Shulou(Shulou.com)06/01 Report--

This article shows you the process of k8s Kubernetes v1.10.0 cluster installation and stepping on the pit, which is concise and easy to understand, which will definitely brighten your eyes. I hope you can get something through the detailed introduction of this article.

Due to work requirements, recently began to study docker and K8s related materials, this paper mainly records the kubernetes installation process and stepped on the pit. There are a lot of holes, just come here! If there are any mistakes or omissions, please correct them.

System environment

CentOS 7.4

Hardware environment IP address machine name role 10.8.51.76server master node 10.8.51.77node-1 slave node 10.8.51.78node-2 slave node initialization environment

After initializing the environment, it is recommended that you restart the machine

Modify the host name. It is recommended to unify

Hostnamectl set-hostname serverhostnamectl set-hostname node-1hostnamectl set-hostname node-2

Modify / etc/hosts file to add host mapping

# node-2 is the host name of the current node 127.0.0.1 localhost node-2 localhost4 localhost4.localdomain4::1 localhost node-2 localhost6 localhost6.localdomain610.8.51.76 server10.8.51.77 node-110.8.51.78 node-2

No identity authentication (recommended, mainly for convenience)

Ssh-keygen # enter all the way to ssh-copy-id serverssh-copy-id node-1ssh-copy-id node-2

Turn off the firewall, turn off Swap, turn off Selinux

# turn off firewall systemctl stop firewalldsystemctl disable firewalld# turn off swap memory, must be turned off. It is easy to make an error swapoff-a sed-I 'Universe' / etc/fstab# close selinux setenforce 0 sed-I "s / ^ SELINUX = enforcing/SELINUX=disabled/g" / etc/sysconfig/selinux sed-I "s / ^ SELINUX = enforcing/SELINUX=disabled/g" / etc/selinux/config sed-I "s / ^ SELINUX = permissive/SELINUX=disabled/g" / etc/sysconfig/selinux sed-I "s / ^ SELINUX = permissive/SELINUX=disabled/g" / etc/selinux/config # maximum number of change files Echo "* soft nofile 65536" > > / etc/security/limits.confecho "* hard nofile 65536" > > / etc/security/limits.confecho "* soft nproc 65536" > > / etc/security/limits.confecho "* hard nproc 65536" > > / etc/security/limits.confecho "* soft memlock unlimited" > > / etc/security/limits.confecho "* hard memlock unlimited" > > / etc/security/limits.conf# configure IP forwarding Allow editing / etc/sysctl.d/k8s.conf file, add net.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = etc/sysctl.d/k8s.confDocker to make it effective after completion sysctl-p / etc/sysctl.d/k8s.confDocker installation

Kubernetes 1.10.0 is the version of docker that comes with the period. If you do not specify a version, the docker version is too high and K8s cannot start normally.

# download the specified version of dockerwget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch.rpmwget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-17.03.2.ce-1.el7.centos.x86_64.rpm# and install rpm-ivh docker-ce-selinux-17.03.2. Ce-1.el7.centos.noarch.rpmrpm-ivh docker-ce-17.03.2.ce-1.el7.centos.x86_64.rpm# setting Boot systemctl enable docker# Boot dockersystemctl start docker# View status docker info # View version docker version

You can configure domestic image acceleration here.

Use Aliyun hub Accelerator: Aliyun Container hub Accelerator. After logging in, go to console-> Image Accelerator-> Operation document and set it according to the prompts. As shown below:

Configure Docker

If you don't modify it here, the container cannot pass through its own firewall.

Open the FORWARD chain of iptables filter table

Edit / lib/systemd/system/docker.service, in ExecStart=.. The following is added above:

ExecStartPost=/usr/sbin/iptables-I FORWARD-s 0.0.0.0It 0-j ACCEPTExecStart=/usr/bin/dockerd

To pull an image, you need to pull the required image in advance because the google (k8s.gcr.io) related services cannot be connected in China. If you can climb over the wall here, you can omit the following steps

Server Node # pull Image docker pull keveon/kube-apiserver-amd64:v1.10.0docker pull keveon/kube-scheduler-amd64:v1.10.0docker pull keveon/kube-controller-manager-amd64:v1.10.0docker pull keveon/kube-proxy-amd64:v1.10.0docker pull keveon/k8s-dns-kube-dns-amd64:1.14.8docker pull keveon/k8s-dns-dnsmasq-nanny-amd64:1.14.8docker pull keveon/k8s-dns-sidecar-amd64:1.14.8docker pull Keveon/etcd-amd64:3.1.12docker pull keveon/flannel:v0.10.0-amd64docker pull keveon/pause-amd64:3.1# modifies the image name Be consistent with the original service demand image of K8s docker tag keveon/kube-apiserver-amd64:v1.10.0 k8s.gcr.io/kube-apiserver-amd64:v1.10.0docker tag keveon/kube-scheduler-amd64:v1.10.0 k8s.gcr.io/kube-scheduler-amd64:v1.10.0docker tag keveon/kube-controller-manager-amd64:v1.10.0 k8s.gcr.io/kube-controller-manager-amd64:v1.10.0docker tag keveon/kube-proxy-amd64: V1.10.0 k8s.gcr.io/kube-proxy-amd64:v1.10.0docker tag keveon/k8s-dns-kube-dns-amd64:1.14.8 k8s.gcr.io/k8s-dns-kube-dns-amd64:1.14.8docker tag keveon/k8s-dns-dnsmasq-nanny-amd64:1.14.8 k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64:1.14.8docker tag keveon/k8s-dns-sidecar-amd64:1.14.8 k8s.gcr. Io/k8s-dns-sidecar-amd64:1.14.8docker tag keveon/etcd-amd64:3.1.12 k8s.gcr.io/etcd-amd64:3.1.12docker tag keveon/flannel:v0.10.0-amd64 quay.io/coreos/flannel:v0.10.0-amd64docker tag keveon/pause-amd64:3.1 k8s.gcr.io/pause-amd64:3.1# deletes the original mirror docker rmi keveon/kube-apiserver-amd64:v1.10.0docker rmi keveon/kube-scheduler- Amd64:v1.10.0docker rmi keveon/kube-controller-manager-amd64:v1.10.0docker rmi keveon/kube-proxy-amd64:v1.10.0docker rmi keveon/k8s-dns-kube-dns-amd64:1.14.8docker rmi keveon/k8s-dns-dnsmasq-nanny-amd64:1.14.8docker rmi keveon/k8s-dns-sidecar-amd64:1.14.8docker rmi keveon/etcd-amd64:3.1.12docker rmi keveon/flannel:v0.10.0-amd64docker rmi keveon/pause-amd64:3.1

