{"id":416,"date":"2017-09-14T18:54:27","date_gmt":"2017-09-14T10:54:27","guid":{"rendered":"https:\/\/blog.jsjs.org\/?p=416"},"modified":"2017-09-14T18:54:27","modified_gmt":"2017-09-14T10:54:27","slug":"%e4%bd%bf%e7%94%a8kubeadm%e5%9c%a8red-hat-7centos-7%e5%bf%ab%e9%80%9f%e9%83%a8%e7%bd%b2kubernetes-1-7%e9%9b%86%e7%be%a4","status":"publish","type":"post","link":"https:\/\/blog.jsjs.org\/?p=416","title":{"rendered":"\u4f7f\u7528kubeadm\u5728Red Hat 7\/CentOS 7\u5feb\u901f\u90e8\u7f72Kubernetes 1.7\u96c6\u7fa4"},"content":{"rendered":"

\u524d\u8a00<\/h2>\n

kubeadm\u662fKubernetes\u5b98\u65b9\u63a8\u51fa\u7684\u5feb\u901f\u90e8\u7f72Kubernetes\u96c6\u7fa4\u5de5\u5177\uff0c\u5176\u601d\u8def\u662f\u5c06Kubernetes\u76f8\u5173\u670d\u52a1\u5bb9\u5668\u5316(Kubernetes\u9759\u6001Pod)\u4ee5\u7b80\u5316\u90e8\u7f72\u3002kubeadm\u5f53\u524d\u5904\u4e8ebeta\u9636\u6bb5\uff0c\u4e0d\u5efa\u8bae\u751f\u4ea7\u73af\u5883\u4f7f\u7528\uff08\u6bd4\u5982etcd\u5355\u70b9\uff09\u3002\u4f7f\u7528kubeadm\u90e8\u7f72Kubernetes\u96c6\u7fa4\u975e\u5e38\u7b80\u5355\u65b9\u4fbf\uff0c\u672c\u6587\u8bb0\u5f55\u4e86\u5728Red Hat 7\u4e0a\u7528kubeadm\u90e8\u7f72\u4e00\u4e2a\u5b89\u5168\u7684Kubernetes\u96c6\u7fa4\u7684\u5168\u8fc7\u7a0b\uff0cCentOS 7\u90e8\u7f72\u8fc7\u7a0b\u4e0e\u4e4b\u7c7b\u4f3c\u3002<\/p>\n

\u5982\u9700kubeadm\u90e8\u7f72\u4e00\u4e2a\u9ad8\u53ef\u7528\u7684\u96c6\u7fa4\uff0c\u53ef\u91c7\u7528\u5982\u4e0b\u65b9\u5f0f<\/p>\n

kubeadm\u00a0init\u00a0--api-advertise-addresses=vip\u00a0--external-etcd-endpoints=http:\/\/x.x.x.x:2379,http:\/\/x.x.x.x:2379,http:\/\/x.x.x.x:2379\u00a0--pod-network-cidr\u00a010.244.0.0\/16\n<\/pre>\n
\u6ce8\uff1a–api-advertise-addresses \u672c\u8eab\u652f\u6301\u591a\u4e2aapi service ip\uff0c\u4f46\u64cd\u4f5ckubeadm join\u52a0\u5165\u96c6\u7fa4\u8282\u70b9\u4f1a\u5931\u8d25, \u6240\u4ee5\u5bf9\u5916\u670d\u52a1\u53ea\u914d\u7f6e\u4e3a\u4e00\u4e2avip\u3002<\/p>\n
\u90e8\u7f72\u5b9e\u4f8b<\/h2>\n
etcd\u00a0Version:\u00a03.0.17\nkubeadm:\u00a0v1.7.1\nkubernetes:\u00a0v1.7.1\nFlannel:\u00a0v0.8.0\nDocker:\u00a017.03.1-ce\n<\/pre>\n
 <\/p>\n
\u51c6\u5907\u5de5\u4f5c<\/h2>\n
1. Red Hat Enterprise Linux Server release 7.1 (Maipo)\uff08 1GB\uff0b RAM\uff09
\n2. \u96c6\u7fa4\u673a\u5668\u4e4b\u95f4\u7f51\u7edc\u4e92\u901a<\/p>\n
\u76ee\u6807<\/h2>\n
1. \u90e8\u7f72\u4e00\u4e2a\u5b89\u5168\u7684Kubernetes v1.7.1\u96c6\u7fa4
\n2. \u90e8\u7f72pod\u7f51\u7edc\u4ee5\u4fbfpod\u4e4b\u95f4\u53ef\u4ee5\u4e92\u901a<\/p>\n
\u90e8\u7f72\u6b65\u9aa4<\/h2>\n
\u5b89\u88c5docker<\/strong>
\nKubeadm\u76ee\u524d\u5e76\u672a\u5728Docker 1.13\uff0c17.03+\u7b49\u9ad8\u7ea7\u7248\u672c\u8fdb\u884c\u9a8c\u8bc1\uff0cKubernetes\u5b98\u65b9\u63a8\u8350\u7684Docker1.10\uff0c1.11\uff0c1.12\u7248\u672c\u3002\u5bf9\u4e8eCentos\uff0c\u63a8\u8350Docker Storage Driver \u91c7\u7528Devicemapper\u7684direct-lvm\u6a21\u5f0f\u3002Docker\u4ee5\u53cadirect-vm\u53c2\u89c1Docker\u5b98\u7f51\u3002
\nDocker\u5b89\u88c5\u8bf7\u53c2\u89c1\u5b98\u7f51\uff1ahttps:\/\/docs.docker.com\/engine … ntos\/<\/a>
\n\u901a\u8fc7docker version\u67e5\u770bdocker\u7248\u672c\uff1a<\/p>\n
sudo\u00a0docker\u00a0version\nClient:\nVersion:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a017.03.1-ce\nAPI\u00a0version:\u00a0\u00a01.27\nGo\u00a0version:\u00a0\u00a0\u00a0go1.7.5\nGit\u00a0commit:\u00a0\u00a0\u00a0c6d412e\nBuilt:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Mon\u00a0Mar\u00a027\u00a017:05:44\u00a02017\nOS\/Arch:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0linux\/amd64\n\nServer:\nVersion:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a017.03.1-ce\nAPI\u00a0version:\u00a0\u00a01.27\u00a0(minimum\u00a0version\u00a01.12)\nGo\u00a0version:\u00a0\u00a0\u00a0go1.7.5\nGit\u00a0commit:\u00a0\u00a0\u00a0c6d412e\nBuilt:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Mon\u00a0Mar\u00a027\u00a017:05:44\u00a02017\nOS\/Arch:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0linux\/amd64\nExperimental:\u00a0false\n<\/pre>\n
direct-lvm\u5b89\u88c5\u8be6\u89c1\u5b98\u7f51\uff0c\u5728\u6b64\u7565\u8fc7\uff1a\u00a0https:\/\/docs.docker.com\/engine … iver\/<\/a><\/p>\n
