k8s单机部署

前置操作

1、关闭selinux

[root@localhost ~]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

[root@localhost ~]# setenforce 0

2、关闭防火墙

setenforce 0
systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动

二、安装kubernetes和etcd

安装好后会把etcd、docker、kube-apiserver、kube-controller-manager、kube-scheduler、kubelet和kube-proxy都安装好，接下来直接启动

[root@localhost ~]# yum install etcd kubernetes -y
已加载插件：fastestmirror
Determining fastest mirrors
 * base: mirrors.nju.edu.cn
 * extras: mirrors.nju.edu.cn
 * updates: mirrors.nju.edu.cn
base                                                                                                                                                                                                   | 3.6 k
extras                                                                                                                                                                                                 | 2.9 k
updates                                                                                                                                                                                                | 2.9 k
(1/4): base/7/x86_64/group_gz                                                                                                                                                                          | 153 k
(2/4): extras/7/x86_64/primary_db                                                                                                                                                                      | 249 k
(3/4): base/7/x86_64/primary_db                                                                                                                                                                        | 6.1 M
(4/4): updates/7/x86_64/primary_db                                                                                                                                                                     |  20 M
正在解决依赖关系

修改配置文件

需要修改的地方2处

127.0.0.1改成0.0.0.0 和  ServiceAccount 去掉

解决kubectl get pods时 No resources found.问题

2、找到这一行 “KUBE_ADMISSION_CONTROL=”–admission_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota”，去掉ServiceAccount，保存退出。

3、重新启动kube-apiserver服务。
4、执行kubectl get pods, no resources found问题得以解决

[root@test2 kubernetes]# cat /etc/kubernetes/apiserver 
###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#

# The address on the local server to listen to.
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"   #127.0.0.1改成0.0.0.0

# The port on the local server to listen on.
# KUBE_API_PORT="--port=8080"

# Port minions listen on
# KUBELET_PORT="--kubelet-port=10250"

# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd-servers=http://127.0.0.1:2379"

# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"

# default admission control policies
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"

# Add your own!
KUBE_API_ARGS=""

3、启动

systemctl start etcd
systemctl start docker
systemctl start kube-apiserver
systemctl start kube-controller-manager
systemctl start kube-scheduler
systemctl start kubelet
systemctl start kube-proxy

查看结果

kubectl version  #查看版本
kubectl cluster-info #查看集群的状态信息
kubectl get pods  #查看pod，这里是因为我部署了个tomcat，所以是有数据的，后面会讲到怎么部署tomcat
kubectl get nodes #查看集群有几个node，部署的是单节点，所以只有一个node

三、部署tomcat

k8s部署tomcat需要两个配置文件，准备tomcat-rc.yaml和tomcat-svc.yaml，文件放任意位置都可以

1、tomcat-rc.yaml

[root@test2 kubernetes]# cat tomcat-rc.yaml 
apiVersion: v1
kind: ReplicationController
metadata:
  name: tomcat-demo   #调度对象的全称，全局唯一
spec:
  replicas: 1    #表示创建1个pod副本数量
  selector:
    app: tomcat-demo  
  template:
    metadata:
      labels:
        app: tomcat-demo #pod拥有的标签
    spec:
      containers:
      - name: tomcat-demo
        image: tomcat  #对应的从docker拉取的镜像名称
        ports:
        - containerPort: 8091   #tomcat容器端口

2、 tomcat-svc.yaml

[root@test2 kubernetes]# cat tomcat-svc.yaml 
apiVersion: v1
kind: Service
metadata:
  name: tomcat-demo
spec:
  type: NodePort
  ports:
   - port: 8080
     nodePort: 30001   #tomcat对外的端口（浏览器访问的端口）
  selector:
    app: tomcat-demo

####### 3、执行以下命令，进行部署

kubectl create -f tomcat-rc.yaml 
kubectl create -f tomcat-svc.yaml

查看rc和svc

[root@localhost /]# kubectl get rc,svc
NAME             DESIRED   CURRENT   READY     AGE
rc/tomcat-demo   1         1         0         15m

NAME              CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE
svc/kubernetes    10.254.0.1       <none>        443/TCP          20m
svc/tomcat-demo   10.254.163.194   <nodes>       8091:30001/TCP   15m
[root@localhost /]#

查看pods

[root@localhost /]# kubectl get pods
NAME                READY     STATUS              RESTARTS   AGE
tomcat-demo-86b73   0/1       ContainerCreating   0          12m
[root@localhost /]#

注意这里READY第一次部署会为0/1，STATUS状态会为containerCreating

解决办法，执行一下

docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest

顺利的话，能够下载到如下images

然后再删除掉rc和svc,重新create就可以

kubectl delete -f tomcat-rc.yaml 
kubectl delete -f tomcat-svc.yaml
kubectl create -f tomcat-rc.yaml 
kubectl create -f tomcat-svc.yaml

再次查看就正常了

访问浏览器IP:30001/ 会出现404，不过别慌，原因是tomcat的webapps目录下没东西导致的

用docker ps查看我们k8s启动的docker服务

进入容器，操作一波

我们可以看到webapps下是没有东西的，webapps.dist是有的

把webapps删掉，把webapps.dist改成webapps就可以了

访问一下网页，成功啦，哈哈

本作品采用《CC 协议》，转载必须注明作者和本文链接