Node node to pull the image, in which dashboard and heapster can also be placed on the primary node

Node node # pull image docker pull keveon/kube-proxy-amd64:v1.10.0docker pull keveon/flannel:v0.10.0-amd64docker pull keveon/pause-amd64:3.1docker pull keveon/kubernetes-dashboard-amd64:v1.8.3docker pull keveon/heapster-influxdb-amd64:v1.3.3docker pull keveon/heapster-grafana-amd64:v4.4.3docker pull keveon/heapster-amd64:v1.4.2# modify image name docker tag keveon/flannel:v0.10.0-amd64 quay . io/coreos/flannel:v0.10.0-amd64docker tag keveon/pause-amd64:3.1 k8s.gcr.io/pause-amd64:3.1docker tag keveon/kube-proxy-amd64:v1.10.0 k8s.gcr.io/kube-proxy-amd64:v1.10.0docker tag keveon/kubernetes-dashboard-amd64:v1.8.3 k8s.gcr.io/kubernetes-dashboard-amd64:v1.8.3docker tag keveon/heapster-influxdb-amd64:v1.3.3 k8s.gcr.io/heapster -influxdb-amd64:v1.3.3docker tag keveon/heapster-grafana-amd64:v4.4.3 k8s.gcr.io/heapster-grafana-amd64:v4.4.3docker tag keveon/heapster-amd64:v1.4.2 k8s.gcr.io/heapster-amd64:v1.4.2# deletes the original image docker rmi keveon/kube-proxy-amd64:v1.10.0docker rmi keveon/flannel:v0.10.0-amd64docker rmi keveon/pause-amd64:3.1docker rmi keveon/kubernetes-dashboard-amd64: V1.8.3docker rmi keveon/heapster-influxdb-amd64:v1.3.3docker rmi keveon/heapster-grafana-amd64:v4.4.3docker rmi keveon/heapster-amd64:v1.4.2 installation and configuration kubernetes

Each node needs to execute

Modify kubernetes source cat > / etc/yum.repos.d/kubernetes.repo 22/tcp, 0.0.0.07001/tcp peaceful_sahaaca388afeddf sshd:centos 32770-> 7001/tcp peaceful_sahaaca388afeddf sshd:centos "/ run.sh" 4 days ago Up 4 days 0.0.0.0etc/yum.repos.d/kubernetes.repo 22/tcp 32769-> 22/tcp grave_ turing.[ root @ docker1 LAMP] # docker export dd43b6de6b33 > / home/weblogic:jdk1.6.tar [root@docker1 LAMP] # cd / home [root@docker1 home] # lsweblogic:jdk1.6.tar

After the export is complete, you can use import to import

[root@docker1 home] # docker import-/ home/weblogic:jdk1.6.tar

two。 Save save-load load

Format: docker save IMAGE (mirrored)

Use docker images to view existing local images (you can also use the docker commit command to save a running container as an image), such as:

[root@docker1 LAMP] # docker imagesREPOSITORY TAG IMAGE ID CREATED SIZE.docker.io/tutum/lamp latest 3d49e175ec00 22 months ago 426.9 MB. [root@docker1 LAMP] # docker save 3d49e175ec00 > lamp.tar [root@docker1 LAMP] # lsDockerfile lamp.tar [root@docker1 LAMP] # sz lamp.tar rzStarting zmodem transfer. Press Ctrl+C to cancel.Transferring lamp.tar... 430366 KB 14345 KB/sec 00:00:30 0 Errors

It's a little slow, wait a little bit, without any warn information, it means saving the OK. 3d49e175ec00 is a mirrored ID

Now you can load the newly saved image anywhere you install docker.

[root@docker1 home] # docker load < / lamp/lamp.tar

3. The difference between exporting export and saving save

(1) the size of the image file exported by .export is smaller than that saved by save

(2). Export export (import import) is based on the image obtained by the container, and all the history of the image will be lost when it is imported, so the rollback operation (docker tag) cannot be performed. While the image saved by save (loaded by load) has no history of image loss, it can be rolled back to the previous layer (layer). (view method: docker images-- tree)

Note: if you find it inappropriate to import and load, you can delete it by using docker rm container ID and docker rmi image ID.

Remove all containers and images (thorough cleaning):

The code is as follows:

Docker kill $(docker ps-Q); docker rm $(docker ps-a-Q); docker rmi $(docker images-Q-a) the above is k8s Kubernetes v1.10.0 cluster installation and trampling process. Have you learned the knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.