准备
三台虚拟机上安装银河麒麟V10操作系统,取得root权限
注意:Centos7使用yum,而Kylin使用apt
一个小tip:虚拟机内存给大点,后面部署应用的时候会快很多
记得关闭应用保护,总共3项,不然在以后运行应用的时候会反复弹窗
1.关闭防火墙
# systemctl stop firewalld
# systemctl disable firewalld
我这里提示:
指令不管用,那就直接在桌面上关闭防火墙
2.关闭selinux
# sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
# setenforce 0 # 临时
3.关闭swap
# swapoff -a # 临时
# sed -ri 's/.*swap.*/#&/' /etc/fstab # 永久
然后输入reboot重启系统,关闭swap分区的指令才能生效
4.将桥接的IPv4流量传递到iptables的链
# cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
# sysctl --system # 生效
5.时间同步
# apt install ntpdate -y
# ntpdate time.windows.com
6.安装Docker
二进制手动安装
# wget https://download.docker.com/linux/static/stable/x86_64/docker-20.10.9.tgz
# tar xf docker-20.10.9.tgz
# chmod +x docker/*
# cp docker/* /usr/bin/
创建一个文本docker.service,输入以下内容
# vim /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
启动docker
root@master01:/home/xx/桌面# systemctl enable --now docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /lib/systemd/system/docker.service.
root@master01:/home/xx/桌面# docker --version
Docker version 20.10.9, build c2ea9bc
设置开机启动
# systemctl enable docker
7. 配置Docker
打开
# vi /etc/docker/daemon.json
修改为:
"registry-mirrors": [
"https://dockerhub.azk8s.cn",
"https://reg-mirror.qiniu.com",
"https://quay-mirror.qiniu.com",
"https://b9pmyelo.mirror.aliyuncs.com"
]
root@master01:/etc/yum.repos.d# systemctl daemon-reload
root@master01:/etc/yum.repos.d# systemctl restart docker
8.安装 kubelet kubeadm kubectl
# 安装基础环境
# apt-get install -y ca-certificates curl software-properties-common apt-transport-https curl
# curl -s https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
# 执行配置k8s阿里云源
vim /etc/apt/sources.list.d/kubernetes.list
#加入以下内容
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
# 执行更新
apt-get update -y
# 安装kubeadm、kubectl、kubelet
apt-get install -y kubelet=1.23.1-00 kubeadm=1.23.1-00 kubectl=1.23.1-00
# 阻止自动更新(apt upgrade时忽略)。所以更新的时候先unhold,更新完再hold。
apt-mark hold kubelet kubeadm kubectl
以下为master节点独有
在master节点创建文件:
root@master01:/# vi kubeadm-config.yaml
输入以下内容:
将下面的 advertiseAddress: 192.168.67.143修改为当前master节点的ip地址
apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168.67.143
bindPort: 6443
nodeRegistration:
criSocket: /var/run/dockershim.sock
imagePullPolicy: IfNotPresent
name: master
taints: null
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: 1.23.1
networking:
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
scheduler: {}
---
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
cgroupDriver: cgroupfs
9.安装master组件(master上执行)
可以先执行kubeadm config images pull,看能否链接到国外镜像,如不能,则转用阿里云镜像
(1)通过指令
kubeadm config images list
首先查看kubeadm config 依赖的镜像有哪些:
k8s.gcr.io/kube-apiserver:v1.23.17
k8s.gcr.io/kube-controller-manager:v1.23.17
k8s.gcr.io/kube-scheduler:v1.23.17
k8s.gcr.io/kube-proxy:v1.23.17
k8s.gcr.io/pause:3.6
k8s.gcr.io/etcd:3.5.1-0
k8s.gcr.io/coredns/coredns:v1.8.6
(2)总共7个,根据镜像名称,依次从阿里云拉取:
root@master01:/# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.23.17
root@master01:/# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.23.17
root@master01:/# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.23.17
root@master01:/# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.23.17
root@master01:/# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6
root@master01:/# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.1-0
root@master01:/# docker pull coredns/coredns:1.8.6
注意最后一个镜像,去掉版本前的“v”,可通过docker pull coredns/coredns:1.8.6直接拉取
通过docker image ls查看下载好的镜像:
root@master01:/# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver v1.23.17 62bc5d8258d6 5 months ago 130MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy v1.23.17 f21c8d21558c 5 months ago 111MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager v1.23.17 1dab4fc7b6e0 5 months ago 120MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler v1.23.17 bc6794cb54ac 5 months ago 51.8MB
registry.cn-hangzhou.aliyuncs.com/google_containers/etcd 3.5.1-0 25f8c7f3da61 21 months ago 293MB
coredns/coredns 1.8.6 a4ca41631cc7 22 months ago 46.8MB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.6 6270bb605e12 23 months ago 683kB
(3)将拉取下来的images重命名为kubeadm config所需的镜像名字
root@master01:/# docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.23.17 k8s.gcr.io/kube-apiserver:v1.23.17
root@master01:/# docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.23.17 k8s.gcr.io/kube-proxy:v1.23.17
root@master01:/# docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.23.17 k8s.gcr.io/kube-controller-manager:v1.23.17
root@master01:/# docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.23.17 k8s.gcr.io/kube-scheduler:v1.23.17
root@master01:/# docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.1-0 k8s.gcr.io/etcd:3.5.1-0
root@master01:/# docker tag coredns/coredns:1.8.6 k8s.gcr.io/coredns/coredns:v1.8.6
root@master01:/# docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6 k8s.gcr.io/pause:3.6
10.执行初始化操作(master节点)
先通过systemctl status kubelet和systemctl status docker查看kubectl和docker是否运行,如果没有,则输入systemctl start kubelet启动对应服务
执行kubeadm init --config kubeadm-config.yaml
直到显示successfully表示初始化成功,,记下红色框中的内容
复制粘贴这3条指令执行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
下面这条指令记录下来即可,在node节点输入该指令加入集群
kubeadm join 192.168.67.143:6443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:d18dd90b7d00b0828b11636ac879f51646f524af2bc4f41a553dcdb004465699
此时返回master节点,输入kubectl get node发现节点为NotReady
root@master:/# kubectl get node
NAME STATUS ROLES AGE VERSION
master NotReady control-plane,master 58m v1.23.1
node01 NotReady <none> 9m12s v1.23.1
此时在master节点部署 Calico,输入
kubectl apply -f https://docs.projectcalico.org/v3.21/manifests/calico.yaml
等待一段时间后,再次查看,发现节点已经处于Ready状态了
1981
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
