目录
一、基础环境准备(两台设备都要执行)
第一步:修改主机名
在master上执行:
hostnamectl set-hostname k8s-master
在node上执行:
hostnamectl set-hostname k8s-node
执行完重启虚拟机
第二步:添加hosts
[root@k8s-master ~]# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
添加IP地址和主机名:
192.168.10.10 master
192.168.10.20 node
第三步: 清空防火墙和关闭selinux和swap
# 关闭 防火墙
systemctl stop firewalld
systemctl disable firewalld
# 关闭 SeLinux
setenforce 0
sed -i '/^SELINUX=/c\SELINUX=disabled' /etc/selinux/config
# 关闭 swap
swapoff -a
第四步:fstab加注释符
[root@k8s-master ~]# vi /etc/fstab
在最后一行添加注释符
# /etc/fstab
# Created by anaconda on Wed Apr 24 00:40:40 2024
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=3b090b75-abee-4c51-b3fc-cbdeb1de82ca /boot xfs defaults 0 0
#/dev/mapper/centos-swap swap swap defaults 0 0
二、修改内核参数
[root@k8s-master ~]# cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
> overlay
> br_netfilter
> EOF
overlay
br_netfilter
[root@k8s-master ~]# modprobe overlay
[root@k8s-master ~]# modprobe br_netfilter
[root@k8s-master ~]# cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
> net.bridge.bridge-nf-call-iptables = 1
> net.ipv4.ip_forward = 1
> net.bridge.bridge-nf-call-ip6tables = 1
> EOF
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
[root@k8s-master ~]# cat > /etc/sysconfig/modules/ipvs.modules <<EOF
> #!/bin/bash
> modprobe -- ip_vs
> modprobe -- ip_vs_rr
> modprobe -- ip_vs_wrr
> modprobe -- ip_vs_sh
> modprobe -- nf_conntrack
> EOF
[root@k8s-master ~]# chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack
ip_vs_sh 12688 0
ip_vs_wrr 12697 0
ip_vs_rr 12600 0
ip_vs 145458 6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
nf_conntrack 139264 1 ip_vs
libcrc32c 12644 3 xfs,ip_vs,nf_conntrack
[root@k8s-master ~]# sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
kernel.kptr_restrict = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/99-kubernetes-cri.conf ...
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.conf ...
三、安装docker
#安装docker
yum -y install yum-utils
yum-config-manager --add-repo https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
sed -i 's+https://download.docker.com+https://mirrors.tuna.tsinghua.edu.cn/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum -y install docker
#启动docker
systemctl enable docker --now
设置运行时 生成containerd 的默认配置文件
containerd config default > /etc/containerd/config.toml
修改配置文件config.toml
containerd config default | \
sed -e 's|registry\.k8s\.io/pause:[0-9.]\+|registry\.aliyuncs\.com/google_containers/pause:3.9|g' \
-e 's,SystemdCgroup = .*,SystemdCgroup = true,' \
-e 's/\[plugins."io.containerd.grpc.v1.cri".registry.mirrors\]/&\n \[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]\n endpoint = \["https:\/\/mirror.ccs.tencentyun.com"]\n/' \
-e 's/\[plugins."io.containerd.grpc.v1.cri".registry.mirrors\]/&\n \[plugins."io.containerd.grpc.v1.cri".registry.mirrors."registry.k8s.io"]\n endpoint = \["https:\/\/registry\.aliyuncs\.com\/google_containers"]/' \
-e '/^\s*$/d' |
tee /etc/containerd/config.toml
四、设置镜像站
cat <<EOF > /etc/docker/daemon.json
{
"registry-mirrors":["https://mirror.ccs.tencentyun.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=0
EOF
五、安装kubelet 、kubectl 、kubeadm
yum install -y kubelet kubectl kubeadm
systemctl enable kubelet
修改kubelet运行时
crictl config runtime-endpoint /var/run/containerd/containerd.sock
crictl config image-endpoint /var/run/containerd/containerd.sock
systemctl restart containerd
六、初始化集群(以下操作都在master节点操作)
kubeadm init --kubernetes-version=v1.28.2 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.10.10 --image-repository=registry.aliyuncs.com/google_containers
注意:记住要改成自己的master的IP
七、设置kubectl
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
八、设置补齐
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
九、配置网络插件
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.27.0/manifests/tigera-operator.yaml
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.27.0/manifests/custom-resources.yaml
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
十、工作节点node加入集群
先在master执行如下命令
[root@k8s-master ~]# kubeadm token create --print-join-command
node再执行master运行结果
[root@k8s-node ~]# kubeadm join 192.168.10.10:6443 --token s72dkl.d7uoxj6a2hnw4k03 --discovery-token-ca-cert-hash sha256:3091e6fd4ccd50d33f9ff57c2e6c2989ca389218dafe07fa68a50c37849cbe77
注意:记住要改成自己的master的IP
查看两个节点状态确保是Ready状态
[root@k8s-master ~]# kubectl get nodes