...\u00a0...\nServer\u00a0Version:\u00a017.03.1-ce\nStorage\u00a0Driver:\u00a0devicemapper\nPool\u00a0Name:\u00a0docker-thinpool\nPool\u00a0Blocksize:\u00a0524.3\u00a0kB\nBase\u00a0Device\u00a0Size:\u00a010.74\u00a0GB\nBacking\u00a0Filesystem:\u00a0xfs\nData\u00a0file:\nMetadata\u00a0file:\nData\u00a0Space\u00a0Used:\u00a01.429\u00a0GB\nData\u00a0Space\u00a0Total:\u00a0306\u00a0GB\nData\u00a0Space\u00a0Available:\u00a0304.6\u00a0GB\nMetadata\u00a0Space\u00a0Used:\u00a0782.3\u00a0kB\nMetadata\u00a0Space\u00a0Total:\u00a03.217\u00a0GB\nMetadata\u00a0Space\u00a0Available:\u00a03.216\u00a0GB\nThin\u00a0Pool\u00a0Minimum\u00a0Free\u00a0Space:\u00a030.6\u00a0GB\nUdev\u00a0Sync\u00a0Supported:\u00a0true\nDeferred\u00a0Removal\u00a0Enabled:\u00a0true\nDeferred\u00a0Deletion\u00a0Enabled:\u00a0false\nDeferred\u00a0Deleted\u00a0Device\u00a0Count:\u00a00\nLibrary\u00a0Version:\u00a01.02.135-RHEL7\u00a0(2016-11-16)\nLogging\u00a0Driver:\u00a0journald\nCgroup\u00a0Driver:\u00a0cgroupfs\nPlugins:\nVolume:\u00a0local\nNetwork:\u00a0host\u00a0null\u00a0bridge\u00a0overlay\nSwarm:\u00a0inactive\nRuntimes:\u00a0runc\nDefault\u00a0Runtime:\u00a0runc\nSecurity\u00a0Options:\u00a0seccomp\n...\u00a0...\n<\/pre>\n
\u5b89\u88c5kubelet\uff0ckubeadm<\/strong>
\n1. \u6dfb\u52a0yum\u6e90<\/p>\n
cat\u00a0<<EOF\u00a0>\u00a0\/etc\/yum.repos.d\/kubernetes.repo\n[kubernetes]\nname=Kubernetes\nbaseurl=https:\/\/packages.cloud.google.com\/yum\/repos\/kubernetes-el7-x86_64\nenabled=1\ngpgcheck=1\nrepo_gpgcheck=1\ngpgkey=https:\/\/packages.cloud.google.com\/yum\/doc\/yum-key.gpg\n\u00a0\u00a0\u00a0\u00a0https:\/\/packages.cloud.google.com\/yum\/doc\/rpm-package-key.gpg\nEOF\n<\/pre>\n
2. \u5173\u95edSELinux<\/p>\n
sudo\u00a0setenforce\u00a00\n<\/pre>\n
3. yum\u5b89\u88c5 kubelet kubeadm<\/p>\n
sudo\u00a0yum\u00a0install\u00a0-y\u00a0kubelet\u00a0kubeadm\n<\/pre>\n
\u6216\u6309\u9700\u5b89\u88c5\u6307\u5b9a\u7248\u672c\uff0c\u67e5\u770bkubeadm, kubelet, kubernets-cni\u7248\u672c\uff1a<\/p>\n
yum\u00a0list\u00a0[kubeadm|kubelet|kubernets-cni]\u00a0\u00a0--showduplicates\u00a0|sort\u00a0-r\n<\/pre>\n
4. \u7f16\u8f91\/etc\/systemd\/system\/kubelet.service.d\/10-kubeadm.conf\uff0c\u4fee\u6539 “cgroup-driver”\u503c \u7531systemd<\/strong>\u53d8\u4e3acgroupfs<\/strong><\/p>\n
KUBELET_CGROUP_ARGS=--cgroup-driver=cgroupfs\n<\/pre>\n
5. Enable kubelet\u540e\u542f\u52a8kubelet<\/p>\n
sudo\u00a0systemctl\u00a0enable\u00a0kubelet\u00a0&&\u00a0sudo\u00a0systemctl\u00a0start\u00a0kubelet\n<\/pre>\n
6. \u68c0\u67e5kubelet\u662f\u5426\u542f\u52a8\u6210\u529f\uff1a sudo systemctl status kubelet.service<\/p>\n
\u25cf\u00a0kubelet.service\u00a0-\u00a0kubelet:\u00a0The\u00a0Kubernetes\u00a0Node\u00a0Agent\nLoaded:\u00a0loaded\u00a0(\/etc\/systemd\/system\/kubelet.service;\u00a0enabled;\u00a0vendor\u00a0preset:\u00a0disabled)\nDrop-In:\u00a0\/etc\/systemd\/system\/kubelet.service.d\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u2514\u250010-kubeadm.conf\nActive:\u00a0active\u00a0(running)\u00a0since\u00a0Sat\u00a02017-07-15\u00a001:22:15\u00a0UTC;\u00a020min\u00a0ago\n\u00a0Docs:\u00a0http:\/\/kubernetes.io\/docs\/\nMain\u00a0PID:\u00a016755\u00a0(kubelet)\nMemory:\u00a041.6M\nCGroup:\u00a0\/system.slice\/kubelet.service\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u251c\u250016755\u00a0\/usr\/bin\/kubelet\u00a0--kubeconfig=\/etc\/kubernetes\/kubelet.conf\u00a0--require-kubeconfig=true\u00a0--pod-manifest-path=\/etc\/kubernetes\/manifests\u00a0--allow-privileged=true\u00a0--ne...\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u2514\u250016891\u00a0journalctl\u00a0-k\u00a0-f\n<\/pre>\n
\u6ce8\uff1asystemctl start kubelet kubelet\u547d\u4ee4\u4e00\u5b9a\u8981\u6267\u884c\uff0c\u53ef\u80fd\u4f1a\u56e0\u4e3a\u5982\u4e0b\u539f\u56e0\u65e0\u6cd5\u542f\u52a8\uff0c\u4e0d\u7528\u62c5\u5fc3\uff0c\u6267\u884ckubeadm init\u6216kubeadm join\u547d\u4ee4\u540ekubelet\u4f1a\u81ea\u52a8\u88absystemd\u91cd\u542f\u6210\u529f\u3002<\/p>\n
error:\u00a0failed\u00a0to\u00a0run\u00a0Kubelet:\u00a0invalid\u00a0kubeconfig:\u00a0stat\u00a0\/etc\/kubernetes\/kubelet.conf:\u00a0no\u00a0such\u00a0file\u00a0or\u00a0directory\n<\/pre>\n
 <\/p>\n
\u521d\u59cb\u5316\u96c6\u7fa4<\/h2>\n
1. \u4f7f\u7528sudo kubeadm init\u547d\u4ee4\u521d\u59cb\u5316\u96c6\u7fa4\uff0c\u53ef\u4ee5\u6307\u5b9aKubernetes master IP\uff1a–apiserver-advertise-address=<ip-address>\uff0c \u5982\u679c\u9009\u62e9Flannel\u505a\u4e3aPod\u7f51\u7edc\uff0c\u9700\u6307\u5b9aspecify –pod-network-cidr=10.244.0.0\/16. \u793a\u4f8b\u5982\u4e0b\uff1a<\/p>\n
sudo\u00a0kubeadm\u00a0init\u00a0--apiserver-advertise-address\u00a0192.168.17.139\u00a0--pod-network-cidr\u00a010.244.0.0\/16\n<\/pre>\n
kubeadm init\u4f1a\u505a\u4e00\u7cfb\u5217\u7684\u9884\u68c0\u67e5\u5df2\u786e\u4fdd\u6ee1\u8db3\u96c6\u7fa4\u90e8\u7f72\u6761\u4ef6\uff0c\u68c0\u67e5\u8fc7\u7a0b\u5927\u6982\u4f1a\u6267\u884c\u51e0\u5206\u949f\u3002<\/p>\n
