引言
笔者本人已经参照该部署步骤超过10次k8s集群,在1.20-1.23大版本情况下均适用。对其他大版本未试验,以后试验再更新版本情况
️ 安装k8s之前记得对初始化虚机打个快照,出现问题可直接恢复快照解决,这是比较快的方法
️ 未具体说明执行的节点则表明在多个节点均执行命令
时间同步
sudo timedatectl set-timezone Asia/Shanghai
主机名称修改,hosts添加域名映射
主机名称修改
名称随意
# master节点执行
hostnamectl set-hostname master-node
# worker1节点执行
hostnamectl set-hostname worker-node1
# worker2节点执行
hostnamectl set-hostname worker-node2
节点配置hosts
cat >> /etc/hosts <<EOF 10.31.203.11 master-node 10.31.203.12 worker-node1 10.31.203.13 worker-node2 EOF
安装插件
yum install -y wget
yum install -y net-tools epel-release
yum install -y vim yum-utils device-mapper-persistent-data lvm2
yum配置docker源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum配置k8s源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
关闭防火墙
sudo systemctl stop firewalld.service
sudo systemctl disable firewalld.service
sudo firewall-cmd --state
关闭Selinux防火墙
sudo setenforce 0
sudo vi /etc/selinux/config
修改:
SELINUX=disabled
创建文件夹
mkdir /etc/docker
配置docker,cgroup驱动为systemd,添加不安全registry
vim /etc/docker/daemon.json
# 添加如下内容
{
"exec-opts": ["native.cgroupdriver=systemd"],
"insecure-registries": ["0.0.0.0/0"]
}
️ insecure-registries可不配置,主要是我遇到了好多和内网ip的registry有关问题,提前将这个参数配置好的话,以后省事一点~
安装docker-ce和k8s(可以指定dcoker版本号)
yum install -y docker-ce kubectl-1.23.5 kubelet-1.23.5 kubeadm-1.23.5 kubernetes-cni
systemctl enable docker
systemctl start docker
systemctl enable kubelet
禁用swap,关闭交换内存
sudo swapoff -a
vim /etc/sysconfig/kubelet
修改:
KUBELET_EXTRA_ARGS="--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2"
设置swap开机不启动
vim /etc/fstab
修改:# /dev/mapper/centos-swap swap swap defaults 0 0
桥接网络设置
modprobe br_netfilter
cat <<EOF > /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF
sysctl -p /etc/sysctl.d/k8s.conf
主节点执行:集群初始化
kubeadm init --kubernetes-version=v1.23.5 \
--pod-network-cidr=10.244.0.0/16 \
--apiserver-advertise-address=10.31.203.11 \
--image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers \
--ignore-preflight-errors=Swap
️ 版本要与前面安装版本一致
️ apiserver-advertise-address为master node ip
️ 如果初始化配置错误,可以重置kubeadm:kubeadm reset
执行成功后会返回如下信息:
# 执行成功后,会返回
# Your Kubernetes control-plane has initialized successfully!
# To start using your cluster, you need to run the following as a regular user:
# mkdir -p $HOME/.kube
# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# sudo chown $(id -u):$(id -g) $HOME/.kube/config
# You should now deploy a pod network to the cluster.
# Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
# https://kubernetes.io/docs/concepts/cluster-administration/addons/
# Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.31.203.11:6443 --token gg9s4y.y33ehoxbxg4entr2 \
--discovery-token-ca-cert-hash sha256:89d7cdfb678c5cf8951903b58eb6cbc147e283c4ec548f4b01246a97b787f485
# 所有的子节点可以通过上方命令加入集群
主节点执行:创建kubeconfig配置
#复制配置
mkdir ~/.kube
cp -i /etc/kubernetes/admin.conf ~/.kube/config
chown $(id -u):$(id -g) ~/.kube/config
主节点执行:配置flannel 网络
# 直接复制粘贴就好了
# https://github.com/coreos/flannel
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
主节点获取子节点Join命令
# 可以直接参照master节点init后的成功返回信息,最下两行则为子节点加入集群的命令
kubeadm token create --print-join-command
子节点执行Join命令
kubeadm join 10.31.203.11:6443 --token gg9s4y.y33ehoxbxg4entr2 \
--discovery-token-ca-cert-hash sha256:89d7cdfb678c5cf8951903b58eb6cbc147e283c4ec548f4b01246a97b787f485
至此,等待服务全部正常该集群则成功部署~
kubectl get po -A
以下为一些额外的辅助内容
kubectl自动补全
yum install -y bash-completion
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc
查看节点日志
journalctl -f -u kubelet
完整重置k8s
kubeadm reset --v=5
rm -rf /var/lib/cni/
rm -rf /var/lib/kubelet/*
rm -rf /etc/cni/
ifconfig cni0 down
ifconfig flannel.1 down
ifconfig docker0 down
ip link delete cni0
ip link delete flannel.1
相关问题
镜像拉取错误
在安装1.21.1版本时,出现了一个问题:
[ERROR ImagePull]: failed to pull image registry.cn-hangzhou.aliyuncs.com/google_containers/coredns/coredns:v1.8.0: output: Error response from daemon: pull access denied for registry.cn-hangzhou.aliyuncs.com/google_containers/coredns/coredns, repository does not exist or may require ‘docker login’: denied: requested access to the resource is denied
, error: exit status 1
解决方法
下载一个coredns,改名成需要的名字,之后再继续安装命令即可
docker pull coredns/coredns:1.8.0
docker tag coredns/coredns:1.8.0 registry.cn-hangzhou.aliyuncs.com/google_containers/coredns/coredns:v1.8.0
文章评论