centos7 k8s1.5.2(kubernetes) etcd flannel dns dashboard nginx tomcat slb haproxy keepalived
1. etcd 部署
yum安装etcd
[root@3a9e34429b75 /]# yum install etcd -y
设置开机自启动
[root@3a9e34429b75 /]# systemctl enable etcd
Created symlink /etc/systemd/system/multi-user.target.wants/etcd.service, pointing to /usr/lib/systemd/system/etcd.service.
检查当前启动的端口
[root@3a9e34429b75 /]# netstat -lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
开启etcd
[root@3a9e34429b75 /]# systemctl start etcd
查看到etcd的两个默认端口已经启动
[root@94805217bd96 /]# netstat -lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:2379 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:2380 0.0.0.0:* LISTEN -
验证 etcd
[root@94805217bd96 /]# etcdctl set name mayun
mayun
[root@94805217bd96 /]# etcdctl get name
mayun
[root@94805217bd96 /]# etcdctl -C http://127.0.0.1:2379 cluster-health
member 8e9e05c52164694d is healthy: got healthy result from http://localhost:2379
cluster is healthy
[root@94805217bd96 /]#
etcd 配置 /etc/etcd/etcd.conf
# [member]
ETCD_NAME=master
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
#ETCD_WAL_DIR=""
#ETCD_SNAPSHOT_COUNT="10000"
#ETCD_HEARTBEAT_INTERVAL="100"
#ETCD_ELECTION_TIMEOUT="1000"
#ETCD_LISTEN_PEER_URLS="http://localhost:2380"
ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"
#ETCD_MAX_SNAPSHOTS="5"
#ETCD_MAX_WALS="5"
#ETCD_CORS=""
#
#[cluster]
#ETCD_INITIAL_ADVERTISE_PEER_URLS="http://localhost:2380"
# if you use different ETCD_NAME (e.g. test), set ETCD_INITIAL_CLUSTER value for this name, i.e. "test=http://..."
#ETCD_INITIAL_CLUSTER="default=http://localhost:2380"
#ETCD_INITIAL_CLUSTER_STATE="new"
#ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_ADVERTISE_CLIENT_URLS="http://0.0.0.0:2379"
#ETCD_DISCOVERY=""
#ETCD_DISCOVERY_SRV=""
#ETCD_DISCOVERY_FALLBACK="proxy"
#ETCD_DISCOVERY_PROXY=""
#ETCD_STRICT_RECONFIG_CHECK="false"
#ETCD_AUTO_COMPACTION_RETENTION="0"
#
#[proxy]
#ETCD_PROXY="off"
#ETCD_PROXY_FAILURE_WAIT="5000"
#ETCD_PROXY_REFRESH_INTERVAL="30000"
#ETCD_PROXY_DIAL_TIMEOUT="1000"
#ETCD_PROXY_WRITE_TIMEOUT="5000"
#ETCD_PROXY_READ_TIMEOUT="0"
#
#[security]
#ETCD_CERT_FILE=""
#ETCD_KEY_FILE=""
#ETCD_CLIENT_CERT_AUTH="false"
#ETCD_TRUSTED_CA_FILE=""
#ETCD_AUTO_TLS="false"
#ETCD_PEER_CERT_FILE=""
#ETCD_PEER_KEY_FILE=""
#ETCD_PEER_CLIENT_CERT_AUTH="false"
#ETCD_PEER_TRUSTED_CA_FILE=""
#ETCD_PEER_AUTO_TLS="false"
#
#[logging]
#ETCD_DEBUG="false"
# examples for -log-package-levels etcdserver=WARNING,security=DEBUG
#ETCD_LOG_PACKAGE_LEVELS=""
配置完成后退出,保存。
2. 安装证书
本文是基于Git-hub中make-ca-cert方式自己建立,方法如下:
先把github中kubernetes代码都下到要安装master的机器上。
# git clone https://github.com/kubernetes/kubernetes
修改make-ca-cert.sh,将第30行修改为kube(基于kube的组进行启动)