[kubeadm]\u00a0WARNING:\u00a0kubeadm\u00a0is\u00a0in\u00a0beta,\u00a0please\u00a0do\u00a0not\u00a0use\u00a0it\u00a0for\u00a0production\u00a0clusters.\n[init]\u00a0Using\u00a0Kubernetes\u00a0version:\u00a0v1.7.1\n[init]\u00a0Using\u00a0Authorization\u00a0modes:\u00a0[Node\u00a0RBAC]\n[preflight]\u00a0Running\u00a0pre-flight\u00a0checks\n[preflight]\u00a0WARNING:\u00a0docker\u00a0version\u00a0is\u00a0greater\u00a0than\u00a0the\u00a0most\u00a0recently\u00a0validated\u00a0version.\u00a0Docker\u00a0version:\u00a017.03.1-ce.\u00a0Max\u00a0validated\u00a0version:\u00a01.12\n[preflight]\u00a0WARNING:\u00a0docker\u00a0service\u00a0is\u00a0not\u00a0enabled,\u00a0please\u00a0run\u00a0'systemctl\u00a0enable\u00a0docker.service'\n[preflight]\u00a0Starting\u00a0the\u00a0kubelet\u00a0service\n[certificates]\u00a0Generated\u00a0CA\u00a0certificate\u00a0and\u00a0key.\n[certificates]\u00a0Generated\u00a0API\u00a0server\u00a0certificate\u00a0and\u00a0key.\n[certificates]\u00a0API\u00a0Server\u00a0serving\u00a0cert\u00a0is\u00a0signed\u00a0for\u00a0DNS\u00a0names\u00a0[bjo-ep-dep-039.dev.fwmrm.net\u00a0kubernetes\u00a0kubernetes.default\u00a0kubernetes.default.svc\u00a0kubernetes.default.svc.cluster.local]\u00a0and\u00a0IPs\u00a0[10.96.0.1\u00a0192.168.17.139]\n[certificates]\u00a0Generated\u00a0API\u00a0server\u00a0kubelet\u00a0client\u00a0certificate\u00a0and\u00a0key.\n[certificates]\u00a0Generated\u00a0service\u00a0account\u00a0token\u00a0signing\u00a0key\u00a0and\u00a0public\u00a0key.\n[certificates]\u00a0Generated\u00a0front-proxy\u00a0CA\u00a0certificate\u00a0and\u00a0key.\n[certificates]\u00a0Generated\u00a0front-proxy\u00a0client\u00a0certificate\u00a0and\u00a0key.\n[certificates]\u00a0Valid\u00a0certificates\u00a0and\u00a0keys\u00a0now\u00a0exist\u00a0in\u00a0\"\/etc\/kubernetes\/pki\"\n[kubeconfig]\u00a0Wrote\u00a0KubeConfig\u00a0file\u00a0to\u00a0disk:\u00a0\"\/etc\/kubernetes\/admin.conf\"\n[kubeconfig]\u00a0Wrote\u00a0KubeConfig\u00a0file\u00a0to\u00a0disk:\u00a0\"\/etc\/kubernetes\/kubelet.conf\"\n[kubeconfig]\u00a0Wrote\u00a0KubeConfig\u00a0file\u00a0to\u00a0disk:\u00a0\"\/etc\/kubernetes\/controller-manager.conf\"\n[kubeconfig]\u00a0Wrote\u00a0KubeConfig\u00a0file\u00a0to\u00a0disk:\u00a0\"\/etc\/kubernetes\/scheduler.conf\"\n[apiclient]\u00a0Created\u00a0API\u00a0client,\u00a0waiting\u00a0for\u00a0the\u00a0control\u00a0plane\u00a0to\u00a0become\u00a0ready\n[apiclient]\u00a0All\u00a0control\u00a0plane\u00a0components\u00a0are\u00a0healthy\u00a0after\u00a031.001311\u00a0seconds\n[token]\u00a0Using\u00a0token:\u00a0472def.6bbb304791b76492\n[apiconfig]\u00a0Created\u00a0RBAC\u00a0rules\n[addons]\u00a0Applied\u00a0essential\u00a0addon:\u00a0kube-proxy\n[addons]\u00a0Applied\u00a0essential\u00a0addon:\u00a0kube-dns\n\nYour\u00a0Kubernetes\u00a0master\u00a0has\u00a0initialized\u00a0successfully!\nTo\u00a0start\u00a0using\u00a0your\u00a0cluster,\u00a0you\u00a0need\u00a0to\u00a0run\u00a0(as\u00a0a\u00a0regular\u00a0user):\nmkdir\u00a0-p\u00a0$HOME\/.kube\nsudo\u00a0cp\u00a0-i\u00a0\/etc\/kubernetes\/admin.conf\u00a0$HOME\/.kube\/config\nsudo\u00a0chown\u00a0$(id\u00a0-u):$(id\u00a0-g)\u00a0$HOME\/.kube\/config\n\nYou\u00a0should\u00a0now\u00a0deploy\u00a0a\u00a0pod\u00a0network\u00a0to\u00a0the\u00a0cluster.\nRun\u00a0\"kubectl\u00a0apply\u00a0-f\u00a0[podnetwork].yaml\"\u00a0with\u00a0one\u00a0of\u00a0the\u00a0options\u00a0listed\u00a0at:\nhttp:\/\/kubernetes.io\/docs\/admin\/addons\/\n\nYou\u00a0can\u00a0now\u00a0join\u00a0any\u00a0number\u00a0of\u00a0machines\u00a0by\u00a0running\u00a0the\u00a0following\u00a0on\u00a0each\u00a0node\u00a0as\u00a0root:\nkubeadm\u00a0join\u00a0--token\u00a0472def.6bbb304791b76492\u00a0192.168.17.139:6443\n<\/pre>\n
Kubernetes\u6839\u636e\u5728\/etc\/kubernetes\/manifests\u76ee\u5f55\u4e0b\u7684manifests\u751f\u6210API server, controller manager and scheduler\u7b49\u9759\u6001pod\u3002<\/p>\n
sudo\u00a0ls\u00a0\/etc\/kubernetes\/manifests\netcd.yaml\u00a0\u00a0kube-apiserver.yaml\u00a0\u00a0kube-controller-manager.yaml\u00a0\u00a0kube-scheduler.yaml\n<\/pre>\n
kube-apiserver.yaml\u6587\u4ef6\u5185\u5bb9\u4e3a\u4f8b\uff0c\u53ef\u4ee5\u67e5\u770b\u5230\u542f\u52a8kube-apiserver\u9700\u8981\u7684\u53c2\u6570\uff08\u53ef\u5b9a\u5236\uff0c\u4fee\u6539\u8be5\u6587\u4ef6\u5373\u53ef\uff0ckubelet\u4f1a\u76d1\u63a7\u8be5\u6587\u4ef6\u53d8\u5316\uff0c\u4e00\u65e6\u53d8\u5316\u4f1a\u7acb\u5373\u91cd\u65b0\u751f\u6210pod\uff09\u3001image\u3001health check\u63a2\u9488\u3001QoS\u7b49\u914d\u7f6e\uff0c\u4e5f\u53ef\u4ee5\u628aimage\u63d0\u524d\u4e0b\u8f7d\u4e0b\u6765\u52a0\u5feb\u90e8\u7f72\u901f\u5ea6\u3002<\/p>\n
