亟待总体资料和代码(包括所需的包)的看小说底部的领取形式,前边感觉是从未有过创立./kube目录的来由

至于 Kubernetes 1.8 + Flannel
的享受先天就完了了,需要完整资料和代码(包括所需的包)的看著作底部的领到模式。

Kubernetes 搭建有四种艺术,简单评价一下:

六.Docker-registry web 私有仓库构建

条件认证:
咱俩采纳 master 192.168.0.221 做个人仓库地址 ( docker-ce
的设置那里不再描述)
动用到的镜像:

docker-registry-web.tar.gz      #镜像仓库web展示
registry-v2.6.2.tar.gz           #镜像仓库容器
docker-registry-web-conf.tar.gz  #创建镜像仓库yaml配置文件

1.查看 docker 版本,配置 hosts 文件

[root@node1 ~]# vi /etc/hosts
192.168.0.221 registry-srv
192.168.0.221 registry-web

2.导入镜像

[root@node1 ~]# docker load -i  docker-registry-web.tar.gz
[root@node1 ~]# docker load -i  registry-v2.6.2.tar.gz

3.创立容器

[root@node1 ~]# tar -zxvf docker-registry-web-conf.tar.gz

1)启动 registry:

# docker run -v /root/docker-registry-web/conf/registry-srv.yml:/etc/docker/registry/config.yml:ro -v /root/docker-registry-web/conf/auth.cert:/etc/docker/registry/auth.cert:ro -v /data:/var/lib/registry/ -p 5000:5000 --restart=always --name registry-srv -d registry:2.6.2

2)启动 registry-web

# docker run -d -v /root/docker-registry-web/conf/registry-web.yml:/conf/config.yml:ro -v /root/docker-registry-web/conf/auth.key:/conf/auth.key -v /root/docker-registry-web/db:/data -it -p 8081:8080 --link registry-srv --restart=always --name registry-web hyper/docker-registry-web

4.WEB 造访修改 admin 用户权限
http://192.168.0.221:8081/login/auth
账号 admin 密码 admin

点击, “admin” 用户名,添加上删除和写的权杖
5.部署本机使用个人仓库

[root@node1 ~]# echo   '{ "insecure-registries":["registry-srv:5000"] }' >/etc/docker/daemon.json 
[root@node1 ~]# systemctl  restart docker        #重启docker
[root@node1 ~]# docker start  $(docker ps -a -q)   #启动容器

**6.上传镜像到 docker registry **

[root@node1 ~]# docker login registry-srv:5000 -u'admin' -p'admin'    #登录私有仓库[root@node1 ~]# docker tag 177391bcf802  registry-srv:5000/registry:2.6.2
[root@node1 ~]# docker push  registry-srv:5000/registry:2.6.2

7. kubernetes 配置 secret 拉取私仓镜像

#创建证书
[root@node1 ~]#  kubectl create secret docker-registry regsecret --docker-server=registry-srv:5000 --docker-username=admin --docker-password=admin --docker-email=admin@example.com

[root@node1 ~]# cat k8s/yaml/busybox.yaml 
apiVersion: v1
kind: Pod
metadata:
  name: busybox
  namespace: default
spec:
  containers:
  - image: registry-srv:5000/busybox:latest
    command:
      - ping  
      - "114.114.114.114"
    imagePullPolicy: IfNotPresent
    name: busybox
  restartPolicy: Always  imagePullSecrets:
  - name: regsecret(红色字体即是,配置镜像拉取,使用该证书)

[root@node1 ~]# kubectl create -f  k8s/yaml/busybox.yaml      #创建容器

1.基于Docker 本地运行Kubernetes 先决条件:
http://www.cnblogs.com/zhangeamon/p/5197655.html 参考资料:
https://github.com/kubernetes/community/blob/master/contributors/devel/local-cluster/docker.md
Install kubectl and shell auto complish: 评价:
这种措施本身没有搭建成功,一向有can not connet 127.0.0.1:8080
的问题,前边感觉是不曾成立./kube目录的缘故。可是尚未再试

七.Kubernetes Nginx Ingress 安装与利用

用过 kubernetes 的人都掌握,kubernetes 的 service 的网络项目有二种:

  • cluertip
  • nodeport
  • loadbanlance
    假如一个 service 想向外部表露服务,有 nodeport 和 loadbanlance
    类型。可是 nodeport 类型,你需要了解 service 对应的 pod 所在的 node
    的 ip。而 loadbanlance
    平时需要第三方云服务商提供支撑。假诺没有第三方服务商服务的就没办法做了。
    除开还有不少别样的代表形式,以下我第一讲解的是由此 ingress
    的办法来落实 service的对外劳务的表露。

