8s的架构
一个kubernetes集群主要是由控制节点(master)、工作节点(node)构成,每个节点上都会安装不同的组件
1 master:集群的控制平面,负责集群的决策
ApiServer : 资源操作的唯一入口,接收用户输入的命令,提供认证、授权、API注册和发现等机制
Scheduler : 负责集群资源调度,按照预定的调度策略将Pod调度到相应的node节点上
ControllerManager : 负责维护集群的状态,比如程序部署安排、故障检测、自动扩展、滚动更新等
Etcd :负责存储集群中各种资源对象的信息
2 node:集群的数据平面,负责为容器提供运行环境
kubelet:负责维护容器的生命周期,同时也负责Volume(CVI)和网络(CNI)的管理
Container runtime:负责镜像管理以及Pod和容器的真正运行(CRI)
kube-proxy:负责为Service提供cluster内部的服务发现和负载均衡
说明
一台虚拟机做master,IP为172.25.254.100
两台为node节点,IP为172.25.254.10和172.25.254.20
hub仓库的IP为172.25.254.200
安装k8s部署工具
![](https://i-blog.csdnimg.cn/direct/11ae3a2d1d134645890689905f8ff5e1.png)
![](https://i-blog.csdnimg.cn/direct/fd5d6d6a8e6b4a81919192edb3544a2a.png)
在k8s-master
上安装kubelet
,kubeadm
,kubectl
![](https://i-blog.csdnimg.cn/direct/09057ac0c70c479d904acd8fd3c296b3.png)
下载并安装docker
![](https://i-blog.csdnimg.cn/direct/5a9411cc5f3d4a02a43634738a272cd9.png)
剩余可直接传输
![](https://i-blog.csdnimg.cn/direct/97001f3d700940c0aa5e6abe3120d7f3.png)
在三台主机上配置解析
![](https://i-blog.csdnimg.cn/direct/ef029aefdec84e99938f0812cf371814.png)
![](https://i-blog.csdnimg.cn/direct/1bdfba71073844828627b6d78978201e.png)
测试
![](https://i-blog.csdnimg.cn/direct/b12f94814af648448e4de0ec96c7a523.png)
配置认证
cpp
[root@k8smaster ~]# mkdir -p /etc/docker/certs.d/reg.mqw.org/
cpp
[root@hub harbor]# scp /data/certs/mqw.org.crt root@172.25.254.100:/etc/docker/certs.d/reg.mqw.org/ca.crt
root@172.25.254.100's password:
mqw.org.crt 100% 2114 1.5MB/s 00:00
指定docker默认的dockers仓库
cpp
[root@k8smaster ~]# cd /etc/docker/
[root@k8smaster docker]# vim daemon.json
{ "registry-mirrors": ["https://reg.mqw.org"] }
启动docker
![](https://i-blog.csdnimg.cn/direct/04d692c2aa624e7bbbfffd420d851700.png)
激活
![](https://i-blog.csdnimg.cn/direct/dc9d8f9781c345c2bf3da0bd2b411bc1.png)
查看docker info
![](https://i-blog.csdnimg.cn/direct/7f4e7d231a924211b80d6c2247a634ec.png)
在两台主机加载模块
![](https://i-blog.csdnimg.cn/direct/4d4dbe3a962b467bba83f20d1c3f0101.png)
启动docker
![](https://i-blog.csdnimg.cn/direct/9fff400c62444550bbef4e34c202dd43.png)
配置k8s
安装插件,三台都要
![](https://i-blog.csdnimg.cn/direct/f05ee9f2eed54a51ae409bd0815043dc.png)
![](https://i-blog.csdnimg.cn/direct/e9792fe0ea3a4b04885cd67bb49f3b96.png)
安装
![](https://i-blog.csdnimg.cn/direct/55373768a4e44dc9b6dce547a2731467.png)
指定网络插件
![](https://i-blog.csdnimg.cn/direct/85356e423b4a4aa88439c7ace31a9c5d.png)
![](https://i-blog.csdnimg.cn/direct/7e407b13228d4ea19668db9487c3cf69.png)
启动
![](https://i-blog.csdnimg.cn/direct/60ff7b9aa39d4bcbbbd4350e393492b4.png)
启动kubelet
![](https://i-blog.csdnimg.cn/direct/af6d1bfd0bbd4abbbaaa7286850c7d3a.png)
在master节点拉取K8S所需镜像
cpp
[root@k8smaster ~]# kubeadm config images pull --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.30.0 --cri-socket=unix:///var/run/cri-dockerd.sock
在hub创建一个名为k8s的项目
![](https://i-blog.csdnimg.cn/direct/c238518e6cad44449403822705a0c2af.png)
打上标签后上传
cpp