spec:\ncontainers:\n-\u00a0command:\n-\u00a0kube-apiserver\n-\u00a0--experimental-bootstrap-token-auth=true\n-\u00a0--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname\n-\u00a0--requestheader-allowed-names=front-proxy-client\n-\u00a0--kubelet-client-certificate=\/etc\/kubernetes\/pki\/apiserver-kubelet-client.crt\n-\u00a0--kubelet-client-key=\/etc\/kubernetes\/pki\/apiserver-kubelet-client.key\n-\u00a0--secure-port=6443\n-\u00a0--admission-control=Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,NodeRestriction,ResourceQuota\n-\u00a0--requestheader-group-headers=X-Remote-Group\n-\u00a0--allow-privileged=true\n-\u00a0--requestheader-username-headers=X-Remote-User\n-\u00a0--requestheader-extra-headers-prefix=X-Remote-Extra-\n-\u00a0--service-account-key-file=\/etc\/kubernetes\/pki\/sa.pub\n-\u00a0--tls-private-key-file=\/etc\/kubernetes\/pki\/apiserver.key\n-\u00a0--requestheader-client-ca-file=\/etc\/kubernetes\/pki\/front-proxy-ca.crt\n-\u00a0--proxy-client-key-file=\/etc\/kubernetes\/pki\/front-proxy-client.key\n-\u00a0--insecure-port=0\n-\u00a0--client-ca-file=\/etc\/kubernetes\/pki\/ca.crt\n-\u00a0--tls-cert-file=\/etc\/kubernetes\/pki\/apiserver.crt\n-\u00a0--proxy-client-cert-file=\/etc\/kubernetes\/pki\/front-proxy-client.crt\n-\u00a0--service-cluster-ip-range=10.96.0.0\/12\n-\u00a0--authorization-mode=Node,RBAC\n-\u00a0--advertise-address=192.168.17.139\n-\u00a0--etcd-servers=http:\/\/127.0.0.1:2379\n-\u00a0--service-node-port-range=20000-65535\nimage:\u00a0gcr.io\/google_containers\/kube-apiserver-amd64:v1.7.1\nlivenessProbe:\n\u00a0\u00a0failureThreshold:\u00a08\n\u00a0\u00a0httpGet:\n\u00a0\u00a0\u00a0\u00a0host:\u00a0127.0.0.1\n\u00a0\u00a0\u00a0\u00a0path:\u00a0\/healthz\n\u00a0\u00a0\u00a0\u00a0port:\u00a06443\n\u00a0\u00a0\u00a0\u00a0scheme:\u00a0HTTPS\n\u00a0\u00a0initialDelaySeconds:\u00a015\n\u00a0\u00a0timeoutSeconds:\u00a015\nname:\u00a0kube-apiserver\nresources:\n\u00a0\u00a0requests:\n\u00a0\u00a0\u00a0\u00a0cpu:\u00a0250m\n<\/pre>\n
kube-apiserver yaml\u6587\u4ef6kube-apiserver.yaml\u4e2d\u7684\u9009\u9879–insecure-port\u8bbe\u7f6e\u4e3a0\uff0c\u8bf4\u660ekube-apiserver\u5e76\u672a\u76d1\u542c\u9ed8\u8ba4http 8080\u7aef\u53e3\uff0c\u800c\u662f\u76d1\u542c\u4e86https 6443\u7aef\u53e3<\/p>\n
sudo\u00a0netstat\u00a0-nltp\u00a0|\u00a0grep\u00a06443\ntcp\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a00\u00a0\u00a0\u00a0\u00a0\u00a0\u00a00\u00a00.0.0.0:6443\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a00.0.0.0:*\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0LISTEN\u00a0\u00a0\u00a0\u00a0\u00a0\u00a020936\/kube-apiserve\u00a0\n<\/pre>\n
\u6ce8\uff1a\u4ece\u4e0a\u9762\u4fe1\u606f\u53ef\u77e5kube-dns\u5df2\u7ecf\u4ee5pod\u5f62\u5f0f\u8fd0\u884c\u4f46\u5904\u4e8epending\u72b6\u6001\uff0c\u4e3b\u8981\u56e0\u4e3apod\u7f51\u7edcflannel\u8fd8\u672a\u90e8\u7f72\uff0c\u53e6\u5916\u56e0\u4e0b\u6587\u4e2d\u7684Master Isolation\u7279\u6027\u5bfc\u81f4kube-dns\u65e0\u8282\u70b9\u53ef\u90e8\u7f72\u3002\u52a0\u5165\u8282\u70b9\u4ee5\u53ca\u89e3\u9664Master Isolation\u5747\u53ef\u4ee5\u4f7fkube-dns\u6210\u529f\u8fd0\u884c\u3001\u5904\u4e8erunning\u72b6\u6001
\n2. kubeadm init\u547d\u4ee4\u6700\u540e\u751f\u6210\u7684\u201ckubeadm join –token 472def.6bbb304791b76492 192.168.17.139:6443\u201d\u9700\u8981\u8bb0\u5f55\uff0c\u7528\u4e8e\u8282\u70b9\u52a0\u5165\u96c6\u7fa4\uff0ctoken\u4e5f\u53ef\u901a\u8fc7 sudo kubeadm token list\u83b7\u53d6\u3002<\/p>\n
!769\u00a0$\u00a0sudo\u00a0kubeadm\u00a0token\u00a0list\nTOKEN\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0TTL\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0EXPIRES\u00a0\u00a0\u00a0USAGES\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0DESCRIPTION\n472def.6bbb304791b76492\u00a0\u00a0\u00a0<forever>\u00a0\u00a0\u00a0<never>\u00a0\u00a0\u00a0authentication,signing\u00a0\u00a0\u00a0The\u00a0default\u00a0bootstrap\u00a0token\u00a0generated\u00a0by\u00a0'kubeadm\u00a0init'.\n<\/pre>\n
\u6ce8\uff1a\u5982\u679c\u4e4b\u524d\u7528’sudo kubeadm init’\u6216’sudo kubeadm join’.\u5df2\u7ecf\u521d\u59cb\u5316\u8fc7\u96c6\u7fa4\u6216\u52a0\u8fc7\u8282\u70b9\uff0c\u9884\u68c0\u67e5\u4f1a\u5931\u8d25\uff0c\u9700\u7528sudo kubeadm reset\u547d\u4ee4\u6765revert\uff1a<\/p>\n
[preflight]\u00a0Running\u00a0pre-flight\u00a0checks\n[reset]\u00a0Stopping\u00a0the\u00a0kubelet\u00a0service\n[reset]\u00a0Unmounting\u00a0mounted\u00a0directories\u00a0in\u00a0\"\/var\/lib\/kubelet\"\n[reset]\u00a0Removing\u00a0kubernetes-managed\u00a0containers\n[reset]\u00a0Deleting\u00a0contents\u00a0of\u00a0stateful\u00a0directories:\u00a0[\/var\/lib\/kubelet\u00a0\/etc\/cni\/net.d\u00a0\/var\/lib\/dockershim\u00a0\/var\/lib\/etcd]\n[reset]\u00a0Deleting\u00a0contents\u00a0of\u00a0config\u00a0directories:\u00a0[\/etc\/kubernetes\/manifests\u00a0\/etc\/kubernetes\/pki]\n[reset]\u00a0Deleting\u00a0files:\u00a0[\/etc\/kubernetes\/admin.conf\u00a0\/etc\/kubernetes\/kubelet.conf\u00a0\/etc\/kubernetes\/controller-manager.conf\u00a0\/etc\/kubernetes\/scheduler.conf]\n<\/pre>\n
