Click “like” to see again, form a habit, wechat search [mu Xiao Nong] follow me to get more information, in the wind and rain, xiao Nong waiting for you, very glad to be your friend.

Domestic installation of K8S four ways

Kubernetes installation is not complicated, because Kubernetes belongs to Google products, are downloaded from Google’s official, but because of network problems, in the country is not connected to its central warehouse for download installation package, can only be installed through other ways, There are four installation methods in the country

  1. Using Kubeadmin via offline image installation: Kubeadmin is the management console provided by K8S. The commands here can be very convenient for our cluster to be quickly published and deployed
  2. Use Ali cloud public cloud platform installation K8S: this is also very easy to use, do not have to do any Settings, take to use, but there is a disadvantage – to money
  3. Install via yum’s official repository: this is the simplest, but the K8S installation package is a very old version, I heard that it is 10 versions less than the latest Version of Google
  4. Through the form of a binary package for installation: the adoption of a third party to provide the form of a binary package to install K8S, Kubeasz, for example, it is making an open source project, because it is made up of three parties to provide, if in the absence of careful validation, it is very easy to get wrong, background has what kind of flaw, you don’t know.

Today we use here is the first use Kubeadmin through offline image installation K8S, this article will also use Kubeadmin to show you K8S cluster deployment and installation, environment and installation package I have prepared for you, you can download the installation of interest.

Concern public number: mu xiaonong, reply K8S, you can obtain the download address

Environment to prepare

Structure:

1.1 Physical Machine System

If you do not know how to install the virtual machine, see the following I install virtual machine tutorial: VIRTUAL machine installation tutorial: Install Linux virtual machine (CentOS) detailed tutorial

The number of processors required to install K9S is 2, otherwise later initialization will fail

1 1 the dedicated server uses Centos7.8 64-bit OS

[root@localhost ~]# uname -a
	Linux localhost.localdomain 3.10. 0-1127.el7.x86_64 #1 SMP Tue Mar 31 23:36:51 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost ~]# cat /etc/redhat-release
	CentOS Linux release 7.82003. (Core)
Copy the code

1.2 Cluster Information

Nodes and Functions The host name IP
Master, ETCD, Registry Master 192.168.137.129
Node1 Node1 192.168.137.130
Node2 Node2 192.168.137.131

Environment Preparation Command

2.1 Setting the Time Zone

For all three machines: timeDatectl set-timezone Asia/Shanghai

2.2 Setting a Host Name

129 Run the hostnamectl set-hostname master command

130 Run hostnamectl set-hostname node1

131 Run hostnamectl set-hostname node2

2.3 Adding hosts Network host configuration

This configuration is required for all three hosts

vi /etc/hosts
192.168137.129. master
192.168137.130. node1
192.168137.131. node2
Copy the code

Once added, we verify ping node1 on the master

[root@localhost~] #ping node1
PING node1 (192.168137.130.) 56(84) bytes of data.
64 bytes from node1 (192.168137.130.): icmp_seq=1 ttl=64 time=0.605 ms
64 bytes from node1 (192.168137.130.): icmp_seq=2 ttl=64 time=0.382 ms
64 bytes from node1 (192.168137.130.): icmp_seq=3 ttl=64 time=0.321 ms
Copy the code

2.4 Disabling the Firewall

Production environment can skip this step, do not perform this in production environment, this is just for our learning time

SELINUX is a security enhanced LINUX, a built-in security enhancement module that makes LINUX more secure, but it’s a hassle to set up, so we usually turn it off as we learn

To disable the command, run the sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config command

Set this parameter to temporary: setenForce 0

Disable the firewall: systemctl disable firewalld

Stop the firewall: systemctl stop firewalld

Install the Kubeadm deployment tool

First of all, Kubeadm is not K8S itself. Kubeadm is a quick deployment tool that helps simplify K8S deployment.

