尘封网

让学习成为一种习惯!

Centos7 单节点上安装kubernetes-dashboard过程

在不久前已经有配置过Kubernetes的实验,但是昨天在配置Kubernetes时并安装kubernetes-dashboard就有点异常。导致摸不着头脑,感觉头脑不好使了。还是喜欢那句话:Do one thing at a time, and do it well! 同时间考虑太多事情导致没有把一件事做好。今天再次把实验跑一通,先在单节点上。

系统:Centos7.2
1、配置yum源:

cat >/etc/yum.repos.d/kubernetes.repo<<-EOF 
[virt7-docker-common-release] 
name=virt7-docker-common-release 
baseurl=http://cbs.centos.org/repos/virt7-docker-common-release/x86_64/os/ 
gpgcheck=0 
EOF

2、查看当前yum里的Kubernetes版本:

[root@k8s ~]# yum info kubernetes 
Loaded plugins: fastestmirror 
Loading mirror speeds from cached hostfile 
 * base: mirrors.cn99.com 
 * epel: mirror01.idc.hinet.net 
 * extras: mirrors.163.com 
 * updates: mirrors.cn99.com 
Installed Packages 
Name        : kubernetes 
Arch        : x86_64 
Version     : 1.5.2 
Release     : 0.6.gitd33fd89.el7 
Size        : 0.0   
Repo        : installed 
From repo   : extras 
Summary     : Container cluster management 
URL         : k8s.io/kubernetes 
License     : ASL 2.0 
Description : Container cluster management

3、安装所需要的包:

yum -y install --enablerepo=virt7-docker-common-release kubernetes etcd

4、配置文件的修改:
a)修改配置文件:/etc/sysconfig/docker
添加下面一行,使用内网仓库:

ADD_REGISTRY='--add-registry reg.docker.lc'

b)修改配置文件:/etc/kubernetes/apiserver

KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"     #这里把127.0.0.1改成0.0.0.0 

KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,Security 
ContextDeny,ResourceQuota"

去掉ServiceAccount即可;

5、查看docker的版本:[上面命令并没有加入docker,但它却自动安装了]

[root@k8s ~]# docker version 
Client: 
 Version:         1.12.6 
 API version:     1.24 
 Package version: docker-1.12.6-28.git1398f24.el7.centos.x86_64 
 Go version:      go1.7.4 
 Git commit:      1398f24/1.12.6 
 Built:           Fri May 26 17:28:18 2017 
 OS/Arch:         linux/amd64 
Cannot connect to the Docker daemon. Is the docker daemon running on this hos

6、 把服务添加到启动项,并启动服务:

for SERVICE in docker etcd kube-apiserver kube-controller-manager kube-scheduler kube-proxy kubelet; do  

    systemctl start $SERVICE 
    systemctl enable $SERVICE 

done

7、验证安装成果:

当前主机上没有任何镜像,接下来我们创建一个pod实例;

[root@k8s ~]# docker images 
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE

利用Nginx.yaml配置文件创建一个实例:

[root@k8s ~]# kubectl create -f Nginx.yaml
replicationcontroller "nginx-controller" created 
service "nginx-service" created

等待一下。。。。再查看当前系统中的镜像时就出现两个镜像了,它都是从内网的仓库里下载的;

[root@k8s ~]# docker images 
REPOSITORY                               TAG                 IMAGE ID            CREATED             SIZE 
reg.docker.lc/share/pod-infrastructure   latest              be92a7c78132        3 weeks ago         205.2 MB 
reg.docker.lc/share/nginx                latest              05a60462f8ba        7 months ago        181.4 MB

查看pod实例分配的Ip地址;

[root@k8s ~]# kubectl get pods -o wide 

NAME                     READY     STATUS    RESTARTS   AGE       IP           NODE 

nginx-controller-4l0wf   1/1       Running   0          12m       172.17.0.2   k8s

查看Kubetnetes里的service[简写svc],可以看到指定了外网IP地址:10.0.10.10

[root@k8s ~]# kubectl get svc 

NAME            CLUSTER-IP     EXTERNAL-IP   PORT(S)    AGE 

kubernetes      10.254.0.1     <none>        443/TCP    35m 
nginx-service   10.254.57.16   10.0.10.10    8000/TCP   10s

查看nginx服务的状态:

[root@k8s ~]# curl -I 10.0.10.10:8000 

HTTP/1.1 200 OK 
Server: nginx/1.11.5 
Date: Sat, 10 Jun 2017 11:30:41 GMT 
Content-Type: text/html 
Content-Length: 612 
Last-Modified: Tue, 11 Oct 2016 15:03:01 GMT 
Connection: keep-alive 
ETag: "57fcff25-264" 
Accept-Ranges: bytes

