目录
一、硬件准备(虚拟主机)
角色 | 主机名 | ip地址 |
---|---|---|
master | k8s-master | 192.168.112.10 |
node | k8s-node1 | 192.168.112.20 |
node | k8s-node2 | 192.168.112.30 |
CentOS Linux release 7.9.2009 (Core)
至少2核CPU、3GB以上内存
使用命令hostnamectl set-hostname临时修改主机名
二、环境准备
1、所有机器关闭防火墙
bash
systemctl stop firewalld #关闭
systemctl disable firewalld #开机不自启
systemctl status firewalld #查看状态
2、所有机器关闭selinux
bash
sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0
3、所有机器关闭swap
bash
swapoff -a # 临时关闭
sed -ri 's/.*swap.*/#&/' /etc/fstab #永久关闭
4、所有机器上添加主机名与ip的对应关系
bash
vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.112.10 k8s-master
192.168.112.20 k8s-node1
192.168.112.30 k8s-node2
5、在所有主机上将桥接的ipv4流量传递到iptables的链
bash
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
三、为所有节点安装docker
bash
yum install wget.x86_64 -y
rm -rf /etc/yum.repos.d/*
wget -O /etc/yum.repos.d/centos7.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo
wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install docker-ce-20.10.11 -y
systemctl start docker
systemctl enable docker
四、集群部署
1、为所有节点修改仓库,安装kubeadm、kubelet、kubectl
bash
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install kubelet-1.22.2 kubeadm-1.22.2 kubectl-1.22.2 -y
systemctl enable kubelet && systemctl start kubelet
2、修改docker的配置(所有节点)
bash
[root@k8s-master ~]# cat > /etc/docker/daemon.json <<EOF
> {
> "exec-opts": ["native.cgroupdriver=systemd"]
> }
> EOF
[root@k8s-master ~]# systemctl daemon-reload
[root@k8s-master ~]# systemctl restart docker.service
[root@k8s-master ~]# systemctl restart kubelet.service
[root@k8s-master ~]# systemctl status kubelet.service
这里从节点的kubelet.service状态报code=exited, status=1/FAILURE是正常的
3、部署master节点(主节点k8s-master)
bash
kubeadm init \
--apiserver-advertise-address=192.168.112.10 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.22.2 \
--control-plane-endpoint k8s-master \
--service-cidr=172.16.0.0/16 \
--pod-network-cidr=10.244.0.0/16
记得保存好这段命令是用于将一个工作节点(worker node)加入到已存在的 Kubernetes 集群中的过程。
(1)、遇到报错:
bash
Here is one example how you may list all Kubernetes containers running in docker:
- 'docker ps -a | grep kube | grep -v pause'
Once you have found the failing container, you can inspect its logs with:
- 'docker logs CONTAINERID'
error execution phase wait-control-plane: couldn't initialize a Kubernetes cluster
To see the stack trace of this error execute with --v=5 or higher
(2)、解决办法:
bash
rm -rf /etc/containerd/config.toml
systemctl restart containerd
4、按照指示执行:
bash
[root@k8s-master ~]# mkdir -p $HOME/.kube
[root@k8s-master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
[root@k8s-master ~]# export KUBECONFIG=/etc/kubernetes/admin.conf
5、查看kubelet.service状态
bash
systemctl status kubelet.service
6、查看节点状态为notready
bash
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master NotReady <none> 67s v1.22.2
7、安装网络插件,官方文档:https://github.com/flannel-io/flannel
bash
# 最好手动提前拉取所需镜像
[root@k8s-master ~]# docker pull quay.io/coreos/flannel:v0.14.0
[root@k8s-master ~]# wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
[root@k8s-master ~]# kubectl apply -f kube-flannel.yml
8、添加node节点
bash
# 为node拉取网络插件镜像
[root@k8s-node1 ~]# docker pull quay.io/coreos/flannel:v0.14.0
[root@k8s-node2 ~]# docker pull quay.io/coreos/flannel:v0.14.0
[root@k8s-node1 ~]# kubeadm join k8s-master:6443 --token byfq2h.myv4dj0yqmmjz6qx \
> --discovery-token-ca-cert-hash sha256:f6b364e22cd4e61897a9a58583ae072c5a3724ac14f44319b5f72021614eaadf
[root@k8s-node2 ~]# kubeadm join k8s-master:6443 --token byfq2h.myv4dj0yqmmjz6qx \
> --discovery-token-ca-cert-hash sha256:f6b364e22cd4e61897a9a58583ae072c5a3724ac14f44319b5f72021614eaadf
至此一个简单的k8s集群安装完成