Create a file directory: mkdir /usr/local/k8s

Change directory address: CD /usr/local/k8s

Then we will put the installation package (kubernetes-1.14 installation package at the beginning of the download link) into the k8S directory

[root@master k8s]# ll
drwxr-xr-x 2 root root 335 Nov  6 11:17 kubernetes-1.14
Copy the code

Switch to kubernetes’ directory

[root@master k8s]# cd kubernetes-1.14/
[root@master kubernetes-1.14]# ll
total 986908
-rw-r--r-- 1 root root       357 Jul  3 14:15 admin-role.yaml
-rw-r--r-- 1 root root        67 Jul  3 14:15 daemon.json
-rw-r--r-- 1 root root  67850818 Jul  3 14:15 docker-ce-18.09.tar.gz
-rw-r--r-- 1 root root 177698304 Jul  3 14:15 flannel-dashboard.tar.gz
-rw-r--r-- 1 root root       927 Jul  3 14:15 init.sh
-rw-r--r-- 1 root root 706070528 Jul  3 14:15 k8s-114-images.tar.gz
-rw-r--r-- 1 root root        79 Jul  3 14:15 k8s.conf
-rw-r--r-- 1 root root  58913350 Jul  3 14:15 kube114-rpm.tar.gz
-rw-r--r-- 1 root root     12306 Jul  3 14:15 kube-flannel.yml
-rw-r--r-- 1 root root       281 Jul  3 14:15 kubernetes-dashboard-admin.rbac.yaml
-rw-r--r-- 1 root root      4809 Jul  3 14:15 kubernetes-dashboard.yaml
-rw-r--r-- 1 root root       953 Jul  3 14:15 worker-node.sh
[root@master kubernetes-1.14] #Copy the code

This contains all the content we install K8S, which

Kube114-rpm.tar. gz: Kubeadm cluster management tool installation package

Docker-ce-18.09.tar. gz: is our docker installation package, can be localized installation

K8s-114-images.tar. gz: k8S image itself, our K8S installation is automated deployment of k8S image through Kubeadm cluster management tool

Flannel-dashboard.tar. gz: used to monitor cluster status

Install the docker

We need to install Docker on all three machines, and the master node is used for demonstration in this paper

First, decompress docker-CE-18.09.tar. gz

[root@master kubernetes-1.14]# tar -zxvf docker-ce-18.09.tar.gz
[root@master kubernetes-1.14]# cd docker
Copy the code

Before the installation, we need to ensure that the original yum source and docker dependencies are up to date, so we need to execute the following command first, this step is executed under the docker directory

1. Install GCC

yum -y install gcc
yum -y install gcc-c++
Copy the code

Uninstall the old version of Docker and dependencies

yum  remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux docker-engine
Copy the code

Y y y y y y y y y y Y Y Y Y Y Y Y Y Y Y Y

Add yum source PS

Docker website address: sudo yum – config – manager – add – ‘https://download.docker.com/linux/centos/docker-ce.repo

Ali cloud address: sudo yum – config – manager – add – ‘http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

Sudo yum makecache fast sudo yum makecache fast

Sudo yum install docker-ce

7, uninstall the old version of docker and dependency this step is not repeated, is to uninstall the previous step of docker-CE to install our K8S package docker-CE

yum  remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux docker-engine
Copy the code

# yum localinstall -y *.rpm # yum localinstall -y *.rpm

This represents that our Docker installation is complete

Start docker: systemctl start docker

To set docker to automatic start: systemctl enable Docker

Ensure that cgroups are in the same groupFS

Execute command:

[root@master docker]# docker info | grep cgroup 
 Cgroup Driver: cgroupfs
Copy the code
  • cgroupsiscontrol groups It provides a mechanism for task aggregation and partitioning for the Linux kernel, organizing some tasks into one or more subsystems through a set of parameters.
  • cgroupsIaaS virtualization (KVM, LXC, etc.), PaaS container sandbox (Docker, etc.) resource management control part of the underlying foundation.
  • Subsystems are based oncgroupTask division The task division function divides tasks into groups according to a specified attribute. It is mainly used to control resources.
  • incgroup, the task group divided into the form of hierarchical structure organization, multiple subsystems form a data structure similar to multi-tree structure.cgroupContains multiple isolated subsystems, each representing a single resource