# update the below line with the group that exists on Kubernetes Master.
/* Use the user group with which you are planning to run kubernetes services */
cert_group=${CERT_GROUP:-kube}
运行make-ca-cert.sh
# cd kubernetes/cluster/saltbase/salt/generate-cert/
./make-ca-cert.sh 10.20.0.1
这里10.20.0.1是master节点的ip,运行完后发现在/srv/kubernetes目录下已经把相关的key都生成了,把这些key考到所有的minion节点的相同目录。
这里生产的证书就是要在k8s-master中配置用到的。
3. k8s master 部署
安装 kubernetes
[root@44dd34165e5e /]# yum install kubernetes -y
配置 master,在kubernetes master上需要运行以下组件:
Kubernets API Server Kubernets Controller Manager Kubernets Scheduler
配置 /etc/kubernetes/apiserver
###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
## The address on the local server to listen to.
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"# The port on the local server to listen on.
# KUBE_API_PORT="--port=8080"# Port minions listen on
# KUBELET_PORT="--kubelet-port=10250"# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd-servers=http://10.3.14.8:2379"# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.20.0.0/16"# default admission control policies
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"#KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"# Add your own!KUBE_API_ARGS="--secure-port=443 --client-ca-file=/srv/kubernetes/ca.crt --tls-cert-file=/srv/kubernetes/server.cert --tls-private-key-file=/srv/kubernetes/server.key"#KUBE_API_ARGS=""
配置 /etc/kubernetes/config
###
# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
# kube-apiserver.service
# kube-controller-manager.service
# kube-scheduler.service
# kubelet.service
# kube-proxy.service
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://10.3.14.8:8080"
配置 /etc/kubernetes/controller-manager
###
# The following values are used to configure the kubernetes controller-manager# defaults from config and apiserver should be adequate# Add your own!
KUBE_CONTROLLER_MANAGER_ARGS="--root-ca-file=/srv/kubernetes/ca.crt --service-account-private-key-file=/srv/kubernetes/server.key"#KUBE_CONTROLLER_MANAGER_ARGS=""
配置开机自启动,并启动
[root@44dd34165e5e /]# systemctl enable kube-apiserver
[root@44dd34165e5e /]# systemctl start kube-apiserver
[root@44dd34165e5e /]# systemctl enable kube-controller-manager
[root@44dd34165e5e /]# systemctl start kube-controller-manager
[root@44dd34165e5e /]# systemctl enable kube-scheduler
[root@44dd34165e5e /]# systemctl start kube-scheduler
4. 安装node
同安装master的命令一样,
yum install kubernetes
其实 master和node 是可以选择对应的包安装的,我是为了省事,直接把所有的都装上了,根据需要修改和启动。
node主要两部分,kubelet、kube-proxy
vi /etc/kubernetes/config
###
# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
# kube-apiserver.service
# kube-controller-manager.service
# kube-scheduler.service
# kubelet.service
# kube-proxy.service
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://10.3.14.8:8080"
vi /etc/kubernetes/kubelet
###
# kubernetes kubelet (minion) config# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=0.0.0.0"# The port for the info server to serve on
# KUBELET_PORT="--port=10250"# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname-override=10.3.14.10"# location of the api-server
KUBELET_API_SERVER="--api-servers=http://10.3.14.8:8080"# pod infrastructure container
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"# Add your own!