3. kubeadm init\u547d\u4ee4\u6267\u884c\u5b8c\u6bd5\u540e\uff0c\u9700\u6267\u884c\u5982\u4e0b\u547d\u4ee4\uff08\u6ce8\uff1amkdir\u4e0d\u8981\u52a0sudo\uff0c$HOME\u4e0d\u9700\u8981\u505a\u66ff\u6362\u53d8\u91cf\u66ff\u6362\uff09<\/p>\n
mkdir\u00a0-p\u00a0$HOME\/.kube\nsudo\u00a0cp\u00a0-i\u00a0\/etc\/kubernetes\/admin.conf\u00a0$HOME\/.kube\/config\nsudo\u00a0chown\u00a0$(id\u00a0-u):$(id\u00a0-g)\u00a0$HOME\/.kube\/config\n<\/pre>\n
\u67e5\u770b\u5168\u90e8namespace\u4e0b\u7684pod\uff1a<\/p>\n
kubectl\u00a0get\u00a0pods\u00a0--all-namespaces\nNAMESPACE\u00a0\u00a0\u00a0\u00a0\u00a0NAME\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0READY\u00a0\u00a0\u00a0\u00a0\u00a0STATUS\u00a0\u00a0\u00a0\u00a0RESTARTS\u00a0\u00a0\u00a0AGE\nkube-system\u00a0\u00a0\u00a0etcd-bjo-ep-dep-039.dev.fwmrm.net\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a01\/1\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Running\u00a0\u00a0\u00a00\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a02h\nkube-system\u00a0\u00a0\u00a0kube-apiserver-bjo-ep-dep-039.dev.fwmrm.net\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a01\/1\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Running\u00a0\u00a0\u00a00\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a02h\nkube-system\u00a0\u00a0\u00a0kube-controller-manager-bjo-ep-dep-039.dev.fwmrm.net\u00a0\u00a0\u00a01\/1\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Running\u00a0\u00a0\u00a00\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a02h\nkube-system\u00a0\u00a0\u00a0kube-dns-2425271678-8k4dn\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a00\/3\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Pending\u00a0\u00a0\u00a00\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a02h\nkube-system\u00a0\u00a0\u00a0kube-proxy-vd39t\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a01\/1\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Running\u00a0\u00a0\u00a00\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a02h\nkube-system\u00a0\u00a0\u00a0kube-scheduler-bjo-ep-dep-039.dev.fwmrm.net\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a01\/1\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Running\u00a0\u00a0\u00a00\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a02h\n<\/pre>\n
 <\/p>\n
Master Isolation<\/h2>\n
\u7531\u4e8e\u5b89\u5168\u539f\u56e0\uff0c\u9ed8\u8ba4\u60c5\u51b5\u4e0bpod\u4e0d\u4f1a\u88abschedule\u5230master\u8282\u70b9\u4e0a\uff0c\u53ef\u4ee5\u901a\u8fc7\u4e0b\u9762\u547d\u4ee4\u89e3\u9664\u8fd9\u79cd\u9650\u5236\uff1akubectl taint nodes –all node-role.kubernetes.io\/master<\/p>\n
kubectl\u00a0taint\u00a0nodes\u00a0--all\u00a0node-role.kubernetes.io\/master-\nnode\u00a0\"bjo-ep-dep-039.dev.fwmrm.net\"\u00a0untainted\n<\/pre>\n
 <\/p>\n
\u5b89\u88c5pod\u7f51\u7edcFlannel<\/h2>\n
1.\u901a\u8fc7\u5982\u4e0b2\u6761\u547d\u4ee4\u6267\u5b89\u88c5Flannel\uff1a
\nkubectl apply -f\u00a0https:\/\/raw.githubusercontent. … c.yml<\/a>
\nkubectl apply -f\u00a0https:\/\/raw.githubusercontent. … l.yml<\/a><\/p>\n
kubectl\u00a0apply\u00a0-f\u00a0https:\/\/raw.githubusercontent.com\/coreos\/flannel\/master\/Documentation\/kube-flannel-rbac.yml\nclusterrole\u00a0\"flannel\"\u00a0created\nclusterrolebinding\u00a0\"flannel\"\u00a0created\n<\/pre>\n
 <\/p>\n
kubectl\u00a0apply\u00a0-f\u00a0https:\/\/raw.githubusercontent.com\/coreos\/flannel\/master\/Documentation\/kube-flannel.yml\nserviceaccount\u00a0\"flannel\"\u00a0created\nconfigmap\u00a0\"kube-flannel-cfg\"\u00a0created\ndaemonset\u00a0\"kube-flannel-ds\"\u00a0created\n<\/pre>\n
2. \u9a8c\u8bc1dns\u662f\u5426\u5de5\u4f5c
\n\u521b\u5efabusybox.yml,\u5185\u5bb9\u5982\u4e0b\uff1a<\/p>\n
apiVersion:\u00a0v1\nkind:\u00a0Pod\nmetadata:\nname:\u00a0busybox\nnamespace:\u00a0default\nspec:\ncontainers:\n-\u00a0image:\u00a0busybox\ncommand:\n\u00a0\u00a0-\u00a0sleep\n\u00a0\u00a0-\u00a0\"3600\"\nimagePullPolicy:\u00a0IfNotPresent\nname:\u00a0busybox\nrestartPolicy:\u00a0Always\n<\/pre>\n
\u901a\u8fc7kubectl create -f busybox.yaml\u521b\u5efapod\uff0c\u5e76\u9a8c\u8bc1\u901a\u8fc7kubectl exec -ti busybox — nslookup kubernetes.default\u9a8c\u8bc1dns\u662f\u5426\u5de5\u4f5c\u3002<\/p>\n
kubectl\u00a0exec\u00a0-ti\u00a0busybox\u00a0--\u00a0nslookup\u00a0kubernetes.default\nServer:\u00a0\u00a0\u00a0\u00a010.96.0.10\nAddress\u00a01:\u00a010.96.0.10\u00a0kube-dns.kube-system.svc.cluster.local\n\nName:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0kubernetes.default\nAddress\u00a01:\u00a010.96.0.1\u00a0kubernetes.default.svc.cluster.local\n<\/pre>\n
 <\/p>\n
