centos系统离线安装k8s v1.23.9最后一个版本并部署服务,docker支持的最后一个版本

注意:我这里的离线安装包是V1.23.9.

K8S v1.23.9离线安装包下载:

链接:https://download.csdn.net/download/qq_14910065/88143546

这里包括离线安装所有的镜像,kubeadm,kubelet 和kubectl,calico.yaml,Dashboard的yaml,metrics的yaml,还有nginx.yaml,还有命令补全的安装包。

说明:提前下载如上的安装包

bash 复制代码
#在所有机器上导入镜像
docker load -i k8s1239_node.tar 
docker load -i k8s1239_master.tar

1.系统性能优化

bash 复制代码
#所有机器上执行
cat >> /etc/hosts << EOF
192.168.186.128 master
192.168.186.129 node1
192.168.186.130 node2
EOF

systemctl stop firewalld
systemctl disable firewalld
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 临时
swapoff -a # 临时
sed -i 's/.*swap.*/#&/' /etc/fstab # 永久

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system # 生效
bash 复制代码
#永久修改主机名
hostnamectl set-hostname master  && bash  #在master上操作
hostnamectl set-hostname node1  && bash   #在node1上操作
hostnamectl set-hostname node2  && bash   #在node1上操作

2.离线安装docker

#所有机器上执行
docker离线安装请参考博客

3.离线安装kubeadm,kubelet 和kubectl

bash 复制代码
#所有机器上执行
[root@master qq]# ls
0f2a2afd740d476ad77c508847bad1f559afc2425816c1f2ce4432a62dfe0b9d-kubernetes-cni-1.2.0-0.x86_64.rpm  libnetfilter_cthelper-1.0.0-11.el7.x86_64.rpm
356e511f8963b4b68fdf41593e64e92f03f0b58c72aae0613aeff3e770078cf7-kubelet-1.20.5-0.x86_64.rpm        libnetfilter_cttimeout-1.0.0-7.el7.x86_64.rpm
3f5ba2b53701ac9102ea7c7ab2ca6616a8cd5966591a77577585fde1c434ef74-cri-tools-1.26.0-0.x86_64.rpm      libnetfilter_queue-1.0.2-2.el7_2.x86_64.rpm
8593f28d972a6818131c1a6cd34f52b22a6acd0c4c7dcf3d7447ad53a9f24cc3-kubectl-1.20.5-0.x86_64.rpm        socat-1.7.3.2-2.el7.x86_64.rpm
c2634321e0d8ebe24ba7c6f025df171f5d1707c75a90e3bdd08199ab47aac565-kubeadm-1.20.5-0.x86_64.rpm        安装说明.txt
conntrack-tools-1.4.4-7.el7.x86_64.rpm
[root@master qq]# rpm -ivh *.rpm #直接安装

4.离线部署Kubernetes Master

bash 复制代码
#master机器上执行
kubeadm init --apiserver-advertise-address=192.168.186.128  --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.23.9  --service-cidr=10.96.0.0/12  --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=all
bash 复制代码
#master机器上执行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
bash 复制代码
#master机器上执行
[root@master mqq]# kubectl get nodes #安装后看到状态是NotReady
NAME         STATUS     ROLES                  AGE   VERSION
k8s-master   NotReady   control-plane,master   11m   v1.23.9

5.离线安装Pod 网络插件(CNI)

bash 复制代码
#master机器上执行
kubectl apply -f calico.yaml
bash 复制代码
[root@master manifests]# kubectl get nodes #现在看到状态是Ready就OK
NAME         STATUS   ROLES                  AGE   VERSION
k8s-master   Ready    control-plane,master   15m   v1.23.9
[root@master manifests]# 

[root@k8s-master manifests]# kubectl get pods -n kube-system #全部状态是Running就OK
NAME                                       READY   STATUS    RESTARTS   AGE
calico-kube-controllers-6b8f6f78dc-qrw2g   1/1     Running   0          2m39s
calico-node-s5ddr                          1/1     Running   0          2m39s
coredns-7f89b7bc75-b49sr                   1/1     Running   0          17m
coredns-7f89b7bc75-gtft5                   1/1     Running   0          17m
etcd-k8s-master                            1/1     Running   0          17m
kube-apiserver-k8s-master                  1/1     Running   0          17m
kube-controller-manager-k8s-master         1/1     Running   0          17m
kube-proxy-grkw8                           1/1     Running   0          17m
kube-scheduler-k8s-master                  1/1     Running   0          17m
[root@k8s-master manifests]# 

