先使用 yum 安装必须得用到的 etcd 和 kubernetes 软件包
[root@localhost ~]# yum install -y etcd kubernetes
Loaded plugins: fastestmirror
base | 3.6 kB 00:00
extras | 3.4 kB 00:00
updates | 3.4 kB 00:00
(1/4): extras/7/x86_64/primary_db | 151 kB 00:00
(2/4): base/7/x86_64/group_gz | 155 kB 00:00
(3/4): updates/7/x86_64/primary_db | 4.8 MB 00:03
(4/4): base/7/x86_64/primary_db | 5.6 MB 00:04
Determining fastest mirrors
* base: mirrors.btte.net
* extras: mirrors.btte.net
* updates: mirrors.neusoft.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package etcd.x86_64 0:3.1.3-1.el7 will be installed
---> Package kubernetes.x86_64 0:1.5.2-0.5.gita552679.el7 will be installed
--> Processing Dependency: kubernetes-node = 1.5.2-0.5.gita552679.el7 for package: kubernetes-1.5.2-0.5.gita552679.el7.x86_64
--> Processing Dependency: kubernetes-master = 1.5.2-0.5.gita552679.el7 for package: kubernetes-1.5.2-0.5.gita552679.el7.x86_64
--> Running transaction check
---> Package kubernetes-master.x86_64 0:1.5.2-0.5.gita552679.el7 will be installed
--> Processing Dependency: kubernetes-client = 1.5.2-0.5.gita552679.el7 for package: kubernetes-master-1.5.2-0.5.gita552679.el7.x86_64
---> Package kubernetes-node.x86_64 0:1.5.2-0.5.gita552679.el7 will be installed
--> Processing Dependency: socat for package: kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64
--> Processing Dependency: docker for package: kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64
--> Processing Dependency: conntrack-tools for package: kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64
--> Running transaction check
---> Package conntrack-tools.x86_64 0:1.4.3-1.el7 will be installed
--> Processing Dependency: libnetfilter_cttimeout.so.1(LIBNETFILTER_CTTIMEOUT_1.1)(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64
--> Processing Dependency: libnetfilter_cttimeout.so.1(LIBNETFILTER_CTTIMEOUT_1.0)(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64
--> Processing Dependency: libnetfilter_cthelper.so.0(LIBNETFILTER_CTHELPER_1.0)(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64
--> Processing Dependency: libnetfilter_queue.so.1()(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64
--> Processing Dependency: libnetfilter_cttimeout.so.1()(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64
--> Processing Dependency: libnetfilter_cthelper.so.0()(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64
---> Package docker.x86_64 2:1.12.6-16.el7.centos will be installed
--> Processing Dependency: docker-common = 2:1.12.6-16.el7.centos for package: 2:docker-1.12.6-16.el7.centos.x86_64
--> Processing Dependency: docker-client = 2:1.12.6-16.el7.centos for package: 2:docker-1.12.6-16.el7.centos.x86_64
--> Processing Dependency: oci-systemd-hook >= 1:0.1.4-9 for package: 2:docker-1.12.6-16.el7.centos.x86_64
--> Processing Dependency: oci-register-machine >= 1:0-3.10 for package: 2:docker-1.12.6-16.el7.centos.x86_64
--> Processing Dependency: container-selinux >= 2:2.10-2 for package: 2:docker-1.12.6-16.el7.centos.x86_64
--> Processing Dependency: skopeo-containers for package: 2:docker-1.12.6-16.el7.centos.x86_64
--> Processing Dependency: libseccomp.so.2()(64bit) for package: 2:docker-1.12.6-16.el7.centos.x86_64
