前置环境:
准备三台虚拟机
192.168.1.104(用来做k8s的mater节点)
192.168.1.105(节点node2)
192.168.1.109(节点node3)
关闭防火墙
bash
systemctl stop firewalld
systemctl disable firewalld安装docker
https://blog.csdn.net/weixin_41645232/article/details/104578306
修改/etc/docker/daemon.json
关闭 docker cgroup
配置镜像加速器 "registry-mirrors": ["https://xxxx.mirror.aliyuncs.com"]
bash
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": ["https://3mqrr214.mirror.aliyuncs.com"]
}执行 systemctl daemon-reload && systemctl restart docker
永久禁用SELinux
bash
sed -i 's/enforcing/disabled/' /etc/selinux/config关闭系统Swap
bash
sed -i 's/.*swap.*/#&/' /etc/fstab将桥接的ipv4流量传递到iptables的链
bash
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1
EOF生效 sysctl --system
6)添加主机名与ip对应关系
vi /etc/hosts
bash
cat > /etc/hosts << EOF
192.168.1.104 k8s-master
192.168.1.105 k8s-node2
192.168.1.109 k8s-node3
EOF指定新的主机名:
bash
hostnamectl set-hostname k8s-master7)同步最新时间
bash
date 查看时间(可选)
yum install -y ntpdate
ntpdate time.windows.com 开始安装
添加k8s阿里云yum源
bash
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF检查是否有yum源
bash
yum list | grep kube安装
bash
yum install -y kubelet-1.28.2 kubeadm-1.28.2 kubectl-1.28.2配置kubelet开机自启
bash
systemctl enable kubelet
systemctl start kubelet开启CRI,vim /etc/containerd/config.toml
把 disabled_plugins = ["cri"] 改成disabled_plugins = []
systemctl restart containerd
初始化master节点(选用192.168.1.104作为master节点执行下面命令)
初始化master
bash
kubeadm init \
--apiserver-advertise-address=192.168.1.104 \
--image-repository registry.cn-hangzhou.aliyuncs.com/google_containers \
--kubernetes-version v1.28.2 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=10.244.0.0/16注:
以下两个ip无需更改
--service-cidr
--pod-network-cidr
下面的ip指定的主节点ip
--apiserver-advertise-address
初始化看到以下信息则证明成功,下面提示信息非常有用,创建完之前一定要先保留
bash
[addons] Applied essential addon: kube-proxy
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.1.104:6443 --token codrrk.522goq99cigjqf5j \
--discovery-token-ca-cert-hash sha256:3404f14cfcf42a6f4e17baf34aa4db0ae9cee187a6e95ca4f89e832a88f6ed61按照上面提示,使用集群需要配置
bash
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config按照提示需要给集群部署一个pod网络插件,参考地址为:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
这里我们选用安装flannel插件
bash
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml按提示,其他节点安装后不需要初始化,直接执行下面命令加入主节点完成集群搭建,下面这句话直接复制初始化完成时的提示即可,在node2和node3上执行
bash
kubeadm join 192.168.1.104:6443 --token codrrk.522goq99cigjqf5j \
--discovery-token-ca-cert-hash sha256:3404f14cfcf42a6f4e17baf34aa4db0ae9cee187a6e95ca4f89e832a88f6ed61在主节点查看节点信息
bash
[root@k8s-master k8s]# kubectl get nodesnode节点配置证书,支持kubectl操作api
主节点复制证书
bash
scp /etc/kubernetes/admin.conf root@192.168.1.105:/etc/kubernetesnode节点
bash
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
source ~/.bash_profile问题:
1.查看po发现coreDns pod启动失败
bash
kubectl edit cm coredns -n kube-system // 删除 loop 保存并退出
kubectl delete pod coredns-xxx-xxxx -n kube-system // 删除coredns的两个pod会自动重新创建