\u52a0\u5165\u8282\u70b9\u5230\u96c6\u7fa4<\/h2>\n
1. \u4f7f\u7528\u524d\u9762kubeadm init\u4ea7\u751f\u7684token\u52a0\u5165\u8282\u70b9sudo kubeadm join 192.168.17.139:6443 –token 472def.6bbb304791b76492<\/p>\n
[kubeadm]\u00a0WARNING:\u00a0kubeadm\u00a0is\u00a0in\u00a0beta,\u00a0please\u00a0do\u00a0not\u00a0use\u00a0it\u00a0for\u00a0production\u00a0clusters.\n[preflight]\u00a0Running\u00a0pre-flight\u00a0checks\n[preflight]\u00a0WARNING:\u00a0hostname\u00a0\"\"\u00a0could\u00a0not\u00a0be\u00a0reached\n[preflight]\u00a0WARNING:\u00a0hostname\u00a0\"\"\u00a0lookup\u00a0:\u00a0no\u00a0such\u00a0host\n[preflight]\u00a0Some\u00a0fatal\u00a0errors\u00a0occurred:\nhostname\u00a0\"\"\u00a0a\u00a0DNS-1123\u00a0subdomain\u00a0must\u00a0consist\u00a0of\u00a0lower\u00a0case\u00a0alphanumeric\u00a0characters,\u00a0'-'\u00a0or\u00a0'.',\u00a0and\u00a0must\u00a0start\u00a0and\u00a0end\u00a0with\u00a0an\u00a0alphanumeric\u00a0character\u00a0(e.g.\u00a0'example.com',\u00a0regex\u00a0used\u00a0for\u00a0validation\u00a0is\u00a0'[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')\n[preflight]\u00a0If\u00a0you\u00a0know\u00a0what\u00a0you\u00a0are\u00a0doing,\u00a0you\u00a0can\u00a0skip\u00a0pre-flight\u00a0checks\u00a0with\u00a0`--skip-preflight-checks`\n<\/pre>\n
\u9884\u68c0\u67e5\u62a5\u4e86\u4e00\u4e2aFatal\u9519\u8bef\uff0c\u8fd9\u5e94\u8be5\u662fkubeadm1.7\u7684\u4e00\u4e2abug\uff0c\u53ef\u7528–skip-preflight-checks\u53d6\u6d88\u9884\u68c0\u67e5<\/p>\n
sudo\u00a0kubeadm\u00a0join\u00a0--skip-preflight-checks\u00a0--token\u00a0472def.6bbb304791b76492\u00a0192.168.17.139:6443\n[kubeadm]\u00a0WARNING:\u00a0kubeadm\u00a0is\u00a0in\u00a0beta,\u00a0please\u00a0do\u00a0not\u00a0use\u00a0it\u00a0for\u00a0production\u00a0clusters.\n[preflight]\u00a0Skipping\u00a0pre-flight\u00a0checks\n[discovery]\u00a0Trying\u00a0to\u00a0connect\u00a0to\u00a0API\u00a0Server\u00a0\"192.168.17.139:6443\"\n[discovery]\u00a0Created\u00a0cluster-info\u00a0discovery\u00a0client,\u00a0requesting\u00a0info\u00a0from\u00a0\"https:\/\/192.168.17.139:6443\"\n[discovery]\u00a0Cluster\u00a0info\u00a0signature\u00a0and\u00a0contents\u00a0are\u00a0valid,\u00a0will\u00a0use\u00a0API\u00a0Server\u00a0\"https:\/\/192.168.17.139:6443\"\n[discovery]\u00a0Successfully\u00a0established\u00a0connection\u00a0with\u00a0API\u00a0Server\u00a0\"192.168.17.139:6443\"\n[bootstrap]\u00a0Detected\u00a0server\u00a0version:\u00a0v1.7.1\n[bootstrap]\u00a0The\u00a0server\u00a0supports\u00a0the\u00a0Certificates\u00a0API\u00a0(certificates.k8s.io\/v1beta1)\n[csr]\u00a0Created\u00a0API\u00a0client\u00a0to\u00a0obtain\u00a0unique\u00a0certificate\u00a0for\u00a0this\u00a0node,\u00a0generating\u00a0keys\u00a0and\u00a0certificate\u00a0signing\u00a0request\n[csr]\u00a0Received\u00a0signed\u00a0certificate\u00a0from\u00a0the\u00a0API\u00a0server,\u00a0generating\u00a0KubeConfig...\n[kubeconfig]\u00a0Wrote\u00a0KubeConfig\u00a0file\u00a0to\u00a0disk:\u00a0\"\/etc\/kubernetes\/kubelet.conf\"\n\nNode\u00a0join\u00a0complete:\n*\u00a0Certificate\u00a0signing\u00a0request\u00a0sent\u00a0to\u00a0master\u00a0and\u00a0response\nreceived.\n*\u00a0Kubelet\u00a0informed\u00a0of\u00a0new\u00a0secure\u00a0connection\u00a0details.\n\nRun\u00a0'kubectl\u00a0get\u00a0nodes'\u00a0on\u00a0the\u00a0master\u00a0to\u00a0see\u00a0this\u00a0machine\u00a0join.\n<\/pre>\n
\u6ce8\uff1anode\u4e0a\u9700\u8981\u5b89\u88c5kubeadm\uff0ckubelet\u5b89\u88c5\u5e76\u542f\u52a8\uff0c\u5426\u5219join\u63d0\u793a\u6210\u529f\u4f46\u5b9e\u9645\u52a0\u5165\u5931\u8d25\uff0c\u524d\u6587\u5df2\u6709\u8bf4\u660e\u3002
\n2. \u901a\u8fc7kubectl get nodes\u67e5\u770b\u8282\u70b9\u662f\u5426\u6210\u529f\u52a0\u5165\u96c6\u7fa4<\/p>\n
kubectl\u00a0get\u00a0nodes\nNAME\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0STATUS\u00a0\u00a0\u00a0\u00a0AGE\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0VERSION\nbjo-ep-dep-039.dev.fwmrm.net\u00a0\u00a0\u00a0Ready\u00a0\u00a0\u00a0\u00a0\u00a01d\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0v1.7.1\nbjo-ep-dep-040.dev.fwmrm.net\u00a0\u00a0\u00a0Ready\u00a0\u00a0\u00a0\u00a0\u00a019m\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0v1.7.1\nbjo-ep-svc-017.dev.fwmrm.net\u00a0\u00a0\u00a0Ready\u00a0\u00a0\u00a0\u00a0\u00a01h\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0v1.7.1\u00a0\n<\/pre>\n
3. \u6d4b\u8bd5\u96c6\u7fa4\u662f\u5426\u6b63\u5e38\u5de5\u4f5c<\/p>\n
kubectl\u00a0create\u00a0-f\u00a0https:\/\/raw.githubusercontent.com\/kubernetes\/kubernetes.github.io\/master\/docs\/concepts\/workloads\/controllers\/nginx-deployment.yaml\n<\/pre>\n
\u901a\u8fc7kubectl get po -o wide\u67e5\u770b\uff0c3\u4e2aNginx\u5b9e\u4f8b\u5206\u522b\u90e8\u7f72\u52303\u4e2anode\u4e0a<\/p>\n
