Ubuntu24.04.2 + kubectl1.33.1 + containerdv1.7.27 + calicov3.30.0
安装Ubuntu24.04.2 + kubectl1.33.1 + containerdv1.7.27 + calicov3.30.0
1.安装Ubuntu24.04.2,设置阿里云镜像地址
$ sudo vim /etc/apt/sources.list.d/ubuntu.sources
1.设置主机名
go
#k8s-master
$ sudo hostname k8smaster ##临时生效
$ sudo hostnamectl set-hostname k8smaster ##重启后永久生效
#k8s-node1
$ sudo hostname k8snode1 ##临时生效
$ sudo hostnamectl set-hostname k8snode1 ##重启后永久生效2.关闭防火墙
go
sudo systemctl disable --now ufw3.配置静态ip
go
vim /etc/netplan/50-cloud-init.yaml
network:
version: 2
ethernets:
ens33:
dhcp4: no
addresses: [192.168.1.181/24]
gateway4: 192.168.1.1
nameservers:
addresses: [192.168.1.1,8.8.8.8,114.114.114.114]
#生效
$ sudo netplan apply4.开启ssh
go
sudo apt update
sudo apt install openssh-server
sudo vim /etc/ssh/ssh_config
#开启密码和端口5.禁用交换分区
go
sudo swapoff -a
打开 /etc/fstab
注释最后一行
#/swap.img none swap sw 0 06. 转发 IPv4 并让 iptables 看到桥接流量
go
执行下述命令:
$ cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
$ sudo modprobe overlay
$ sudo modprobe br_netfilter
# 设置所需的 sysctl 参数,参数在重新启动后保持不变
$ cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
# 应用 sysctl 参数而不重新启动
$ sudo sysctl --system
#确认2个模块被加载
$ lsmod | grep br_netfilter
$ lsmod | grep overlay
# 确认系统变量被设置为1
$ sysctl net.bridge.bridge-nf-call-iptables net.bridge.bridge-nf-call-ip6tables net.ipv4.ip_forward7.安装containerd
第一种:github文档https://github.com/containerd/containerd/blob/main/docs/getting-started.md
1.第一种安装方法
go
1. Add Docker's official GPG key:
$ sudo apt-get update
$ sudo apt-get install ca-certificates curl gnupg
$ sudo install -m 0755 -d /etc/apt/keyrings
$ sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
$ sudo chmod a+r /etc/apt/keyrings/docker.gpg
2. Add the repository to Apt sources:
$ echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
3. Update theaptpackage index:
$ sudo apt-get update
4. 安装 http://containerd.io
$ sudo apt-get install containerd.io
5. 上面的安装需要手动安装CNI插件
注意,http://containerd.io包括了runc, 但是不包括CNI插件,我们需要手动安装CNI插件:
访问:Releases · containernetworking/plugins (github.com)获取最新版本的插件,然后将其安装到/opt/cni/bin中:
$ wget https://github.com/containernetworking/plugins/releases/download/v1.3.0/cni-plugins-linux-amd64-v1.3.0.tgz
$ sudo mkdir -p /opt/cni/bin
$ sudo tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.3.0.tgz2.第二种安装方式
go
1.下载containerd的容器运行时,下载地址:https://github.com/containerd/containerd/releases/download/v1.7.27/cri-containerd-cni-1.7.27-linux-amd64.tar.gz,可以通过下面命令进行下载:
$ curl -LO https://github.com/containerd/containerd/releases/download/v1.7.27/cri-containerd-cni-1.7.27-linux-amd64.tar.gz
2.解压:
$ sudo tar -zxvf cri-containerd-cni-1.7.27-linux-amd64.tar.gz -C /
3.创建目录和生成配置文件
$ sudo mkdir /etc/containerd
$ containerd config default | sudo tee /etc/containerd/config.toml3. 配置 containerd 的systemd cgroup 驱动
go
#生成默认配置文件
$ containerd config default | sudo tee /etc/containerd/config.toml
#在 /etc/containerd/config.toml 中设置:
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
...
