文章目录
K8s集群部署
一、初始化集群
1.在master节点进行初始化操作
Kubernetes 1.8
开始要求关闭系统的Swap,如果不关闭,默认配置下kubelet将无法启动,关闭系统的Swap方法如下:
swapoff -a
开始初始化
kubeadm init --kubernetes-version=v1.20.4 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=自己IP --ignore-preflight-errors=Swap
如显示以下消息则成功完成初始化
并 复制以下内容
[addons] Applied essential addon: kube-proxy
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.9.29.106:6443 --token x8awau.rxteung7iir394e8 \
--discovery-token-ca-cert-hash sha256:273528cee3b448a4c92394b0844021ea2514c1c895742ca5835f35d3fecac494
其中有以下关键内容:
[kubelet]
生成kubelet的配置文件”/var/lib/kubelet/config.yaml”
[certificates]
生成相关的各种证书
[kubeconfig]
生成相关的kubeconfig文件
[bootstraptoken]
生成token记录下来,后边使用kubeadm join往集群中添加节点时会用到
2.在master节点配置使用kubectl
依据复制内容的提示进行配置
假如你希望用一个普通用户运行集群,执行如下操作
rm -rf $HOME/.kube
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
假如你使用 root 用户运行集群,执行如下命令
export KUBECONFIG=/etc/kubernetes/admin.conf
3.查看当前node节点
kubectl get nodes
二、配置网路插件
1.master节点下载yaml配置文件
cd ~ && mkdir flannel && cd flannel
wget https://github.com/flannel-io/flannel/blob/master/Documentation/kube-flannel.yml
需要修改自己的网卡,有多少写多少
注意是 ens33 或者 eth0
[root@k8s-master flannel]# cat kube-flannel.yml
---
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: psp.flannel.unprivileged
annotations:
seccomp.security.alpha.kubernetes.io/allowedProfileNames: docker/default
seccomp.security.alpha.kubernetes.io/defaultProfileName: docker/default
apparmor.security.beta.kubernetes.io/allowedProfileNames: runtime/default
apparmor.security.beta.kubernetes.io/defaultProfileName: runtime/default
spec:
privileged: false
volumes:
- configMap
- secret
- emptyDir
- hostPath
allowedHostPaths:
- pathPrefix: "/etc/cni/net.d"
- pathPrefix: "/etc/kube-flannel"
-