kubectl\u00a0get\u00a0po\u00a0-o\u00a0wide\nNAME\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0READY\u00a0\u00a0\u00a0\u00a0\u00a0STATUS\u00a0\u00a0\u00a0\u00a0RESTARTS\u00a0\u00a0\u00a0AGE\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0IP\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0NODE\nnginx-deployment-431080787-2z167\u00a0\u00a0\u00a01\/1\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Running\u00a0\u00a0\u00a00\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a03m\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a010.244.0.15\u00a0\u00a0\u00a0bjo-ep-dep-039.dev.fwmrm.net\nnginx-deployment-431080787-55fl8\u00a0\u00a0\u00a01\/1\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Running\u00a0\u00a0\u00a00\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a03m\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a010.16.103.5\u00a0\u00a0\u00a0bjo-ep-svc-017.dev.fwmrm.net\nnginx-deployment-431080787-bcmfx\u00a0\u00a0\u00a01\/1\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0Running\u00a0\u00a0\u00a00\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a03m\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a010.16.103.4\u00a0\u00a0\u00a0bjo-ep-svc-017.dev.fwmrm.net\n<\/pre>\n
 <\/p>\n
\u96c6\u7fa4\u5916\u8bbf\u95ee\u96c6\u7fa4<\/h2>\n
\u9ed8\u8ba4\u60c5\u51b5\u4e0b\u56e0\u5b89\u5168\u539f\u56e0\uff0c\u96c6\u7fa4\u5916\u90e8\u4e0d\u53ef\u4ee5\u76f4\u63a5\u64cd\u4f5c\u96c6\u7fa4\uff0c\u5982\u9700\u8981\u96c6\u7fa4\u5916\u90e8\u64cd\u4f5c\uff0c\u53ef\u901a\u8fc7\u5982\u4e0b\u65b9\u5f0f<\/p>\n
scp\u00a0root@<master\u00a0ip>:\/etc\/kubernetes\/admin.conf\u00a0.\nkubectl\u00a0--kubeconfig\u00a0.\/admin.conf\u00a0get\u00a0nodes\n<\/pre>\n
\u793a\u4f8b\u5982\u4e0b\uff1a<\/p>\n
xiazhang-mac:~\u00a0xiazhang$\u00a0kubectl\u00a0--kubeconfig\u00a0.\/admin.conf\u00a0-n\u00a0kube-system\u00a0\u00a0get\u00a0nodes\nNAME\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0STATUS\u00a0\u00a0\u00a0\u00a0AGE\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0VERSION\nbjo-ep-dep-039.dev.fwmrm.net\u00a0\u00a0\u00a0Ready\u00a0\u00a0\u00a0\u00a0\u00a02d\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0v1.7.1\nbjo-ep-dep-040.dev.fwmrm.net\u00a0\u00a0\u00a0Ready\u00a0\u00a0\u00a0\u00a0\u00a022h\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0v1.7.1\nbjo-ep-svc-017.dev.fwmrm.net\u00a0\u00a0\u00a0Ready\u00a0\u00a0\u00a0\u00a0\u00a023h\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0v1.7.1\n<\/pre>\n
\u6216\u901a\u8fc7kubectl proxy\u8bbe\u7f6e\u4ee3\u7406:<\/p>\n
scp\u00a0root@<master\u00a0ip>:\/etc\/kubernetes\/admin.conf\u00a0.\nkubectl\u00a0--kubeconfig\u00a0.\/admin.conf\u00a0proxy\n<\/pre>\n
\u793a\u4f8b\u5982\u4e0b\uff1a<\/p>\n
xiazhang-mac:~\u00a0xiazhang$\u00a0kubectl\u00a0--kubeconfig\u00a0.\/admin.conf\u00a0proxy\nStarting\u00a0to\u00a0serve\u00a0on\u00a0127.0.0.1:8001\nkubectl\u00a0config\u00a0set-cluster\u00a0default-cluster\u00a0--server=http:\/\/localhost:8001\n<\/pre>\n
\u53e6\u5f00\u4e00\u4e2aTerminal\uff0c\u6267\u884c kubectl get nodes<\/p>\n
xiazhang-mac:~\u00a0xiazhang$\u00a0kubectl\u00a0get\u00a0nodes\nNAME\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0STATUS\u00a0\u00a0\u00a0\u00a0AGE\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0VERSION\nbjo-ep-dep-039.dev.fwmrm.net\u00a0\u00a0\u00a0Ready\u00a0\u00a0\u00a0\u00a0\u00a02d\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0v1.7.1\nbjo-ep-dep-040.dev.fwmrm.net\u00a0\u00a0\u00a0Ready\u00a0\u00a0\u00a0\u00a0\u00a022h\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0v1.7.1\nbjo-ep-svc-017.dev.fwmrm.net\u00a0\u00a0\u00a0Ready\u00a0\u00a0\u00a0\u00a0\u00a023h\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0v1.7.1\n<\/pre>\n
 <\/p>\n
Kubernetes Dashboard<\/h2>\n
1. \u4f7f\u7528\u5b98\u65b9yml\u6587\u4ef6\u00a0https:\/\/github.com\/kubernetes\/dashboard<\/a>\uff0c\u589e\u52a0NodePort\u66b4\u9732service\u7aef\u53e3\uff0c\u672c\u6587\u4ee531000\u4e3a\u4f8b\u3002<\/p>\n
kind:\u00a0Service\napiVersion:\u00a0v1\nmetadata:\nlabels:\nk8s-app:\u00a0kubernetes-dashboard\nname:\u00a0kubernetes-dashboard\nnamespace:\u00a0kube-system\nspec:\ntype:\u00a0NodePort\nports:\n-\u00a0port:\u00a080\ntargetPort:\u00a09090\nnodePort:\u00a031000\nselector:\nk8s-app:\u00a0kubernetes-dashboard\n<\/pre>\n
2. Kubernetes 1.6\u5f00\u59cbAPI Server\u542f\u7528\u4e86RBAC\u6388\u6743\uff0ckubernetes-dashboard.yaml\u4e2d\u5e76\u672a\u5b9a\u4e49\u9700\u8981\u6388\u6743\u7684ServiceAccount\uff0c\u5982\u679c\u8bbf\u95eeDashborad\uff1ahttp:\/\/ClusterIP:NodePort<\/a>\u4f1a\u88ab\u62d2\u7edd\u3002<\/p>\n
