一、环境
两个节点,静态主机名解析(操作系统:CentOS 7.9)
[root@master01 ~]# cat /etc/hosts
172.16.80.140 master01
172.16.80.151 node01
[root@node01: ~]
172.16.80.140 master01
172.16.80.151 node01
二、系统配置
禁用防火墙
禁用防火墙和selinux
# systemctl stop firewalld
# systemctl disable firewalld
# setenforce 0
# vim /etc/selinux/config
SELINUX=disabled
关闭swap
# swapoff -a # 关闭系统swap
# vim /etc/sysctl.d/k8s.conf # 添加如下内容
vm.swappiness=0
# sysctl -p /etc/sysctl.d/k8s.conf # 使之生效
三、安装containerd
添加docker stable版本的repo,安装containerd包
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install -y containerd
创建containerd配置文件,并配置镜像加速
containerd config default > /etc/containerd/config.toml
vim /etc/containerd/config.toml
[plugins."io.containerd.grpc.v1.cri".registry]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://hub-mirror.c.163.com"]
systemctl enable containerd
systemctl start containerd
四、安装kubeadm
kubeadm介绍
kubeadm是一种工具,旨在提供kubeadm初始化和kubeadm联接作为创建Kubernetes集群的最佳实践"快速路径". kubeadm执行必要的操作,以使最小可行的群集启动并运行。从设计上讲,它只关心引导程序,而不关心配置机器。 同样,也不在安装各种功能强大的插件,例如Kubernetes仪表板,监视解决方案和特定于云的插件。
配置yum源
添加kubernetes repo源,这里使用阿里源
cat << EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
安装kubeadm工具
安装kubelet、kubeadm、kubectl、cri-tools包
yum install -y kubelet kubeadm kubectl cri-tools
systemctl enable kubelet && systemctl start kubelet
配置命令补全
crictl completion bash > /etc/bash_completion.d/crictl
kubeadm completion bash > /etc/bash_completion.d/kubeadm
kubectl completion bash >/etc/bash_completion.d/kubectl
source /etc/bash_completion.d/kubeadm
source /etc/bash_completion.d/kubectl
source /etc/bash_completion.d/crictl
配置crictl,连接containerd runtime
# vim /etc/crictl.yaml
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 10
debug: true
五、下载kubernetes集群镜像
默认kubeadm会从k8s.gcr.io下载相关镜像,这里替换为阿里云仓库可以加速k8s镜像下载
# 查看需要下载的最新k8s集群镜像
# kubeadm config images list --image-repository=registry.aliyuncs.com/google_containers
W0509 21:09:17.213335 20379 images.go:80] could not find officially supported version of etcd for Kubernetes v1.27.1, falling back to the nearest etcd version (3.5.7-0)
registry.aliyuncs.com/google_containers/kube-apiserver:v1.27.1
registry.aliyuncs.com/google_containers/kube-controller-manager:v1.27.1
registry.aliyuncs.com/google_containers/kube-scheduler:v1.27.1
registry.aliyuncs.com/google_containers/kube-proxy:v1.27.1
registry.aliyuncs.com/google_containers/pause:3.9
registry.aliyuncs.com/google_containers/etcd:3.5.7-0
registry.aliyuncs.com/google_containers/coredns:v1.10.1
可以看到最新的k8s镜像版本是v1.27.1,在每个节点上提前下载好镜像
# kubeadm config images pull --image-repository=registry.aliyuncs.com/google_containers \
--kubernetes-version=v1.27.1
W0509 21:11:46.234769 21159 images.go:80] could not find officially supported version of etcd for Kubernetes v1.27.1, falling back to the nearest etcd version (3.5.7-0)
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-apiserver:v1.27.1
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-controller-manager:v1.27.1
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-scheduler:v1.27.1
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-proxy:v1.27.1
[config/images] Pulled registry.aliyuncs.com/google_containers/pause:3.9
[config/images] Pulled registry.aliyuncs.com/google_containers/etcd:3.5.7-0
[config/images] Pulled registry.aliyuncs.com/google_containers/coredns:v1.10.1
六、安装k8s master节点
初始化安装master节点,pod网段范围:10.244.0.0/16,后面flannel插件也要指定为这个网段
# kubeadm init --image-repository=registry.aliyuncs.com/google_containers \
--service-cidr=10.1.0.0/16 \
--pod-network-cidr=10.244.0.0/16 \
--kubernetes-version=v1.27.1
......
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 172.16.80.140:6443 --token x7t1u6.9zxi5db04qagr2sh \
--discovery-token-ca-cert-hash sha256:1a0a11815b49c914517baa9e149ecdcc7e0f1e9cb6ab9b4af771e9a87c75dfa8
七、安装k8s node节点
kubeadm join 172.16.80.140:6443 --token x7t1u6.9zxi5db04qagr2sh \
--discovery-token-ca-cert-hash sha256:1a0a11815b49c914517baa9e149ecdcc7e0f1e9cb6ab9b4af771e9a87c75dfa8
八、安装网络插件
这里使用的是flannel网络插件,还需要改些bridge参数
# vim /etc/sysctl.d/k8s.conf # 添加如下内容
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
# sysctl -p /etc/sysctl.d/k8s.conf # 使之生效
安装pod网络插件
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
让master节点也参与调度
# kubectl taint nodes master01 node-role.kubernetes.io/master-
node "master01" untainted
九、查看集群
查看节点状态
# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master01 Ready control-plane 9h v1.27.1
node01 Ready <none> 9h v1.27.1
查看集群状态
# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health":"true","reason":""}
查看节点容器
类似以前的docker ps
# crictl ps
CONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID POD
d06962733c630 a6c0cb5dbd211 9 hours ago Running kube-flannel 0 65f44912b4417 kube-flannel-ds-mzndw
8d3fec0ee8d42 ead0a4a53df89 9 hours ago Running coredns 0 9d1e1ac978c71 coredns-7bdc4cb885-f4bqf
725aa5b3d358d ead0a4a53df89 9 hours ago Running coredns 0 cf4bc4c6363f7 coredns-7bdc4cb885-2tc7z
fd08072710dd7 fbe39e5d66b6a 9 hours ago Running kube-proxy 0 749d10b7aee72 kube-proxy-lmfn9
8a98f62c3452f 86b6af7dd652c 9 hours ago Running etcd 0 03eaf1b988095 etcd-master01
fabe0575b15de 6468fa8f98696 9 hours ago Running kube-scheduler 0 aad60c0e42196 kube-scheduler-master01
e4bd233337e26 6f6e73fa8162b 9 hours ago Running kube-apiserver 0 183da7231b1cc kube-apiserver-master01
f2fddbe90e0da c6b5118178229 9 hours ago Running kube-controller-manager 0 5674f488188f7 kube-controller-manager-master01
十、集群重置
kubeadm reset
ifconfig cni0 down
ip link delete cni0
ifconfig flannel.1 down
ip link delete flannel.1
rm -rf /var/lib/cni/
参考链接
「真诚赞赏,手留余香」
真诚赞赏,手留余香
使用微信扫描二维码完成支付