我这里提前安装好了 docker ,直接着手安装k8s
[root@zjk ~]# docker -v
Docker version 26.1.4, build 5650f9b1、关闭防火墙、selinux(减少不必要的麻烦)、交换区(防止k8s对pod内存监控幻觉)
systemctl stop firewalld
systemctl disable firewalld
#永久关闭
sed -i 's/enforcing/disabled/' /etc/selinux/config
#临时关闭
setenforce 0
#临时关闭交换分区
swapoff -a
#永久关闭,注释
vim /etc/fstab
# /dev/mapper/centos-swap swap swap defaults 0 0
##这里如果不设置禁用交换区,后续会出现kubelet起不来
10月 13 09:36:22 zjk kubelet[3760]: E1013 09:36:22.593680 3760 run.go:74] "command failed" err="failed to run Kubelet: running with swap on is not supported, please disable swap! or set --fail-swap-on flag to false. /proc/swaps contained: [Filename\t\t\t\tType\t\tSize\tUsed\tPriority /dev/dm-12、将桥接的IPv4流量传递到iptables的链
#确保系统启动时自动加载 br_netfilter模块
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
#保障同一个结点pod之间访问时,A->B B->A 数据回包时能准确找到对应pod
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
#一次性加载并应用系统中所有已知sysctl配置文件
sysctl --system 3、配置k8s的镜像源
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
EOF4、修改Centos的镜像源
# 备份原配置文件
cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
# 编辑配置文件
vim /etc/yum.repos.d/CentOS-Base.repo
替换为可用的源
[base]
name=CentOS-7 - Base
baseurl=https://mirrors.aliyun.com/centos-vault/7.9.2009/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
enabled=1
[updates]
name=CentOS-7 - Updates
baseurl=https://mirrors.aliyun.com/centos-vault/7.9.2009/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
enabled=1
[extras]
name=CentOS-7 - Extras
baseurl=https://mirrors.aliyun.com/centos-vault/7.9.2009/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
enabled=1
# 清理旧缓存
yum clean all
rm -rf /var/cache/yum
# 重新建立缓存
yum makecache5、安装k8s组件(kubelet、kubeadm、kubectl),如果要使用docker作为k8s的运行时,则需要匹配对应的版本关系,我这里docker版本为26.1.4,所以我安装1.25.0
#此处的--disableexcludes=kubernetes是为了绕过yum安装更新过程中的一些排除规则,只对当前命令有效
yum install -y kubelet-1.25.0 kubeadm-1.25.0 kubectl-1.25.0 --disableexcludes=kubernetes
安装完成,则打印如下内容
------------------------
已安装:
kubeadm.x86_64 0:1.25.0-0 kubectl.x86_64 0:1.25.0-0 kubelet.x86_64 0:1.25.0-0
作为依赖被安装:
conntrack-tools.x86_64 0:1.4.4-7.el7 cri-tools.x86_64 0:1.26.0-0 kubernetes-cni.x86_64 0:1.2.0-0 libnetfilter_cthelper.x86_64 0:1.0.0-11.el7 libnetfilter_cttimeout.x86_64 0:1.0.0-7.el7
libnetfilter_queue.x86_64 0:1.0.2-2.el7_2 socat.x86_64 0:1.7.3.2-2.el7
完毕!
-------------------------
##查看是否安装成功
[root@zjk yum.repos.d]# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"25", GitVersion:"v1.25.0", GitCommit:"a866cbe2e5bbaa01cfd5e969aa3e033f3282a8a2", GitTreeState:"clean", BuildDate:"2022-08-23T17:43:25Z", GoVersion:"go1.19", Compiler:"gc", Platform:"linux/amd64"}
[root@zjk yum.repos.d]# kubectl version --client
WARNING: This version information is deprecated and will be replaced with the output from kubectl version --short. Use --output=yaml|json to get the full version.
Client Version: version.Info{Major:"1", Minor:"25", GitVersion:"v1.25.0", GitCommit:"a866cbe2e5bbaa01cfd5e969aa3e033f3282a8a2", GitTreeState:"clean", BuildDate:"2022-08-23T17:44:59Z", GoVersion:"go1.19", Compiler:"gc", Platform:"linux/amd64"}
Kustomize Version: v4.5.7
[root@zjk yum.repos.d]# kubelet --version
Kubernetes v1.25.06、查看安装k8s需要哪些镜像
[root@zjk yum.repos.d]# kubeadm config images list --kubernetes-version v1.25.0
registry.k8s.io/kube-apiserver:v1.25.0
registry.k8s.io/kube-controller-manager:v1.25.0
registry.k8s.io/kube-scheduler:v1.25.0
registry.k8s.io/kube-proxy:v1.25.0
registry.k8s.io/pause:3.8
registry.k8s.io/etcd:3.5.4-0
registry.k8s.io/coredns/coredns:v1.9.3
自己组装docker pull 下载镜像
docker pull registry.aliyuncs.com/google_containers/kube-controller-manager:v1.25.0
docker pull registry.aliyuncs.com/google_containers/kube-apiserver:v1.25.0
docker pull registry.aliyuncs.com/google_containers/kube-scheduler:v1.25.0
docker pull registry.aliyuncs.com/google_containers/kube-proxy:v1.25.0
docker pull registry.aliyuncs.com/google_containers/pause:3.8
docker pull registry.aliyuncs.com/google_containers/etcd:3.5.4-0
# 这个镜像阿里云下不到,从渡渡鸟下
docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/coredns/coredns:v1.9.3
#下完后统一标签,方便后面处理
docker tag swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/coredns/coredns:v1.9.3 registry.aliyuncs.com/google_containers/coredns/coredns:v1.9.3在7、在初始化k8s之前,需要启用cri#看有没有这个文件,是装docker时containerd自带的
/etc/containerd/config.toml
注释
#disabled_plugins = ["cri"]
如果没有,则初始化生成这个文件
mkdir -p /etc/containerd
containerd config default | tee /etc/containerd/config.toml
保证里面disabled_plugins = []
同时要修改里面的sandbox_image镜像地址,之前pull的镜像
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.6"
#修改完后重启containerd
systemctl restart containerd7、指定镜像仓库和版本初始化
#指定镜像仓库和版本初始化
kubeadm init --image-repository=registry.aliyuncs.com/google_containers --kubernetes-version=v1.25.0
#如果出现端口占用或者其他异常 如果想重新初始化,可以执行 kubeadm reset ,然后重新执行上面的初始化8、初始化完成后,会有/etc/kubernetes/admin.conf这个文件需要设置成环境变量
#在master结点执行
/etc/profile
export KUBECONFIG=/etc/kubernetes/admin.conf9、这个时候 systemctl status kubelet 可能会出现如下报错
Container runtime network not ready" networkReady="NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized此时此时需要安装网络插件,这个需要1min左右
##安装网络插件,这一步应用联网配置文件可能要FQ,可以想办法下载下来,放到本地
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
##安装成功后打印如下
[root@zjk manifests]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
namespace/kube-flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created