---> Package kubernetes-client.x86_64 0:1.5.2-0.5.gita552679.el7 will be installed
---> Package socat.x86_64 0:1.7.2.2-5.el7 will be installed
--> Running transaction check
---> Package container-selinux.noarch 2:2.10-2.el7 will be installed
--> Processing Dependency: policycoreutils-python for package: 2:container-selinux-2.10-2.el7.noarch
---> Package docker-client.x86_64 2:1.12.6-16.el7.centos will be installed
---> Package docker-common.x86_64 2:1.12.6-16.el7.centos will be installed
---> Package libnetfilter_cthelper.x86_64 0:1.0.0-9.el7 will be installed
---> Package libnetfilter_cttimeout.x86_64 0:1.0.0-6.el7 will be installed
---> Package libnetfilter_queue.x86_64 0:1.0.2-1.el7 will be installed
---> Package libseccomp.x86_64 0:2.3.1-2.el7 will be installed
---> Package oci-register-machine.x86_64 1:0-3.11.gitdd0daef.el7 will be installed
---> Package oci-systemd-hook.x86_64 1:0.1.7-2.git2788078.el7 will be installed
--> Processing Dependency: libyajl.so.2()(64bit) for package: 1:oci-systemd-hook-0.1.7-2.git2788078.el7.x86_64
---> Package skopeo-containers.x86_64 1:0.1.18-1.el7 will be installed
--> Running transaction check
---> Package policycoreutils-python.x86_64 0:2.5-11.el7_3 will be installed
--> Processing Dependency: setools-libs >= 3.3.8-1 for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libsemanage-python >= 2.5-5 for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: audit-libs-python >= 2.1.3-4 for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: python-IPy for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.4)(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libcgroup for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: checkpolicy for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libqpol.so.1()(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libapol.so.4()(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64
---> Package yajl.x86_64 0:2.0.4-4.el7 will be installed
--> Running transaction check
---> Package audit-libs-python.x86_64 0:2.6.5-3.el7_3.1 will be installed
---> Package checkpolicy.x86_64 0:2.5-4.el7 will be installed
---> Package libcgroup.x86_64 0:0.41-11.el7 will be installed
---> Package libsemanage-python.x86_64 0:2.5-5.1.el7_3 will be installed
---> Package python-IPy.noarch 0:0.75-6.el7 will be installed
---> Package setools-libs.x86_64 0:3.3.8-1.1.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository
Size
================================================================================
Installing:
etcd x86_64 3.1.3-1.el7 extras 7.3 M
kubernetes x86_64 1.5.2-0.5.gita552679.el7 extras 36 k
Installing for dependencies:
audit-libs-python x86_64 2.6.5-3.el7_3.1 updates 70 k
checkpolicy x86_64 2.5-4.el7 base 290 k
conntrack-tools x86_64 1.4.3-1.el7 base 175 k
container-selinux noarch 2:2.10-2.el7 extras 28 k
docker x86_64 2:1.12.6-16.el7.centos extras 14 M
docker-client x86_64 2:1.12.6-16.el7.centos extras 3.2 M
docker-common x86_64 2:1.12.6-16.el7.centos extras 72 k
kubernetes-client x86_64 1.5.2-0.5.gita552679.el7 extras 14 M
kubernetes-master x86_64 1.5.2-0.5.gita552679.el7 extras 25 M
kubernetes-node x86_64 1.5.2-0.5.gita552679.el7 extras 14 M
