欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

二、使用kubeadm搭建k8s集群

程序员文章站 2022-07-13 21:10:05
...

1. 准备物理环境

1. 准备三台Centos 7机器(建议为Centos7 ,因为docker对内核版本有要求),1台master节点, 2台Worker 
2. 机器配置要求(2核CPU、2G内存)
3. 保证三台物理机的网络能够相互Ping通

2. 更新并安装基础依赖

  1. 更新并安装基础依赖(同步执行)
yum -y update
yum install -y conntrack ipvsadm ipset jq sysstat curl iptables libseccomp
  1. 安装docker前置依赖(同步执行)
sudo yum install -y yum-utils \
 device-mapper-persistent-data \
 lvm2
  1. 设置docker仓库(同步执行)
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
  1. 设置镜像加速器、并修改docker cgroup(同步执行)
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": [ "https://kfwkfulq.mirror.aliyuncs.com", "https://2lqq34jg.mirror.aliyuncs.com", "https://pee6w651.mirror.aliyuncs.com", "https://registry.docker-cn.com", "http://hub-mirror.c.163.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
sudo systemctl daemon-reload
  1. 安装docker(同步执行)
yum install -y docker-ce-18.09.0 docker-ce-cli-18.09.0 containerd.io
  1. 启动docker(同步执行)
	sudo systemctl start docker && sudo systemctl enable docker
  1. 修改hosts文件(分别执行)
#修改master节点hosts文件
sudo hostnamectl set-hostname master-1

vi /etc/hosts
192.168.1.245 worker-1
192.168.1.244 worker-2
192.168.1.247 master-1

#修改worker节点hosts文件
sudo hostnamectl set-hostname worker-1

vi /etc/hosts
192.168.1.245 worker-1
192.168.1.244 worker-2
192.168.1.247 master-1

#修改worker节点hosts文件
sudo hostnamectl set-hostname worker-2

vi /etc/hosts
192.168.1.245 worker-1
192.168.1.244 worker-2
192.168.1.247 master-1
  1. 系统基础配置(同步执行)
# (1)关闭防火墙
systemctl stop firewalld && systemctl disable firewalld

# (2)关闭selinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

# (3)关闭swap
swapoff -a
sed -i '/swap/s/^\(.*\)$/#\1/g' /etc/fstab

# (4)配置iptables的ACCEPT规则
iptables -F && iptables -X && iptables -F -t nat && iptables -X -t nat && iptables -P FORWARD ACCEPT

# (5)设置系统参数
cat <<EOF >  /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

sysctl --system

3. 安装kubeadm、kubelet、kubectl

  1. 配置yum源(同步执行)
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
       http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
  1. 安装kubeadm&kubelet&kubectl(同步执行)
yum install -y kubeadm-1.19.3-0 kubelet-1.19.3-0 kubectl-1.19.3-0 
yum remove -y kubeadm-1.19.3-0 kubelet-1.19.3-0 kubectl-1.19.3-0
  1. 设置docker和k8s设置同一个cgroup(同步执行)
#重启docker
systemctl restart docker
    
# kubelet,这边如果发现输出directory not exist,是正常的可以往下执行
sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
	
systemctl enable kubelet && systemctl start kubelet

  1. 由于kubeadm使用的都是外国镜像、所以需要先下载镜像

    1. 查看kubeadm使用的镜像(master)
    kubeadm config images list

    1. 拉取镜像/打tag/删除原有镜像(同步执行)

      #!/bin/bash
set -e

   KUBE_VERSION=v1.19.3
   KUBE_PAUSE_VERSION=3.2
   ETCD_VERSION=3.4.13-0
   CORE_DNS_VERSION=1.7.0

   GCR_URL=k8s.gcr.io
   ALIYUN_URL=registry.cn-hangzhou.aliyuncs.com/google_containers

   images=(kube-proxy:${KUBE_VERSION}
   kube-scheduler:${KUBE_VERSION}
   kube-controller-manager:${KUBE_VERSION}
   kube-apiserver:${KUBE_VERSION}
   pause:${KUBE_PAUSE_VERSION}
   etcd:${ETCD_VERSION}
   coredns:${CORE_DNS_VERSION})

   for imageName in ${images[@]} ; do
     docker pull $ALIYUN_URL/$imageName
     docker tag  $ALIYUN_URL/$imageName $GCR_URL/$imageName
     docker rmi $ALIYUN_URL/$imageName
   done

  2. 初始化master节点(master节点)

kubeadm init --kubernetes-version=1.19.3 --apiserver-advertise-address=192.168.1.247 --pod-network-cidr=10.244.0.0/16
  1. 根据日志 保存left join信息 ***
复制日志中下列信息
kubeadm join 192.168.1.247:6443 --token inh9ft.mi7al6thwub75gz5 \
    --discovery-token-ca-cert-hash sha256:68011155864ccc0b6006c075dc029dcf50c60ebef83e1dce80de0ce565b837f7
  1. 复制conf 文件 (用来执行kubectl的认证文件)
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
  1. 验证是否启动成功
kubectl get pods -n kube-system

4. 安装网络插件

​ 网络插件,本篇文章采用Calico

​ 官网网络插件 https://kubernetes.io/docs/concepts/cluster-administration/addons/

  1. 安装calico(master)
kubectl apply -f https://docs.projectcalico.org/v3.9/manifests/calico.yaml
  1. 在另外两台worker机器上执行join命令(worker机器上)
kubeadm join 192.168.1.247:6443 --token inh9ft.mi7al6thwub75gz5 \
    --discovery-token-ca-cert-hash sha256:68011155864ccc0b6006c075dc029dcf50c60ebef83e1dce80de0ce565b837f7
  1. 验证worker节点是否连接(master)
kubectl get nodes

相关标签: kubernetes kubernetes k8s kubeadm

上一篇: kubeadm 搭建k8s集群

下一篇: 初始化kubernetes

推荐阅读