目录
环境准备
准备两台机器centos7.9
192.168.11.120 dt01 master 2c2g
192.168.11.121 dt02 node 1c1g
配置hosts
vi /etc/hosts
192.168.11.120 dt01
192.168.11.121 dt02
或执行命令
hostnamectl set-hostname <hostname>
指定ip和host,防止后续安装k8s无法找到唯一ip报错could not be reached
关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
关闭交换分区
swapoff -a #临时关闭
编辑文件,注释掉swap一行
vi /etc/fstab
|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| /dev/mapper/centos_dt02-root / xfs defaults 0 0 UUID=4ce225e3-cb11-4c0c-8ab5-70c6571a0d11 /boot xfs defaults 0 0 #/dev/mapper/centos_dt02-swap swap swap defaults 0 0 |
验证,swap显示都是0
free -h
调整swappiness参数
echo 0 > /proc/sys/vm/swappiness # 临时生效
vi /etc/sysctl.conf #永久生效
vm.swappiness=0
sysctl -p #立即生效
关闭setlinux
临时
setenforce 0
永久
vi /etc/selinux/config
SELINUX=disabled
Ipv4转发
临时
sysctl -w net.ipv4.ip_forward=1
echo 1 > /proc/sys/net/ipv4/ip_forward
永久生效
vi /etc/sysctl.conf
net.ipv4.ip_forward=1
sysctl -p
vi /etc/sysconfig/network
FORWARD_IPV4=YES
systemctl restart network
时钟同步
yum install ntpdate -y
ntpdate time.windows.com
安装Docker
Yum方式
配置Yum源
安装yum源管理工具
yum install yum-utils -y
添加docker阿里的yum源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
安装
yum -y install docker-ce-18.06.1.ce-3.el7
配置
vi /etc/docker/daemon.json
{
"registry-mirrors": ["http://hub-mirror.c.163.com"]
}
启动
systemctl daemon-reload #加载配置文件
systemctl status docker #检查dead
systemctl enable docker #开机自启
systemctl restart docker #启动docker
systemctl status docker #检查running
如果systemctl status docker时有
则vi /etc/sysctl.conf 添加
net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1
sysctl -p
systemctl restart docker
systemctl status docker
日志
journalctl -u docker
安装k8s
使用kubeadm
配置Yum源
|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF |
Master节点
安装
yum install -y kubelet-1.18.0 kubeadm-1.18.0 kubectl-1.18.0
systemctl enable kubelet
初始化
执行集群初始化,红色部分按需修改
kubeadm init --apiserver-advertise-address=192.168.11.120 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.18.0 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16
记下最后的输出部分
kubeadm join 192.168.11.120:6443 --token ye402k.feh90nl0r4exomu3 \
--discovery-token-ca-cert-hash sha256:94d891942ae40f97e14314c431527c640ba44f52d4db52a5f2d3a59c53e7c9ae
默认token有效期为24小时,当过期之后,该token就不可用了。这时就需要重新创建token,操作如下:
kubeadm token create --print-join-command
配置kubectl
|-------------------------------------------------------------------------------------------------------------------------------|
| mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown (id -u):(id -g) $HOME/.kube/config |
部署CNI网络插件
提供的yml文件见顶部关联资源或
链接: https://pan.baidu.com/s/1W97_qMC4-9PGozmHiVdGMg?pwd=lijw
因githup访问不稳定性,直接上传文件kube-flannel.yaml
kubectl apply -f kube-flannel.yaml
注:直接安装插件
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube
flannel.yml
[root@dt01 yml]# kubectl get node
NAME STATUS ROLES AGE VERSION
dt01 Ready master 91m v1.18.0
Node节点
yum install -y kubelet-1.18.0 kubeadm-1.18.0
systemctl enable kubelet
在node节点上执行master节点标记的输出部分
kubeadm join 192.168.11.120:6443 --token ye402k.feh90nl0r4exomu3 \
--discovery-token-ca-cert-hash sha256:94d891942ae40f97e14314c431527c640ba44f52d4db52a5f2d3a59c53e7c9ae
如果卡住并报错
error execution phase preflight: couldn't validate the identity of the API Server: could not find a JWS signature in the cluster-info ConfigMap for token ID "e1n4kn"
To see the stack trace of this error execute with --v=5 or higher
检查token是否过期或防火墙是否关闭
检查
[root@dt01 yml]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
dt01 Ready master 145m v1.18.0
dt02 Ready <none> 31m v1.18.0
如果节点不是Ready状态则需要耐心等待10分钟左右
创建一个pod
kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get pod,svc -o wide
http://NodeIP:NodePort
NodeIP 可以是集群中任一个节点IP
可以使用命令修改nodePort端口
kubectl edit service nginx