先使用 yum 安装必须得用到的 etcd 和 kubernetes 软件包
[root@localhost ~]# yum install -y etcd kubernetes
Loaded plugins: fastestmirror
base | 3.6 kB 00:00
extras | 3.4 kB 00:00
updates | 3.4 kB 00:00
(1/4): extras/7/x86_64/primary_db | 151 kB 00:00
(2/4): base/7/x86_64/group_gz | 155 kB 00:00
(3/4): updates/7/x86_64/primary_db | 4.8 MB 00:03
(4/4): base/7/x86_64/primary_db | 5.6 MB 00:04
Determining fastest mirrors
* base: mirrors.btte.net
* extras: mirrors.btte.net
* updates: mirrors.neusoft.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package etcd.x86_64 0:3.1.3-1.el7 will be installed
---> Package kubernetes.x86_64 0:1.5.2-0.5.gita552679.el7 will be installed
--> Processing Dependency: kubernetes-node = 1.5.2-0.5.gita552679.el7 for package: kubernetes-1.5.2-0.5.gita552679.el7.x86_64
--> Processing Dependency: kubernetes-master = 1.5.2-0.5.gita552679.el7 for package: kubernetes-1.5.2-0.5.gita552679.el7.x86_64
--> Running transaction check
---> Package kubernetes-master.x86_64 0:1.5.2-0.5.gita552679.el7 will be installed
--> Processing Dependency: kubernetes-client = 1.5.2-0.5.gita552679.el7 for package: kubernetes-master-1.5.2-0.5.gita552679.el7.x86_64
---> Package kubernetes-node.x86_64 0:1.5.2-0.5.gita552679.el7 will be installed
--> Processing Dependency: socat for package: kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64
--> Processing Dependency: docker for package: kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64
--> Processing Dependency: conntrack-tools for package: kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64
--> Running transaction check
---> Package conntrack-tools.x86_64 0:1.4.3-1.el7 will be installed
--> Processing Dependency: libnetfilter_cttimeout.so.1(LIBNETFILTER_CTTIMEOUT_1.1)(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64
--> Processing Dependency: libnetfilter_cttimeout.so.1(LIBNETFILTER_CTTIMEOUT_1.0)(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64
--> Processing Dependency: libnetfilter_cthelper.so.0(LIBNETFILTER_CTHELPER_1.0)(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64
--> Processing Dependency: libnetfilter_queue.so.1()(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64
--> Processing Dependency: libnetfilter_cttimeout.so.1()(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64
--> Processing Dependency: libnetfilter_cthelper.so.0()(64bit) for package: conntrack-tools-1.4.3-1.el7.x86_64
---> Package docker.x86_64 2:1.12.6-16.el7.centos will be installed
--> Processing Dependency: docker-common = 2:1.12.6-16.el7.centos for package: 2:docker-1.12.6-16.el7.centos.x86_64
--> Processing Dependency: docker-client = 2:1.12.6-16.el7.centos for package: 2:docker-1.12.6-16.el7.centos.x86_64
--> Processing Dependency: oci-systemd-hook >= 1:0.1.4-9 for package: 2:docker-1.12.6-16.el7.centos.x86_64
--> Processing Dependency: oci-register-machine >= 1:0-3.10 for package: 2:docker-1.12.6-16.el7.centos.x86_64
--> Processing Dependency: container-selinux >= 2:2.10-2 for package: 2:docker-1.12.6-16.el7.centos.x86_64
--> Processing Dependency: skopeo-containers for package: 2:docker-1.12.6-16.el7.centos.x86_64
--> Processing Dependency: libseccomp.so.2()(64bit) for package: 2:docker-1.12.6-16.el7.centos.x86_64