KUBELET_ARGS="--cluster_dns=10.20.10.10 --cluster_domain=cluster.local"
设置开机自启动,并启动
systemctl enable kubelet
systemctl start kubelet
systemctl enable kube-proxy
systemctl start kube-proxy
查看启动
[root@iz2ze0fq2isg8vphkpos5sz ~]# netstat -lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2021/sshd
tcp 0 0 127.0.0.1:10248 0.0.0.0:* LISTEN 25448/kubelet
tcp 0 0 127.0.0.1:10249 0.0.0.0:* LISTEN 25813/kube-proxy
tcp6 0 0 :::10250 :::* LISTEN 25448/kubelet
tcp6 0 0 :::10255 :::* LISTEN 25448/kubelet
tcp6 0 0 :::4194 :::* LISTEN 25448/kubelet
注:因服务器资源原因,将原来10.3.14.8 上的 master、etcd 迁到 172.20.4.132 了,肯定有同学看到后面发现ip同前面不对应,这里说明下^_^
5. 安装flannel
flannel 主要是用于集群内的pod 网络划分和通信
安装命令
yum install flannel
配置 vi /etc/sysconfig/flanneld
# Flanneld configuration options # etcd url location. Point this to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="http://10.3.14.8:2379"# etcd config key. This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/k8s.com/network"# Any additional options that you want to pass
#FLANNEL_OPTIONS=""
从配置上可以看到 flannel是同过与etcd通信,获取对应的网络配置
因此还需要在etcd上配置,这里的FLANNEL_ETCD_PREFIX 的值就是来自于etcd。
[root@iz2ze0fq2isg8vphkpos5rz /]# etcdctl set /k8s.com/network/config '{ "Network": "172.17.0.0/16" }'
{ "Network": "172.17.0.0/16" }
[root@iz2ze0fq2isg8vphkpos5rz /]# etcdctl get /k8s.com/network/config
{ "Network": "172.17.0.0/16" }
[root@iz2ze0fq2isg8vphkpos5rz /]#
同时还需要上传节点网络配置
先编写config.json
[root@iz2ze0fq2isg8vphkpos5sz k8s]# vi config.json
{
"Network": "172.17.0.0/16",
"SubnetLen": 24,
"Backend": {"Type": "vxlan","VNI": 7890}}
~
上传命令
[root@iz2ze0fq2isg8vphkpos5sz k8s]# curl -L http://172.20.4.132:2379/v2/keys/k8s.com/network/config -XPUT --data-urlencode value@config.json
{"action":"set","node":{"key":"/k8s.com/network/config","value":"{\n\"Network\": \"172.17.0.0/16\",\n\"SubnetLen\": 24,\n\"Backend\": {\n \"Type\": \"vxlan\",\n \"VNI\": 7890\n }\n }\n","modifiedIndex":69677,"createdIndex":69677},"prevNode":{"key":"/k8s.com/network/config"
,"value":"{\"Network\":\"172.17.0.0/16\"}","modifiedIndex":68840,"createdIndex":68840}}
配置自启动并启动
systemctl enable flanneld
systemctl start flanneld
查看本机ip配置,出现了flannel的网络
[root@iz2ze0fq2isg8vphkpos5uz ~]# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1450inet 172.17.8.1 netmask 255.255.255.0 broadcast 0.0.0.0ether 02:42:37:12:ef:68 txqueuelen 0 (Ethernet)RX packets 2125904 bytes 331673249 (316.3 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 4013911 bytes 464273110 (442.7 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.3.14.10 netmask 255.255.255.0 broadcast 10.3.14.255ether 00:16:3e:06:1d:eb txqueuelen 1000 (Ethernet)RX packets 5319293 bytes 1706527445 (1.5 GiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 3124713 bytes 472762966 (450.8 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0flannel.7890: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450inet 172.17.8.0 netmask 255.255.255.255 broadcast 0.0.0.0ether d2:a2:e8:fd:f2:00 txqueuelen 0 (Ethernet)RX packets 2776 bytes 282277 (275.6 KiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 2551 bytes 376099 (367.2 KiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0loop txqueuelen 1 (Local Loopback)RX packets 18 bytes 976 (976.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 18 bytes 976 (976.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
我这配置了10和11两个节点
通过k8s master 可以查看管理的节点
[root@iz2ze0fq2isg8vphkpos5rz dashboard]# kubectl get node -s 10.3.14.8:8080
NAME STATUS AGE
10.3.14.10 Ready 14s
10.3.14.11 Ready 2m
6. 安装dashboard
查看当前deployment、svc
[root@iz2ze0fq2isg8vphkpos5rz dashboard]# kubectl get deployment -s 10.3.14.8:8080 --all-namespaces
No resources found.
