Kubernetes云平臺部署
注意事項:
1、Linux系統CentOS_7.5.1804系統,并保持網路通暢
2、docker的版本是Docker 18.09
3、硬體配置:2GB或更多RAM,2個CPU或更多CPU,硬碟30GB或更多
4、注重細節,命令不要用錯了
準備:
兩個節點,一個做 master 節點(我的是10.30.59.248),一個做 node節點(10.30.59.188)
還有兩個壓縮包K8S.tar.gz和Docker.tar.gz 兩個壓縮包大小都在1G以上
開始安裝:
一、修改主機名,并做好主機映射
master節點:
[root@master ~]# hostnamectl set-hostname master
[root@master ~]# bash
node節點
[root@node ~]# hostnamectl set-hostname node
[root@node ~]# bash
兩節點都要添加主機映射
[root@master ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localh
ost4.localdomain4
::1 localhost localhost.localdomain localhost6 localh
ost6.localdomain6
10.30.59.248 master
10.30.59.249 node
二、所有節點配置防火墻及SELinux
master節點和node節點
[root@master ~]# systemctl stop firewalld
[root@master ~]# systemctl disable firewalld
[root@master ~]# setenforce 0
setenforce: SELinux is disabled
[root@master ~]# iptables -F
[root@master ~]# iptables -X
[root@master ~]# iptables -Z
[root@master ~]# iptables-save
# Generated by iptables-save v1.4.21 on Tue Jun 8 19:23:34 2021
*nat
:PREROUTING ACCEPT [39:6713]
:INPUT ACCEPT [37:6529]
:OUTPUT ACCEPT [61:3958]
:POSTROUTING ACCEPT [61:3958]
:DOCKER - [0:0]
-A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
-A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
-A DOCKER -i docker0 -j RETURN
COMMIT
# Completed on Tue Jun 8 19:23:34 2021
# Generated by iptables-save v1.4.21 on Tue Jun 8 19:23:34 2021
*filter
:INPUT ACCEPT [20:1320]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [11:1028]
COMMIT
# Completed on Tue Jun 8 19:23:34 2021
[root@master ~]#
三、配好yum源使用剛剛上傳的K8S.tar.gz和Docker.tar.gz做yum源
1、把兩個壓縮包解壓到/opt/下
master節點:
[root@master ~]# ls
anaconda-ks.cfg K8S.tar.gz
Docker.tar.gz nginx-1.9.6.tar.gz
[root@master ~]# tar -zxvf Docker.tar.gz -C /opt/
[root@master ~]# tar -zxvf K8S.tar.gz -C /opt/
確保每個解壓后再/opt/下有這個目錄,并且目錄下有repodata這個目錄才是我們想要的yum源目錄,
2、兩個壓縮包都解壓后,把它寫入yum源
master節點:
[root@master ~]# vim /etc/yum.repos.d/local.repo
[docker]
name=docker
baseurl=file:///opt/Docker/
gpgcheck=0
enabled=1
[k8s]
name=k8s
baseurl=file:///opt/Kubernetes/
gpgcheck=0
enabled=1
3、清除快取,重新加載看一下有沒有這兩個源
master節點:
[root@master ~]# yum clean all
[root@master ~]# yum repolist
已加載插件:fastestmirror
Determining fastest mirrors
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.163.com
base | 3.6 kB 00:00
docker | 2.9 kB 00:00
extras | 2.9 kB 00:00
k8s | 2.9 kB 00:00
updates | 2.9 kB 00:00
(1/6): docker/primary_db | 851 kB 00:00
(2/6): k8s/primary_db | 851 kB 00:00
(3/6): extras/7/x86_64/primary_db | 236 kB 00:00
(4/6): base/7/x86_64/group_gz | 153 kB 00:01
(5/6): base/7/x86_64/primary_db | 6.1 MB 00:03
(6/6): updates/7/x86_64/primary_db | 8.0 MB 00:06
源標識 源名稱 狀態
base/7/x86_64 CentOS-7 - Base 10,072
docker docker 463
extras/7/x86_64 CentOS-7 - Extras 476
k8s k8s 463
updates/7/x86_64 CentOS-7 - Updates 2,189
repolist: 13,663
可以看到有了docker 和 k8s
4、安裝ftp,使得兩個節點能共用一個資源,然后開啟并設定開機自啟