---> Package kubernetes-client.x86_64 0:1.5.2-0.5.gita552679.el7 will be installed
---> Package socat.x86_64 0:1.7.2.2-5.el7 will be installed
--> Running transaction check
---> Package container-selinux.noarch 2:2.10-2.el7 will be installed
--> Processing Dependency: policycoreutils-python for package: 2:container-selinux-2.10-2.el7.noarch
---> Package docker-client.x86_64 2:1.12.6-16.el7.centos will be installed
---> Package docker-common.x86_64 2:1.12.6-16.el7.centos will be installed
---> Package libnetfilter_cthelper.x86_64 0:1.0.0-9.el7 will be installed
---> Package libnetfilter_cttimeout.x86_64 0:1.0.0-6.el7 will be installed
---> Package libnetfilter_queue.x86_64 0:1.0.2-1.el7 will be installed
---> Package libseccomp.x86_64 0:2.3.1-2.el7 will be installed
---> Package oci-register-machine.x86_64 1:0-3.11.gitdd0daef.el7 will be installed
---> Package oci-systemd-hook.x86_64 1:0.1.7-2.git2788078.el7 will be installed
--> Processing Dependency: libyajl.so.2()(64bit) for package: 1:oci-systemd-hook-0.1.7-2.git2788078.el7.x86_64
---> Package skopeo-containers.x86_64 1:0.1.18-1.el7 will be installed
--> Running transaction check
---> Package policycoreutils-python.x86_64 0:2.5-11.el7_3 will be installed
--> Processing Dependency: setools-libs >= 3.3.8-1 for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libsemanage-python >= 2.5-5 for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: audit-libs-python >= 2.1.3-4 for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: python-IPy for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.4)(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libcgroup for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: checkpolicy for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libqpol.so.1()(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64
--> Processing Dependency: libapol.so.4()(64bit) for package: policycoreutils-python-2.5-11.el7_3.x86_64
---> Package yajl.x86_64 0:2.0.4-4.el7 will be installed
--> Running transaction check
---> Package audit-libs-python.x86_64 0:2.6.5-3.el7_3.1 will be installed
---> Package checkpolicy.x86_64 0:2.5-4.el7 will be installed
---> Package libcgroup.x86_64 0:0.41-11.el7 will be installed
---> Package libsemanage-python.x86_64 0:2.5-5.1.el7_3 will be installed
---> Package python-IPy.noarch 0:0.75-6.el7 will be installed
---> Package setools-libs.x86_64 0:3.3.8-1.1.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository
Size
================================================================================
Installing:
etcd x86_64 3.1.3-1.el7 extras 7.3 M
kubernetes x86_64 1.5.2-0.5.gita552679.el7 extras 36 k
Installing for dependencies:
audit-libs-python x86_64 2.6.5-3.el7_3.1 updates 70 k
checkpolicy x86_64 2.5-4.el7 base 290 k
conntrack-tools x86_64 1.4.3-1.el7 base 175 k
container-selinux noarch 2:2.10-2.el7 extras 28 k
docker x86_64 2:1.12.6-16.el7.centos extras 14 M
docker-client x86_64 2:1.12.6-16.el7.centos extras 3.2 M
docker-common x86_64 2:1.12.6-16.el7.centos extras 72 k
kubernetes-client x86_64 1.5.2-0.5.gita552679.el7 extras 14 M
kubernetes-master x86_64 1.5.2-0.5.gita552679.el7 extras 25 M
kubernetes-node x86_64 1.5.2-0.5.gita552679.el7 extras 14 M
libcgroup x86_64 0.41-11.el7 base 65 k
