1. 背景
采用containerd作为容器运行时发现集群总是不稳定,因此切换成了docker 作为容器运行时;
shell
root@orangepi3b:~# uname -a
Linux orangepi3b 5.10.160-rockchip-rk356x #1.0.2 SMP Thu Sep 21 17:07:22 CST 2023 aarch64 aarch64 aarch64 GNU/Linux2. 安装docker
shell
apt-get update
# apt-get install -y docker.io
apt-get install -y ca-certificates curl gnupg lsb-release
mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update
apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
systemctl enable docker
systemctl status docker
cat /etc/docker/daemon.json 3. 安装cri-dockerd
若发现release下没有你的cpu架构的版本,参考 自己动手打包构建编译cri-dockerd
shell
wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.7/cri-dockerd-0.3.7.arm64.tgz
tar -zxvf cri-dockerd-0.3.7.arm64.tgz
install -o root -g root -m 0755 cri-dockerd/cri-dockerd /usr/bin/cri-dockerd
cri-dockerd --version
shell
vim /etc/systemd/system/cri-docker.service
[Unit]
Description=CRI Interface for Docker Application Container Engine
Documentation=https://docs.mirantis.com
After=network-online.target firewalld.service docker.service
Wants=network-online.target
Requires=cri-docker.socket
[Service]
Type=notify
ExecStart=/usr/local/bin/cri-dockerd --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.8 --container-runtime-endpoint fd:// --network-plugin=cni --cni-bin-dir=/opt/cni/bin --cni-cache-dir=/var/lib/cni/cache --cni-conf-dir=/etc/cni/net.d
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
StartLimitBurst=3
StartLimitInterval=60s
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
shell
vim /etc/systemd/system/cri-docker.socket
[Unit]
Description=CRI Docker Socket for the API
PartOf=cri-docker.service
[Socket]
ListenStream=%t/cri-dockerd.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker
[Install]
WantedBy=sockets.target
shell
systemctl daemon-reload && systemctl enable cri-docker --now && systemctl status cri-docker4. 安装kubernetes
4.1. 安装critical & conntrack
shell
wget https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.28.0/crictl-v1.28.0-linux-arm64.tar.gz
tar -zxvf crictl-v1.28.0-linux-arm64.tar.gz
ln -s $(pwd)/crictl /usr/bin/crictl
apt install conntrack
shell
wget https://storage.googleapis.com/kubernetes-release/release/v1.24.7/kubernetes-server-linux-arm64.tar.gz
tar -zxvf kubernetes-server-linux-arm64.tar.gz
ln -s $(pwd)/kubernetes/server/bin/kubectl /usr/bin/kubectl
ln -s $(pwd)k8s/kubernetes/server/bin/kubeadm /usr/bin/kubeadm
ln -s $(pwd)k8s/kubernetes/server/bin/kubelet /usr/bin/kubelet
# 关闭交换区
swapoff -a
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl -p /etc/sysctl.d/k8s.conf
shell
mkdir -p /etc/systemd/system/kubelet.service.d
vim /etc/systemd/system/kubelet.service
[Unit]
Description=kubelet: The Kubernetes Node Agent
Documentation=https://kubernetes.io/docs/home/
Wants=network-online.target
After=network-online.target
[Service]
ExecStart=/usr/bin/kubelet
Restart=always
StartLimitInterval=0
RestartSec=10
[Install]
WantedBy=multi-user.target# 主节点指定CRI
kubeadm init --kubernetes-version=v1.24.6 --service-cidr=10.1.0.0/16 --pod-network-cidr=10.244.0.0/16 --v=10 --image-repository="registry.aliyuncs.com/google_containers" --cri-socket unix:///var/run/cri-dockerd.sock
# 从节点
kubeadm join 192.168.31.66:6443 --token tv23l5.oou0arvmwf8bk7y2 --discovery-token-ca-cert-hash sha256:80d0d1454560d3a486df4ed7eaeb530feb8c72ba9d498a56b16d65cee0b6fc39 --cri-socket unix:///var/run/cri-dockerd.sock