Automatically publish structure diagrams
Based on the environment
The server | memory | CPU | system | Network IP |
---|---|---|---|---|
k8s-master | 4G | 2 the nuclear | Centos 7.6 | 192.168.0.6 |
k8s-node1 | 4G | 2 the nuclear | Centos 7.6 | 192.168.0.47 |
k8s-node2 | 4G | 2 the nuclear | Centos 7.6 | 192.168.0.154 |
k8s-node3jenkins |
8G | 4 nuclear | Centos 7.6 | 192.168.0.72 |
The environment involved in installation:
- 1.
Docker
- 2.
Kubernetes
- 3.K8s Interface management tool
Kuboard
) - 4.
Jenkins
- 5.
Git
- 6.
Maven
1. The Docker installation
- Uninstall old Docker
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine
Copy the code
- Installing dependency packages
sudo yum install -y yum-utils
Copy the code
- Add aliyun YUM software source
sudo yum-config-manager \
--add-repo \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sudo sed -i 's/download.docker.com/mirrors.aliyun.com\/docker-ce/g' /etc/yum.repos.d/docker-ce.repo
Copy the code
- Install and start Docker
Yum install -y docker-ce-19.03.8 docker-ce-cli-19.03.8 containerd. IO systemctl enable docker systemctl start dockerCopy the code
- Turn off the firewall. SeLinux,swap
SeLinux setenforce 0 sed -i "S/SELINUX = enforcing/SELINUX = disabled/g"/etc/SELINUX/config # close swap swapoff - a yes | cp/etc/fstab/etc/fstab_bak cat /etc/fstab_bak |grep -v swap > /etc/fstabCopy the code
2. Install kubernetes
- Modify/etc/sysctl. Conf
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.conf echo "net.ipv6.conf.all.forwarding = 1" >> /etc/sysctl.confCopy the code
- Effective configuration
sysctl -p
Copy the code
- Add Kubernetes yum source
vi /etc/yum.repos.d/kubernetes.repo
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
Copy the code
- Uninstall the previous version
yum remove -y kubelet kubeadm kubectl
Copy the code
- Install Kubelet, Kubeadm,kubectl version 1.18.9
Yum install -y kubelet-1.18.9 kubeadm-1.18.9 kubectl-1.18.9Copy the code
- Example Change the Docker Cgroup Driver to systemd
# # to/usr/lib/systemd/system/docker. This line of service files ExecStart = / usr/bin/dockerd -h fd: / / -- containerd = / run/containerd containerd. The sock # # modified for ExecStart = / usr/bin/dockerd -h fd: / / -- containerd = / run/containerd containerd. The sock - exec - opt. Native cgroupdriver = systemd # if you don't change, # [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". # Please follow the guide at https://kubernetes.io/docs/setup/cri/ sed -i "s#^ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd#g" /usr/lib/systemd/system/docker.serviceCopy the code
- Configure Docker image acceleration
export REGISTRY_MIRROR=https://registry.cn-hangzhou.aliyuncs.com
curl -sSL https://kuboard.cn/install-script/set_mirror.sh | sh -s ${REGISTRY_MIRROR}
Copy the code
- Restart Docker and start Kubelet
Crictl config runtime - the endpoint/run/containerd/containerd sock # restart docker, -reload systemctl restart docker systemctl enable kubelet && systemctl start kubelet containerd --version kubelet --version docker versionCopy the code
- Initialize the Master
- Edit kubeadm – config. Yaml
mkdir /usr/local/k8s vi kubeadm-config.yaml apiVersion: kubeadm.k8s.io/v1beta2 kind: ClusterConfiguration kubernetesVersion: v1.18.9 imageRepository: registry.aliyuncs.com/k8sxio controlPlaneEndpoint: "K8s-master :6443" Networking: serviceSubnet: "10.96.0.0/16" podSubnet: "10.100.0.1/16" dnsDomain: "cluster.local"Copy the code
- kubeadm init
kubeadm init --config=kubeadm-config.yaml --upload-certs
Copy the code
- Configuration kubectl
rm -rf /root/.kube/
mkdir /root/.kube/
cp -i /etc/kubernetes/admin.conf /root/.kube/config
Copy the code
- Install the calico
Wget https://kuboard.cn/install-script/calico/calico-3.13.1.yaml kubectl apply - f the calico - 3.13.1. YamlCopy the code
- Troubleshoot errors during installation
- Command :journalctl -xeu kubelet
