欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

单机K8S环境安装

程序员文章站 2022-07-13 10:19:43
...

最低配置

2核 4G 50G
最小化安装Ubuntu 16.04 server或者CentOS 7 Minimal

内核优化

# vi /etc/sysctl.conf
# 追加
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_keepalive_time =600
net.ipv4.ip_local_port_range = 32768   60999
net.ipv4.tcp_max_syn_backlog = 1024
net.core.somaxconn = 1024
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.core.netdev_max_backlog = 1000
net.ipv4.tcp_max_orphans = 2000
# wq!
# 使配置文件生效(这里执行多次是因为莫名的没有-p参数,顺序执行即可,报错忽略)
sysctl –p
sysctl
sysctl –p

系统调校

# 常用软件
yum install zip unzip lrzsz telnet  lsof  net-tools wget gcc automake autoconf libtool make gcc-c++ pcre-devel openssl-devel openssh openssh-clients openssh-server openssh-askpass jemalloc-devel vim netstat  sysstat ntpdate -y
# selinux disable
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config
# firewall stop
systemctl stop firewalld
systemctl disable firewalld
# max fileSize
vi /etc/rc.local
## open files
ulimit -HSn 65535
## stack size
ulimit -s 65535
# 关闭Swap分区
swapoff -a
cp -p /etc/fstab /etc/fstab.bak$(date '+%Y%m%d%H%M%S')
sed -i "s/\/dev\/mapper\/centos-swap/\#\/dev\/mapper\/centos-swap/g" /etc/fstab
mount -a
free -m
cat /proc/swaps
# yumsource alibaba
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo_bak
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum makecache fast
# 静态IP地址(VM-NAT)
### vim /etc/sysconfig/network-scripts/ifcfg-ensxxx
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="no"
ONBOOT="yes"
IPADDR="192.168.175.100"
NETMASK="255.255.255.0"
GATEWAY="192.168.175.2"

脚本安装 k8s

export release=2.2.1
curl -C- -fLO --retry 3 https://github.com/easzlab/kubeasz/releases/download/${release}/easzup
chmod +x ./easzup
# 举例使用 k8s 版本 v1.18.2,docker 19.03.5
./easzup -D -d 19.03.5 -k v1.18.2
./easzup -S
# 使用默认配置安装 aio 集群
docker exec -it kubeasz easzctl start-aio

验证 k8s 安装

如果提示kubectl: command not found,退出重新ssh登录一下,环境变量生效即可
$ kubectl version         # 验证集群版本     
$ kubectl get node        # 验证节点就绪 (Ready) 状态
$ kubectl get pod -A      # 验证集群pod状态,默认已安装网络插件、coredns、metrics-server等
$ kubectl get svc -A      # 验证集群服务状态

Dashboard 查看和管理集群

参考文档:
https://github.com/easzlab/kubeasz/blob/master/docs/guide/dashboard.md
kubectl apply -f /etc/ansible/manifests/dashboard/kubernetes-dashboard.yaml
kubectl apply -f /etc/ansible/manifests/dashboard/admin-user-sa-rbac.yaml
kubectl apply -f /etc/ansible/manifests/dashboard/read-user-sa-rbac.yaml

验证 Dashboard

# 查看 pod 运行状态
kubectl get pod -n kube-system | grep dashboard
dashboard-metrics-scraper-545bbb8767-hs7tz   1/1     Running   0          81s
kubernetes-dashboard-65665f84db-bj59l        1/1     Running   0          81s
# 查看 Dashboard Service
kubectl get svc -n kube-system|grep dashboard
dashboard-metrics-scraper   ClusterIP   10.68.6.119    <none>        8000/TCP                 94s
kubernetes-dashboard        NodePort    10.68.217.55   <none>        443:36834/TCP            94s
# 查看集群服务
kubectl cluster-info|grep dashboard
kubernetes-dashboard is running at kubernetes-dashboard is running at https://192.168.175.100:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy
# 查看 pod 运行日志
kubectl logs kubernetes-dashboard-65665f84db-bj59l -n kube-system

访问 Dashboard

https://192.168.175.100:36834/

首次访问时,会阻拦你,所以你需要继续访问,然后选择验证方式时,会有kubeconfig和令牌两种方式,我们选择令牌。

# 获取secret中的token
kubectl describe secret dashboard -n kube-system

然后将上一步中的token填入,就可以访问了。