一、準備須知
Kubnates安裝至少需要兩臺主機，一臺做master主機，一臺做node主機（node主機可多臺）。

二、安裝前準備
1.關閉防火墻

#centos6 
service stop firewalld  && service disable firewalld;
#centos7
systemctl stop iptables && systemctl disable iptables;

2.兩臺機器需要各自編輯/etc/hosts文件，互相添加hostname，然后相互ping通，以下為例

" >> vi /etc/hosts
192.168.18.128 centos-master
192.168.18.130 centos-minion

三、kubernates安裝
1.兩臺主機都需要安裝docker，kubernetes，如有docker版本沖突需要卸載重新安裝docker.

yum -y install docker kubernetes

2.master節點需要安裝etcd數據庫服務，etcd作為kubernetes的數據庫

yum -y install etcd

3.每個節點,master及minion節點都需要修改kubernetes配置文件

vim /etc/kubernetes/config

# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://centos-master:8080"
#master節點關于指向etcd的ip可能需要改成127.0.0.1:2379，改成主機名的話kube-controller-manager可能會啟動失敗，不知原因
KUBE_ETCD_SERVERS="--etcd_servers=http://centos-master:2379"

示例master 下config

# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
#   kube-apiserver.service
#   kube-controller-manager.service
#   kube-scheduler.service
#   kubelet.service
#   kube-proxy.service
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"

# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"

# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"

# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://kube01:8080"

KUBE_ETCD_SERVERS="--etcd-servers=http://kube01:2379"

4.master節點上，配置api服務給node

vim /etc/kubernetes/apiserver

# The address on the local server to listen to.
#這個地址好像只能用0.0.0.0
KUBE_API_ADDRESS="--address=0.0.0.0"
KUBE_API_PORT="--port=8080"
# Comma separated list of nodes in the etcd cluster
#KUBE_ETCD_SERVERS="--etcd_servers=http://127.0.0.1:2379"

##ServiceAccount這個參數刪掉，會影響docker拉去鏡像
# default admission control policies
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"

示例：master節點apiserver：

# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#

# The address on the local server to listen to.
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"

# The port on the local server to listen on.
KUBE_API_PORT="--port=8080"

# Port minions listen on
# KUBELET_PORT="--kubelet-port=10250"

# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd-servers=http://127.0.0.1:2379"

# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"

# default admission control policies
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

# Add your own!
KUBE_API_ARGS=""

5.master節點上編寫啟動相關kubernetes服務的腳本

vim k8s-server.sh

#!/bin/bash

OPT=$1

case $1 in
-s)
 for SERVICES in etcd  kube-apiserver kube-controller-manager kube-scheduler; do
        systemctl restart $SERVICES
        systemctl enable $SERVICES
        systemctl status $SERVICES
 done
;;

-k)
 for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler ; do
        systemctl stop $SERVICES
 done
;;

-stat)
 for SERVICES in etcd  kube-apiserver kube-controller-manager kube-scheduler; do
        systemctl status $SERVICES
done
;;
*)
        echo "useage:./k8s-server.sh <-s|-k|-stat>----  '-s' is start Servers\n---  '-k' is stop Servers\n'-stat' is watch the status  "
;;
esac

6.node節點修改/etc/kubernetes/kubelet，配置與master的連接

###
# kubernetes kubelet (minion) config
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_PORT="--port=10250"
KUBELET_HOSTNAME="--hostname_override=centos-minion"
KUBELET_API_SERVER="--api_servers=http://centos-master:8080“
# Add your own!
KUBELET_ARGS=""

minion節點 config示例

###
# kubernetes system config
#
# The following values are used to configure various aspects of all
# kubernetes services, including
#
#   kube-apiserver.service
#   kube-controller-manager.service
#   kube-scheduler.service
#   kubelet.service
#   kube-proxy.service
# logging to stderr means we get it in the systemd journal
KUBE_LOGTOSTDERR="--logtostderr=true"

# journal message level, 0 is debug
KUBE_LOG_LEVEL="--v=0"

# Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=false"

# How the controller-manager, scheduler, and proxy find the apiserver
KUBE_MASTER="--master=http://kube01:8080"

minion節點kubelet示例

###
# kubernetes kubelet (minion) config

# The address for the info server to serve on (set to 0.0.0.0 or "" for all interfaces)
KUBELET_ADDRESS="--address=0.0.0.0"

# The port for the info server to serve on
#KUBELET_PORT="--port=10250"

# You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname-override=kube02"

# location of the api-server
KUBELET_API_SERVER="--api-servers=http://kube01:8080"

# pod infrastructure container
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=registry.access.redhat.com/rhel7/pod-infrastructure:latest"

# Add your own!
KUBELET_ARGS=""

7.node節點編寫啟動和查看服務腳本

#!/bin/bash

OPT=$1

case $1 in
-s)
 for SERVICES in kube-proxy kubelet docker; do
        systemctl restart $SERVICES
        systemctl enable $SERVICES
        systemctl status $SERVICES
 done
;;

-k)
 for SERVICES in kube-proxy kubelet docker; do
        systemctl stop $SERVICES
 done
;;

-stat)
 for SERVICES in kube-proxy kubelet docker; do
        systemctl status $SERVICES
done
;;
*)
        echo "useage:./k8s.sh <-s|-k|-stat>----  '-s' is start Servers\n---  '-k' is stop Servers\n'-stat' is watch the status  "
;;
esac

8.node節點查看是否成功注冊到master節點，如果沒關閉防火墻會報錯

tail -f /var/log/messages |grep kube

9.master節點查看剛才注冊的節點，節點status為ready為正常

kubectl get nodes

10.kubectl是master端的交互工具，可以通過子命令查看節點等信息

kubectl get nodes #獲取節點列表

kubectl cluster-info #查看節點信息