Feb 16 16:32:31 k8s-master kubelet[5138]: Flag --cgroup-driver has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information. Feb 16 16:32:31 k8s-master kubelet[5138]: Flag --cgroup-driver has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information. Feb 16 16:32:31 K8s-master kubelet[5138]: I0216 16:32:31.980708 5138 server.go:417] Version: V1.18.9 Feb 16 16:32:31 K8S-Master Kubelet [5138]: I0216 16:32:31.981288 5138 plugins.go:100] No Cloud provider specified. Feb 16 16:32:31 K8S-Master Kubelet [5138]: I0216 16:32:31.981315 5138 Server. Go :838] Client rotation is on, will bootstrap in background Feb 16 16:32:31 k8s-master kubelet[5138]: I0216 16:32:31.986158 5138 Certificate_store. go:130] Loading cert/key pair from "/var/lib/kubelet/pki/kubelet-client-current.pem". Feb 16 16:32:31 k8s-master kubelet[5138]: 5138 dynamic_cafile_content I0216 16:32:31. 987324. Go: 167] Starting client - ca - bundle: : / etc/kubernetes/pki/ca. CRT Feb 16 16:32:32 k8s-master kubelet[5138]: I0216 16:32:32.059614 5138 server.go:647] -- groups-per-qos enabled, but --cgroup-root was not specified. defaulting to / Feb 16 16:32:32 k8s-master kubelet[5138]: I0216 16:32:32.059869 5138 container_Manager_Linux. go:266] Container Manager verified User Specified cgroup-root exists: [] Feb 16 16:32:32 k8s-master kubelet[5138]: I0216 16:32:32.059879 5138 Container_Manager_Linux. go:271] Creating Container Manager Object Based on Node Config: {RuntimeCgroupsName: SystemCgroupsName: KubeletCgroupsName: ContainerRuntime:docker CgroupsPerQOS:true CgroupRoot:/ CgroupDriver:systemd KubeletRootDir:/var/lib/kubelet Pro Feb 16 16:32:32 k8s-master kubelet[5138]: I0216 16:32:32.059975 5138 Topology_Manager.go :126] [TopologyManager] Creating Topology Manager with None Policy Feb 16 16:32:32 k8s-master kubelet[5138]: I0216 16:32:32.059981 5138 Container_Manager_Linux. go:301] [TopologyManager] Initializing Topology Manager with None policy Feb 16 16:32:32 k8s-master kubelet[5138]: I0216 16:32:32.059985 5138 Container_Manager_Linux.go :306] Creating Device Plugin Manager: true Feb 16 16:32:32 k8s-master kubelet[5138]: I0216 16:32:32. 060033 5138 client. Go: 75] Connecting to docker on Unix: / / / var/run/docker. The sock Feb 16 16:32:32 k8s - master kubelet[5138]: I0216 16:32:32.060043 5138 client.go:92] Start Docker Client with Request Timeout =2m0s Feb 16 16:32:32 k8S-master kubelet[5138]: W0216 16:32:32.068209 5138 docker_service.go:562] Hairpin mode set to "promiscuous bridge" but kubenet is not enabled, falling back to "hairpin-veth" Feb 16 16:32:32 k8s-master kubelet[5138]: I0216 16:32:32.068230 docker_service. Go :238] Feb 16 16:32:32 K8S-Master Kubelet [5138]: W0216 16:32:32.068312 5138 cni.go:237] Unable to update cni config: no networks found in /etc/cni/net.d Feb 16 16:32:32 k8s-master kubelet[5138]: W0216 16:32:32.070804 5138 cni.go:237] Unable to update cnI config: no networks found in /etc/cni/net.d Feb 16 16:32:32 k8s-master kubelet[5138]: I0216 16:32:32.070850 5138 Docker_service.go :253] Docker CrI Networking Managed by CNI Feb 16 16:32:32 K8S-Master Kubelet [5138]: W0216 16:32:32.070917 5138 cni.go:237] Unable to update cni config: no networks found in /etc/cni/net.d Feb 16 16:32:32 k8s-master kubelet[5138]: I0216 16:32:32.079574 5138 docker_service.go:258] Docker Info: &{ID:3OHS:SKBB:HKWB:SO4R:6CSH:6WAP:OILN:OYPM:46KD:65MT:PPN2:QDTI Containers:0 ContainersRunning:0 ContainersPaused:0 ContainersStopped:0 Images:13 Driver:overlay2 DriverStatus:[[Backing Filesystem <unknown>] [Supports d_type Feb 16 16:32:32 k8s-master kubelet[5138]: I0216 16:32:32.079682 docker_service. Go :271] Setting cgroupDriver to SystemD Feb 16 16:32:32 K8S-master Kubelet [5138]: F0216 16:32:32.080178 5138 Docker_service.go :413] Streaming server Stopped unexpectedly: listen tcp [::1]:0: bind: cannot assign requested address Feb 16 16:32:32 k8s-master systemd[1]: kubelet.service: main process exited, code=exited, status=255/n/a Feb 16 16:32:32 k8s-master systemd[1]: Unit kubelet.service entered failed state. Feb 16 16:32:32 k8s-master systemd[1]: kubelet.service failed.Copy the code
Trouble spots. Streaming server stopped unexpectedly: listen tcp [::1]:0: bind: Cannot assign requested address see [::1]:0:bind seems to have seen my complete hosts file in the hosts file line 2 ::1 the initial state of the system exists. I deleted it by mistake and reinstalled it and it started normally
127.0.0.1 localhost localhost.localdomain localhost4 localhost4. Localdomain4 ::1 localhost localhost.localdomain Localhost6 localhost6. Localdomain6 192.168.0.6k8s-master 192.168.0.47k8s-node1 192.168.0.154k8S-node2 127.0.0.1 k8s-masterCopy the code