master節點:
[root@master ~]# yum install vsftpd -y
[root@master ~]# vim /etc/vsftpd/vsftpd.conf
## 添加
anon_root=/opt/
[root@master ~]# systemctl start vsftpd
[root@master ~]# systemctl enable vsftpd
5、配置node節點也能夠使用這個節點,配置node節點yum源
node節點:
[root@node ~]# vim /etc/yum.repos.d/local.repo
[docker]
name=docker
baseurl=ftp://10.30.59.248/Docker/
gpgcheck=0
enabled=1
[k8s]
name=k8s
baseurl=ftp://10.30.59.248/Kubernetes/
gpgcheck=0
enabled=1
~
~
~
~
~
~
<yum.repos.d/local.repo" 10L, 152C written
[root@node ~]# yum clean all
[root@node ~]# yum repolist
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.163.com
base | 3.6 kB 00:00
docker | 2.9 kB 00:00
extras | 2.9 kB 00:00
k8s | 2.9 kB 00:00
updates | 2.9 kB 00:00
(1/6): docker/primary_db | 851 kB 00:00
(2/6): k8s/primary_db | 851 kB 00:00
(3/6): base/7/x86_64/primary_db | 6.1 MB 00:00
(4/6): updates/7/x86_64/primary_db | 8.0 MB 00:00
(5/6): extras/7/x86_64/primary_db | 242 kB 00:00
(6/6): base/7/x86_64/group_gz | 153 kB 00:02
repo id repo name status
base/7/x86_64 CentOS-7 - Base 10,072
docker docker 463
extras/7/x86_64 CentOS-7 - Extras 498
k8s k8s 463
updates/7/x86_64 CentOS-7 - Updates 2,189
repolist: 13,685
四、所有節點升級系統內核
[root@master ~]# yum upgrade -y
然后重啟
[root@master ~]# reboot
五、所有節點關閉Swap
Kubernetes的想法是將實體緊密包裝到盡可能接近100%,所有的部署應該與CPU和記憶體限制固定在一起, 所以如果調度程式發送一個Pod到一臺機器,它不應該使用交換,設計者不想交換,因為它會減慢速度,所以關閉Swap主要是為了性能考慮,
[root@master ~]# swapoff -a
[root@master ~]# sed -i "s/\/dev\/mapper\/centos-swap/\#\/dev\/mapper\/centos-swap/g" /etc/fstab
六、配置時間同步
1、所有節點安裝chrony服務
[root@master ~]# yum install -y chrony
2、master節點修改/etc/chrony.conf檔案,注釋默認NTP服務器,指定上游公共NTP服務器,并允許其他節點同步時間,
master節點重啟chronyd服務并設為開機啟動,開啟網路時間同步功能,
[root@master ~]# sed -i 's/^server/#&/' /etc/chrony.conf
[root@master ~]# cat >> /etc/chrony.conf << EOF
> local stratum 10
> server master iburst
> allow all
> EOF
[root@master ~]# systemctl enable chronyd && systemctl restart chronyd
[root@master ~]# timedatectl set-ntp true
3、node節點修改/etc/chrony.conf檔案,指定內網master節點為上游NTP服務器,重啟服務并設為開機啟動,
[root@node ~]# sed -i 's/^server/#&/' /etc/chrony.conf
[root@node ~]# echo server 10.30.59.248 iburst >> /etc/chrony.conf
[root@node ~]# systemctl enable chronyd && systemctl restart chronyd
4、所有節點執行chronyc sources命令,查詢結果中如果存在以“^*”開頭的行,即說明已經同步成功,
[root@node ~]# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample ==============================================================================
^* master 3 6 17 40 -5130ns[ -73us] +/- 43ms
七、配置路由轉發
由于IPVS已經加入到了內核的主干,所以為kube-proxy開啟IPVS的前提需要加載以下的內核模塊
所有節點都執行以下操作
[root@master ~]# cat << EOF | tee /etc/sysctl.d/k8s.conf
> net.ipv4.ip_forward = 1
> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> EOF
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
[root@master ~]# modprobe br_netfilter
[root@master ~]# sysctl -p /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
八、配置IPVS
