練習kubernetes的安裝與測試

# 練習kubernetes的安裝與測試 ## 下載 docker run -p 4000:80 treble456/cloud-computering:master ## 下載 docker run -p 4000:80 treble456/cloud-computering:worker 更新 repositpories ![](https://i.imgur.com/YvBsNFN.png) 關閉 swap space ``` sudo swapoff -a ``` ![](https://i.imgur.com/Kh5gNhd.png) ``` vim /etc/fstab ``` ![](https://i.imgur.com/1jkz9uF.png) 設定DNS - 修改 host file ``` vim /etc/hosts ``` ![](https://i.imgur.com/HvIm5qx.png) 安裝 ssh ``` sudo apt-get install openssh-server ``` ![](https://i.imgur.com/WygiM6q.png) 安裝 Docker ``` apt-get install -y docker.io ``` ![](https://i.imgur.com/avLqrD7.png) 建立 kubernetes 環境(進入root) ``` apt-get update && apt-get install -y apt-transport-https curl curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - cat <<EOF >/etc/apt/sources.list.d/kubernetes.list deb http://apt.kubernetes.io/ kubernetes-xenial main EOF apt-get update ``` ![](https://i.imgur.com/E9mZUKh.png) 安裝 kubernetes 工具 ``` apt-get install -y kubelet kubeadm kubectl ``` ![](https://i.imgur.com/fCTAs52.png) 更新 kubernetes configuration ``` vim /etc/systemd/system/kubelet.service.d/10-kubeadm.conf ``` Environment=”cgroup-driver=systemd/cgroup-driver=cgroupfs” ![](https://i.imgur.com/A9hWFsK.png) **因為之前遺漏了修改hostname，故在做master及worker的設定時才修改以作區分下面開始作區分** # Master 初始化Master Kubernetes ``` sudo kubeadm init --pod-network-cidr=10.244.0.0/16 ``` ![](https://i.imgur.com/mnciwYB.png) ``` kubeadm join 192.168.128.129:6443 --token dichu9.kzfwjc9m7yuc57ql \ --discovery-token-ca-cert-hash sha256:a997f31e4bafb3c0d6345a5da68f9aef99289cc237188131ed5fb427ae7a515d ``` ![](https://i.imgur.com/3pN8CYE.png) ``` mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config ``` # Node Join集群 ``` kubeadm join 192.168.128.129:6443 --token dichu9.kzfwjc9m7yuc57ql \ --discovery-token-ca-cert-hash sha256:a997f31e4bafb3c0d6345a5da68f9aef99289cc237188131ed5fb427ae7a515d ``` ![](https://i.imgur.com/KsYXgkV.png) Token一般上只有24小時的時效,所以當token過時了就必須重新生成token ->回到master ``` kubeadm token create ``` 也可通過指令查看當前的token ``` kubeadm token list ``` ![](https://i.imgur.com/BoQj0MR.png) 及Sha256 ``` openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //' ``` 當過時效后,只需生成新的token并替換就可以了 kubeadm join 192.168.128.129:6443 --token **<newtoken>** \ --discovery-token-ca-cert-hash sha256:a997f31e4bafb3c0d6345a5da68f9aef99289cc237188131ed5fb427ae7a515d 驗證是否成功 ``` kubectl get node ``` ![](https://i.imgur.com/hi02krK.png) # 重新開機 ``` sudo swapoff -a # 註解掉 /etc/fstab 內的 swap 部分，確保重啟後不會重新掛載 sudo sed -i 's/.*swap.*/#&/' /etc/fstab sudo systemctl enable kubelet ``` # 可能出現的問題 1)我個人在做的時候一直出現問題,有些指令即使用sudo也還是無法執行,必須sudo su 進入root權限 2)![](https://i.imgur.com/hi02krK.png) 狀態顯示為notready 解決方法：安裝CNI 3)重啟Master后 kubernetes會出現無法啟動 ``` swapoff -a kubeadm reset kubeadm init systemctl status kubelet ``` 會出現x509 certificate signed by unknown authority ``` mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config ``` 就可以解決了