K8S1.28.12安装教程
三台主机信息
主机名 | 地址 | 角色 | 配置 |
---|---|---|---|
k8s-master | 192.168.19.161 | 主节点 | 2核4G |
k8s-node1 | 192.168.19.162 | 工作节点 | 1核2G |
k8s-node2 | 192.168.19.163 | 工作节点 | 1核2G |
制作本地解析 ,每台主机执行
cat >> /etc/hosts <<EOF 192.168.19.161 k8s-master 192.168.19.162 k8s-node1 192.168.19.163 k8s-node2 EOF
集群环境初始化(每台主机执行)
1.关闭防火墙:
systemctl disable firewalld --now
2.禁用SELinux:
setenforce 0
3.编辑文件/etc/selinux/config,将SELINUX修改为disabled,如下:
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux SELINUX=disabled
4.时间同步
timedatectl set-timezone Asia/Shanghai yum install -y ntpdate ntpdate ntp.aliyun.com
5.关闭swap
swapoff -a sed -i 's/.*swap.*/#&/' /etc/fstab
添加k8s的yum仓库(每台主机执行)
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://pkgs.k8s.io/core:/stable:/v1.28/rpm/ enabled=1 gpgcheck=1 gpgkey=https://pkgs.k8s.io/core:/stable:/v1.28/rpm/repodata/repomd.xml.key exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni EOF
安装 kubelet、kubeadm 和 kubectl,并启用 kubelet 以确保它在启动时自动启动:
sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes sudo systemctl enable --now kubelet
加载ipvs相关模块:
yum -y install ipvsadm cat <<EOF > /etc/modules-load.d/ipvs.conf ip_vs ip_vs_lc ip_vs_wlc ip_vs_rr ip_vs_wrr ip_vs_lblc ip_vs_lblcr ip_vs_dh ip_vs_sh ip_vs_nq ip_vs_sed ip_vs_ftp ip_vs_sh nf_conntrack_ipv4 ip_tables ip_set xt_set ipt_set ipt_rpfilter ipt_REJECT ipip EOF
配置相关转发参数 cat <<EOF > /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 vm.swappiness=0 EOF 使配置生效 sysctl --system 重启服务器 查看是否生效 lsmod | grep ip_vs
# step 1: 安装必要的一些系统工具 sudo yum install -y yum-utils device-mapper-persistent-data lvm2 # Step 2: 添加软件源信息 sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo # Step 3 sudo sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo # Step 4: 更新并安装Docker-CE sudo yum makecache fast sudo yum -y install docker-ce # Step 4: 开启Docker服务 sudo service docker start systemctl enable docker --now
1.配置kubelet使用pause镜像 获取docker的cgroups DOCKER_CGROUPS=$(docker info | grep 'Cgroup' | cut -d' ' -f4) echo $DOCKER_CGROUPS ================================= 配置变量: DOCKER_CGROUPS=`docker info |grep 'Cgroup' | awk ' NR==1 {print $3}'` echo $DOCKER_CGROUPS cgroupfs 2.配置kubelet的cgroups cat >/etc/sysconfig/kubelet<<EOF KUBELET_EXTRA_ARGS="--cgroup-driver=$DOCKER_CGROUPS --pod-infra-container-image=k8s.gcr.io/pause:3.2" EOF systemctl daemon-reload systemctl start kubelet
# 生成Containerd配置文件 containerd config default > /etc/containerd/config.toml 修改pause镜像 sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9" 重启containerd systemctl restart containerd
配置master节点(在master上执行)
kubeadm init --kubernetes-version=v1.28.12 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.19.161 --image-repository=registry.aliyuncs.com/google_containers
rm -rf $HOME/.kube mkdir -p $HOME/.kube cp -i /etc/kubernetes/admin.conf $HOME/.kube/config chown $(id -u):$(id -g) $HOME/.kube/config [root@k8s-master ~]# kubectl get nodes -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME k8s-master NotReady control-plane 6m19s v1.28.12 192.168.19.161 <none> CentOS Linux 7 (Core) 3.10.0-1062.el7.x86_64 containerd://1.6.33
将node加入集群
在所有node节点操作,此命令为初始化master成功后返回的结果
kubeadm join 192.168.19.161:6443 --token a49pnt.15b7dv1yeukdabcc \ --discovery-token-ca-cert-hash sha256:d2eb1af6a6e365070061f7a3ef880688850f178ca51712e1038103c3a3f5f65c [root@k8s-master ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-master NotReady control-plane 12m v1.28.12 k8s-node1 NotReady <none> 115s v1.28.12 k8s-node2 NotReady <none> 109s v1.28.12
安装网络插件calico
将yaml文件下载到master curl https://raw.githubusercontent.com/projectcalico/calico/v3.28.0/manifests/calico.yaml -O 每台节点下载相关镜像并打上tag ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/cni:v3.28.0 ctr images tag swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/cni:v3.28.0 docker.io/calico/cni:v3.28.0 ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/node:v3.28.0 ctr images tag swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/node:v3.28.0 docker.io/calico/node:v3.28.0 ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/kube-controllers:v3.28.0 ctr images tag swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/kube-controllers:v3.28.0 docker.io/calico/kube-controllers:v3.28.0 导入calico kubectl apply -f calico.yaml 查看是否running watch kubectl get pods -A