We just need to make sure that after entering the above command, it appears:Cgroup Driver: cgroupfsIt is ok

Cgroup Driver: cgroupfs = Cgroup Driver: cgroupfs = Cgroup Driver: cgroupfs

Modify daemon.json:

cat << EOF > /etc/docker/daemon.json
{
  "exec-opts": ["native.cgroupdriver=cgroupfs"]
}
EOF
systemctl daemon-reload && systemctl restart docker
Copy the code

Install kubeadm

Kubeadm is the official cluster deployment tool provided by K8S, through this tool can quickly help us simplify the completion of K8S management, as well as the creation of containers under each cluster node

Switch directory: CD/usr/local/k8s/kubernetes – 1.14

Decompress kube114 installation package: tar -zxvf kube114-rpm.tar.gz

Change directory: CD kube114-rpm

Yum localinstall -y *.rpm

Switch off

  • On Linux systems, swap areas are similar to ourswindowsVirtual memory aswindowsVirtual memory, in fact, is to simulate memory with physical disk.
  • Memory such as our system is small, so at the time of data processing, memory is not enough, we will send the data exist on your hard disk, hard disk space was used to simulate the memory to be used, although hard to extract data speed is slow, but is always better than the memory, in Linux system, the swap is what we call a virtual memory.
  • In this case, virtual memory may have unnecessary impact on system deployment. In the K8S environment, the server used is generally full of memory, so we generally do not recommend the use of system swap, which will reduce the performance of our system, so we choose to turn off the swap

To disable the switch area, run the swapoff -a command

Modify the configuration file to permanently disable the switch area by running the vi /etc/fstab swap command

Configuration of the bridge

Iptables is a networking tool used in Linux to filter packets according to the rules. Add the following two lines to k8s.conf when network communication between K8S containers, when data is transferred between the bridge, We also need to follow the rules of Iptables to improve the security of our system between network transfers

Opening mode:

cat <<EOF >  /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system

Copy the code

When we’re done, make sure the value in the red box is 1

Install K8S using an image

Switch directory: CD/usr/local/k8s/kubernetes – 1.14

– k8s: docker load -i k8S-114-images.tar.gz

View after loading: Docker Images

[root@master kubernetes-1.14]# docker images
REPOSITORY                           TAG       IMAGE ID       CREATED       SIZE
k8s.gcr.io/kube-proxy                v114.1.   20a2d7035165   2 years ago   82.1MB
k8s.gcr.io/kube-apiserver            v114.1.   cfaa4ad74c37   2 years ago   210MB
k8s.gcr.io/kube-controller-manager   v114.1.   efb3887b411d   2 years ago   158MB
k8s.gcr.io/kube-scheduler            v114.1.   8931473d5bdb   2 years ago   81.6MB
k8s.gcr.io/coredns                   1.31.     eb516548c180   2 years ago   40.3MB
k8s.gcr.io/etcd                      3.310.    2c4adeb21b4f   2 years ago   258MB
k8s.gcr.io/pause                     3.1       da86e6ba6ca1   3 years ago   742kB
Copy the code

If I read a K8S entry of the students, should be very familiar with these things, here will not do a detailed introduction, interested can go to have a look at this article K8S (Kubernetes) I think you can understand!!

Loading a local image – Visualization for the cluster: docker load -I flannel-dashboard.tar.gz

We can also view it using Docker images

By now, we have finished the pre-installation work of K8S, but we installed the cluster environment today, so the above steps need to be installed in the other two machines. When we have installed, the other two machines will use Docker images, and the above information will also appear to indicate that we have completed the installation. We don’t have to do the same thing here, you can install it yourself

Deploy the K8S cluster using Kubeadm

Master Indicates the configuration of the master service

The following steps are performed on the server 129(master), please pay attention!!

