先使用 yum 安装必须得用到的 etcd 和 kubernetes 软件包
[[email protected] ~]# yum install -y etcd kubernetes Loaded plugins: fastestmirror base | 3.6 kB 00:00 extras | 3.4 kB 00:00 updates | 3.4 kB 00:00 (1/4): extras/7/x86_64/primary_db | 151 kB 00:00 (2/4): base/7/x86_64/group_gz | 155 kB 00:00 (3/4): updates/7/x86_64/primary_db | 4.8 MB 00:03 (4/4): base/7/x86_64/primary_db | 5.6 MB 00:04 Determining fastest mirrors * base: mirrors.btte.net * extras: mirrors.btte.net * updates: mirrors.neusoft.edu.cn Resolving Dependencies --> Running transaction check ---> Package etcd.x86_64 0:3.1.3-1.el7 will be installed ---> Package kubernetes.x86_64 0:1.5.2-0.5.gita552679.el7 will be installed --> Processing Dependency: kubernetes-node = 1.5.2-0.5.gita552679.el7 for package: kubernetes-1.5.2-0.5.gita552679.el7.x86_64 --> Processing Dependency: kubernetes-master = 1.5.2-0.5.gita552679.el7 for package: kubernetes-1.5.2-0.5.gita552679.el7.x86_64 --> Running transaction check ---> Package kubernetes-master.x86_64 0:1.5.2-0.5.gita552679.el7 will be installed --> Processing Dependency: kubernetes-client = 1.5.2-0.5.gita552679.el7 for package: kubernetes-master-1.5.2-0.5.gita552679.el7.x86_64 ---> Package kubernetes-node.x86_64 0:1.5.2-0.5.gita552679.el7 will be installed --> Processing Dependency: socat for package: kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64 --> Processing Dependency: docker for package: kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64 --> Processing Dependency: conntrack-tools for package: kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64 --> Running transaction check ---> Package conntrack-tools.x86_64 0:1.4.3-1.el7 will be installed --> Processing Dependency: libnetfilter_cttimeout.so.1(LIBNETFILTER_CTTIMEOUT_1.1)(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64 --> Processing Dependency: libnetfilter_cttimeout.so.1(LIBNETFILTER_CTTIMEOUT_1.0)(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64 --> Processing Dependency: libnetfilter_cthelper.so.0(LIBNETFILTER_CTHELPER_1.0)(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64 --> Processing Dependency: libnetfilter_queue.so.1()(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64 --> Processing Dependency: libnetfilter_cttimeout.so.1()(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64 --> Processing Dependency: libnetfilter_cthelper.so.0()(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64 ---> Package docker.x86_64 2:1.12.6-16.el7.centos will be installed --> Processing Dependency: docker-common = 2:1.12.6-16.el7.centos for package: 2:docker-1.12.6-16.el7.centos.x86_64 --> Processing Dependency: docker-client = 2:1.12.6-16.el7.centos for package: 2:docker-1.12.6-16.el7.centos.x86_64 --> Processing Dependency: oci-systemd-hook >= 1:0.1.4-9 for package: 2:docker-1.12.6-16.el7.centos.x86_64 --> Processing Dependency: oci-register-machine >= 1:0-3.10 for package: 2:docker-1.12.6-16.el7.centos.x86_64 --> Processing Dependency: container-selinux >= 2:2.10-2 for package: 2:docker-1.12.6-16.el7.centos.x86_64 --> Processing Dependency: skopeo-containers for package: 2:docker-1.12.6-16.el7.centos.x86_64 --> Processing Dependency: libseccomp.so.2()(64bit) for package: 2:docker-1.12.6-16.el7.centos.x86_64 ---> Package kubernetes-client.x86_64 