User\u00a0\"system:serviceaccount:kube-system:default\"\u00a0cannot\u00a0list\u00a0statefulsets.apps\u00a0in\u00a0the\u00a0namespace\u00a0\"default\".\u00a0(get\u00a0statefulsets.apps)\n<\/pre>\n
\u5b9a\u4e49dashboard-rbac.yaml\uff0c\u5e76kubectl create -f dashboard-rbac.yaml<\/p>\n
kind:\u00a0ClusterRoleBinding\napiVersion:\u00a0rbac.authorization.k8s.io\/v1beta1\nmetadata:\nname:\u00a0dashboard-admin\nroleRef:\napiGroup:\u00a0rbac.authorization.k8s.io\nkind:\u00a0ClusterRole\nname:\u00a0cluster-admin\u00a0\nsubjects:\n-\u00a0kind:\u00a0ServiceAccount\nname:\u00a0default\nnamespace:\u00a0kube-system\n<\/pre>\n
3. \u90e8\u7f72Heapster in a Kubernetes
\n\u9996\u5148\u4e0b\u8f7d\u5982\u4e0b\u76ee\u5f55\u6587\u4ef6<\/p>\n
https:\/\/github.com\/kubernetes\/heapster\/blob\/master\/deploy\/kube-config\/rbac\/heapster-rbac.yaml\nhttps:\/\/github.com\/kubernetes\/heapster\/tree\/master\/deploy\/kube-config\/influxdb\n<\/pre>\n
\u62f7\u8d1dheapster-rbac.yaml \u5230influxdb\u6587\u4ef6\u5939\u4e0b\uff0c\u7136\u540e\u6267\u884c\uff1a<\/p>\n
kubectl\u00a0create\u00a0-f\u00a0deploy\/kube-config\/influxdb\n<\/pre>\n
\u6ce8\uff1a\u90e8\u7f72grafana\u5982\u62a5\u5982\u4e0b\u9519\u8bef<\/p>\n
Starting\u00a0a\u00a0utility\u00a0program\u00a0that\u00a0will\u00a0configure\u00a0Grafana\nStarting\u00a0Grafana\u00a0in\u00a0foreground\u00a0mode\nt=2017-07-17T07:28:47+0000\u00a0lvl=crit\u00a0msg=\"Failed\u00a0to\u00a0parse\u00a0\/etc\/grafana\/grafana.ini,\u00a0open\u00a0\/etc\/grafana\/grafana.ini:\u00a0no\u00a0such\u00a0file\u00a0or\u00a0directory%!(EXTRA\u00a0[]interface\u00a0{}=[])\"\n<\/pre>\n
\u53ef\u901a\u8fc7\u66ff\u6362image\u89e3\u51b3\uff0c\u7f16\u8f91deploy\/kube-config\/influxdb\/grafana.yaml<\/p>\n
spec:\n\u00a0\u00a0containers:\n\u00a0\u00a0-\u00a0name:\u00a0grafana\n\u00a0\u00a0\u00a0\u00a0#image:\u00a0gcr.io\/google_containers\/heapster-grafana-amd64:v4.2.0\n\u00a0\u00a0\u00a0\u00a0image:\u00a0gcr.io\/google_containers\/heapster-grafana-amd64:v4.0.2\n<\/pre>\n
4. \u8bbf\u95eeDashboard UI:\u00a0http:\/\/192.168.17.139:31000\/%2 … D_all<\/a><\/p>\n
\"12345.jpg\"<\/a><\/div>\n
\u96c6\u7fa4\u90e8\u7f72\u5230\u6b64\u5b8c\u6210\uff0c\u6709\u95ee\u9898\u6b22\u8fce\u7559\u8a00\u4ea4\u6d41\u3002<\/strong><\/p>\n
\u53c2\u8003\u8d44\u6599<\/h2>\n
https:\/\/kubernetes.io\/docs\/set … eadm\/<\/a>
\nhttps:\/\/kubernetes.io\/docs\/admin\/kubeadm\/<\/a>
\nhttps:\/\/kubernetes.io\/docs\/set … eadm\/<\/a>
\nhttps:\/\/kubernetes.io\/docs\/tas … ectl\/<\/a>
\nhttps:\/\/stackoverflow.com\/ques … board<\/a>
\nhttp:\/\/www.cnblogs.com\/caiwenhao\/p\/6196014.html<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
\u524d\u8a00 kubeadm\u662fKubernetes\u5b98\u65b9\u63a8\u51fa\u7684\u5feb\u901f\u90e8\u7f72Kubernetes\u96c6\u7fa4\u5de5\u5177\uff0c\u5176\u601d\u8def\u662f\u5c06Kubernetes\u76f8\u5173\u670d\u52a1\u5bb9\u5668\u5316(Kubernetes\u9759\u6001Pod)\u4ee5\u7b80\u5316\u90e8\u7f72\u3002kubeadm\u5f53\u524d\u5904\u4e8ebeta\u9636\u6bb5\uff0c\u4e0d\u5efa\u8bae\u751f\u4ea7\u73af\u5883\u4f7f\u7528\uff08\u6bd4\u5982etcd\u5355\u70b9\uff09\u3002\u4f7f\u7528kubeadm\u90e8\u7f72Kubernetes\u96c6\u7fa4\u975e\u5e38\u7b80\u5355\u65b9\u4fbf\uff0c\u672c\u6587\u8bb0\u5f55\u4e86\u5728Red Hat 7\u4e0a\u7528kubeadm\u90e8\u7f72\u4e00\u4e2a\u5b89\u5168\u7684Kubernetes\u96c6\u7fa4\u7684\u5168\u8fc7\u7a0b\uff0cCentOS 7\u90e8\u7f72\u8fc7\u7a0b\u4e0e\u4e4b\u7c7b\u4f3c\u3002 \u5982\u9700kubeadm\u90e8\u7f72\u4e00\u4e2a\u9ad8\u53ef\u7528\u7684\u96c6\u7fa4\uff0c\u53ef\u91c7\u7528\u5982\u4e0b\u65b9\u5f0f kubeadm\u00a0init\u00a0–api-advertise-addresses=vip\u00a0–external-etcd-endpoints=http:\/\/x.x.x.x:2379,http:\/\/x.x.x.x:2379,http:\/\/x.x.x.x:2379\u00a0–pod-network-cidr\u00a010.244.0.0\/16 \u6ce8\uff1a–api-advertise-addresses \u672c\u8eab\u652f\u6301\u591a\u4e2aapi service ip\uff0c\u4f46\u64cd\u4f5ckubeadm join\u52a0\u5165\u96c6\u7fa4\u8282\u70b9\u4f1a\u5931\u8d25, \u6240\u4ee5\u5bf9\u5916\u670d\u52a1\u53ea\u914d\u7f6e\u4e3a\u4e00\u4e2avip\u3002 \u90e8\u7f72\u5b9e\u4f8b etcd\u00a0Version:\u00a03.0.17 kubeadm:\u00a0v1.7.1 kubernetes:\u00a0v1.7.1 Flannel:\u00a0v0.8.0 Docker:\u00a017.03.1-ce   […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[1],"tags":[],"class_list":["post-416","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/posts\/416","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=416"}],"version-history":[{"count":0,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/posts\/416\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=416"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=416"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=416"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}