[root@iz2ze0fq2isg8vphkpos5rz dashboard]# kubectl get svc -s 10.3.14.8:8080 --all-namespaces
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.20.0.1 <none> 443/TCP 17h
dashboard的deployment
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
# Keep the name in sync with image version and
# gce/coreos/kube-manifests/addons/dashboard counterpartsname: kubernetes-dashboard-latestnamespace: kube-system
spec:replicas: 1template:metadata:labels:k8s-app: kubernetes-dashboardversion: latestkubernetes.io/cluster-service: "true"spec:containers:- name: kubernetes-dashboardimage: registry.cn-hangzhou.aliyuncs.com/google-containers/kubernetes-dashboard-amd64:v1.4.2resources:# keep request = limit to keep this container in guaranteed classlimits:cpu: 100mmemory: 50Mirequests:cpu: 100mmemory: 50Miports:- containerPort: 9090args:- --apiserver-host=http://10.3.14.8:8080livenessProbe:httpGet:path: /port: 9090initialDelaySeconds: 30timeoutSeconds: 30
svc
apiVersion: v1
kind: Service
metadata:name: kubernetes-dashboardnamespace: kube-systemlabels:k8s-app: kubernetes-dashboardkubernetes.io/cluster-service: "true"
spec:selector:k8s-app: kubernetes-dashboardports:- port: 80targetPort: 9090
创建deployment、pod
[root@iz2ze0fq2isg8vphkpos5rz dashboard]# kubectl get svc --all-namespaces
NAMESPACE NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes 10.20.0.1 <none> 443/TCP 5m
kube-system kubernetes-dashboard 10.20.87.235 <none> 80/TCP 2m
[root@iz2ze0fq2isg8vphkpos5rz dashboard]#
[root@iz2ze0fq2isg8vphkpos5rz dashboard]# kubectl create -f dashboard.yaml
deployment "kubernetes-dashboard-latest" created
[root@iz2ze0fq2isg8vphkpos5rz dashboard]# kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system kubernetes-dashboard-latest-2600502794-n48m3 1/1 Running 0 15s
[root@iz2ze0fq2isg8vphkpos5rz dashboard]#
创建svc
[root@iz2ze0fq2isg8vphkpos5rz dashboard]# kubectl create -f dashboardsvc.yaml
service "kubernetes-dashboard" created
[root@iz2ze0fq2isg8vphkpos5rz dashboard]# kubectl get svc --all-namespaces
NAMESPACE NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes 10.20.0.1 <none> 443/TCP 2m
kube-system kubernetes-dashboard 10.20.87.235 <none> 80/TCP 9s
访问 http://10.3.14.8:8080/ui
7. 安装DNS
dns configmap 配置 kubedns-cm.yaml
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.apiVersion: v1
kind: ConfigMap
metadata:name: kube-dnsnamespace: kube-systemlabels:addonmanager.kubernetes.io/mode: EnsureExists
dns serviceaccount 配置 kubedns-sa.yaml
apiVersion: v1
kind: ServiceAccount
metadata:name: kube-dnsnamespace: kube-systemlabels:kubernetes.io/cluster-service: "true"addonmanager.kubernetes.io/mode: Reconcile
dns pod 配置 kubedns-deployment.yaml
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.# TODO - At some point, we need to rename all skydns-*.yaml.* files to kubedns-*.yaml.*
# Should keep target in cluster/addons/dns-horizontal-autoscaler/dns-horizontal-autoscaler.yaml
# in sync with this file.# __MACHINE_GENERATED_WARNING__apiVersion: extensions/v1beta1
kind: Deployment
metadata:name: kube-dnsnamespace: kube-systemlabels:k8s-app: kube-dnskubernetes.io/cluster-service: "true"