0:1.5.2-0.5.gita552679.el7 will be installed ---> Package socat.x86_64 0:1.7.2.2-5.el7 will be installed --> Running transaction check ---> Package container-selinux.noarch 2:2.10-2.el7 will be installed --> Processing Dependency: policycoreutils-python for package: 2:container-selinux-2.10-2.el7.noarch ---> Package docker-client.x86_64 2:1.12.6-16.el7.centos will be installed ---> Package docker-common.x86_64 2:1.12.6-16.el7.centos will be installed ---> Package libnetfilter_cthelper.x86_64 0:1.0.0-9.el7 will be installed ---> Package libnetfilter_cttimeout.x86_64 0:1.0.0-6.el7 will be installed ---> Package libnetfilter_queue.x86_64 0:1.0.2-1.el7 will be installed ---> Package libseccomp.x86_64 0:2.3.1-2.el7 will be installed ---> Package oci-register-machine.x86_64 1:0-3.11.gitdd0daef.el7 will be installed ---> Package oci-systemd-hook.x86_64 1:0.1.7-2.git2788078.el7 will be installed --> Processing Dependency: libyajl.so.2()(64bit) for package: 1:oci-systemd-hook-0.1.7-2.git2788078.el7.x86_64 ---> Package skopeo-containers.x86_64 1:0.1.18-1.el7 will be installed --> Running transaction check ---> Package policycoreutils-python.x86_64 0:2.5-11.el7_3 will be installed --> Processing Dependency: setools-libs >= 3.3.8-1 for package: policycoreutils-python-2.5-11.el7_3.x86_64 --> Processing Dependency: libsemanage-python >= 2.5-5 for package: policycoreutils-python-2.5-11.el7_3.x86_64 --> Processing Dependency: audit-libs-python >= 2.1.3-4 for package: policycoreutils-python-2.5-11.el7_3.x86_64 --> Processing Dependency: python-IPy for package: policycoreutils-python-2.5-11.el7_3.x86_64 --> Processing Dependency: libqpol.so.1(VERS_1.4)(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64 --> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64 --> Processing Dependency: libcgroup for package: policycoreutils-python-2.5-11.el7_3.x86_64 --> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64 --> Processing Dependency: checkpolicy for package: policycoreutils-python-2.5-11.el7_3.x86_64 --> Processing Dependency: libqpol.so.1()(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64 --> Processing Dependency: libapol.so.4()(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64 ---> Package yajl.x86_64 0:2.0.4-4.el7 will be installed --> Running transaction check ---> Package audit-libs-python.x86_64 0:2.6.5-3.el7_3.1 will be installed ---> Package checkpolicy.x86_64 0:2.5-4.el7 will be installed ---> Package libcgroup.x86_64 0:0.41-11.el7 will be installed ---> Package libsemanage-python.x86_64 0:2.5-5.1.el7_3 will be installed ---> Package python-IPy.noarch 0:0.75-6.el7 will be installed ---> Package setools-libs.x86_64 0:3.3.8-1.1.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: etcd x86_64 3.1.3-1.el7 extras 7.3 M kubernetes x86_64 1.5.2-0.5.gita552679.el7 extras 36 k Installing for dependencies: audit-libs-python x86_64 2.6.5-3.el7_3.1 updates 70 k checkpolicy x86_64 2.5-4.el7 base 290 k conntrack-tools x86_64 1.4.3-1.el7 base 175 k container-selinux noarch 2:2.10-2.el7 extras 28 k docker x86_64 2:1.12.6-16.el7.centos extras 14 M docker-client x86_64 2:1.12.6-16.el7.centos extras 3.2 M docker-common x86_64 2:1.12.6-16.el7.centos extras 72 k kubernetes-client x86_64 1.5.2-0.5.gita552679.el7 extras 14 M kubernetes-master