kubeadm方式安装k8s

墨染默笙2024-09-06 11:49

一、集群可用性验证
1. 验证节点

[root@master ~]# kubectl get node # 全部为Ready,
是正常
NAME STATUS ROLES AGE 
VERSION
k8s-node01 Ready <none> 156m 
v1.28.2
k8s-node02 Ready <none> 155m 
v1.28.2
master Ready control-plane 157m 
v1.28.2

2. 验证 Pod

[root@master ~]# kubectl get po -A # 全部为
running,表示正常
NAMESPACE NAME 
 READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-
6d48795585-wj8g5 1/1 Running 0 
156m
kube-system calico-node-bk4p5 
1/1 Running 0 156m
kube-system calico-node-kmsh7 
1/1 Running 0 156m
kube-system calico-node-qthgh 
1/1 Running 0 156m
kube-system coredns-6554b8b87f-jdc2b 
1/1 Running 0 
159m
kube-system coredns-6554b8b87f-thftb 
1/1 Running 0 
159m
kube-system etcd-master 
1/1 Running 0 159m
kube-system kube-apiserver-master 
1/1 Running 0 159m
kube-system kube-controller-managermaster 1/1 Running 0 
159m
kube-system kube-proxy-9sxt9 
1/1 Running 0 
5m6s
kube-system kube-proxy-g79z5 
1/1 Running 0 
5m7s
kube-system kube-proxy-scwgn 
1/1 Running 0 
5m9s
kube-system kube-scheduler-master 
1/1 Running 0 159m
kube-system metrics-server-8df99c47fmkbfd 1/1 Running 0 
154m
kubernetes-dashboard dashboard-metrics-scraper-
7b554c884f-92jwb 1/1 Running 0 
24m
kubernetes-dashboard kubernetes-dashboard-
54b699784c-f7trp 1/1 Running 0
 24m

3. 验证集群⽹段是否冲突
三⽅⽹段均不冲突( service 、 Pod 、宿主机)

[root@master ~]# kubectl get svc # 查看服务的⽹段
NAME TYPE CLUSTER-IP EXTERNAL-IP
 PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 
443/TCP 160m
[root@master ~]# kubectl get po -A -owide # 查看
所有命名空间下的所有⽹段,再与服务的⽹段进⾏⽐较
NAMESPACE NAME 
 READY STATUS RESTARTS AGE
 IP NODE NOMINATED NODE 
READINESS GATES
kube-system calico-kube-controllers-
6d48795585-wj8g5 1/1 Running 0 
158m 172.16.58.194 k8s-node02 <none> 
 <none>
kube-system calico-node-bk4p5 
1/1 Running 0 158m
192.168.15.22 k8s-node01 <none> 
<none>
kube-system calico-node-kmsh7 
1/1 Running 0 158m
192.168.15.33 k8s-node02 <none> 
<none>
kube-system calico-node-qthgh 
1/1 Running 0 158m
192.168.15.11 master <none> 
<none>
kube-system coredns-6554b8b87f-jdc2b 
1/1 Running 0 
160m 172.16.58.195 k8s-node02 <none> 
 <none>
kube-system coredns-6554b8b87f-thftb 
1/1 Running 0 
160m 172.16.58.193 k8s-node02 <none> 
 <none>
kube-system etcd-master 
1/1 Running 0 160m
192.168.15.11 master <none> 
<none>
kube-system kube-apiserver-master 
1/1 Running 0 160m
192.168.15.11 master <none> 
<none>
kube-system kube-controller-managermaster 1/1 Running 0 
160m 192.168.15.11 master <none> 
 <none>
kube-system kube-proxy-9sxt9 
1/1 Running 0 
6m29s 192.168.15.11 master <none> 
 <none>
kube-system kube-proxy-g79z5 
1/1 Running 0 
6m30s 192.168.15.33 k8s-node02 <none> 
 <none>
kube-system kube-proxy-scwgn 
1/1 Running 0 
6m32s 192.168.15.22 k8s-node01 <none> 
 <none>
kube-system kube-scheduler-master 
1/1 Running 0 160m
192.168.15.11 master <none> 
<none>
kube-system metrics-server-8df99c47fmkbfd 1/1 Running 0 
155m 172.16.85.193 k8s-node01 <none> 
 <none>
kubernetes-dashboard dashboard-metrics-scraper-
7b554c884f-92jwb 1/1 Running 0 
25m 172.16.85.195 k8s-node01 <none> 
 <none>
kubernetes-dashboard kubernetes-dashboard-
54b699784c-f7trp 1/1 Running 0
 25m 172.16.85.194 k8s-node01 <none> 
 <none>

