centos系统离线安装k8s v1.23.9最后一个版本并部署服务,docker支持的最后一个版本

qq7590353662023-08-02 14:11

注意:我这里的离线安装包是V1.23.9.

K8S v1.23.9离线安装包下载:

链接:https://download.csdn.net/download/qq_14910065/88143546

这里包括离线安装所有的镜像,kubeadm,kubelet 和kubectl,calico.yaml,Dashboard的yaml,metrics的yaml,还有nginx.yaml,还有命令补全的安装包。

说明:提前下载如上的安装包

bash 复制代码 
#在所有机器上导入镜像
docker load -i k8s1239_node.tar 
docker load -i k8s1239_master.tar

1.系统性能优化

bash 复制代码 
#所有机器上执行
cat >> /etc/hosts << EOF
192.168.186.128 master
192.168.186.129 node1
192.168.186.130 node2
EOF

systemctl stop firewalld
systemctl disable firewalld
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 临时
swapoff -a # 临时
sed -i 's/.*swap.*/#&/' /etc/fstab # 永久

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system # 生效
bash 复制代码 
#永久修改主机名
hostnamectl set-hostname master  && bash  #在master上操作
hostnamectl set-hostname node1  && bash   #在node1上操作
hostnamectl set-hostname node2  && bash   #在node1上操作

2.离线安装docker

#所有机器上执行
docker离线安装请参考博客

3.离线安装kubeadm,kubelet 和kubectl

bash 复制代码 
#所有机器上执行
[root@master qq]# ls
0f2a2afd740d476ad77c508847bad1f559afc2425816c1f2ce4432a62dfe0b9d-kubernetes-cni-1.2.0-0.x86_64.rpm  libnetfilter_cthelper-1.0.0-11.el7.x86_64.rpm
356e511f8963b4b68fdf41593e64e92f03f0b58c72aae0613aeff3e770078cf7-kubelet-1.20.5-0.x86_64.rpm        libnetfilter_cttimeout-1.0.0-7.el7.x86_64.rpm
3f5ba2b53701ac9102ea7c7ab2ca6616a8cd5966591a77577585fde1c434ef74-cri-tools-1.26.0-0.x86_64.rpm      libnetfilter_queue-1.0.2-2.el7_2.x86_64.rpm
8593f28d972a6818131c1a6cd34f52b22a6acd0c4c7dcf3d7447ad53a9f24cc3-kubectl-1.20.5-0.x86_64.rpm        socat-1.7.3.2-2.el7.x86_64.rpm
c2634321e0d8ebe24ba7c6f025df171f5d1707c75a90e3bdd08199ab47aac565-kubeadm-1.20.5-0.x86_64.rpm        安装说明.txt
conntrack-tools-1.4.4-7.el7.x86_64.rpm
[root@master qq]# rpm -ivh *.rpm #直接安装

4.离线部署Kubernetes Master

bash 复制代码 
#master机器上执行
kubeadm init --apiserver-advertise-address=192.168.186.128  --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.23.9  --service-cidr=10.96.0.0/12  --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=all
bash 复制代码 
#master机器上执行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
bash 复制代码 
#master机器上执行
[root@master mqq]# kubectl get nodes #安装后看到状态是NotReady
NAME         STATUS     ROLES                  AGE   VERSION
k8s-master   NotReady   control-plane,master   11m   v1.23.9

5.离线安装Pod 网络插件(CNI)

bash 复制代码 
#master机器上执行
kubectl apply -f calico.yaml
bash 复制代码 
[root@master manifests]# kubectl get nodes #现在看到状态是Ready就OK
NAME         STATUS   ROLES                  AGE   VERSION
k8s-master   Ready    control-plane,master   15m   v1.23.9
[root@master manifests]# 

[root@k8s-master manifests]# kubectl get pods -n kube-system #全部状态是Running就OK
NAME                                       READY   STATUS    RESTARTS   AGE
calico-kube-controllers-6b8f6f78dc-qrw2g   1/1     Running   0          2m39s
calico-node-s5ddr                          1/1     Running   0          2m39s
coredns-7f89b7bc75-b49sr                   1/1     Running   0          17m
coredns-7f89b7bc75-gtft5                   1/1     Running   0          17m
etcd-k8s-master                            1/1     Running   0          17m
kube-apiserver-k8s-master                  1/1     Running   0          17m
kube-controller-manager-k8s-master         1/1     Running   0          17m
kube-proxy-grkw8                           1/1     Running   0          17m
kube-scheduler-k8s-master                  1/1     Running   0          17m
[root@k8s-master manifests]#