由于IPVS已經加入到了內核的主干,所以為kube-proxy開啟IPVS的前提需要加載以下的內核模塊,
在所有節點執行以下操作
[root@master ~]# cat > /etc/sysconfig/modules/ipvs.modules <<EOF
> #!/bin/bash
> modprobe -- ip_vs
> modprobe -- ip_vs_rr
> modprobe -- ip_vs_wrr
> modprobe -- ip_vs_sh
> modprobe -- nf_conntrack_ipv4
> EOF
[root@master ~]# chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
ip_vs_sh 12688 0
ip_vs_wrr 12697 0
ip_vs_rr 12600 0
ip_vs 145458 6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
nf_conntrack_ipv4 15053 2
nf_defrag_ipv4 12729 1 nf_conntrack_ipv4
nf_conntrack 139264 7 ip_vs,nf_nat,nf_nat_ipv4,xt_conntrack,nf_nat_masquerade_ipv4,nf_conntrack_netlink,nf_conntrack_ipv4
libcrc32c 12644 4 xfs,ip_vs,nf_nat,nf_conntrack
上面腳本創建了/etc/sysconfig/modules/ipvs.modules檔案,保證在節點重啟后能自動加載所需模塊,使用lsmod | grep -e ip_vs -e nf_conntrack_ipv4命令查看是否已經正確加載所需的內核模塊,
所有節點安裝ipset軟體包,
[root@master ~]# yum install ipset ipvsadm -y
八、安裝docker
Kubernetes默認的容器運行時仍然是Docker,使用的是Kubelet中內置dockershim CRI實作,需要注意的是,由于在Kubernetes1.14的版本中,支持的版本有 1.13.1、 17.03、17.06、17.09、18.06和 18.09,所以這里統一使用Docker 18.09,
所有節點配置Docker Yum源并安裝Docker,啟動Docker引擎并設定開機自啟,
前面我們已經配置了Docker Yum源,之間安裝即可
所有節點都執行以下操作:
1、安裝docker
[root@master ~]# yum install docker-ce -y
2、開啟并設定開機自啟
[root@master ~]# systemctl start docker && systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /etc/systemd/system/docker.service.
3、查看版本和docker的基本資訊
[root@master ~]# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 18.09.6
4、配置docker
[root@master ~]# tee /etc/docker/daemon.json <<-'EOF'
> {
> "exec-opts": ["native.cgroupdriver=systemd"]
> }
> EOF
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
[root@master ~]# systemctl daemon-reload
[root@master ~]# systemctl restart docker
[root@master ~]# systemctl enable docker
5、執行kubernetes的腳本
[root@master ~]# cd /opt/
[root@master opt]# ls
containerd images jdk kubernetes_base.sh
Docker image.sh Kubernetes yaml
[root@master opt]# ./kubernetes_base.sh
[root@master opt]# docker info |grep Cgroup
Cgroup Driver: systemd
九、安裝Kubernetes集群
如果想使用網路源可以配置網路yum源,如果不像使用,直接跳過即可,我們之前配置的本地k8s的源也可以用,
[root@master ~]# vi /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
1、安裝工具
Kubelet負責與其他節點集群通信,并進行本節點Pod和容器生命周期的管理,Kubeadm是Kubernetes的自動化部署工具,降低了部署難度,提高效率,Kubectl是Kubernetes集群管理工具,
所有節點安裝Kubernetes工具并啟動Kubelet,
[root@master opt]# yum install -y kubelet-1.14.1 kubeadm-1.14.1 kubectl-1.14.1
[root@master opt]# systemctl enable kubelet && systemctl start kubelet
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
2、初始化Kubernetes集群
登錄master節點,初始化Kubernetes集群,
看清楚!只有master節點初始化
[root@master opt]# kubeadm init --apiserver-advertise-address 10.30.59.248 --kubernetes-version="v1.14.1" --pod-network-cidr=10.16.0.0/16 --image-repository=registry.aliyuncs.com/google_containers
[init] Using Kubernetes version: v1.14.1
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Activating the kubelet service
......