spec:replicas: 1# replicas: not specified here:# 1. In order to make Addon Manager do not reconcile this replicas parameter.# 2. Default is 1.# 3. Will be tuned in real time if DNS horizontal auto-scaling is turned on.strategy:rollingUpdate:maxSurge: 10%maxUnavailable: 0selector:matchLabels:k8s-app: kube-dnstemplate:metadata:labels:k8s-app: kube-dnsannotations:scheduler.alpha.kubernetes.io/critical-pod: ''scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'spec:containers:- name: kubednsimage: myhub.fdccloud.com/library/kubedns-amd64:1.9volumeMounts:- name: tz-configmountPath: /etc/localtimeresources:# TODO: Set memory limits when we've profiled the container for large# clusters, then set request = limit to keep this container in# guaranteed class. Currently, this container falls into the# "burstable" category so the kubelet doesn't backoff from restarting it.limits:memory: 170Mirequests:cpu: 100mmemory: 70MilivenessProbe:httpGet:path: /healthz-kubednsport: 8080scheme: HTTPinitialDelaySeconds: 60timeoutSeconds: 5successThreshold: 1failureThreshold: 5readinessProbe:httpGet:path: /readinessport: 8081scheme: HTTP# we poll on pod startup for the Kubernetes master service and# only setup the /readiness HTTP server once that's available.initialDelaySeconds: 3timeoutSeconds: 5args:- --domain=cluster.local.- --dns-port=10053- --config-map=kube-dns- --kube-master-url=http://172.20.4.132:8080# This should be set to v=2 only after the new image (cut from 1.5) has# been released, otherwise we will flood the logs.- --v=0#__PILLAR__FEDERATIONS__DOMAIN__MAP__env:- name: PROMETHEUS_PORTvalue: "10055"ports:- containerPort: 10053name: dns-localprotocol: UDP- containerPort: 10053name: dns-tcp-localprotocol: TCP- containerPort: 10055name: metricsprotocol: TCP- name: dnsmasqimage: myhub.fdccloud.com/library/kube-dnsmasq-amd64:1.4volumeMounts:- name: tz-configmountPath: /etc/localtimelivenessProbe:httpGet:path: /healthz-dnsmasqport: 8080scheme: HTTPinitialDelaySeconds: 60timeoutSeconds: 5successThreshold: 1failureThreshold: 5args:- --cache-size=1000- --no-resolv- --server=127.0.0.1#10053#- --log-facility=- #注释掉该行ports:- containerPort: 53name: dnsprotocol: UDP- containerPort: 53name: dns-tcpprotocol: TCP# see: https://github.com/kubernetes/kubernetes/issues/29055 for detailsresources:requests:cpu: 150mmemory: 10Mi- name: dnsmasq-metricsimage: myhub.fdccloud.com/library/dnsmasq-metrics-amd64:1.0volumeMounts:- name: tz-configmountPath: /etc/localtimelivenessProbe:httpGet:path: /metricsport: 10054scheme: HTTPinitialDelaySeconds: 60timeoutSeconds: 5successThreshold: 1failureThreshold: 5args:- --v=2- --logtostderrports:- containerPort: 10054name: metricsprotocol: TCPresources:requests:memory: 10Mi- name: healthzimage: myhub.fdccloud.com/library/exechealthz-amd64:1.2volumeMounts:- name: tz-configmountPath: /etc/localtimeresources:limits:memory: 50Mirequests:cpu: 10m# Note that this container shouldn't really need 50Mi of memory. The# limits are set higher than expected pending investigation on #29688.# The extra memory was stolen from the kubedns container to keep the# net memory requested by the pod constant.memory: 50Miargs:- --cmd=nslookup kubernetes.default.svc.cluster.local 127.0.0.1 >/dev/null- --url=/healthz-dnsmasq- --cmd=nslookup kubernetes.default.svc.cluster.local 127.0.0.1:10053 >/dev/null- --url=/healthz-kubedns- --port=8080- --quietports:- containerPort: 8080protocol: TCPdnsPolicy: Default # Don't use cluster DNS.volumes:- name: tz-confighostPath:path: /usr/share/zoneinfo/Asia/Shanghai