libnetfilter_cthelper x86_64 1.0.0-9.el7 base 18 k
libnetfilter_cttimeout x86_64 1.0.0-6.el7 base 18 k
libnetfilter_queue x86_64 1.0.2-1.el7 base 23 k
libseccomp x86_64 2.3.1-2.el7 base 56 k
libsemanage-python x86_64 2.5-5.1.el7_3 updates 104 k
oci-register-machine x86_64 1:0-3.11.gitdd0daef.el7 extras 1.0 M
oci-systemd-hook x86_64 1:0.1.7-2.git2788078.el7 extras 30 k
policycoreutils-python x86_64 2.5-11.el7_3 updates 445 k
python-IPy noarch 0.75-6.el7 base 32 k
setools-libs x86_64 3.3.8-1.1.el7 base 612 k
skopeo-containers x86_64 1:0.1.18-1.el7 extras 7.6 k
socat x86_64 1.7.2.2-5.el7 base 255 k
yajl x86_64 2.0.4-4.el7 base 39 k
Transaction Summary
================================================================================
Install 2 Packages (+24 Dependent packages)
Total download size: 81 M
Installed size: 401 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/updates/packages/audit-libs-python-2.6.5-3.el7_3.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for audit-libs-python-2.6.5-3.el7_3.1.x86_64.rpm is not installed
(1/26): audit-libs-python-2.6.5-3.el7_3.1.x86_64.rpm | 70 kB 00:00
Public key for container-selinux-2.10-2.el7.noarch.rpm is not installed-:-- ETA
(2/26): container-selinux-2.10-2.el7.noarch.rpm | 28 kB 00:00
Public key for conntrack-tools-1.4.3-1.el7.x86_64.rpm is not installed
(3/26): conntrack-tools-1.4.3-1.el7.x86_64.rpm | 175 kB 00:00
(4/26): checkpolicy-2.5-4.el7.x86_64.rpm | 290 kB 00:00
(5/26): docker-common-1.12.6-16.el7.centos.x86_64.rpm | 72 kB 00:00
(6/26): kubernetes-1.5.2-0.5.gita552679.el7.x86_64.rpm | 36 kB 00:00
(7/26): docker-client-1.12.6-16.el7.centos.x86_64.rpm | 3.2 MB 00:03
(8/26): kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64.rp | 14 MB 00:14
(9/26): libcgroup-0.41-11.el7.x86_64.rpm | 65 kB 00:00
(10/26): libnetfilter_cthelper-1.0.0-9.el7.x86_64.rpm | 18 kB 00:00
(11/26): libnetfilter_cttimeout-1.0.0-6.el7.x86_64.rpm | 18 kB 00:00
(12/26): libnetfilter_queue-1.0.2-1.el7.x86_64.rpm | 23 kB 00:00
(13/26): libseccomp-2.3.1-2.el7.x86_64.rpm | 56 kB 00:00
(14/26): libsemanage-python-2.5-5.1.el7_3.x86_64.rpm | 104 kB 00:00
(15/26): oci-register-machine-0-3.11.gitdd0daef.el7.x86_64 | 1.0 MB 00:01
(16/26): oci-systemd-hook-0.1.7-2.git2788078.el7.x86_64.rp | 30 kB 00:00
(17/26): policycoreutils-python-2.5-11.el7_3.x86_64.rpm | 445 kB 00:00
(18/26): python-IPy-0.75-6.el7.noarch.rpm | 32 kB 00:00
(19/26): setools-libs-3.3.8-1.1.el7.x86_64.rpm | 612 kB 00:00
(20/26): skopeo-containers-0.1.18-1.el7.x86_64.rpm | 7.6 kB 00:00
(21/26): socat-1.7.2.2-5.el7.x86_64.rpm | 255 kB 00:00
(22/26): yajl-2.0.4-4.el7.x86_64.rpm | 39 kB 00:00
(23/26): etcd-3.1.3-1.el7.x86_64.rpm | 7.3 MB 00:25
(24/26): docker-1.12.6-16.el7.centos.x86_64.rpm | 14 MB 00:26
(25/26): kubernetes-client-1.5.2-0.5.gita552679.el7.x86_64 | 14 MB 00:26
(26/26): kubernetes-master-1.5.2-0.5.gita552679.el7.x86_64 | 25 MB 00:37
--------------------------------------------------------------------------------
Total 2.1 MB/s | 81 MB 00:39
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) "
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package : centos-release-7-3.1611.el7.centos.x86_64 (@anaconda)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : kubernetes-client-1.5.2-0.5.gita552679.el7.x86_64 1/26