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.30.59.248:6443 --token 74b6kp.otq90uvs81tdqy7w \
--discovery-token-ca-cert-hash sha256:fc61b647bde3cde7ac2030cb91ddce4f88a94ce95fe369396bb355f7c8810387
初始化操作主要經歷了下面15個步驟,每個階段均輸出均使用[步驟名稱]作為開頭:
① [init]:指定版本進行初始化操作,
② [preflight]:初始化前的檢查和下載所需要的Docker鏡像文,,
③ [kubelet-start]:生成Kubelet的組態檔/var/lib/kubelet/config.yaml,沒有這個檔案Kubelet無法啟動,所以初始化之前的Kubelet實際上啟動失敗,
④ [certificates]:生成Kubernetes使用的證書,存放在/etc/kubernetes/pki目錄中,
⑤ [kubeconfig]:生成KubeConfig檔案,存放在/etc/kubernetes目錄中,組件之間通信需要使用對應檔案,
⑥ [control-plane]:使用/etc/kubernetes/manifest目錄下的YAML檔案,安裝Master組件,
⑦ [etcd]:使用/etc/kubernetes/manifest/etcd.yaml安裝Etcd服務,
⑧ [wait-control-plane]:等待control-plan部署的Master組件啟動,
⑨ [apiclient]:檢查Master組件服務狀態,
⑩ [uploadconfig]:更新配置,
○11 [kubelet]:使用configMap配置Kubelet,
○12 [patchnode]:更新CNI資訊到Node上,通過注釋的方式記錄,
○13 [mark-control-plane]:為當前節點打標簽,打了角色Master,和不可調度標簽,這樣默認就不會使用Master節點來運行Pod,
○14 [bootstrap-token]:生成的Token需要記錄下來,后面使用kubeadm join命令往集群中添加節點時會用到,
○15 [addons]:安裝附加組件CoreDNS和kube-proxy,
Kubectl默認會在執行的用戶home目錄下面的.kube目錄下尋找config檔案,配置kubectl工具,
○12 [patchnode]:更新CNI資訊到Node上,通過注釋的方式記錄,
○13 [mark-control-plane]:為當前節點打標簽,打了角色Master,和不可調度標簽,這樣默認就不會使用Master節點來運行Pod,
○14 [bootstrap-token]:生成的Token需要記錄下來,后面使用kubeadm join命令往集群中添加節點時會用到,
○15 [addons]:安裝附加組件CoreDNS和kube-proxy,
3、如圖,Kubectl默認會在執行的用戶home目錄下面的.kube目錄下尋找config檔案,配置kubectl工具
所以要執行①框里的命令,而②框里,–token后面的都要在別的節點加入集群的時候使用,
master節點執行執行①框里的命令
[root@master ~]# mkdir -p $HOME/.kube
[root@master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
4、查看集群狀態
[root@master ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health":"true"}
可以看到都是健康的
5、配置Kubernetes網路
登錄Master節點,將提供的kube-flannel.yml檔案上傳至Master節點root目錄,使用kubectl apply命令安裝網路,
在原先解壓的壓縮包里,有這個檔案,所有在/opt/yaml/下可以找到
[root@master yaml]# ls
dashboard-adminuser.yaml kubia.yaml
kube-flannel.yaml kuboard.yaml
kubernetes-dashboard.yaml
[root@master yaml]# kubectl apply -f kube-flannel.yaml
podsecuritypolicy.policy/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds-amd64 created
daemonset.apps/kube-flannel-ds-arm64 created
daemonset.apps/kube-flannel-ds-arm created
daemonset.apps/kube-flannel-ds-ppc64le created
daemonset.apps/kube-flannel-ds-s390x created
[root@master yaml]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-8686dcc4fd-64s94 0/1 Pending 0 6m42s
coredns-8686dcc4fd-rwt2p 0/1 Pending 0 6m42s
etcd-master 1/1 Running 0 5m59s
kube-apiserver-master 1/1 Running 0 5m48s
kube-controller-manager-master 1/1 Running 0 5m37s
kube-flannel-ds-amd64-k49cz 1/1 Running 0 12s
kube-proxy-jpfj2 1/1 Running 0 6m42s
kube-scheduler-master 1/1 Running 0 5m38s
6、Node節點加入集群
登錄Node節點,使用kubeadm join命令將Node節點加入集群
–token 和后面的是我們master初始化是的令牌,IP地址是master的
[root@node opt]# kubeadm join 10.30.59.248:6443 --token 74b6kp.otq90uvs81tdqy7w --discovery-token-ca-cert-hash sha256:fc61b647bde3cde7ac2030cb91ddce4f88a94ce95fe369396bb355f7c8810387
登錄Master節點,檢查各節點狀態
[root@master yaml]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready master 11m v1.14.1
node Ready <none> 94s v1.14.1
7、安裝Dashboard
將提供的kubernetes-dashboard.yaml和dashboard-adminuser.yaml檔案上傳至Master節點root目錄,使用kubectl apply命令安裝Dashboard
[root@master yaml]# ls
dashboard-adminuser.yaml kubia.yaml
kube-flannel.yaml kuboard.yaml
kubernetes-dashboard.yaml
[root@master yaml]# kubectl apply -f kubernetes-dashboard.yaml
secret/kubernetes-dashboard-certs created
serviceaccount/kubernetes-dashboard created
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
deployment.apps/kubernetes-dashboard created
service/kubernetes-dashboard created
