Kubernetes 1.4 的新功能是引入了 kubeadm 部署机制（暂时还是 alpha 版本），大大简化了 Kubernetes 集群的构建。本文来自官方的文档，现在部署一个 K8S 集群只要四个步骤：

步骤

1、安装 docker、kubelet、kubectl、kubeadm

docker 容器运行环境
kubelet 集群最核心组件，它运行在所有集群中的机器，并实际操作 POD 和容器
kubectl 交互命令行控制集群
kubeadm Kubernetes1.4 新增，替换之前的 kube-up.sh 脚本，用于集群的创建和节点的增加
2、kubeadm init 初始化 master
3、kubeadm join --token
4、部署 POD 网络

从 1.3 开始支持新的资源类型 DaemonSet，kube-scheduler，kube-apiserver，kube-controller-manager，kube-proxy，kube-discovery 都已经放入 POD 中，使用更加方便了。
kubectl get DaemonSet --namespace=kube-system
kubectl get secrets --namespace=kube-system

准备

准备三台阿里云（区域选择美西）ECS主机

硬件配置：三台1核 2G 按使用流量网络 5M
操作系统：Centos7.2

#关闭SE
setenforce 0
#关闭firewalld
systemctl stop firewalld.service
systemctl disable firewalld.service
#配置kubernetes yum源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://yum.kubernetes.io/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
       https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
#安装docker kubelet...
yum install -y docker kubelet kubeadm kubectl kubernetes-cni
systemctl enable docker && systemctl start docker
systemctl enable kubelet && systemctl start kubelet

Setup1. 初始化 Master 节点

如果您有多个 IP 地址,可以加参数–api-advertise-addresses=指定 IP

kubeadm init

部署日志

[root@master ~]# kubeadm init
<master/tokens> generated token: "f93eee.de3d7fa600af2083"
<master/pki> created keys and certificates in "/etc/kubernetes/pki"
<util/kubeconfig> created "/etc/kubernetes/kubelet.conf"
<util/kubeconfig> created "/etc/kubernetes/admin.conf"
<master/apiclient> created API client configuration
<master/apiclient> created API client, waiting for the control plane to become ready
<master/apiclient> all control plane components are healthy after 18.569646 seconds
<master/apiclient> waiting for at least one node to register and become ready
<master/apiclient> first node is ready after 0.503710 seconds
<master/discovery> created essential addon: kube-discovery, waiting for it to become ready
<master/discovery> kube-discovery is ready after 3.003818 seconds
<master/addons> created essential addon: kube-proxy
<master/addons> created essential addon: kube-dns

Kubernetes master initialised successfully!

You can now join any number of machines by running the following on each node:

kubeadm join --token f93eee.de3d7fa600af2083 47.88.101.27

生成的配置文件列表

# 证书
/etc/kubernetes/pki/apiserver-key.pem
/etc/kubernetes/pki/apiserver.pem
/etc/kubernetes/pki/apiserver-pub.pem
/etc/kubernetes/pki/ca-key.pem
/etc/kubernetes/pki/ca.pem
/etc/kubernetes/pki/ca-pub.pem
/etc/kubernetes/pki/sa-key.pem
/etc/kubernetes/pki/sa-pub.pem
/etc/kubernetes/pki/tokens.csv
# Master配置
/etc/kubernetes/manifests/kube-scheduler.json
/etc/kubernetes/manifests/kube-controller-manager.json
/etc/kubernetes/manifests/kube-apiserver.json
/etc/kubernetes/manifests/etcd.json
# kubelet配置
/etc/kubernetes/admin.conf
/etc/kubernetes/kubelet.conf

Setup2. 添加 work 节点

[root@node1 ~]# kubeadm join --token f93eee.de3d7fa600af2083 47.88.101.27
<util/tokens> validating provided token
<node/discovery> created cluster info discovery client, requesting info from "http://47.88.101.27:9898/cluster-info/v1/?token-id=f93eee"
<node/discovery> cluster info object received, verifying signature using given token
<node/discovery> cluster info signature and contents are valid, will use API endpoints [https://47.88.101.27:443]
<node/csr> created API client to obtain unique certificate for this node, generating keys and certificate signing request
<node/csr> received signed certificate from the API server, generating kubelet configuration
<util/kubeconfig> created "/etc/kubernetes/kubelet.conf"

Node join complete:

Certificate signing request sent to master and response
received.
Kubelet informed of new secure connection details.

Run ‘kubectl get nodes’ on the master to see this machine join.