dns svc 配置 kubedns-svc.yaml
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.# TODO - At some point, we need to rename all skydns-*.yaml.* files to kubedns-*.yaml.*# __MACHINE_GENERATED_WARNING__apiVersion: v1
kind: Service
metadata:name: kube-dnsnamespace: kube-systemlabels:k8s-app: kube-dnskubernetes.io/cluster-service: "true"kubernetes.io/name: "KubeDNS"
spec:selector:k8s-app: kube-dnsclusterIP: 10.20.10.10ports:- name: dnsport: 53protocol: UDP- name: dns-tcpport: 53protocol: TCP
kubectl create -f kubedns-cm.yaml
kubectl create -f kubedns-sa.yaml
kubectl create -f kubedns-deployment.yaml
kubectl create -f kubedns-svc.yaml
查看 deployment pod svc
[root@yzb-centos72-3 dns]# kubectl get deployment --all-namespaces
NAMESPACE NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
kube-system kube-dns 1 1 1 1 19m
kube-system kubernetes-dashboard-latest 1 1 1 1 19h
nginx-ns nginx-depl 1 1 1 1 32m
[root@yzb-centos72-3 dns]# kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
default busybox 1/1 Running 1 1h
kube-system kube-dns-4025732692-4rs8d 4/4 Running 0 19m
kube-system kubernetes-dashboard-latest-3685189279-5j204 1/1 Running 2 19h
nginx-ns nginx-depl-3484537133-4g31s 1/1 Running 0 33m
[root@yzb-centos72-3 dns]# kubectl get svc --all-namespaces
NAMESPACE NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes 10.20.0.1 <none> 443/TCP 19h
kube-system kube-dns 10.20.10.10 <none> 53/UDP,53/TCP 1h
kube-system kubernetes-dashboard 10.20.64.165 <none> 80/TCP 19h
nginx-ns nginx-svc 10.20.202.116 <none> 6612/TCP 59m
测试pod busybox.yaml
apiVersion: v1
kind: Pod
metadata:labels:name: busyboxrole: mastername: busybox
spec:containers:- name: busyboximage: myhub.fdccloud.com/library/busyboxcommand:- sleep- "3600"
创建pod
kubectl create -f busybox.yaml
查看pod
[root@yzb-centos72-3 dns]# kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
default busybox 1/1 Running 1 1h
kube-system kube-dns-4025732692-4rs8d 4/4 Running 0 23m
kube-system kubernetes-dashboard-latest-3685189279-5j204 1/1 Running 2 19h
nginx-ns nginx-depl-3484537133-4g31s 1/1 Running 0 36
测试
[root@yzb-centos72-3 dns]# kubectl exec -it busybox -- nslookup kubernetes
Server: 10.20.10.10
Address 1: 10.20.10.10 kube-dns.kube-system.svc.cluster.localName: kubernetes
Address 1: 10.20.0.1 kubernetes.default.svc.cluster.local
相关yaml下载:
http://download.csdn.net/detail/stonexmx/9880990
centos7 k8s1.5.2(kubernetes) etcd flannel dns dashboard nginx tomcat slb haproxy keepalived相关推荐
- Centos7 使用 kubeadm 安装Kubernetes 1.13.3
目录 目录 什么是Kubeadm? 什么是容器存储接口(CSI)? 什么是CoreDNS? 1.环境准备 1.1.网络配置 1.2.更改 hostname 1.3.配置 SSH 免密码登录登录 1.4 ...
- VMware下centos7安装k8s(Kubernetes)多master集群
上一节:VMware下centos7安装k8s(Kubernetes)集群 1.使用MobaXterm打开多个窗口,进行多窗口同时编辑,已提前改好IP和hostname. 2.修改hosts,用vim ...
- 在虚拟机环境(CentOS7系统)下将kubernetes中部署服务成功,但在虚拟机外部无法访问到服务...
在CentOS7环境下,kubernetes单机版环境,成功部署一个服务,在虚拟机中访问服务没问题,下面这样: curl http://172.27.73.26:8888/eureka-server/ ...
