Centos7安装K8S

Centos7安装K8S


安装过程中没有出现的错误可以往下

根据以前一些博主写的博客,在小阳翻了不下几十篇博客之后,我果断是放弃了,于是找到了官网地址,然后也有

1. 关闭防火墙

systemctl stop firewalld
systemctl disable firewalld

2. 关闭 selinux(2,3根据自己情况选择哈)

sed -i 's/enforcing/disabled/' /etc/selinux/config 这个是永久关闭
setenforce 0 临时关闭是这个哟

3、关闭 swap

swapoff -a # 临时关闭
vim /etc/fstab # 永久关闭

#注释掉 /dev/mapper/centos-swap swap swap defaults 0 0 这行
然后呢
systemctl reboot #重启生效
free ‐m #查看下swap交换区是否都为0,如果都为0则swap关闭成功

4.给三台机器分别设置主机名

hostnamectl set‐hostname 主机名称

第一台:k8s-master 第二台:k8s-node1 第三台:k8s-node2

5.在 k8s-master机器添加hosts,注意ip地址哟
java 复制代码
cat >> /etc/hosts << EOF
192.168.2.64 k8s-master
192.168.2.59 k8s-node1
192.168.2.51 k8s-node2
EOF
6.将桥接的IPv4流量传递到iptables
java 复制代码
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

需要让它生效哈
sysctl --system

7.设置时间
java 复制代码
yum install ntpdate -y
ntpdate -u ntp.api.bz
出现
21 Mar 17:07:17 ntpdate[3124]: adjust time server 114.118.7.161 offset 0.013776 sec
即为成功注意我的日期为2022年3月21日,日期和你自己对上即可
8. yum源切换与yum k8s

此处有bug切记别着急复制粘贴,请往下看

java 复制代码
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
setenforce 0
yum install -y kubelet kubeadm kubectl ------ 坑在这呢
systemctl enable kubelet && systemctl start kubelet #开机启动kubelet

ps: 由于官网未开放同步方式, 可能会有索引gpg检查失败的情况, 这时请用 yum install -y --nogpgcheck kubelet kubeadm kubectl 安装<<<<<<<<<这是官网写的字体老小了

这是报的错

C 复制代码
https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for kubernetes
Trying other mirror.


 One of the configured repositories failed (Kubernetes),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

     1. Contact the upstream for the repository and get them to fix the problem.

     2. Reconfigure the baseurl/etc. for the repository, to point to a working
        upstream. This is most often useful if you are using a newer
        distribution release than is supported by the repository (and the
        packages for the previous distribution release still work).

     3. Run the command with the repository temporarily disabled
            yum --disablerepo=kubernetes ...

     4. Disable the repository permanently, so yum won't use it by default. Yum
        will then just ignore the repository until you permanently enable it
        again or use --enablerepo for temporary usage:

            yum-config-manager --disable kubernetes
        or
            subscription-manager repos --disable=kubernetes

     5. Configure the failing repository to be skipped, if it is unavailable.
        Note that yum will try to contact the repo. when it runs most commands,
        so will have to try and fail each time (and thus. yum will be be much
        slower). If it is a very temporary problem though, this is often a nice
        compromise:

            yum-config-manager --save --setopt=kubernetes.skip_if_unavailable=true

failure: repodata/repomd.xml from kubernetes: [Errno 256] No more mirrors to try.

这是正确的配置

c 复制代码
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
setenforce 0
yum install -y --nogpgcheck kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet

此处需要注意(9、10)均在k8s-master机器上执行指令

9.初始化

ip为master的ip地址,其次注意版本,剩下的无需改动

java 复制代码
kubeadm init --apiserver-advertise-address=192.168.2.64 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.23.0 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16

