由于K8S的节点资源不够用了,需要增加一个新节点,这里记下过程,分享给大家。
1、系统设置并更新
先设置好机器名,再更新系统
bash
echo "tmp-k8s-nd3" > /etc/hostname
hostname tmp-k8s-nd3
apt update
apt upgrade
reboot当然,还要整个集群里hosts文件里加上新机器的域名解析
2、设置免登录
bash
ssh-copy-id tmp-k8s-nd33、 安装时间同步
并且设置内部一台机器做时间服务器
bash
apt install chronyd4、安装Kubelet和containerd
就一个自动化安装脚本:
bash
root@tmp-k8s-nd3:~# cat install-k8s-aliyun.sh
#!/bin/bash
# =============================================================================
# Kubernetes 节点初始化脚本 (v1.35.1)
# 功能: 在所有节点(Master/Worker)上执行,用于安装 containerd 和 kubeadm/kubelet
# 支持: Ubuntu 22.04+, Debian 12+, CentOS Stream 9+
# 注意: 请使用 root 用户或具有 sudo 权限的用户执行此脚本
# =============================================================================
set -e
K8S_VERSION="1.35.1"
KUBE_VERSION="1.35.1-*"
CRIO_VERSION="1.35"
# 国际化配置
export DEBIAN_FRONTEND=noninteractive
echo "=== [1/7] 系统环境初始化 ==="
# 1. 加载内核模块 (overlay & br_netfilter)
cat <<EOF | tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
modprobe overlay
modprobe br_netfilter
# 2. 配置内核参数 (启用IP转发与桥接过滤)
cat <<EOF | tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
sysctl --system
# 3. 禁用Swap (Kubernetes强制要求)
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
echo "=== [2/7] 安装 containerd 运行时 ==="
# 1. 安装依赖
apt-get update -y
apt-get install -y ca-certificates curl gnupg lsb-release
# 2. 添加Docker官方GPG密钥和APT源 (用于安装containerd)
mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg
# 注: 此处基于Ubuntu 22.04 (Jammy)为例;对于Debian等系统,需根据实际情况调整 $(lsb_release -cs)
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update -y
apt-get install -y containerd.io
# 3. 配置 containerd
containerd config default > /etc/containerd/config.toml
# - 使用 systemd cgroup 驱动 (与宿主机一致)
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
# - 修改 sandbox (pause) 镜像地址为国内可访问
sed -i 's#registry.k8s.io/pause#registry.aliyuncs.com/google_containers/pause#g' /etc/containerd/config.toml
# 4. 启动 containerd
systemctl daemon-reload
systemctl enable --now containerd
echo "=== [3/7] 安装 Kubernetes 组件 (kubeadm/kubelet/kubectl) ==="
# 1. 添加 Kubernetes APT 仓库 (新版使用 pkgs.k8s.io)
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.35/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
chmod 644 /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.35/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list
apt-get update
# 2. 安装并锁定版本
apt-get install -y kubeadm=${KUBE_VERSION} kubelet=${KUBE_VERSION} kubectl=${KUBE_VERSION}
apt-mark hold kubeadm kubelet kubectl
echo "=== [4/7] 配置 kubelet 与 crictl ==="
# 1. 生成 crictl 配置 (使 crictl 可以直接调用 containerd)
cat <<EOF | tee /etc/crictl.yaml
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 10
debug: false
EOF
# 2. 启动 kubelet (此时未初始化集群,会处于 CrashLoopBackOff,属于正常现象)
systemctl enable --now kubelet
# 可选组件:安装nerdctl (提供类似Docker的命令行体验,便于调试)
echo "=== [5/7] 可选: 安装nerdctl (类似docker) ==="
if command -v nerdctl &> /dev/null; then
echo "nerdctl 已存在,跳过安装。"
else
NERDCTL_VERSION="2.2.0"
wget -q "https://github.com/containerd/nerdctl/releases/download/v${NERDCTL_VERSION}/nerdctl-${NERDCTL_VERSION}-linux-amd64.tar.gz" -O /tmp/nerdctl.tar.gz
tar -C /usr/local/bin -xzf /tmp/nerdctl.tar.gz
chmod +x /usr/local/bin/nerdctl
fi
echo "=== [6/7] 验证安装 ==="
echo "---- Containerd 状态: ----"
systemctl is-active containerd && echo "containerd 正在运行"
echo "---- Kubernetes 组件版本: ----"
kubeadm version
kubelet --version
echo "---- 镜像拉取测试 (nerdctl pull hello-world) ----"
nerdctl pull hello-world >/dev/null 2>&1 && echo "镜像拉取成功,containerd工作正常。"
echo "=== [7/7] 后续操作提示 ==="
echo "----------------------------------------------------------------"
echo "节点基础环境已准备就绪!"
echo "1. 若此节点是 **Master**,请执行:"
echo " sudo kubeadm init --pod-network-cidr=10.244.0.0/16 --image-repository=registry.aliyuncs.com/google_containers"
echo ""
echo "2. 若此节点是 **Worker**,请使用 Master 初始化后输出的 'kubeadm join' 命令加入集群。"
echo ""
echo "3. 初始化后,Master 需要配置 kubectl:"
echo " mkdir -p \$HOME/.kube && sudo cp -i /etc/kubernetes/admin.conf \$HOME/.kube/config && sudo chown \$(id -u):\$(id -g) \$HOME/.kube/config"
echo ""
echo "4. 为防止版本偏差,已将 kubeadm/kubelet/kubectl 设置为 apt-hold 状态。"
echo "----------------------------------------------------------------"5、新节点加入到集群
到master上执行:
bash
kubeadm token create --print-join-command把得到的join命令拿到新节点上去执行就可以。