Build kubernetes from scratch

Kubernetes build their own reference to online documents, take kubernetes ride again, make a note. There are a few pits, stepped on their own, record, to avoid other people then step on. At the end of the article, you have recorded the mistakes and solutions you have encountered.
With the software version:
Centos 7.1
Docker 1.8.2
Etcd 0.4.6
Kubernetes v1.0.0
Using two machines VM1 (192.168.132.129) and VM2 (192.168.132.130)
VM1 as master, VM2 as minion
Note: kubernetes does not provide a network solution, to ensure that the master and all minion containers can communicate with each other, need to provide network solutions. More commonly used is etcd + flannel, where I did not use etcd + flannel program, but by adding master and mimion between the host to solve the routing. See the specific solution
Http://dockone.io/article/466 , thanks Wu Jian @Georce
The entire installation steps have reference posts http://my.oschina.net/xue777hu … ZKgLT this seems to be written by Lin Fan, thanks to the author.

Specific steps:

1. Install the docker on master and minion

  Yum-y install docker-1.8.2 
Systemctl restart docker.service

Note: Make sure the docker is running correctly, such as docker search centos

2. Add the yum source to master and mimion

  Vi /etc/yum.repo.d/virt7.repo 
[Virt7-testing]
Name = virt7-testing
Baseurl = http: //cbs.centos.org/repos/virt7-common-release/x86_64/os/
Gpgcheck = 0

3. Run on both master + minion machines

  Yum -y install --enablerepo = virt7-testing kubernetes 

4. Check whether the version of etcd is 0.4.6, if not, delete etcd and install from rpm:

  Yum erase etc etc 
Yum install http://cbs.centos.org/kojifiles/packages/etcd/0.4.6/7.el7.centos/x86_64/etcd-0.4.6-7.el7.centos.x86_64.rpm

5. Configure master and minion two server config file content as follows

  Vim / etc / kubernetes / config 
KUBE_LOG_LEVEL = "- v = 0"
KUBE_ALLOW_PRIV = "- allow_privileged = false"
KUBE_MASTER = "--master = http: //192.168.132.129: 8080"
KUBE_ETCD_SERVERS = "--etcd_servers = http: //192.168.132.129: 4001"

Note:

1) Because kubernetes version of the problem, after 1.0 version, KUBE_ETCD_SERVERS inside the port is monitored by default 2379, here changed back to 4001, because etcd default is to monitor this.
2) Due to version issue, KUBE_MASTER this value may also appear in / etc / kubernetes / apiserver file inside.

6. Modify the master_minion's apiserver file

  Vim / etc / kubernetes / apiserver 
KUBE_API_ADDRESS = "- address = 0.0.0.0"
KUBE_API_PORT = "- port = 8080"
KUBE_ETCD_SERVERS = "--etcd_servers = http: //192.168.132.129: 4001"
KUBE_SERVICE_ADDRESSES = "- service-cluster-ip-range = 10.254.0.0 / 16"
KUBE_ADMISSION_CONTROL = "- admission_control = NamespaceLifecycle, NamespaceExists, LimitRanger, SecurityContextDeny, ResourceQuota"
KUBE_API_ARGS = ""

7. Set the minode-side kubelet file

  Vim / etc / kubernetes / kubelet 
KUBELET_ADDRESS = "- address = 0.0.0.0"
KUBELET_HOSTNAME = "- hostname_override = 192.168.132.130"
KUBELET_API_SERVER = "--api_servers = http: //192.168.132.129: 8080"
KUBELET_ARGS = ""

8. Restart the related services of the master

  For SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler kube-proxy; do 
Systemctl restart $ SERVICES
Systemctl enable $ SERVICES
Systemctl status $ SERVICES
Done

9. Reboot the services related to minion

  For SERVICES in kube-proxy kubelet docker; do 
Systemctl restart $ SERVICES
Systemctl enable $ SERVICES
Systemctl status $ SERVICES
Done

10. Verification

Execute kubectl get no on the master server and show success if there is a result
[Root @ wydataguard2 kubernetes] # kubectl get no
NAME LABELS STATUS
192.168.132.130 kubernetes.io/hostname=192.168.132.130 Ready

11. Reference documentation

Http://my.oschina.net/xue777hu … ZKgLT ### Lin Fan installation instructions, there is the use of flannel
Http://www.fangyunlin.com/ ### Fang Yunlin teacher's blog, very detailed
Http://kubernetes.io/

12 encountered the problem

Problem 1: Unable to generate self signed cert: mkdir / var / run / kubernetes: permission denied
Solution:

  Vim /usr/lib/systemd/system/kube-apiserver.service 

[Service]

PermissionsStartOnly = true

ExecStartPre = - / usr / bin / mkdir / var / run / kubernetes

ExecStartPre = / usr / bin / chown -R kube: kube / var / run / kubernetes /

# Systemctl daemon-reload

# Systemctl restart kube-apiserver

Question 2: / api / v1 / namespaces: dial tcp 192.168.132.129:8080: connection refused
Solution:
This is kubernetes can not determine the real master, need to confirm the master with minion two machines / etc / kubernetes / config and / etc / kubernetes / apiserver two documents in the KUBE_MASTER = "- master = http: //192.168. 132.129: 8080 " This is the only one, do not default KUBE_MASTER =" – master = http://127.0.0.1:8080 " this value. As kubernets version of the problem, KUBER_MASTER this value may appear in the config file, it may appear in the apiserver this document, so the two documents to see.

Heads up! This alert needs your attention, but it's not super important.