x86_64 1.5.2-0.5.gita552679.el7 extras 25 M kubernetes-node x86_64 1.5.2-0.5.gita552679.el7 extras 14 M libcgroup x86_64 0.41-11.el7 base 65 k libnetfilter_cthelper x86_64 1.0.0-9.el7 base 18 k libnetfilter_cttimeout x86_64 1.0.0-6.el7 base 18 k libnetfilter_queue x86_64 1.0.2-1.el7 base 23 k libseccomp x86_64 2.3.1-2.el7 base 56 k libsemanage-python x86_64 2.5-5.1.el7_3 updates 104 k oci-register-machine x86_64 1:0-3.11.gitdd0daef.el7 extras 1.0 M oci-systemd-hook x86_64 1:0.1.7-2.git2788078.el7 extras 30 k policycoreutils-python x86_64 2.5-11.el7_3 updates 445 k python-IPy noarch 0.75-6.el7 base 32 k setools-libs x86_64 3.3.8-1.1.el7 base 612 k skopeo-containers x86_64 1:0.1.18-1.el7 extras 7.6 k socat x86_64 1.7.2.2-5.el7 base 255 k yajl x86_64 2.0.4-4.el7 base 39 k Transaction Summary ================================================================================ Install 2 Packages (+24 Dependent packages) Total download size: 81 M Installed size: 401 M Downloading packages: warning: /var/cache/yum/x86_64/7/updates/packages/audit-libs-python-2.6.5-3.el7_3.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY Public key for audit-libs-python-2.6.5-3.el7_3.1.x86_64.rpm is not installed (1/26): audit-libs-python-2.6.5-3.el7_3.1.x86_64.rpm | 70 kB 00:00 Public key for container-selinux-2.10-2.el7.noarch.rpm is not installed-:-- ETA (2/26): container-selinux-2.10-2.el7.noarch.rpm | 28 kB 00:00 Public key for conntrack-tools-1.4.3-1.el7.x86_64.rpm is not installed (3/26): conntrack-tools-1.4.3-1.el7.x86_64.rpm | 175 kB 00:00 (4/26): checkpolicy-2.5-4.el7.x86_64.rpm | 290 kB 00:00 (5/26): docker-common-1.12.6-16.el7.centos.x86_64.rpm | 72 kB 00:00 (6/26): kubernetes-1.5.2-0.5.gita552679.el7.x86_64.rpm | 36 kB 00:00 (7/26): docker-client-1.12.6-16.el7.centos.x86_64.rpm | 3.2 MB 00:03 (8/26): kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64.rp | 14 MB 00:14 (9/26): libcgroup-0.41-11.el7.x86_64.rpm | 65 kB 00:00 (10/26): libnetfilter_cthelper-1.0.0-9.el7.x86_64.rpm | 18 kB 00:00 (11/26): libnetfilter_cttimeout-1.0.0-6.el7.x86_64.rpm | 18 kB 00:00 (12/26): libnetfilter_queue-1.0.2-1.el7.x86_64.rpm | 23 kB 00:00 (13/26): libseccomp-2.3.1-2.el7.x86_64.rpm | 56 kB 00:00 (14/26): libsemanage-python-2.5-5.1.el7_3.x86_64.rpm | 104 kB 00:00 (15/26): oci-register-machine-0-3.11.gitdd0daef.el7.x86_64 | 1.0 MB 00:01 (16/26): oci-systemd-hook-0.1.7-2.git2788078.el7.x86_64.rp | 30 kB 00:00 (17/26): policycoreutils-python-2.5-11.el7_3.x86_64.rpm | 445 kB 00:00 (18/26): python-IPy-0.75-6.el7.noarch.rpm | 32 kB 00:00 (19/26): setools-libs-3.3.8-1.1.el7.x86_64.rpm | 612 kB 00:00 (20/26): skopeo-containers-0.1.18-1.el7.x86_64.rpm | 7.6 kB 00:00 (21/26): socat-1.7.2.2-5.el7.x86_64.rpm | 255 kB 00:00 (22/26): yajl-2.0.4-4.el7.x86_64.rpm | 39 kB 00:00 (23/26): etcd-3.1.3-1.el7.x86_64.rpm | 7.3 MB 00:25 (24/26): docker-1.12.6-16.el7.centos.x86_64.rpm | 14 MB 00:26 (25/26): kubernetes-client-1.5.2-0.5.gita552679.el7.x86_64 | 14 MB 00:26 (26/26): kubernetes-master-1.5.2-0.5.gita552679.el7.x86_64 | 25 MB 00:37 -------------------------------------------------------------------------------- Total 2.1 MB/s | 81 MB 00:39 Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Importing GPG key 0xF4A80EB5: Userid : "CentOS-7 Key (CentOS 7 Official Signing