Installing : 2:docker-common-1.12.6-16.el7.centos.x86_64 2/26
Installing : 2:docker-client-1.12.6-16.el7.centos.x86_64 3/26
Installing : kubernetes-master-1.5.2-0.5.gita552679.el7.x86_64 4/26
Installing : setools-libs-3.3.8-1.1.el7.x86_64 5/26
Installing : checkpolicy-2.5-4.el7.x86_64 6/26
Installing : libcgroup-0.41-11.el7.x86_64 7/26
Installing : audit-libs-python-2.6.5-3.el7_3.1.x86_64 8/26
Installing : 1:skopeo-containers-0.1.18-1.el7.x86_64 9/26
Installing : yajl-2.0.4-4.el7.x86_64 10/26
Installing : 1:oci-systemd-hook-0.1.7-2.git2788078.el7.x86_64 11/26
Installing : socat-1.7.2.2-5.el7.x86_64 12/26
Installing : python-IPy-0.75-6.el7.noarch 13/26
Installing : libnetfilter_queue-1.0.2-1.el7.x86_64 14/26
Installing : libsemanage-python-2.5-5.1.el7_3.x86_64 15/26
Installing : policycoreutils-python-2.5-11.el7_3.x86_64 16/26
Installing : 2:container-selinux-2.10-2.el7.noarch 17/26
Installing : 1:oci-register-machine-0-3.11.gitdd0daef.el7.x86_64 18/26
Installing : libnetfilter_cthelper-1.0.0-9.el7.x86_64 19/26
Installing : libnetfilter_cttimeout-1.0.0-6.el7.x86_64 20/26
Installing : conntrack-tools-1.4.3-1.el7.x86_64 21/26
Installing : libseccomp-2.3.1-2.el7.x86_64 22/26
Installing : 2:docker-1.12.6-16.el7.centos.x86_64 23/26
Installing : kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64 24/26
Installing : kubernetes-1.5.2-0.5.gita552679.el7.x86_64 25/26
Installing : etcd-3.1.3-1.el7.x86_64 26/26
Verifying : libseccomp-2.3.1-2.el7.x86_64 1/26
Verifying : libnetfilter_cttimeout-1.0.0-6.el7.x86_64 2/26
Verifying : policycoreutils-python-2.5-11.el7_3.x86_64 3/26
Verifying : libnetfilter_cthelper-1.0.0-9.el7.x86_64 4/26
Verifying : 1:oci-register-machine-0-3.11.gitdd0daef.el7.x86_64 5/26
Verifying : libsemanage-python-2.5-5.1.el7_3.x86_64 6/26
Verifying : libnetfilter_queue-1.0.2-1.el7.x86_64 7/26
Verifying : 2:container-selinux-2.10-2.el7.noarch 8/26
Verifying : python-IPy-0.75-6.el7.noarch 9/26
Verifying : 2:docker-common-1.12.6-16.el7.centos.x86_64 10/26
Verifying : socat-1.7.2.2-5.el7.x86_64 11/26
Verifying : 2:docker-1.12.6-16.el7.centos.x86_64 12/26
Verifying : yajl-2.0.4-4.el7.x86_64 13/26
Verifying : 2:docker-client-1.12.6-16.el7.centos.x86_64 14/26
Verifying : kubernetes-node-1.5.2-0.5.gita552679.el7.x86_64 15/26
Verifying : 1:skopeo-containers-0.1.18-1.el7.x86_64 16/26
Verifying : 1:oci-systemd-hook-0.1.7-2.git2788078.el7.x86_64 17/26
Verifying : audit-libs-python-2.6.5-3.el7_3.1.x86_64 18/26
Verifying : etcd-3.1.3-1.el7.x86_64 19/26
Verifying : kubernetes-1.5.2-0.5.gita552679.el7.x86_64 20/26
Verifying : libcgroup-0.41-11.el7.x86_64 21/26
Verifying : conntrack-tools-1.4.3-1.el7.x86_64 22/26
Verifying : checkpolicy-2.5-4.el7.x86_64 23/26
Verifying : kubernetes-client-1.5.2-0.5.gita552679.el7.x86_64 24/26
Verifying : kubernetes-master-1.5.2-0.5.gita552679.el7.x86_64 25/26
Verifying : setools-libs-3.3.8-1.1.el7.x86_64 26/26
Installed:
etcd.x86_64 0:3.1.3-1.el7 kubernetes.x86_64 0:1.5.2-0.5.gita552679.el7
Dependency Installed:
audit-libs-python.x86_64 0:2.6.5-3.el7_3.1
checkpolicy.x86_64 0:2.5-4.el7
conntrack-tools.x86_64 0:1.4.3-1.el7
container-selinux.noarch 2:2.10-2.el7
docker.x86_64 2:1.12.6-16.el7.centos
docker-client.x86_64 2:1.12.6-16.el7.centos