libcgroup x86_64 0.41-11.el7 base 65 k
libnetfilter_cthelper x86_64 1.0.0-9.el7 base 18 k
libnetfilter_cttimeout x86_64 1.0.0-6.el7 base 18 k
libnetfilter_queue x86_64 1.0.2-1.el7 base 23 k
libseccomp x86_64 2.3.1-2.el7 base 56 k
libsemanage-python x86_64 2.5-5.1.el7_3 updates 104 k
oci-register-machine x86_64 1:0-3.11.gitdd0daef.el7 extras 1.0 M
oci-systemd-hook x86_64 1:0.1.7-2.git2788078.el7 extras 30 k
policycoreutils-python x86_64 2.5-11.el7_3 updates 445 k
python-IPy noarch 0.75-6.el7 base 32 k
setools-libs x86_64 3.3.8-1.1.el7 base 612 k
skopeo-containers x86_64 1:0.1.18-1.el7 extras 7.6 k
socat x86_64 1.7.2.2-5.el7 base 255 k
yajl x86_64 2.0.4-4.el7 base 39 k
Transaction Summary
================================================================================
Install 2 Packages (+24 Dependent packages)
Total download size: 81 M
Installed size: 401 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/updates/packages/audit-libs-python-2.6.5-3.el7_3.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for audit-libs-python-2.6.5-3.el7_3.1.x86_64.rpm is not installed
(1/26): audit-libs-python-2.6.5-3.el7_3.1.x86_64.rpm | 70 kB 00:00
Public key for container-selinux-2.10-2.el7.noarch.rpm is not installed-:-- ETA
(2/26): container-selinux-2.10-2.el7.noarch.rpm | 28 kB 00:00
Public key for conntrack-tools-1.4.3-1.el7.x86_64.rpm is not installed
(3/26): conntrack-tools-1.4.3-1.el7.x86_64.rpm | 175 kB 00:00
(4/26): checkpolicy-2.5-4.el7.x86_64.rpm | 290 kB 00:00
(5/26): docker-common-1.12.6-16.el7.centos.x86_64.rpm | 72 kB 00:00
(6/26): kubernetes-1.5.2-0.5.gita552679.el7.x86_64.rpm | 36 kB 00:00
(7/26): docker-client-1.12.6-16.el7.centos.x86_64.rpm | 3.2 MB 00:03
(8/26): kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64.rp | 14 MB 00:14
(9/26): libcgroup-0.41-11.el7.x86_64.rpm | 65 kB 00:00
(10/26): libnetfilter_cthelper-1.0.0-9.el7.x86_64.rpm | 18 kB 00:00
(11/26): libnetfilter_cttimeout-1.0.0-6.el7.x86_64.rpm | 18 kB 00:00
(12/26): libnetfilter_queue-1.0.2-1.el7.x86_64.rpm | 23 kB 00:00
(13/26): libseccomp-2.3.1-2.el7.x86_64.rpm | 56 kB 00:00
(14/26): libsemanage-python-2.5-5.1.el7_3.x86_64.rpm | 104 kB 00:00
(15/26): oci-register-machine-0-3.11.gitdd0daef.el7.x86_64 | 1.0 MB 00:01
(16/26): oci-systemd-hook-0.1.7-2.git2788078.el7.x86_64.rp | 30 kB 00:00
(17/26): policycoreutils-python-2.5-11.el7_3.x86_64.rpm | 445 kB 00:00
(18/26): python-IPy-0.75-6.el7.noarch.rpm | 32 kB 00:00
(19/26): setools-libs-3.3.8-1.1.el7.x86_64.rpm | 612 kB 00:00
(20/26): skopeo-containers-0.1.18-1.el7.x86_64.rpm | 7.6 kB 00:00
(21/26): socat-1.7.2.2-5.el7.x86_64.rpm | 255 kB 00:00
(22/26): yajl-2.0.4-4.el7.x86_64.rpm | 39 kB 00:00
(23/26): etcd-3.1.3-1.el7.x86_64.rpm | 7.3 MB 00:25
(24/26): docker-1.12.6-16.el7.centos.x86_64.rpm | 14 MB 00:26
(25/26): kubernetes-client-1.5.2-0.5.gita552679.el7.x86_64 | 14 MB 00:26
(26/26): kubernetes-master-1.5.2-0.5.gita552679.el7.x86_64 | 25 MB 00:37
--------------------------------------------------------------------------------
Total 2.1 MB/s | 81 MB 00:39
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) "
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-3.1611.el7.centos.x86_64 (@anaconda)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : kubernetes-client-1.5.2-0.5.gita552679.el7.x86_64 1/26