  1. Master Master server configuration:Kubeadm init - kubernetes - version = v1.14.1 - pod - network - cidr = 10.244.0.0/16

Versioin: version

Cidr: Ip address range must be within 10.244

After the installation is successful, we can see the following message:

The first step:

These three commands need to be copied and run manually

Mkdir -p $HOME /. Kube # # said we need to create one. Kube directory sudo cp - I/etc/kubernetes/admin. Conf. $HOME/kube/config # # will be admin. Conf Sudo chown $(id -u):$(id -g) $HOME/. Kube /config #Copy the code

Admin.conf is the kubeadm core configuration file about the current cluster, contains the kubeadm cluster information, also contains the node information, you can see The second step:This command needs us to run in the node (130, 131), add our node information to the master(129), we can copy and save first

kubeadm join 192.168137.129.:6443 --token lg870y.lxik26ib84938ton \
    --discovery-token-ca-cert-hash sha256:6d8331fe88ae99e89608d6dc414a9fe0a378b84ffa4044d7cacfdbbf5de41871 
Copy the code

Get node information from kubectl (including master) :kubectl get nodes

Name: indicates the host name

STATUS ROLES: role AGE: creation time 26 minutes VERSION: VERSION

In the figure above, we can see that there is only a master Node but no Node. Because the second step has not been performed, no Node is added to the master Node. At that time, we can see that status is NotReady, so it is NotReady. There must be some component in the bottom that is not executing properly, we can use the following command to check

View the pod in question:kubectl get pod --all-namespaces

Kubectl get pod –all-namespaces: kubectl get pod –all-namespaces: Kubectl get pod –all-namespaces: Kubectl get pod –all-namespaces: Kubectl get pod –all-namespaces: Kubectl get POD –all-namespaces

We can see that the state of the first two lines is always Pending, while the other lines are Running, which is abnormal. Then why only the first two lines are like this, while the latter ones are good? This problem is inevitable.

We can see that there is a CoreDNS under name, which represents the network application in our base. The base network application cannot be installed because it lacks an additional component, in this case the Flannel network component, which is the pod network component. We just need to install through Kubectl

Installing flannel network components:kubectl create -f kube-flannel.yml After the installation is successful, we can use the following command:kubectl get pod --all-namespaces, will not appearPendingThe status of theAnd the master is ready

Node is configured from the service

Remember when we copied the command from step 2 when we initialized the master service, we only had to execute that command in the Node (130, 131),

PS: This command is generated by my master, you need to replace it with your own command.

If we forget the command, we can passkubeadm token listCommand to check, and then below the IP address and token to replace it, other need not be replaced

kubeadm join 192.168137.129.:6443 --token lg870y.lxik26ib84938ton \
    --discovery-token-ca-cert-hash sha256:6d8331fe88ae99e89608d6dc414a9fe0a378b84ffa4044d7cacfdbbf5de41871 
Copy the code

Get node information (including master) by kubectl: kubectl get nodes

Then we can see that the two nodes have joined in

Restarting the service

Restart docker: systemctl restart kubelet: systemctl restart kubelet: systemctl enableKubelet

Kubeadm kubelet/kubectl difference

  • Kubeadm: Kubernetes cluster quick build tool
  • Kubelet runs on all nodes and is responsible for starting pods and containers as a system service
  • Kubectl: Kubectl is a kubernetes command line tool that provides instructions

summary

K8S cluster service is finished here, actually itself K8S installation is not complicated, but you hold there are many, many, you may see I install more smoothly, but small farmers is also lay a lot of pit, this paper is presented to you, if you find the article helpful to you, remember the thumb up, you support my creation.

If you have any questions or do not understand the place, welcome to leave a message below, small farmers see, will be the first time to reply to everyone.

Fear what truth is infinite, further have further joy, everyone refueling ~