[root@master yaml]# kubectl create -f dashboard-adminuser.yaml
serviceaccount/kubernetes-dashboard-admin created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-admin created
檢查所有Pod狀態
[root@master yaml]# kubectl get pods --all-namespaces -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-system coredns-8686dcc4fd-64s94 1/1 Running 0 13m 10.16.0.3 master <none> <none>
kube-system coredns-8686dcc4fd-rwt2p 1/1 Running 0 13m 10.16.0.2 master <none> <none>
kube-system etcd-master 1/1 Running 0 13m 10.30.59.248 master <none> <none>
kube-system kube-apiserver-master 1/1 Running 0 13m 10.30.59.248 master <none> <none>
kube-system kube-controller-manager-master 1/1 Running 0 12m 10.30.59.248 master <none> <none>
kube-system kube-flannel-ds-amd64-9np9n 1/1 Running 0 4m11s 10.30.59.188 node <none> <none>
kube-system kube-flannel-ds-amd64-k49cz 1/1 Running 0 7m29s 10.30.59.248 master <none> <none>
kube-system kube-proxy-jpfj2 1/1 Running 0 13m 10.30.59.248 master <none> <none>
kube-system kube-proxy-xstzj 1/1 Running 0 4m11s 10.30.59.188 node <none> <none>
kube-system kube-scheduler-master 1/1 Running 0 12m 10.30.59.248 master <none> <none>
kube-system kubernetes-dashboard-5f7b999d65-nb2s6 1/1 Running 0 78s 10.16.1.2 node <none> <none>
8、瀏覽器訪問
通過命令檢查到kubernetes-dashboard被調度到Node節點運行,通過Firefox瀏覽器中輸入Node節點地址(Master也可以訪問)https://10.30.59.188:30000,即可訪問Kubernetes Dashboard,如圖所示,
單擊“高級”→“接受風險并繼續”按鈕,即可進入Kubernetes Dasboard認證界面,如圖所示
登錄Kubernetes Dasboard需要輸入令牌,通過以下命令獲取訪問Dashboard的認證令牌
[root@master yaml]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kubernetes-dashboard-admin-token | awk '{print $1}')
Name: kubernetes-dashboard-admin-token-8rssw
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: kubernetes-dashboard-admin
kubernetes.io/service-account.uid: 2e676ee8-c894-11eb-9d4f-005056a0b70c
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC1hZG1pbi10b2tlbi04cnNzdyIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjJlNjc2ZWU4LWM4OTQtMTFlYi05ZDRmLTAwNTA1NmEwYjcwYyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJlcm5ldGVzLWRhc2hib2FyZC1hZG1pbiJ9.l-54-mczoAwzILCY8MO0swl-rc8zjZaSNIP3423MdF2qOC4CFRRkqkxhjkXzNah-j790AW1NGRNz9QC-GRTRQfZhvtFjNSMKWrdMEet-SF6TWZMOlT46JVHdvKLLmPNZYJRC2eRRbK2NcD_zyi9IWH2j9ydLixzerTWb2c-owLWp04TZZ_bGsr0_w2xfREjQwxNRPh0nl0esJNz-NHd1WaHCXO1X7DZ7lJZk9yor4YQpiZHt5DISAA8uwK1ffGxSSYR4oLAik5RxQlyIfQ5GD4v2rQnoMyW1qjSU24yuAI3oFT78tXHcN1S2xuD_MG7P9rxhoYCYbWqEs3WmkUqzJg
輸入令牌后
我的輸入令牌進入后,有很多黃色的感嘆號
master節點執行以下命令就可以了
[root@master yaml]# kubectl create clusterrolebinding test:anonymous --clusterrole=cluster-admin --user=system:anonymous
clusterrolebinding.rbac.authorization.k8s.io/test:anonymous created
9、配置Kuboard
Kuboard是一款免費的Kubernetes圖形化管理工具,其力圖幫助用戶快速在Kubernetes上落地微服務,登錄Master節點,使用kuboard.yaml檔案部署Kuboard
[root@master yaml]# ls
dashboard-adminuser.yaml kubia.yaml
kube-flannel.yaml kuboard.yaml
kubernetes-dashboard.yaml
[root@master yaml]# kubectl create -f kuboard.yaml
deployment.apps/kuboard created
service/kuboard created
serviceaccount/kuboard-user created
clusterrolebinding.rbac.authorization.k8s.io/kuboard-user created
serviceaccount/kuboard-viewer created
clusterrolebinding.rbac.authorization.k8s.io/kuboard-viewer created
clusterrolebinding.rbac.authorization.k8s.io/kuboard-viewer-node created
clusterrolebinding.rbac.authorization.k8s.io/kuboard-viewer-pvp created
ingress.extensions/kuboard created
在瀏覽器輸入地址http://10.30.59.188:31000,即可進入Kuboard的認證界面,在Token文本框中輸入令牌后可進入Kuboard控制臺
在Kuboard控制臺中可以查看到集群概覽,至此Kubernetes容器云平臺就部署完成了,
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/286553.html
標籤:其他
上一篇:資料倉庫的概念以及建模方法