rocky8(centos8)中使用cri-o,kubeadm安装k8s 1.27.1-master

我主打的就是安装简单。

#!/bin/sh
# 先修改机器名和hosts

basis() {
  echo -e "\033[31m关闭防火墙,关闭selinux,关闭swap等基础服务\033[0m"
  systemctl stop firewalld.service
  systemctl disable firewalld.service

  setenforce 0 && sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux

  swapoff -a                                                                     # 临时关闭swap
  sed -i 's/\/dev\/mapper\/centos-swap/#\/dev\/mapper\/centos-swap/g' /etc/fstab # 彻底关闭swap
  # 或者执行下面语句进行彻底关闭
  # sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
}

yum_tools() {
  echo -e "\033[31m安装wget,vim,net-toos,nfs-utils,ipvs用于替yum-config-manager换iptables\033[0m"
  # 为什么要使用ipvs，请访问：https://blog.csdn.net/qq_36807862/article/details/106068871
  yum install -y wget vim net-tools nfs-utils ipvsadm ipset
  yum update -y systemd
}

sysctl_tools() {
  # 启用此内核模块，以便遍历桥的数据包​​由iptables进行处理以进行过滤和端口转发，并且群集中的kubernetes窗格可以相互通信
  echo -e "\033[31m调整内核参数\033[0m"
  modprobe br_netfilter
  echo 1 >/proc/sys/net/bridge/bridge-nf-call-ip6tables
  echo 1 >/proc/sys/net/bridge/bridge-nf-call-iptables

  cat >>/etc/security/limits.conf <<EOF
* 	soft 	noproc  655350
* 	hard 	noproc  655350
* 	soft 	nofile  655350
* 	hard 	nofile  655350
EOF

  # 内核调整,将桥接的IPv4流量传递到iptables的链
  cat >/etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
  #打开路由转发
  cat >/etc/sysctl.conf <<EOF
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl =15
net.ipv4.tcp_retries2 = 5
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_orphans = 32768
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_wmem = 8192 131072 16777216
net.ipv4.tcp_rmem = 32768 131072 16777216
net.ipv4.tcp_mem = 786432 1048576 1572864
net.ipv4.ip_local_port_range = 1024 65000
net.core.somaxconn = 32768
net.core.netdev_max_backlog = 16384
net.ipv6.conf.all.disable_ipv6=1
EOF
  echo 从所有系统配置文件中加载参数
  sysctl --system
  echo 将参数写到文件中并重新加载
  sysctl -p
}

ipvs() {
  # 添加网络配置为ipvs https://www.cnblogs.com/dribs/p/12666091.html
  # 如果机器yum环境有问题需要按照该链接处理：http://www.6fantian.com/web/#/2?page_id=200
  # 临时生效
  echo -e "\033[31m添加ipvs配置\033[0m"
  modprobe -- ip_vs
  modprobe -- ip_vs_rr
  modprobe -- ip_vs_wrr
  modprobe -- ip_vs_sh
  modprobe -- nf_conntrack_ipv4
  # 永久生效
  cat >/etc/sysconfig/modules/ipvs.modules <<EOF
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
}

crio_tools() {
  echo -e "\033[31m安装crio等相关工具\033[0m"
  #  VERSION=1.25
  #  curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_8/devel:kubic:libcontainers:stable.repo
  #  curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$VERSION/CentOS_8/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo
#  yum -y install podman
  wget https://storage.googleapis.com/cri-o/artifacts/cri-o.amd64.90a1e14a19422dfca437e2d3a95cf73c5412b232.tar.gz
  tar -zxvf cri-o.amd64.90a1e14a19422dfca437e2d3a95cf73c5412b232.tar.gz
  cd cri-o && ./install
  sed -i '479s/$/pause_image = "dyrnq\/pause:3.9"/' /etc/crio/crio.conf


  # 开启Docker服务
#  systemctl enable podman
#  systemctl start podman
  systemctl enable crio
  systemctl restart crio
  echo "alias docker=podman" >> /root/.bashrc && source /root/.bashrc
}

k8s_tools() {
  echo -e "\033[31m安装kubernetes\033[0m"
  # 安装kubernetes
  cat >/etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
  # 开始安装 kubelet
  yum install -y kubelet-1.27.1 kubeadm-1.27.1 kubectl-1.27.1
  systemctl enable kubelet

  # 忽略swap开启
  echo KUBELET_EXTRA_ARGS=\"--fail-swap-on=false\" >/etc/sysconfig/kubelet
}

commands() {
  echo -e "\033[31m简单的基础命令\033[0m"
  echo 查看集群状态: kubectl get cs
  kubectl get cs
  echo 查看节点: kubectl get nodes
  kubectl get nodes
  echo 查看命名空间: kubectl get ns
  kubectl get ns
  echo 以ps输出格式列出kube-system命名空间的pods kube-system是系统级的pod: kubectl get pods -n kube-system
  echo 查看所有节点的运行状态和详细信息: kubectl get pods -A -o wide | grep kube-system
}

main() {
  basis        # 关闭防火墙
  yum_tools    # 安装基础包
  sysctl_tools # 调整内核
  crio_tools # 安装docker等相关工具
  k8s_tools    # 安装kubeadm
  echo -e "\033[31m列出k8s各模块对应版本\033[0m"
  kubeadm config images list
  kubeadm init --cri-socket='/var/run/crio/crio.sock' --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=Swap --service-cidr=10.96.0.0/12 --kubernetes-version=1.27.1 --image-repository registry.aliyuncs.com/google_containers
  echo -e "\033[31m添加网络插件kube-flannel\033[0m"
  # 初始化成功后也会提示以下命令的
  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  chown $(id -u):$(id -g) $HOME/.kube/config

  kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml

}
main
ipvs
commands
echo -e "\033[31m更改ipvs方式,请看脚本注释部分\033[0m"
#hostnamectl set-hostname k8s-master001
#echo k8s-master001 192.168.20.151 >> /etc/hosts
# 以下步骤需要在master机器ready后执行
## 1、配置kube-proxy，在master上操作,修改mode: "ipvs"
#kubectl edit cm kube-proxy -n kube-system
## 2、在master重启kube-proxy
#kubectl  get pod -n kube-system | grep kube-proxy | awk '{print $1}' | xargs kubectl delete pod -n kube-system
## 3、查看pod
#kubectl  get pod -n kube-system | grep kube-proxy
## 验证ipvs是否开启，输入获取的pod id
#kubectl logs kube-proxy-cvzb4 -n kube-system

1. 修改主机名，并添加hosts ，修改主机名的方式上面都有，看注释部分

2. 新建一个install.sh，并粘贴上面的代码

3. sh install.sh运行