Installing : 2:docker-common-1.12.6-16.el7.centos.x86_64 2/26
Installing : 2:docker-client-1.12.6-16.el7.centos.x86_64 3/26
Installing : kubernetes-master-1.5.2-0.5.gita552679.el7.x86_64 4/26
Installing : setools-libs-3.3.8-1.1.el7.x86_64 5/26
Installing : checkpolicy-2.5-4.el7.x86_64 6/26
Installing : libcgroup-0.41-11.el7.x86_64 7/26
Installing : audit-libs-python-2.6.5-3.el7_3.1.x86_64 8/26
Installing : 1:skopeo-containers-0.1.18-1.el7.x86_64 9/26
Installing : yajl-2.0.4-4.el7.x86_64 10/26
Installing : 1:oci-systemd-hook-0.1.7-2.git2788078.el7.x86_64 11/26
Installing : socat-1.7.2.2-5.el7.x86_64 12/26
Installing : python-IPy-0.75-6.el7.noarch 13/26
Installing : libnetfilter_queue-1.0.2-1.el7.x86_64 14/26
Installing : libsemanage-python-2.5-5.1.el7_3.x86_64 15/26
Installing : policycoreutils-python-2.5-11.el7_3.x86_64 16/26
Installing : 2:container-selinux-2.10-2.el7.noarch 17/26
Installing : 1:oci-register-machine-0-3.11.gitdd0daef.el7.x86_64 18/26
Installing : libnetfilter_cthelper-1.0.0-9.el7.x86_64 19/26
Installing : libnetfilter_cttimeout-1.0.0-6.el7.x86_64 20/26
Installing : conntrack-tools-1.4.3-1.el7.x86_64 21/26
Installing : libseccomp-2.3.1-2.el7.x86_64 22/26
Installing : 2:docker-1.12.6-16.el7.centos.x86_64 23/26
Installing : kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64 24/26
Installing : kubernetes-1.5.2-0.5.gita552679.el7.x86_64 25/26
Installing : etcd-3.1.3-1.el7.x86_64 26/26
Verifying : libseccomp-2.3.1-2.el7.x86_64 1/26
Verifying : libnetfilter_cttimeout-1.0.0-6.el7.x86_64 2/26
Verifying : policycoreutils-python-2.5-11.el7_3.x86_64 3/26
Verifying : libnetfilter_cthelper-1.0.0-9.el7.x86_64 4/26
Verifying : 1:oci-register-machine-0-3.11.gitdd0daef.el7.x86_64 5/26
Verifying : libsemanage-python-2.5-5.1.el7_3.x86_64 6/26
Verifying : libnetfilter_queue-1.0.2-1.el7.x86_64 7/26
Verifying : 2:container-selinux-2.10-2.el7.noarch 8/26
Verifying : python-IPy-0.75-6.el7.noarch 9/26
Verifying : 2:docker-common-1.12.6-16.el7.centos.x86_64 10/26
Verifying : socat-1.7.2.2-5.el7.x86_64 11/26
Verifying : 2:docker-1.12.6-16.el7.centos.x86_64 12/26
Verifying : yajl-2.0.4-4.el7.x86_64 13/26
Verifying : 2:docker-client-1.12.6-16.el7.centos.x86_64 14/26
Verifying : kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64 15/26
Verifying : 1:skopeo-containers-0.1.18-1.el7.x86_64 16/26
Verifying : 1:oci-systemd-hook-0.1.7-2.git2788078.el7.x86_64 17/26
Verifying : audit-libs-python-2.6.5-3.el7_3.1.x86_64 18/26
Verifying : etcd-3.1.3-1.el7.x86_64 19/26
Verifying : kubernetes-1.5.2-0.5.gita552679.el7.x86_64 20/26
Verifying : libcgroup-0.41-11.el7.x86_64 21/26
Verifying : conntrack-tools-1.4.3-1.el7.x86_64 22/26
Verifying : checkpolicy-2.5-4.el7.x86_64 23/26
Verifying : kubernetes-client-1.5.2-0.5.gita552679.el7.x86_64 24/26
Verifying : kubernetes-master-1.5.2-0.5.gita552679.el7.x86_64 25/26
Verifying : setools-libs-3.3.8-1.1.el7.x86_64 26/26
Installed:
etcd.x86_64 0:3.1.3-1.el7 kubernetes.x86_64 0:1.5.2-0.5.gita552679.el7
Dependency Installed:
audit-libs-python.x86_64 0:2.6.5-3.el7_3.1
checkpolicy.x86_64 0:2.5-4.el7
conntrack-tools.x86_64 0:1.4.3-1.el7
