环境准备
K8s版本:1.34
操作系统:3台debian13 64位虚拟机
容器引擎:containerd
网络插件:Flannel(或Calico)
前置准备
1.更新系统
bash
sudo apt update && sudo apt upgrade -y
sudo apt install -y curl gnupg2 lsb-release apt-transport-https ca-certificates curl 2.禁用交换空间
bash
sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab3.关闭selinux(需要重启)
bash
echo "SELINUX = disabled" >> /etc/selinux/semanage.conf4.加载内核模块
bash
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
bash
modprobe overlay
modprobe br_netfilter5.配置内核参数
bash
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --system6.设置主机名
bash
#在主节点上
sudo hostnamectl set-hostname k8s-master
#在工作节点上
sudo hostnamectl set-hostname k8s-worker01安装容器运行时
1.下载containerd并安装
从https://github.com/containerd/containerd/releases选择版本下载
下载后
bash
wget https://github.com/containerd/containerd/releases/download/v2.2.0/containerd-2.2.0-linux-amd64.tar.gz
sudo tar Cxzvf /usr/local containerd-2.2.0-linux-amd64.tar.gz
wget https://raw.githubusercontent.com/containerd/containerd/v2.2.0/containerd.service
sudo mv containerd.service /usr/lib/systemd/system/
sudo systemctl daemon-reload
sudo systemctl enable --now containerd2.containerd配置文件
bash
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml && \
grep 'SystemdCgroup' -B 11 /etc/containerd/config.toml
# 使用 sed 替换镜像源
sudo sed -i 's|registry.k8s.io/pause:3.10.1|registry.aliyuncs.com/google_containers/pause:3.10.1|g' /etc/containerd/config.toml
sudo systemctl daemon-reload
sudo systemctl restart containerd.service3.安装runc
从https://github.com/opencontainers/runc/releases下载runc.amd64
然后执行
bash
sudo chmod +x runc.amd64
sudo mv runc.amd64 /usr/bin/runc
#查看runc版本号
runc -v安装K8s组件
bash
# 添加 Kubernetes 签名密钥
sudo curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.34/deb/Release.key | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/kubernetes-apt-keyring.gpg
# 添加 Kubernetes 仓库
sudo echo 'deb [signed-by=/etc/apt/trusted.gpg.d/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.34/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
# 安装kubeadm、kubectl、kubelet
sudo apt update
sudo apt install kubelet=1.34.* kubeadm=1.34.* kubectl=1.34.*
sudo apt-mark hold kubelet kubeadm kubectl创建配置文件初始化集群
yaml
# 创建 kubeadm 配置
cat <<EOF | tee kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta3
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: $(hostname -I | awk '{print $1}')
bindPort: 6443
---
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
kubernetesVersion: 1.34.2
imageRepository: registry.aliyuncs.com/google_containers
controlPlaneEndpoint: "$(hostname -I | awk '{print $1}'):6443"
networking:
#如果使用calico,配置成192.168.0.0/16
podSubnet: "10.244.0.0/16"
serviceSubnet: "10.96.0.0/12"
EOF初始化集群
bash
sudo kubeadm init --config=kubeadm-config.yaml --upload-certs网络比较慢的话,这步需要较长时间
初始化成功控制台会打印类似
bash
kubeadm join 192.168.0.101:6443 --token pylai8.nzq4ojgrk4wsv27t \
--discovery-token-ca-cert-hash sha256:xxxx这个需要保存下来,用来将工作节点加入集群中
然后将master节点中的【/etc/kubernetes/admin.conf】文件拷贝到node节点相同目录下,然后在master节点和工作节点配置环境变量:
bash
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
source ~/.bash_profile之后就可以使用kubectl命令查看pod的运行状态了
bash
kubectl get pod -A安装cni插件
bash
kubectl create -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml至此,就搭建好了一个K8s集群