4. 验证是否可正常创建参数

[root@master ~]# kubectl create deploy clustertest --image=registry.cnbeijing.aliyuncs.com/dotbalo/debug-tools -- sleep
3600
deployment.apps/cluster-test created # 已创建,表
示正常
[root@master ~]# kubectl get po
NAME READY STATUS 
RESTARTS AGE
cluster-test-66bb44bd88-sq8fx 1/1 Running 
0 41s
[root@master ~]# kubectl get po -owide
NAME READY STATUS 
RESTARTS AGE IP NODE 
NOMINATED NODE READINESS GATES
cluster-test-66bb44bd88-sq8fx 1/1 Running 
0 48s 172.16.58.196 k8s-node02 
<none> <none>

5. Pod 必须能够解析 Service
同 namespace 和跨 namespace
( 1 ) nslookup kubernetes

[root@master ~]# kubectl exec -it cluster-test-
66bb44bd88-sq8fx -- bash # 进⼊pod下的某个容器
(06:36 cluster-test-66bb44bd88-sq8fx:/) nslookup
kubernetes
Server: 10.96.0.10
Address: 10.96.0.10#53
Name: kubernetes.default.svc.cluster.local
Address: 10.96.0.1
# 可以解析到server的IP地址说明同namespace可以解析

( 2 ) nslookup kube-dns.kube-system

(06:36 cluster-test-66bb44bd88-sq8fx:/) nslookup
kube-dns.kube-system
Server: 10.96.0.10
Address: 10.96.0.10#53
Name: kube-dns.kube-system.svc.cluster.local
Address: 10.96.0.10
# 可以解析到server的第⼗个ip,说明可以解析到kube-dns,说
明跨namespace也可解析

6. 确认是否可访问 Kubernetes 443 kube-dns 53
每个节点都必须能访问 Kubernetes 的 kubernetes svc 443 和kube-dns 的 service 53

[root@master ~]# curl https://10.96.0.1:443
curl: (60) SSL certificate problem: unable to get
local issuer certificate
More details here:
https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server
and therefore could not
establish a secure connection to it. To learn more
about this situation and
how to fix it, please visit the web page mentioned
above.
[root@master ~]# curl 10.96.0.10:53
curl: (52) Empty reply from server

7. 确认各 Pod 之间是否可正常通信
同 namespace 和跨 namespace

[root@master ~]# kubectl get po -nkube-system -
owide
NAME READY 
STATUS RESTARTS AGE IP NODE 
 NOMINATED NODE READINESS GATES
calico-kube-controllers-6d48795585-wj8g5 1/1 
Running 0 170m 172.16.58.194 k8snode02 <none> <none>
calico-node-bk4p5 1/1 
Running 0 170m 192.168.15.22 k8snode01 <none> <none>
calico-node-kmsh7 1/1 
Running 0 170m 192.168.15.33 k8snode02 <none> <none>
calico-node-qthgh 1/1 
Running 0 170m 192.168.15.11 master
 <none> <none>
coredns-6554b8b87f-jdc2b 1/1 
Running 0 173m 172.16.58.195 k8snode02 <none> <none>
coredns-6554b8b87f-thftb 1/1 
Running 0 173m 172.16.58.193 k8snode02 <none> <none>
etcd-master 1/1 
Running 0 173m 192.168.15.11 master
 <none> <none>
kube-apiserver-master 1/1 
Running 0 173m 192.168.15.11 master
 <none> <none>
kube-controller-manager-master 1/1 
Running 0 173m 192.168.15.11 master
 <none> <none>
kube-proxy-9sxt9 1/1 
Running 0 19m 192.168.15.11 master
 <none> <none>
kube-proxy-g79z5 1/1 
Running 0 19m 192.168.15.33 k8snode02 <none> <none>
kube-proxy-scwgn 1/1 
Running 0 19m 192.168.15.22 k8snode01 <none> <none>
kube-scheduler-master 1/1 
Running 0 173m 192.168.15.11 master
 <none> <none>
metrics-server-8df99c47f-mkbfd 1/1 
Running 0 168m 172.16.85.193 k8snode01 <none> <none>
[root@master ~]# kubectl get po -owide
NAME READY STATUS 
RESTARTS AGE IP NODE 
NOMINATED NODE READINESS GATES
cluster-test-66bb44bd88-sq8fx 1/1 Running 
0 12m 172.16.58.196 k8s-node02 
<none> <none>
[root@master ~]# kubectl exec -it cluster-test-
66bb44bd88-sq8fx -- bash
(06:46 cluster-test-66bb44bd88-sq8fx:/) ping
172.16.58.195 -c 3
PING 172.16.58.195 (172.16.58.195) 56(84) bytes of
data.
64 bytes from 172.16.58.195: icmp_seq=1 ttl=63
time=0.455 ms
64 bytes from 172.16.58.195: icmp_seq=2 ttl=63
time=0.082 ms
64 bytes from 172.16.58.195: icmp_seq=3 ttl=63
time=0.082 ms
--- 172.16.58.195 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss,
time 2083ms
rtt min/avg/max/mdev = 0.082/0.206/0.455/0.176 ms

