kubernetes node节点部署
1、初始化环境,基础组件安装
#各个节点配置主机名
hostnamectl set-hostname k8snode01
#关闭防火墙
systemctl disable --now firewalld
#关闭selinux
sed -i ‘s/^SELINUX=enforcing$/SELINUX=disabled/’ /etc/selinux/config && setenforce 0
#关闭swap
sed -i ‘/swap/d’ /etc/fstab
swapoff -a
#确认时间同步
yum install -y chrony
systemctl enable --now chronyd
chronyc sources && timedatectl
加载ipvs模块
kuber-proxy代理支持iptables和ipvs两种模式,使用ipvs模式需要在初始化集群前加载要求的ipvs模块并安装ipset工具。
另外,针对Linux kernel 4.19以上的内核版本使用nf_conntrack 代替nf_conntrack_ipv4。
cat > /etc/modules-load.d/ipvs.conf <<EOF
Load IPVS at boot
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack_ipv4
EOF
systemctl enable --now systemd-modules-load.service
#确认内核模块加载成功
lsmod | grep -e ip_vs -e nf_conntrack_ipv4
#安装ipset、ipvsadm
yum install -y ipset ipvsadm
安装Docker
安装依赖软件包
yum install -y yum-utils device-mapper-persistent-data lvm2
添加Docker repository,这里使用国内阿里云yum源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
安装docker-ce,这里直接安装最新版本
yum install -y docker-ce
#修改docker配置文件
mkdir /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
“exec-opts”: [“native.cgroupdriver=systemd”],
“log-driver”: “json-file”,
“log-opts”: {
“max-size”: “100m”
},
“storage-driver”: “overlay2”,
“storage-opts”: [
“overlay2.override_kernel_check=true”
],
“registry-mirrors”: [“https://uyah70su.mirror.aliyuncs.com”],“insecure-registries”:[“10.66.225.39:5000”]
}
EOF
mkdir -p /etc/systemd/system/docker.service.d
重启docker服务
systemctl daemon-reload && systemctl enable --now docker
安装kubeadm、kubelet、kubectl
添加kubernetes源,使用阿里云yum源进行替换:
cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
安装kubelet kubeadm kubectl
yum install -y kubeadm-1.16.3 kubelet-1.16.3 kubectl-1.16.3 --disableexcludes=kubernetes
若报错:Error: Package: kubelet-1.16.3-0.x86_64 (kubernetes)
Requires: conntrack
You could try using --skip-broken to work around the problem
安装conntrack-tools
yum -y install epel-release
yum -y install yum-utils
yumdownloader conntrack --resolve --destdir=/data/docker/soft
yumdownloader libnetfilter_cthelper --resolve --destdir=/data/soft/conntrack/
yumdownloader libnetfilter_cttimeout --resolve --destdir=/data/soft/conntrack/
yumdownloader libnetfilter_queue --resolve --destdir=/data/soft/conntrack/
rpm -ivh libnetfilter_cthelper-1.0.0-11.el7.x86_64.rpm
rpm -ivh libnetfilter_queue-1.0.2-2.el7_2.x86_64.rpm
rpm -ivh libnetfilter_cttimeout-1.0.0-7.el7.x86_64.rpm
rpm -ivh conntrack-tools-1.4.4-7.el7.x86_64.rpm
启动kubelet服务
systemctl enable --now kubelet
配置内核参数
cat < /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
echo “export KUBECONFIG=/etc/kubernetes/kubelet.conf” >> ~/.bash_profile
source ~/.bash_profile
2、部属node节点
在 k8snode01 和 k8snode02 上分别执行初始化结果中的命令,将其注册到 Cluster 中:
[root@k8smaster1 etc]# kubeadm token create --print-join-command
kubeadm join 10.66.225.38:6443 --token lbcujl.5tb4kh1wxptvrsox --discovery-token-ca-cert-hash sha256:0420c4aab7de9ada1ade559461044dfe566d179fc14ab3353fe6831ab8d15391
[root@k8smaster1 etc]#
kubeadm join 10.66.225.38:6443 --token 6kpvd3.9erdp3unn9jukgwo
–discovery-token-ca-cert-hash sha256:8c1191a5f4bdaa8428d02c4501fa53524f20eebfc09e77a45bca794ce9674d42
[root@k8snode01 kubernetes]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8smaster NotReady master 95m v1.16.3
k8snode01 NotReady 112s v1.16.3