署网络
root@host:~# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
特别注意:linux 4.9.0~4.9.4 内核有 bug 会让 kube-proxy iptables 模式下不能正常访问 cluster-ip ,需要升级到 4.9.5+ 版本。见 259495a0440f6b8025277171d7becb8b92cece82 修复。
检查 DNS 是否正常运行
root@host:~# kubectl get pods -n kube-system | grep kube-dns
kube-dns-3192399298-vvlp2 4/4 Running 4 2d
如果正常的话,Ready 为 4/4 。
注意:低配置机器,需要移除 DNS 部署的 Resources 配置。
编辑并移除所有 Resources 配置并保存即可:
root@host:~# kubectl edit deployments/kube-dns -n kube-system
软件版本
本文使用的 kubeadm
, kubernetes
为以下版本。如果版本差异过大,本文可能不适用。
root@host:~# kubeadm version
kubeadm version: version.Info{Major:"1", Minor:"6+",
GitVersion:"v1.6.0-alpha.0.2074+a092d8e0f95f52",
GitCommit:"a092d8e0f95f5200f7ae2cba45c75ab42da36537", GitTreeState:"clean",
BuildDate:"2016-12-13T17:03:18Z", GoVersion:"go1.7.4", Compiler:"gc",
Platform:"linux/amd64"}
root@host:~# kubectl version
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2",
GitCommit:"08e099554f3c31f6e6f07b448ab3ed78d0520507", GitTreeState:"clean",
BuildDate:"2017-01-12T04:57:25Z", GoVersion:"go1.7.4", Compiler:"gc",
Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2",
GitCommit:"08e099554f3c31f6e6f07b448ab3ed78d0520507", GitTreeState:"clean",
BuildDate:"2017-01-12T04:52:34Z", GoVersion:"go1.7.4", Compiler:"gc",
Platform:"linux/amd64"}
参考资料
- https://kubernetes.io/docs/getting-started-guides/kubeadm/
- Google Search