同机器和跨机器

[root@master ~]# kubectl get po -owide
NAME READY STATUS 
RESTARTS AGE IP NODE 
NOMINATED NODE READINESS GATES
cluster-test-66bb44bd88-sq8fx 1/1 Running 
0 13m 172.16.58.196 k8s-node02 
<none> <none>
[root@master ~]# ping 172.16.58.196 -c 3
PING 172.16.58.196 (172.16.58.196) 56(84) bytes of
data.
64 bytes from 172.16.58.196: icmp_seq=1 ttl=63
time=0.676 ms
64 bytes from 172.16.58.196: icmp_seq=2 ttl=63
time=0.303 ms
64 bytes from 172.16.58.196: icmp_seq=3 ttl=63
time=0.284 ms
--- 172.16.58.196 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss,
time 2043ms
rtt min/avg/max/mdev = 0.284/0.421/0.676/0.180 ms
相关推荐
likfishdn13 分钟前
Linux的文件与目录管理
linux·运维·服务器
chian-ocean32 分钟前
Linux 文件缓冲区:高效数据访问的幕后推手
linux·运维·服务器
加油=^_^=34 分钟前
【Linux】进程优先级 | 进程调度(三)
linux·运维·服务器
Dontla1 小时前
Docker run --add-host参数解析(在容器启动时向/etc/hosts文件中添加自定义的主机名与IP映射)(适用于临时调试或测试)
tcp/ip·docker·容器
西西小飞龙1 小时前
Docker和K8S中pod、services、container的介绍和关系
docker·容器·kubernetes
吃汤圆的抹香鲸1 小时前
GoLand 安装包 绿色版 Win,Mac,Linux 包含IntelliJ全家桶 专为Go语言设计的集成开发环境(IDE)
linux·windows·macos·go·intellij-idea·go1.19
追寻光1 小时前
Cannot find a valid baseurl for repo: base/7/x86_64
linux
元气满满的热码式1 小时前
Docker数据卷操作实战
linux·运维·docker·云原生·容器
陆沙1 小时前
deepseek-r1-centos-本地服务器配置方法
linux·服务器·centos
吃汤圆的抹香鲸2 小时前
Rider 安装包 绿色版 Win/Mac/Linux 适合.NET和游戏开发者使用 2025全栈开发终极指南:从零配置到企业级实战
linux·运维·windows·sql·游戏·macos·.net
热门推荐
01DeepSeek各版本说明与优缺点分析02本地部署DeepSeek教程(Mac版本)03如何在WPS和Word/Excel中直接使用DeepSeek功能04DeepSeek R1本地化部署 Ollama + Chatbox 打造最强 AI 工具05太炸裂了!清华大学deepseek从入门到精通使用手册又出第三版了,《普通人如何抓住DeepSeek红利》(无套路,直接下载)06DeepSeek本地部署详细指南07从零安装 LLaMA-Factory 微调 Qwen 大模型成功及所有的坑08本地化部署AI知识库:基于Ollama+DeepSeek+AnythingLLM保姆级教程09DeepSeek r1本地安装全指南10保姆级教程:利用Ollama与Open-WebUI本地部署 DeedSeek-R1大模型