    镜像地址: (本文的会顺手所需容器镜像)
    registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.8.3(ingress
    controller 的镜像)
    registry.cn-hangzhou.aliyuncs.com/google_containers/defaultbackend:1.0
    (默认路由的servcie的镜像)
    1.默认实例创造:

[root@node1 ingress]# kubectl  create -f default-http-backend.yaml 
[root@node1 ingress]#  kubectl expose rc default-http-backend --port=80 --target-port=8080  --namespace=kube-system                #重要:为默认实例创建svc

2.ingress-controller 创建

[root@node1 ingress]#  vi    ingress-controller.yaml
value: http://192.168.0.221:8080              #这里是master API地址
                                         #镜像地址建议创建本地容器仓库
[root@node1 ingress]# kubectl  create -f ingress-controller.yaml

3.本试行通过 nginx 容器,这里透过 ingress 做输入访问 svc

[root@node1 ingress]# kubectl create -f  ../k8s/nginx-deployment.yaml   #创建nginx容器
apiVersion: apps/v1beta2
kind: Deployment
metadata:
  name: nginx-deployment 
spec:
  replicas: 3 
  selector:
    matchLabels: 
      app: nginx
  template:
    metadata:
      labels: 
        app: nginx
    spec:
     containers:
     - name: nginx
       image: 192.168.0.221:5000/nginx:v1
       ports:
       - containerPort: 80

[root@node1 ingress]# kubectl create -f  ../k8s/nginx-service.yaml 
apiVersion: v1
kind: Service 
metadata:
  name: nginx-service 
  labels:
    app: nginx 
spec:
  ports:
  - port: 88
    targetPort: 80
  selector: 
    app: nginx

[root@node1 ingress]# kubectl create -f  ingress-nginx.yaml 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: nginxservice
spec:
  rules:
  - host: test.info
    http:
      paths:
      - path: /
        backend:
          serviceName: nginx-service
          servicePort: 80

本机写 host 文件举行走访,外部写 host 文件,指向 node ip 即可

已整整分享停止。

扫码加小助手微信,备注“领取材料”来自简书即可得到完全资料

2.用minikube
minikube是一个契合于在单机环境下搭建,它是创办出一个虚拟机来,并且Kubernetes官方好像早就告一段落对基于Docker本地运行Kubernetes的支撑,参考:https://github.com/kubernetes/minikube,
可是因为它最好要求是virtualbox作为底层虚拟化driver,而自我的bare metal
已经设置kvm了,我试了下存在争辨,所以也就不曾用这种措施开展设置。

3.用kubeadm 它是一个相比较便利安装Kubernetes
cluster的工具,我也是依据这种措施装成功的。前面会详细笔录这种艺术。

4.一步步装置
每一个组件每一个零部件举办安装,我还尚无试,可以依照:https://github.com/opsnull/follow-me-install-kubernetes-cluster,
相比较费心。

5.在此地运用第两种kubeadm安装kunbernetes集群:1.Turn off SELinuxsudo
setenforce 0sudo sed -i ‘s/enforcing/permissive/g’
/etc/selinux/config2.Turn off firewalldsudo systemctl stop firewalldsudo
systemctl disable firewalld3.Write the Kubernetes repository filecat

(这种措施首假设下载Kubernetes集群服务所需的微服务Docker镜像,同时由于FW的界定部分镜像不可能下载,这时就需要通过一些模式从境内下载或者转发后再次tag镜像名称)

[kubernetes]

name=Kubernetes

baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86\_64/

gpgcheck=0

EOF

docker pull
registry.cn-hangzhou.aliyuncs.com/k8s16/kubernetes-dashboard-amd64

docker pull
registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64:3.0

docker pull
registry.cn-hangzhou.aliyuncs.com/kube_containers/kube-proxy-amd64:v1.6.4

docker pull
registry.cn-hangzhou.aliyuncs.com/kube_containers/kube-scheduler-amd64:v1.6.4

docker pull
registry.cn-hangzhou.aliyuncs.com/google-containers/dnsmasq-metrics-amd64

docker pull
registry.cn-hangzhou.aliyuncs.com/kube_containers/k8s-dns-sidecar-amd64