Key)" Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5 Package : centos-release-7-3.1611.el7.centos.x86_64 (@anaconda) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : kubernetes-client-1.5.2-0.5.gita552679.el7.x86_64 1/26 Installing : 2:docker-common-1.12.6-16.el7.centos.x86_64 2/26 Installing : 2:docker-client-1.12.6-16.el7.centos.x86_64 3/26 Installing : kubernetes-master-1.5.2-0.5.gita552679.el7.x86_64 4/26 Installing : setools-libs-3.3.8-1.1.el7.x86_64 5/26 Installing : checkpolicy-2.5-4.el7.x86_64 6/26 Installing : libcgroup-0.41-11.el7.x86_64 7/26 Installing : audit-libs-python-2.6.5-3.el7_3.1.x86_64 8/26 Installing : 1:skopeo-containers-0.1.18-1.el7.x86_64 9/26 Installing : yajl-2.0.4-4.el7.x86_64 10/26 Installing : 1:oci-systemd-hook-0.1.7-2.git2788078.el7.x86_64 11/26 Installing : socat-1.7.2.2-5.el7.x86_64 12/26 Installing : python-IPy-0.75-6.el7.noarch 13/26 Installing : libnetfilter_queue-1.0.2-1.el7.x86_64 14/26 Installing : libsemanage-python-2.5-5.1.el7_3.x86_64 15/26 Installing : policycoreutils-python-2.5-11.el7_3.x86_64 16/26 Installing : 2:container-selinux-2.10-2.el7.noarch 17/26 Installing : 1:oci-register-machine-0-3.11.gitdd0daef.el7.x86_64 18/26 Installing : libnetfilter_cthelper-1.0.0-9.el7.x86_64 19/26 Installing : libnetfilter_cttimeout-1.0.0-6.el7.x86_64 20/26 Installing : conntrack-tools-1.4.3-1.el7.x86_64 21/26 Installing : libseccomp-2.3.1-2.el7.x86_64 22/26 Installing : 2:docker-1.12.6-16.el7.centos.x86_64 23/26 Installing : kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64 24/26 Installing : kubernetes-1.5.2-0.5.gita552679.el7.x86_64 25/26 Installing : etcd-3.1.3-1.el7.x86_64 26/26 Verifying : libseccomp-2.3.1-2.el7.x86_64 1/26 Verifying : libnetfilter_cttimeout-1.0.0-6.el7.x86_64 2/26 Verifying : policycoreutils-python-2.5-11.el7_3.x86_64 3/26 Verifying : libnetfilter_cthelper-1.0.0-9.el7.x86_64 4/26 Verifying : 1:oci-register-machine-0-3.11.gitdd0daef.el7.x86_64 5/26 Verifying : libsemanage-python-2.5-5.1.el7_3.x86_64 6/26 Verifying : libnetfilter_queue-1.0.2-1.el7.x86_64 7/26 Verifying : 2:container-selinux-2.10-2.el7.noarch 8/26 Verifying : python-IPy-0.75-6.el7.noarch 9/26 Verifying : 2:docker-common-1.12.6-16.el7.centos.x86_64 10/26 Verifying : socat-1.7.2.2-5.el7.x86_64 11/26 Verifying : 2:docker-1.12.6-16.el7.centos.x86_64 12/26 Verifying : yajl-2.0.4-4.el7.x86_64 13/26 Verifying : 2:docker-client-1.12.6-16.el7.centos.x86_64 14/26 Verifying : kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64 15/26 Verifying : 1:skopeo-containers-0.1.18-1.el7.x86_64 16/26 Verifying : 1:oci-systemd-hook-0.1.7-2.git2788078.el7.x86_64 17/26 Verifying : audit-libs-python-2.6.5-3.el7_3.1.x86_64 18/26 Verifying : etcd-3.1.3-1.el7.x86_64 19/26 Verifying : kubernetes-1.5.2-0.5.gita552679.el7.x86_64 20/26 Verifying : libcgroup-0.41-11.el7.x86_64 21/26 Verifying : conntrack-tools-1.4.3-1.el7.x86_64 22/26 Verifying : checkpolicy-2.5-4.el7.x86_64 23/26 Verifying : kubernetes-client-1.5.2-0.5.gita552679.el7.x86_64 24/26 Verifying : kubernetes-master-1.5.2-0.5.gita552679.el7.x86_64 25/26 Verifying : setools-libs-3.3.8-1.1.el7.x86_64 26/26 Installed: etcd.x86_64 0:3.1.3-1.el7 kubernetes.x86_64 0:1.5.2-0.5.gita552679.el7 Dependency Installed: audit-libs-python.x86_64 0:2.6.5-3.el7_3.1 checkpolicy.x86_64 