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true //false改成true4.重载沙箱(pause)镜像
go
#在 /etc/containerd/config.toml 中设置:
[plugins."io.containerd.grpc.v1.cri"]
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.10"
#重新启动 containerd:
$ sudo systemctl restart containerd8.安装k8s
1.官网安装方法
官网地址:https://kubernetes.io/zh-cn/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
go
1.更新 apt 包索引并安装使用 Kubernetes apt 仓库所需要的包:
$ sudo apt-get update
$ sudo apt-get install -y apt-transport-https ca-certificates curl gpg
2.如果 `/etc/apt/keyrings` 目录不存在,则应在 curl 命令之前创建它,请阅读下面的注释。
$ sudo mkdir -p -m 755 /etc/apt/keyrings
$ curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
3.此操作会覆盖 /etc/apt/sources.list.d/kubernetes.list 中现存的所有配置。
$ echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
4.更新 apt 包索引,安装 kubelet、kubeadm 和 kubectl,并锁定其版本:
$ sudo apt-get update
$ sudo apt-get install -y kubelet kubeadm kubectl
$ sudo apt-mark hold kubelet kubeadm kubectl
5.初始化平面
$ sudo kubeadm init \
--apiserver-advertise-address=192.168.1.181 \
--pod-network-cidr=192.168.0.0/16 \
--image-repository=registry.aliyuncs.com/google_containers \
--cri-socket=unix:///run/containerd/containerd.sock \
--kubernetes-version=v1.33.1
最后输出:
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.1.181:6443 --token 03x52t.80r5lnek3r3lnijv1 \
--discovery-token-ca-cert-hash sha256:b17b309ed4b8f687a63061717bea099f31a045116cd311ea7c7963389556e41d1
#如有需要可以重置
$ sudo kubeadm reset9.安装calico(node服务器不需要安装)
1.第一种方法:
根据官网指导来:https://docs.tigera.io/calico/latest/getting-started/kubernetes/quickstart
go
$ kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.30.0/manifests/tigera-operator.yaml
$ kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.30.0/manifests/custom-resources.yaml
$ watch kubectl get tigerastatus
NAME AVAILABLE PROGRESSING DEGRADED SINCE
apiserver True False False 4m9s
calico True False False 3m29s
goldmane True False False 3m39s
ippools True False False 6m4s
whisker True False False 3m19s2.第二种方法:
go
1.下载yaml文件
$ weget https://projectcalico.docs.tigera.io/archive/v3.25/manifests/calico.yaml
2.修改镜像地址为华为云:
$ sed -i 's|docker.io/calico/|swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/|g' calico.yaml
最后为 image:swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/cni...:v3.25.0
3.修改CALICO_IPV4POOL_CIDR的value
value: "192.168.0.0/16"
4.应用
$ kubectl apply -f calico.yaml 10.node节点加入集群
node join:
go
$ sudo kubeadm join 192.168.1.181:6443 --token 03x52t.80r5lnek3r3lnijv1 \
--discovery-token-ca-cert-hash sha256:b17b309ed4b8f687a63061717bea099f31a045116cd311ea7c7963389556e41d1 \
--cri-socket=unix:///run/containerd/containerd.sock11.安装kubesphere
1.安装helm
go
helm upgrade --install \
-n kubesphere-system \
--create-namespace ks-core https://charts.kubesphere.com.cn/main/ks-core-1.1.3.tgz \
--debug --wait \
--set global.imageRegistry=swr.cn-southwest-2.myhuaweicloud.com/ks \
--set extension.imageRegistry=swr.cn-southwest-2.myhuaweicloud.com/ks \
--set hostClusterName=k8s-paco
Thank you for choosing KubeSphere Helm Chart.
Please be patient and wait for several seconds for the KubeSphere deployment to complete.
1. Wait for Deployment Completion
Confirm that all KubeSphere components are running by executing the following command:
kubectl get pods -n kubesphere-system
2. Access the KubeSphere Console
Once the deployment is complete, you can access the KubeSphere console using the following URL:
http://192.168.1.181:30880
3. Login to KubeSphere Console
Use the following credentials to log in:
Account: admin
Password: P@88w0rd
NOTE: It is highly recommended to change the default password immediately after the first login.