vim /etc/sysctl.conf

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

net.bridge.bridge-nf-call-arptables = 1

images=(

pause-amd64:3.0

kube-proxy-amd64:v1.6.4

kube-scheduler-amd64:v1.6.4

kube-controller-manager-amd64:v1.6.4

kube-apiserver-amd64:v1.6.4

etcd-amd64:3.0.17

kube-discovery-amd64:1.0

kubedns-amd64:1.9

kube-dnsmasq-amd64:1.4

exechealthz-amd64:v1.2.0

dnsmasq-metrics-amd64:1.0

)

for imageName in ${images[@]} ; do

docker pull
registry.cn-hangzhou.aliyuncs.com/google-containers/$imageName

docker tag
registry.cn-hangzhou.aliyuncs.com/google-containers/$imageName
gcr.io/google_containers/$imageName

docker rmi
registry.cn-hangzhou.aliyuncs.com/google-containers/$imageName

done

docker pull
registry.cn-hangzhou.aliyuncs.com/kube_containers/k8s-dns-dnsmasq-nanny-amd64:1.14.1

images=(

pause-amd64:3.0

kube-proxy-amd64:v1.6.4

)

for imageName in ${images[@]} ; do

docker pull
registry.cn-hangzhou.aliyuncs.com/kube_containers/$imageName

docker tag registry.cn-hangzhou.aliyuncs.com/kube_containers/$imageName
gcr.io/google_containers/$imageName

docker rmi registry.cn-hangzhou.aliyuncs.com/kube_containers/$imageName

done

yum install -y docker kubelet kubeadm kubectl kubernetes-cni

[root@Master ~]# kubeadm init –pod-network-cidr=10.244.0.0/16

[kubeadm] WARNING: kubeadm is in beta, please do not use it for
production clusters.

[init] Using Kubernetes version: v1.6.4

[init] Using Authorization mode: RBAC

[preflight] Running pre-flight checks

[preflight] Starting the kubelet service

[certificates] Generated CA certificate and key.

[certificates] Generated API server certificate and key.

[certificates] API Server serving cert is signed for DNS names
[Master kubernetes kubernetes.default kubernetes.default.svc
kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.10.10.21]

[certificates] Generated API server kubelet client certificate and
key.

[certificates] Generated service account token signing key and public
key.

[certificates] Generated front-proxy CA certificate and key.

[certificates] Generated front-proxy client certificate and key.

[certificates] Valid certificates and keys now exist in
“/etc/kubernetes/pki”

[kubeconfig] Wrote KubeConfig file to disk:
“/etc/kubernetes/admin.conf”

[kubeconfig] Wrote KubeConfig file to disk:
“/etc/kubernetes/kubelet.conf”

[kubeconfig] Wrote KubeConfig file to disk:
“/etc/kubernetes/controller-manager.conf”

[kubeconfig] Wrote KubeConfig file to disk:
“/etc/kubernetes/scheduler.conf”

[apiclient] Created API client, waiting for the control plane to
become ready

[apiclient] All control plane components are healthy after 14.788750
seconds

[apiclient] Waiting for at least one node to register

[apiclient] First node has registered after 5.003681 seconds

[token] Using token: e3d247.ab91b712406e2ecf

[apiconfig] Created RBAC rules

[addons] Created essential addon: kube-proxy

[addons] Created essential addon: kube-dns

Your Kubernetes master has initialized successfully!

To start using your cluster, you need to run (as a regular user):

sudo cp /etc/kubernetes/admin.conf $HOME/

sudo chown $(id -u):$(id -g) $HOME/admin.conf

export KUBECONFIG=$HOME/admin.conf

You should now deploy a pod network to the cluster.

Run “kubectl apply -f [podnetwork].yaml” with one of the options
listed at:

http://kubernetes.io/docs/admin/addons/

You can now join any number of machines by running the following on each
node

as root:

kubeadm join –token e3d247.ab91b712406e2ecf 10.10.10.21:6443

docker pull
registry.cn-hangzhou.aliyuncs.com/google-containers/kubernetes-dashboard-amd64:v1.6.0

docker pull
registry.cn-hangzhou.aliyuncs.com/google-containers/kubernetes-dashboard-amd64

images=(

kubernetes-dashboard-amd64:v1.6.0

)

for imageName in ${images[@]} ; do

docker pull
registry.cn-hangzhou.aliyuncs.com/google-containers/$imageName

docker tag 
registry.cn-hangzhou.aliyuncs.com/google-containers/$imageName
gcr.io/google_containers/$imageName

docker rmi 
registry.cn-hangzhou.aliyuncs.com/google-containers/$imageName

done

相关文章