0:2.5-4.el7 conntrack-tools.x86_64 0:1.4.3-1.el7 container-selinux.noarch 2:2.10-2.el7 docker.x86_64 2:1.12.6-16.el7.centos docker-client.x86_64 2:1.12.6-16.el7.centos docker-common.x86_64 2:1.12.6-16.el7.centos kubernetes-client.x86_64 0:1.5.2-0.5.gita552679.el7 kubernetes-master.x86_64 0:1.5.2-0.5.gita552679.el7 kubernetes-node.x86_64 0:1.5.2-0.5.gita552679.el7 libcgroup.x86_64 0:0.41-11.el7 libnetfilter_cthelper.x86_64 0:1.0.0-9.el7 libnetfilter_cttimeout.x86_64 0:1.0.0-6.el7 libnetfilter_queue.x86_64 0:1.0.2-1.el7 libseccomp.x86_64 0:2.3.1-2.el7 libsemanage-python.x86_64 0:2.5-5.1.el7_3 oci-register-machine.x86_64 1:0-3.11.gitdd0daef.el7 oci-systemd-hook.x86_64 1:0.1.7-2.git2788078.el7 policycoreutils-python.x86_64 0:2.5-11.el7_3 python-IPy.noarch 0:0.75-6.el7 setools-libs.x86_64 0:3.3.8-1.1.el7 skopeo-containers.x86_64 1:0.1.18-1.el7 socat.x86_64 0:1.7.2.2-5.el7 yajl.x86_64 0:2.0.4-4.el7 Complete!
因为我们要使用单机模式,所以我们直接忽略掉认证相关设置,把置文件中的 KUBE_ADMISSION_CONTROL 整行注释掉
[[email protected] ~]# vi /etc/kubernetes/apiserver
#KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
然后启动 kubernetes 需要用到的服务
[[email protected] ~]# systemctl enable docker etcd kube-apiserver kube-controller-manager kubelet kube-proxy kube-scheduler Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service. Created symlink from /etc/systemd/system/multi-user.target.wants/etcd.service to /usr/lib/systemd/system/etcd.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kube-apiserver.service to /usr/lib/systemd/system/kube-apiserver.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kube-controller-manager.service to /usr/lib/systemd/system/kube-controller-manager.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kube-proxy.service to /usr/lib/systemd/system/kube-proxy.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kube-scheduler.service to /usr/lib/systemd/system/kube-scheduler.service.
[[email protected] ~]# systemctl start docker etcd kube-apiserver kube-controller-manager kubelet kube-proxy kube-scheduler
服务器启动后,我们提前把需要用到的镜象拽回来,否则因为各种网络问题,容器可能一直无法启动,你又不知道卡在哪里,提前拽回来可以让你更好地测试:
[[email protected] ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... latest: Pulling from registry.access.redhat.com/rhel7/pod-infrastructure 8642dd241e54: Pull complete fdd633d880f7: Pull complete 6ea7bc2439fd: Pull complete Digest: sha256:ae5d6d5a449f08b1900cda611bc7554059850993c8ff9ee485b558f3c56e033e
[[email protected] ~]# docker pull nginx:alpine Trying to pull repository docker.io/library/nginx ... alpine: Pulling from docker.io/library/nginx Digest: sha256:33eb1ed1e802d4f71e52421f56af028cdf12bb3bfff5affeaf5bf0e328ffa1bc
然后启动 nginx:alpine 容器
[[email protected] ~]# kubectl run nginx --image=nginx:alpine deployment "nginx" created
[[email protected] ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-738041155-jqbcz 1/1 Running 0 1m
再让 nginx 服务对外暴露
[[email protected] ~]# kubectl expose deployment nginx --type=NodePort --port=80 service "nginx" exposed
[[email protected] ~]# kubectl get services NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes 10.254.0.1443/TCP 1h nginx 10.254.199.2 80:30837/TCP 2m
可以看到分配到的集群 IP 是 10.254.199.2
[[email protected] ~]# curl http://10.254.199.2 <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html> |
可以看到 nginx 的欢迎页面了,部署成功!