- Initialize the worker node
- Title Docker install content on the worker node
- Kubeadm join apiserver.k8s-master:6443 –token kubeadm join apiserver.k8s-master:6443 –token kubeadm join apiserver.k8s-master:6443 –token mpfjma.4vjjg8flqihor4vt –discovery-token-ca-cert-hash sha256:6f7a8e40a810323672de5eee6f4d19aa2dbdb38411845a1bf5dd63485c43d303
- Execute only on worker nodes for all worker nodes
X to the internal IP address of the master node export MASTER_IP= X.X.X.X # replace k8s-master with the APISERVER_NAME export used when initializing the master node APISERVER_NAME=k8s-master echo "${MASTER_IP} ${APISERVER_NAME}" >> /etc/hosts kubeadm join k8s-master:6443 --token ke1n3g.9eld59l95zio84ly --discovery-token-ca-cert-hash sha256:2a707ea190ba499e22fd5d12ea5e2db31bcad3b25110810677da159dbe6a5f48Copy the code
- Check the initialization result
kubectl get nodes -o wide
- Install IgressController
Kubectl apply -f https://kuboard.cn/install-script/v1.18.x/nginx-ingress.yamlCopy the code
3. Install Kuboard
kubectl apply -f https://kuboard.cn/install-script/kuboard.yaml
kubectl apply -f https://addons.kuboard.cn/metrics-server/0.3.7/metrics-server.yaml
Copy the code
- Access address: Open security group port 32567
- Browser input:http:// public IP: 32567
If the public IP address is any child node, NodePort is used
-
Master node input: echo $(kubectl – n kube – system get secret $(kubectl -n kube – system get secret | grep kuboard – user | awk ‘} {print $1) – o go – the template = ‘{{. Data. The token}}’ | base64 – d) token for administrator
-
The following page is displayed after login
- Binding domain name, Https certificate available free to huawei cloud (console.huaweicloud.com/ccm) no words can use HTTP check the Https
- After binding, the access address is:
kuboard.supersindox.com/
Read-only user token: token.supersindox.com/
Using gitlab/ Github single sign-on see: kuboard.cn/learning/k8…
4. Git installed
yum install git
Copy the code
5. Maven installation
- Download address: maven.apache.org/download.cg…
- The environment variable
export MAVEN_HOME=/usr/local/maven3
export PATH=$MAVEN_HOME/bin:$PATH
Copy the code
6. Jenkins installation
- Advance the environment jdK1.8
- Download Jenkins War package updates.jenkins-ci.org/download/wa…
Version 2.280 is used for the tutorialCopy the code
- Start the Jenkins
- nohup java -jar /usr/local/jenkins/jenkins.war &
- Obtaining the Login Password
- Through the nohup Chinese startup log can see the password in This may also be found at: / root /. Jenkins/secrets/initialAdminPassword
- Account: admin Password: XXXXX
- Default port :8080 The login page is displayed if the cloud server enables security group policy 8080 and IP address is 8080
- Choose not to install plugins and we will see this screen through plug-in management custom installation
- The installed plug-ins are
apache-httpcomponents-client-4-api bootstrap4-api bouncycastle-api branch-api checks-api cloudbees-folder command-launcher credentials display-url-api echarts-api font-awesome-api git-client gitee github-api github github-pullrequest git git-parameter icon-shim jackson2-api javadoc jdk-tool jquery3-api jquery-detached jquery jsch junit mailer matrix-project maven-plugin okhttp-api plain-credentials plugin-util-api popper-api scm-api script-security snakeyaml-api ssh-credentials structs token-macro trilead-api versionnumber webhook-step workflow-api workflow-cps workflow-job workflow-multibranch workflow-scm-step workflow-step-apiCopy the code
- Jenkins Project Configuration
7. Gitee configuration
You can use the company's Gitlab, the latter Github (Github will often pull code timeout), the personal server resources are limited, the installation of Gitlab found that the occupied resources are too high, so here we use Gitee as code management, Gitee access speed is fast, also support Webhook.Copy the code
Note: When adding Webhook, Jenkins password is the same as the Webhook password in the screenshot of Jenkins project configuration. The key added by the pinning robot is obtained by the new robot in the pinning group
Ways to add stitching robots: see blog.csdn.net/keep_learn/… Select custom robots