container-selinux.noarch 2:2.10-2.el7
docker.x86_64 2:1.12.6-16.el7.centos
docker-client.x86_64 2:1.12.6-16.el7.centos
docker-common.x86_64 2:1.12.6-16.el7.centos
kubernetes-client.x86_64 0:1.5.2-0.5.gita552679.el7
kubernetes-master.x86_64 0:1.5.2-0.5.gita552679.el7
kubernetes-node.x86_64 0:1.5.2-0.5.gita552679.el7
libcgroup.x86_64 0:0.41-11.el7
libnetfilter_cthelper.x86_64 0:1.0.0-9.el7
libnetfilter_cttimeout.x86_64 0:1.0.0-6.el7
libnetfilter_queue.x86_64 0:1.0.2-1.el7
libseccomp.x86_64 0:2.3.1-2.el7
libsemanage-python.x86_64 0:2.5-5.1.el7_3
oci-register-machine.x86_64 1:0-3.11.gitdd0daef.el7
oci-systemd-hook.x86_64 1:0.1.7-2.git2788078.el7
policycoreutils-python.x86_64 0:2.5-11.el7_3
python-IPy.noarch 0:0.75-6.el7
setools-libs.x86_64 0:3.3.8-1.1.el7
skopeo-containers.x86_64 1:0.1.18-1.el7
socat.x86_64 0:1.7.2.2-5.el7
yajl.x86_64 0:2.0.4-4.el7
Complete!
因为我们要使用单机模式,所以我们直接忽略掉认证相关设置,把置文件中的 KUBE_ADMISSION_CONTROL 整行注释掉
[root@localhost ~]# vi /etc/kubernetes/apiserver
#KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
然后启动 kubernetes 需要用到的服务
[root@localhost ~]# systemctl enable docker etcd kube-apiserver kube-controller-manager kubelet kube-proxy kube-scheduler Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service. Created symlink from /etc/systemd/system/multi-user.target.wants/etcd.service to /usr/lib/systemd/system/etcd.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kube-apiserver.service to /usr/lib/systemd/system/kube-apiserver.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kube-controller-manager.service to /usr/lib/systemd/system/kube-controller-manager.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kube-proxy.service to /usr/lib/systemd/system/kube-proxy.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kube-scheduler.service to /usr/lib/systemd/system/kube-scheduler.service.
[root@localhost ~]# systemctl start docker etcd kube-apiserver kube-controller-manager kubelet kube-proxy kube-scheduler
服务器启动后,我们提前把需要用到的镜象拽回来,否则因为各种网络问题,容器可能一直无法启动,你又不知道卡在哪里,提前拽回来可以让你更好地测试:
[root@localhost ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... latest: Pulling from registry.access.redhat.com/rhel7/pod-infrastructure 8642dd241e54: Pull complete fdd633d880f7: Pull complete 6ea7bc2439fd: Pull complete Digest: sha256:ae5d6d5a449f08b1900cda611bc7554059850993c8ff9ee485b558f3c56e033e
[root@localhost ~]# docker pull nginx:alpine Trying to pull repository docker.io/library/nginx ... alpine: Pulling from docker.io/library/nginx Digest: sha256:33eb1ed1e802d4f71e52421f56af028cdf12bb3bfff5affeaf5bf0e328ffa1bc
然后启动 nginx:alpine 容器
[root@localhost ~]# kubectl run nginx --image=nginx:alpine deployment "nginx" created
[root@localhost ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-738041155-jqbcz 1/1 Running 0 1m
再让 nginx 服务对外暴露
[root@localhost ~]# kubectl expose deployment nginx --type=NodePort --port=80 service "nginx" exposed
[root@localhost ~]# kubectl get services NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes 10.254.0.1443/TCP 1h nginx 10.254.199.2 80:30837/TCP 2m
可以看到分配到的集群 IP 是 10.254.199.2
[root@localhost ~]# curl http://10.254.199.2
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html> |
可以看到 nginx 的欢迎页面了,部署成功!