6. node节点加入集群中

bash 复制代码
#这个命令是master第四步中执行kubeadm init后出现的结果,所有node都需要执行
kubeadm join 192.168.186.128:6443 --token evgmf9.v24ioewquq3xxz2z --discovery-token-ca-cert-hash sha256:cdf4b90eb86e557e97cf6f6dae1bb3788689f04e31c59928bd190b0259167eda
bash 复制代码
[root@node1 kubernetes]# kubeadm join 192.168.186.128:6443 --token evgmf9.v24ioewquq3xxz2z --discovery-token-ca-cert-hash sha256:cdf4b90eb86e557e97cf6f6dae1bb3788689f04e31c59928bd190b0259167eda
[preflight] Running pre-flight checks
	[WARNING SystemVerification]: this Docker version is not on the list of validated versions: 24.0.5. Latest validated version: 20.10
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
bash 复制代码
kubeadm token create --print-join-command #重新生成token

#注意高可用结群在master上需要执行的
kubeadm join 192.168.186.128:6443 --token l9jbw7.dw8nxmw51jci3z0b \
    --discovery-token-ca-cert-hash sha256:cdf4b90eb86e557e97cf6f6dae1bb3788689f04e31c59928bd190b0259167eda \
    --control-plane 

7.部署Dashboard

bash 复制代码
kubectl apply -f recommended.yaml
bash 复制代码
[root@master manifests]# kubectl get pods -n kubernetes-dashboard #状态全部是 Running就OK
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-7b59f7d4df-5n42w   1/1     Running   0          50s
kubernetes-dashboard-74d688b6bc-rdw9r        1/1     Running   0          50s
[root@k8s-master manifests]# 

访问地址:https://192.168.186.128:30001/ #必须要用https://
创建service account并绑定默认cluster-admin管理员群集角色
使用输出的token登录Dashboard

bash 复制代码
kubectl create serviceaccount dashboard-admin -n kube-system #创建用户
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin #用户授权
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}') #获取用户Token,用于页面登录

8.部署metrics服务

bash 复制代码
kubectl apply -f components.yaml
kubectl top nodes
kubectl top pods

9.测试kubernetes是否正常

bash 复制代码
kubectl apply -f nginx.yaml 
kubectl get pods,svc
bash 复制代码
[root@master mqq]# kubectl get pods,svc
NAME                         READY   STATUS    RESTARTS   AGE
pod/nginx-7cf7d6dbc8-8lrzb   1/1     Running   0          46s

NAME                 TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE
service/kubernetes   ClusterIP   10.96.0.1      <none>        443/TCP        76m
service/nginx        NodePort    10.98.34.181   <none>        80:30762/TCP   46s
[root@master mqq]# ip:30762 去页面访问,能访问就OK

10.安装k8s补全命令

bash 复制代码
#上传安装包bash-completion-2.1-8.el7.noarch.rpm
rpm -ivh bash-completion-2.1-8.el7.noarch.rpm  bash-completion-extras-2.1-11.el7.noarch.rpm
kubectl completion bash
source /usr/share/bash-completion/bash_completion
kubectl completion bash >/etc/profile.d/kubectl.sh
source /etc/profile.d/kubectl.sh

cat >> /root/.bashrc << EOF
source /etc/profile.d/kubectl.sh
EOF

大家在使用和安装中有问题,欢迎留言,看到后给大家解释!

相关推荐
容器魔方12 小时前
华为云亮相 KubeCon China 2025,开源生态引领 AI 时代技术跃迁
云原生·容器·云计算
老兵发新帖16 小时前
Kubernetes架构解析
容器·架构·kubernetes
星辰大海的精灵17 小时前
轻松玩转 Kubernetes 集群的工具包
后端·架构·kubernetes
容器魔方1 天前
Volcano v1.12 正式发布!驱动云原生AI与批量计算向智能高效新阶段演进
云原生·容器·云计算
Johny_Zhao1 天前
CentOS Stream 8 高可用 Kuboard 部署方案
linux·网络·python·网络安全·docker·信息安全·kubernetes·云计算·shell·yum源·系统运维·kuboard
爱瑞瑞2 天前
云原生学习笔记(八) Docker 实战:宿主机与容器的信息交互与共享策略
docker·容器
程序员老乔2 天前
【Dify系列】【一】【安装与部署】【ubuntu22.04安装docker部署dify1.4.2】
运维·docker·容器
sealaugh322 天前
docker(学习笔记第一课) 使用nginx +https + wordpress
笔记·学习·docker
爱瑞瑞2 天前
云原生学习笔记(七) Docker 实战:使用 Docker 快速构建 Oracle 12c 容器
docker·oracle
exe4522 天前
使用docker中的ollama
运维·docker·容器