- CentOS7 使用 kubeadm 搭建 kubernetes 集群(踩坑篇)
序言 本人在搭建 k8s 集群的过程中曲折不断,故写下此文,欲与"同是天涯沦落人"分享. 这篇文章会详细描述安装过程中遇到的问题,以及本人相应的解决办法,如读者只想快速搭建 k8s ...
- 《Docker容器:利用Kubernetes、Flannel、Cockpit和Atomic构建和部署》——2.2 容器式Linux系统的Docker配置...
本节书摘来自异步社区<Docker容器:利用Kubernetes.Flannel.Cockpit和Atomic构建和部署>一书中的第2章,第2.2节,作者: [美]Christopher ...
- kubeadm安装的Kubernetes etcd备份恢复
kubeadm安装的Kubernetes etcd备份恢复 [TOC] 1. 事件由来 2018年9月16日台风过后,我的一套kuernetes测试系统,etcd启动失败,经过半天的抢救,仍然无果(3 ...
- CentOS7 使用 kubeadm 搭建 kubernetes 集群(极速篇)
序言 本人在安装 k8s 的过程中曲折不断,故写下此文,让后人可以少走弯路. 这篇文章只描述如何从0开始快速搭建 k8s 集群,想更详细了解具体遇到问题的分析过程和解决方案,可阅读另一篇文章 -- C ...
- CentOS7+MySQL/MariaDB+Galera+HAProxy+Keepalived构建高可用数据库集群
方案优势: Galera能够实现MySQL/MariaDB数据库的主主复制和多主复制等模式,这些复制模式都是同步进行的,同步时间非常短 每一个节点都可以同时写入和读取,当某一节点发生故障时,可自动从集 ...
- nginx、lvs、keepalived、f5、DNS轮询(lvs为何不能完全替代DNS轮询)
一.问题域 nginx.lvs.keepalived.f5.DNS轮询,每每提到这些技术,往往讨论的是接入层的这样几个问题: 1)可用性:任何一台机器挂了,服务受不受影响 2)扩展性:能否通过增加机器 ...
最新文章
- 【学习总结】之 3Blue1Brown系列
- 简单点亮发光二极管实例(位操作)
- QML基础类型之var
- 网址导航html5源码图标版,最新仿hao123网址导航(晓风网址导航系统) v4.2
- PDF 开发者 Charles Geschke 去世,39 年前联合创立软件巨头 Adobe!
- 蓝桥杯2019年第十届C/C++省赛A组第三题-最大降雨量
- create-react-app脚手架中配置webpack的方法
- VTM10.0代码学习18:xCheckRDCostMerge2Nx2N()
- 谷歌输入法linux下载官网下载软件,linux下安装谷歌拼音输入法
- 稽首文殊,寒山之士;南无普…
- 面试文案策划要准备一些什么?
- Sentiment Polarity Detection for Software Development
- 美团运维SRE+运维开发一面面经汇总
- Ubuntu 安装 AMD GPU 驱动
- 简单粗暴搞定webpack4的style-loader!css-loader
- 零基础也能看懂的五大网络安全技术,学网络安全真的可以很简单
- arcgis制图 ——羽化效果
- 智慧民航新业态崭露头角,图扑数字孪生入局民航飞联网
- sketch_apr04a:82:4: error: stray ‘\302‘ in programsketch_apr04a:82:4: error: stray ‘\240‘ in progra
- AWS 中文入门开发教学 25- 高可用性设计 - 建立 ALB 负载均衡
热门文章
- android 蒲公英 类似平台,Jenkins之android APP打包上传蒲公英平台
- 把网页保存成markdowm的方法
- linux 中dirname的用法
- 关于任务计划指定错误:0X80041315、0X80070005拒绝访问
- 新年开工第一篇文章——推荐几个值得中小企业使用的ARM9/ARM11/Cortex A8处理器
- 事务(Transaction)的简单理解
- OracleP6机场工程进度控制系列15:总进度综合管控报告
- PCB板布线经验~~
- 传播易7月发力 微信大号营销成为前锋
- matlab应力分析,MATLAB有限元分析与应用概述.ppt