Setup3. 部署Pod网络

Kubernetes 1.2 版本默认使用的是flannel网络，用于解决 POD 跨主机之间的通信。新版本未提供默认的网络插件，在部署应用集群之前，必须要配置 POD 网络。
未配置 POD 网络，默认的 KUBE-DNS 是无法启动的,通过下面的方法查看。

#查找系统Pod 
kubectl get po --namespace=kube-system
#kube-dns-2247936740-zstum        0/3       ContainerCreating   0          4m
#查看POD日志
kubectl describe po kube-dns-2247936740-zstum --namespace=kube-system
 
Events:
  FirstSeen LastSeen    Count   From            SubobjectPath   Type        Reason      Message
  --------- --------    -----   ----            -------------   --------    ------      -------
  5m        5m      1   {default-scheduler }            Normal      Scheduled   Successfully assigned kube-dns-2247936740-zstum to master
  5m        25s     10  {kubelet master}            Warning     FailedSync  Error syncing pod, skipping: failed to "SetupNetwork" for "kube-dns-2247936740-zstum_kube-system" with SetupNetworkError: "Failed to setup network for pod \"kube-dns-2247936740-zstum_kube-system(4064154b-8ee6-11e6-b6cc-00163e003ad6)\" using network plugins \"cni\": cni config unintialized; Skipping pod"

这里使用 weave 网络方案,当然也可以使用 Calico 或 Canal。

[root@master ~]# kubectl apply -f https://git.io/weave-kube
daemonset "weave-net" created

网络安装完成，通过下面的命令可以看到 kube-dns 已经启动了.

[root@master ~]# kubectl get po --namespace=kube-system
NAME                             READY     STATUS    RESTARTS   AGE
etcd-master                      1/1       Running   0          5m
kube-apiserver-master            1/1       Running   0          5m
kube-controller-manager-master   1/1       Running   0          5m
kube-discovery-982812725-p54gy   1/1       Running   0          3m
kube-dns-2247936740-jk18b        2/3       Running   0          3m
kube-proxy-amd64-05cer           1/1       Running   0          3m
kube-scheduler-master            1/1       Running   0          5m
weave-net-o1mex                  2/2       Running   0          1m

#查看启动配置
ps aux|grep kubelet

#输出日志
/usr/bin/kubelet --kubeconfig=/etc/kubernetes/kubelet.conf --require-kubeconfig=true --pod-manifest-path=/etc/kubernetes/manifests --allow-privileged=true --network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin --cluster-dns=100.64.0.10 --cluster-domain=cluster.local --v=4

案例演示

root@master ~]# git clone https://github.com/microservices-demo/microservices-demo
正克隆到 'microservices-demo'...
remote: Counting objects: 5010, done.
remote: Compressing objects: 100% (13/13), done.
remote: Total 5010 (delta 1), reused 0 (delta 0), pack-reused 4997
接收对象中: 100% (5010/5010), 49.26 MiB | 16.21 MiB/s, done.
处理 delta 中: 100% (2718/2718), done.
[root@master ~]# kubectl apply -f microservices-demo/deploy/kubernetes/manifests
deployment "cart-db" created
service "cart-db" created
deployment "cart" created
service "cart" created
deployment "catalogue-db" created
service "catalogue-db" created
deployment "catalogue" created
service "catalogue" created
deployment "front-end" created
service "front-end" created
namespace "kube-system" configured
networkpolicy "cart-access" created
networkpolicy "cart-db-access" created
networkpolicy "catalogue-access" created
networkpolicy "catalogue-db-access" created
namespace "sock-shop" configured
networkpolicy "front-end-access" configured
networkpolicy "orders-access" configured
networkpolicy "orders-db-access" configured
networkpolicy "payment-access" configured
networkpolicy "prism-access" configured
networkpolicy "rabbitmq-access" configured
networkpolicy "shipping-access" configured
networkpolicy "user-access" configured
networkpolicy "user-db-access" configured
deployment "orders-db" configured
service "orders-db" configured
deployment "orders" configured
service "orders" configured
deployment "payment" configured
service "payment" configured
deployment "queue-master" configured
service "queue-master" configured
deployment "rabbitmq" configured
service "rabbitmq" configured
deployment "shipping" configured
service "shipping" configured
namespace "sock-shop" configured
deployment "user-db" configured
service "user-db" configured
deployment "user" configured
service "user" configured

至此，我们的 K8S 集群创建完毕。

本文转载自才云Caicloud公众号。

原文链接：https://mp.weixin.qq.com/s/woCVVzeVlk5lGrWIzM26Nw

创作场景

手把手教你搭建 Kubernetes 1.4 集群