docker-common.x86_64 2:1.12.6-16.el7.centos
kubernetes-client.x86_64 0:1.5.2-0.5.gita552679.el7
kubernetes-master.x86_64 0:1.5.2-0.5.gita552679.el7
kubernetes-node.x86_64 0:1.5.2-0.5.gita552679.el7
libcgroup.x86_64 0:0.41-11.el7
libnetfilter_cthelper.x86_64 0:1.0.0-9.el7
libnetfilter_cttimeout.x86_64 0:1.0.0-6.el7
libnetfilter_queue.x86_64 0:1.0.2-1.el7
libseccomp.x86_64 0:2.3.1-2.el7
libsemanage-python.x86_64 0:2.5-5.1.el7_3
oci-register-machine.x86_64 1:0-3.11.gitdd0daef.el7
oci-systemd-hook.x86_64 1:0.1.7-2.git2788078.el7
policycoreutils-python.x86_64 0:2.5-11.el7_3
python-IPy.noarch 0:0.75-6.el7
setools-libs.x86_64 0:3.3.8-1.1.el7
skopeo-containers.x86_64 1:0.1.18-1.el7
socat.x86_64 0:1.7.2.2-5.el7
yajl.x86_64 0:2.0.4-4.el7
Complete!
因为我们要使用单机模式,所以我们直接忽略掉认证相关设置,把置文件中的 KUBE_ADMISSION_CONTROL 整行注释掉
[root@localhost ~]# vi /etc/kubernetes/apiserver
#KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
然后启动 kubernetes 需要用到的服务
[root@localhost ~]# systemctl enable docker etcd kube-apiserver kube-controller-manager kubelet kube-proxy kube-scheduler Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service. Created symlink from /etc/systemd/system/multi-user.target.wants/etcd.service to /usr/lib/systemd/system/etcd.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kube-apiserver.service to /usr/lib/systemd/system/kube-apiserver.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kube-controller-manager.service to /usr/lib/systemd/system/kube-controller-manager.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kube-proxy.service to /usr/lib/systemd/system/kube-proxy.service. Created symlink from /etc/systemd/system/multi-user.target.wants/kube-scheduler.service to /usr/lib/systemd/system/kube-scheduler.service.
[root@localhost ~]# systemctl start docker etcd kube-apiserver kube-controller-manager kubelet kube-proxy kube-scheduler
服务器启动后,我们提前把需要用到的镜象拽回来,否则因为各种网络问题,容器可能一直无法启动,你又不知道卡在哪里,提前拽回来可以让你更好地测试:
[root@localhost ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... latest: Pulling from registry.access.redhat.com/rhel7/pod-infrastructure 8642dd241e54: Pull complete fdd633d880f7: Pull complete 6ea7bc2439fd: Pull complete Digest: sha256:ae5d6d5a449f08b1900cda611bc7554059850993c8ff9ee485b558f3c56e033e
[root@localhost ~]# docker pull nginx:alpine Trying to pull repository docker.io/library/nginx ... alpine: Pulling from docker.io/library/nginx Digest: sha256:33eb1ed1e802d4f71e52421f56af028cdf12bb3bfff5affeaf5bf0e328ffa1bc
然后启动 nginx:alpine 容器
[root@localhost ~]# kubectl run nginx --image=nginx:alpine deployment "nginx" created
[root@localhost ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-738041155-jqbcz 1/1 Running 0 1m
再让 nginx 服务对外暴露
[root@localhost ~]# kubectl expose deployment nginx --type=NodePort --port=80 service "nginx" exposed
[root@localhost ~]# kubectl get services NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes 10.254.0.1443/TCP 1h nginx 10.254.199.2 80:30837/TCP 2m
可以看到分配到的集群 IP 是 10.254.199.2
[root@localhost ~]# curl http://10.254.199.2
Welcome to nginx!
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.
For online documentation and support please refer to
nginx.org.
Commercial support is available at
nginx.com.
Thank you for using nginx.
可以看到 nginx 的欢迎页面了,部署成功!