[root@k8smaster ~]# docker tag registry.aliyuncs.com/google_containers/kube-apiserver:v1.30.0 reg.mqw.org/k8s/kube-apiserver:v1.30.0
[root@k8smaster ~]# docker push reg.mqw.org/k8s/kube-apiserver:v1.30.0
[root@k8smaster ~]# docker tag registry.aliyuncs.com/google_containers/kube-controller-manager:v1.30.0 reg.mqw.org/k8s/kube-controller-manager:v1.30.0
[root@k8smaster ~]# docker push reg.mqw.org/k8s/kube-controller-manager:v1.30.0
[root@k8smaster ~]# docker tag registry.aliyuncs.com/google_containers/kube-scheduler:v1.30.0 reg.mqw.org/k8s/kube-scheduler:v1.30.0
[root@k8smaster ~]# docker push reg.mqw.org/k8s/kube-scheduler:v1.30.0
[root@k8smaster ~]# docker tag registry.aliyuncs.com/google_containers/kube-proxy:v1.30.0 reg.mqw.org/k8s/kube-proxy:v1.30.0
[root@k8smaster ~]# docker push reg.mqw.org/k8s/kube-proxy:v1.30.0
[root@k8smaster ~]# docker tag registry.aliyuncs.com/google_containers/coredns:v1.11.3 reg.mqw.org/k8s/coredns:v1.11.3
[root@k8smaster ~]# docker push reg.mqw.org/k8s/coredns:v1.11.3
[root@k8smaster ~]# docker tag registry.aliyuncs.com/google_containers/pause:3.9 reg.mqw.org/k8s/pause:3.9
[root@k8smaster ~]# docker push reg.mqw.org/k8s/pause:3.9
[root@k8smaster ~]# docker tag registry.aliyuncs.com/google_containers/etcd:3.5.15-0 reg.mqw.org/k8s/etcd:3.5.15-0
[root@k8smaster ~]# docker push reg.mqw.org/k8s/etcd:3.5.15-0
上传结果
![](https://i-blog.csdnimg.cn/direct/f1b00ec754ac45b496c6b763fa4f05fe.png)
集群
配置
![](https://i-blog.csdnimg.cn/direct/416292f93090482f84adcddfc57b68fe.png)
指定集群变量
cpp
[root@k8smaster ~]# echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
[root@k8smaster ~]# source ~/.bash_profile
设置补齐功能
cpp
[root@k8smaster ~]# echo "source <(kubectl completion bash)" >> ~/.bashrc
[root@k8smaster ~]# source ~/.bashrc
加载网络插件
![](https://i-blog.csdnimg.cn/direct/7886b95f1cd54740b220cc59d59a153a.png)
创建项目后上传
cpp
[root@k8smaster ~]# docker tag flannel/flannel:v0.25.5 reg.mqw.org/flannel/flannel:v0.25.5
[root@k8smaster ~]# docker push reg.mqw.org/flannel/flannel:v0.25.5
[root@k8smaster ~]# docker tag flannel/flannel-cni-plugin:v1.5.1-flannel1 reg.mqw.org/flannel/flannel-cni-plugin:v1.5.1-flannel1
[root@k8smaster ~]# docker push reg.mqw.org/flannel/flannel-cni-plugin:v1.5.1-flannel1
显示
![](https://i-blog.csdnimg.cn/direct/76fb4e74d3624269b700b81f70aa3c36.png)
安装flannel
网络插件
cpp
[root@k8smaster ~]# kubectl apply -f kube-flannel.yml
namespace/kube-flannel created
serviceaccount/flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created
复制集群token
到node
中执行,即可加入
k8s-node和2
上复制完,在最后添加--cri-socket=unix:///var/run/cri-dockerd.sock
![](https://i-blog.csdnimg.cn/direct/c6c885a525ef429fbd3c6d328bc767d2.png)
两台主机上启动服务i
![](https://i-blog.csdnimg.cn/direct/de0fbc4f9cea4a708b3d63a56a761f81.png)
查看是否配置成功
![](https://i-blog.csdnimg.cn/direct/b85d40fab33b427fa4d577ab8129d783.png)
测试
![](https://i-blog.csdnimg.cn/direct/d055c82979c04382af6fc306dd30aafe.png)
![](https://i-blog.csdnimg.cn/direct/65ad4372bbb54747b277abfb4404e9b3.png)