这行执行的话需要注意至少两个cpu,就是红色框框里面的数字是个2就行

改完之后呢,有报错了/(ㄒoㄒ)/~~

java 复制代码
[kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get "http://localhost:10248/healthz": dial tcp [::1]:10248: connect: connection refused.
	Unfortunately, an error has occurred:
		timed out waiting for the condition
	This error is likely caused by:
		- The kubelet is not running
		- The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled)
	If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands:
		- 'systemctl status kubelet'
		- 'journalctl -xeu kubelet'
	Additionally, a control plane component may have crashed or exited when started by the container runtime.
	To troubleshoot, list all containers using your preferred container runtimes CLI.
	Here is one example how you may list all Kubernetes containers running in docker:
		- 'docker ps -a | grep kube | grep -v pause'
		Once you have found the failing container, you can inspect its logs with:
		- 'docker logs CONTAINERID'
error execution phase wait-control-plane: couldn't initialize a Kubernetes cluster
To see the stack trace of this error execute with --v=5 or higher

处理办法详见<<<此处有个超链接

当初始化完成之后出现红色框框即为初始化成功,下面的绿色框框为下来所需要执行的指令

10.配置 kubectl 命令工具
java 复制代码
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

然后验证一下
kubectl get nodes

java 复制代码
安装 Pod 网络插件
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
不成功的话
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kubeflannel.yml

那么此处需要在node节点的两台机器上执行这一行指令,这个指令就是上图初始化完成蓝色框框中的

java 复制代码
kubeadm join 192.168.2.64:6443 --token bxtr03.7ekvjxxyx57dh2nz --discovery-token-ca-cert-hash sha256:5f41464af9fab2003b357d445a9927445e3ad540872b01e07bb3e85995a30e65

本小阳此处是报错了的

java 复制代码
解决第一个error为以下指令
echo "1" >/proc/sys/net/bridge/bridge-nf-call-iptables
地址: https://blog.csdn.net/m0_47219942/article/details/110873272

剩下两个问题主要是内核版本过低导致的,详细可见CentOS7升级内核并启用BBR

此时已是开始搭建的一周后了,因为总是忘记,此时报的错误

java 复制代码
error execution phase preflight: couldn't validate the identity of the API Server: could not find a JWS signature in the cluster-info ConfigMap for token ID "bxtr03"

Token过期,那么此时需要重新生成

https://blog.csdn.net/YouMing_Li/article/details/117553658

此时再次执行

java 复制代码
kubeadm reset

之后重新加入主节点之后

此时的报错含义为

java 复制代码
kubelet没有运行  
kubelet是不健康的,因为节点在某种程度上配置错误(需要禁用cgroups)  

此处结局方案,原文链接

然后呢

java 复制代码
kubectl get nodes

上面红色框中的NotReady状态解决,链接

下面开始测试
java 复制代码
kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get pod,svc -o wide

执行完需要注意端口号

完了之后三台机器都可以通过此端口访问到

此时已经完了哈

相关推荐
aherhuo1 小时前
kubevirt网络
linux·云原生·容器·kubernetes
catoop2 小时前
K8s 无头服务(Headless Service)
云原生·容器·kubernetes
liuxuzxx3 小时前
1.24.1-Istio安装
kubernetes·istio·service mesh
道一云黑板报4 小时前
Flink集群批作业实践:七析BI批作业执行
大数据·分布式·数据分析·flink·kubernetes
运维小文4 小时前
K8S中的PV、PVC介绍和使用
docker·云原生·容器·kubernetes·存储
ζั͡山 ั͡有扶苏 ั͡✾5 小时前
Kubeadm+Containerd部署k8s(v1.28.2)集群(非高可用版)
云原生·容器·kubernetes
Hadoop_Liang5 小时前
Kubernetes ConfigMap的创建与使用
云原生·容器·kubernetes
年薪丰厚14 小时前
如何在K8S集群中查看和操作Pod内的文件?
docker·云原生·容器·kubernetes·k8s·container
zhangj112514 小时前
K8S Ingress 服务配置步骤说明
云原生·容器·kubernetes
岁月变迁呀14 小时前
kubeadm搭建k8s集群
云原生·容器·kubernetes