这样单节点的Kubernetes就已经跑起来了,接下来就是安装kubernetes-dashboard ,下载kubernetes-dashboard.yaml文件,修改一下即可;

cat >kubernetes-dashboard.yaml<<-EOF 
kind: Deployment 
apiVersion: extensions/v1beta1 
metadata: 
  labels: 
    app: kubernetes-dashboard 
  name: kubernetes-dashboard 
  namespace: kube-system 
spec: 
  replicas: 1 
  selector: 
    matchLabels: 
      app: kubernetes-dashboard 
  template: 
    metadata: 
      labels: 
        app: kubernetes-dashboard 
      # Comment the following annotation if Dashboard must not be deployed on master 
      annotations: 
        scheduler.alpha.kubernetes.io/tolerations: | 
          [ 
            { 
              "key": "dedicated", 
              "operator": "Equal", 
              "value": "master", 
              "effect": "NoSchedule" 
            } 
          ] 
    spec: 
      containers: 
      - name: kubernetes-dashboard 
        image: reg.docker.lc/share/kubernetes-dashboard-amd64:v1.5.1      #默认的镜像是使用google的,这里改成内网 
        imagePullPolicy: Always 
        ports: 
        - containerPort: 9090 
          protocol: TCP 
        args: 
          # Uncomment the following line to manually specify Kubernetes API server Host 
          # If not specified, Dashboard will attempt to auto discover the API server and connect 
          # to it. Uncomment only if the default does not work. 
          - --apiserver-host=http://10.0.10.10:8080    #注意这里是api的地址 
        livenessProbe: 
          httpGet: 
            path: / 
            port: 9090 
          initialDelaySeconds: 30 
          timeoutSeconds: 30 
--- 
kind: Service 
apiVersion: v1 
metadata: 
  labels: 
    app: kubernetes-dashboard 
  name: kubernetes-dashboard 
  namespace: kube-system 
spec: 
  type: NodePort 
  ports: 
  - port: 80 
    targetPort: 9090 
  selector: 
    app: kubernetes-dashboard 

EOF

创建实例:

[root@k8s ~]# kubectl create -f kubernetes-dashboard.yaml

查看是否成功运行:

[root@k8s ~]# kubectl get pods --all-namespaces  

NAMESPACE     NAME                                    READY     STATUS    RESTARTS   AGE 

default       nginx-controller-6n19x                  1/1       Running   0          9m 

kube-system   kubernetes-dashboard-2079301569-0qzdv   1/1       Running   0          12m

启动成功就可以打开网页看到效果啦:

如果出现错误:如Error或者ImagePullBackOff问题时就要看日志啦;

[root@k8s ~]# kubectl logs -f kubernetes-dashboard-4291928047-5x372 --namespace=kube-system  
Using HTTP port: 9090 
Using apiserver-host location: http://10.0.10.10.:8080 
Creating API server client for http://10.0.10.10.:8080 
Error while initializing connection to Kubernetes apiserver. This most likely means that the cluster is misconfigured (e.g., it has invalid apiserver certificates or service accounts configuration) or the --apiserver-host param points to a server that does not exist. Reason: Get http://10.0.10.10.:8080/version: dial tcp: lookup 10.0.10.10.: invalid domain name 
Refer to the troubleshooting guide for more information: https://github.com/kubernetes/dashboard/blob/master/docs/user-guide/troubleshooting.md

这个错误真是太低级了,所以说配置要认真检查,不然会搞死自己。tcp: lookup 10.0.10.10.: invalid domain name 就是IP地址后面多了一个’.’

附上中途遇到的问题:

[root@docker-ce ~]# kubectl create -f kubernetes-dashboard.yaml  

Error from server (AlreadyExists): error when creating "kubernetes-dashboard.yaml": deployments.extensions "kubernetes-dashboard" already exists 
Error from server (AlreadyExists): error when creating "kubernetes-dashboard.yaml": services "kubernetes-dashboard" already exists

上面说到services kubernetes-dashboard已经存在了,但是这个在kubectl get services 是看不到的,用下边的方法,看到一个状态是异常的ImagePullBackOff;

[root@docker-ce ~]# kubectl get pod --all-namespaces 

NAMESPACE     NAME                                    READY     STATUS             RESTARTS   AGE 

kube-system   kubernetes-dashboard-1007002191-m85x1   0/1       ImagePullBackOff   0          16m

所以这样也是无法删除的:

[root@docker-ce ~]# kubectl delete namespace kube-system  

Error from server (Forbidden): namespaces "kube-system" is forbidden: this namespace may not be deleted

可以通过这样删除:

[root@docker-ce ~]# kubectl delete -f kubernetes-dashboard.yaml 

deployment "kubernetes-dashboard" deleted 
service "kubernetes-dashboard" deleted

提醒:本文最后更新于 677 天前,文中所描述的信息可能已发生改变,请谨慎使用。