6. node节点加入集群中

bash 复制代码 
#这个命令是master第四步中执行kubeadm init后出现的结果,所有node都需要执行
kubeadm join 192.168.186.128:6443 --token evgmf9.v24ioewquq3xxz2z --discovery-token-ca-cert-hash sha256:cdf4b90eb86e557e97cf6f6dae1bb3788689f04e31c59928bd190b0259167eda
bash 复制代码 
[root@node1 kubernetes]# kubeadm join 192.168.186.128:6443 --token evgmf9.v24ioewquq3xxz2z --discovery-token-ca-cert-hash sha256:cdf4b90eb86e557e97cf6f6dae1bb3788689f04e31c59928bd190b0259167eda
[preflight] Running pre-flight checks
	[WARNING SystemVerification]: this Docker version is not on the list of validated versions: 24.0.5. Latest validated version: 20.10
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
bash 复制代码 
kubeadm token create --print-join-command #重新生成token

#注意高可用结群在master上需要执行的
kubeadm join 192.168.186.128:6443 --token l9jbw7.dw8nxmw51jci3z0b \
    --discovery-token-ca-cert-hash sha256:cdf4b90eb86e557e97cf6f6dae1bb3788689f04e31c59928bd190b0259167eda \
    --control-plane

7.部署Dashboard

bash 复制代码 
kubectl apply -f recommended.yaml
bash 复制代码 
[root@master manifests]# kubectl get pods -n kubernetes-dashboard #状态全部是 Running就OK
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-7b59f7d4df-5n42w   1/1     Running   0          50s
kubernetes-dashboard-74d688b6bc-rdw9r        1/1     Running   0          50s
[root@k8s-master manifests]#

访问地址:https://192.168.186.128:30001/ #必须要用https://
创建service account并绑定默认cluster-admin管理员群集角色
使用输出的token登录Dashboard

bash 复制代码 
kubectl create serviceaccount dashboard-admin -n kube-system #创建用户
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin #用户授权
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}') #获取用户Token,用于页面登录

8.部署metrics服务

bash 复制代码 
kubectl apply -f components.yaml
kubectl top nodes
kubectl top pods

9.测试kubernetes是否正常

bash 复制代码 
kubectl apply -f nginx.yaml 
kubectl get pods,svc
bash 复制代码 
[root@master mqq]# kubectl get pods,svc
NAME                         READY   STATUS    RESTARTS   AGE
pod/nginx-7cf7d6dbc8-8lrzb   1/1     Running   0          46s

NAME                 TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE
service/kubernetes   ClusterIP   10.96.0.1      <none>        443/TCP        76m
service/nginx        NodePort    10.98.34.181   <none>        80:30762/TCP   46s
[root@master mqq]# ip:30762 去页面访问,能访问就OK

10.安装k8s补全命令

bash 复制代码 
#上传安装包bash-completion-2.1-8.el7.noarch.rpm
rpm -ivh bash-completion-2.1-8.el7.noarch.rpm  bash-completion-extras-2.1-11.el7.noarch.rpm
kubectl completion bash
source /usr/share/bash-completion/bash_completion
kubectl completion bash >/etc/profile.d/kubectl.sh
source /etc/profile.d/kubectl.sh

cat >> /root/.bashrc << EOF
source /etc/profile.d/kubectl.sh
EOF

大家在使用和安装中有问题,欢迎留言,看到后给大家解释!

相关推荐
明月_清风6 小时前
K8s 从入门到上手:核心概念+常用工具全解析
后端·kubernetes
qq_364371729 小时前
基于 Docker 容器化环境配置
运维·docker·容器
塔克拉玛攻城狮9 小时前
详解cni插件cilium篇一:它为什么这么快?它还有哪些高级功能?
kubernetes·cilium
GentleDevin10 小时前
Docker 运维常用命令大全
docker·容器·运维命令
运维全栈笔记10 小时前
基于Docker的MinIO单机部署与功能测试指南
运维·docker·容器
阿里云云原生11 小时前
HiClaw 发布 v1.1.0,提供 Kubernetes 集群部署实现,支持 Hermes Worker 运行时
kubernetes
心机之蛙qee11 小时前
docker的安装(RHEL9)
运维·docker·容器
炸炸鱼.12 小时前
Docker 高级管理 —— 容器通信技术与数据持久化
docker
乐hh12 小时前
DM8配置SSL
数据库·docker·ssl
Cat_Rocky12 小时前
kubernetes ingress粗浅学习
学习·容器·kubernetes
热门推荐
01GitHub 镜像站点02Codex 接入 DeepSeek API 完整配置文档03零基础教你claude code 接入 deepseek V404要裂开了!ChatGPT要手机号验证了?注册Codex要求验证电话号码怎么办?2026年登陆Codex要手机号验证的解决办法05CC-Switch & Claude 基于 Linux 服务器安装使用指南06Dirtyfrag漏洞:我花了一下午搞清楚这个Linux内核提权漏洞到底在搞什么07Windows端Codex接入第三方模型(DeekSeek,BaiLian)08【AI】2026 年具身智能模型和世界模型总结09裂开!ChatGPT 居然开始要手机号验证,附详细解决方法102026年Codex如何解决手机号码登陆验证的问题?