1、环境准备
名称 | 系统 | IP | ||||
---|---|---|---|---|---|---|
master1 | centos7.8 | 192.168.194.101 | ||||
node1 | centos7.8 | 192.168.194.201 |
2、系统设置
关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
关闭Selinux
#临时关闭
setenforce 0
#永久禁用
sed -i 's/SELINUX=permissive/SELINUX=disabled/' /etc/sysconfig/selinux
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
禁用交换分区
swapoff -a
永久禁用,打开/etc/fstab注释掉swap那一行。
3、初始化基础环境
- 设置服务器 hostname
- 安装 k8s依赖环境
- 升级系统内核(升级Centos7系统内核,解决Docker-ce版本兼容问题)
- 安装 docker ce 最新版本
编写一个脚本自动执行以上操作
#!/usr/bin/env bash
function Check_linux_system(){
linux_version=`cat /etc/redhat-release`
if [[ ${linux_version} =~ "CentOS" ]];then
echo -e "\033[32;32m 系统为 ${linux_version} \033[0m \n"
else
echo -e "\033[32;32m 系统不是CentOS,该脚本只支持CentOS环境\033[0m \n"
exit 1
fi
}
function Set_hostname(){
if [ -n "$HostName" ];then
grep $HostName /etc/hostname && echo -e "\033[32;32m 主机名已设置,退出设置主机名步骤 \033[0m \n" && return
case $HostName in
help)
echo -e "\033[32;32m bash init.sh 主机名 \033[0m \n"
exit 1
;;
*)
hostname $HostName
echo "$HostName" > /etc/hostname
echo "`ifconfig eth0 | grep inet | awk '{print $2}'` $HostName" >> /etc/hosts
;;
esac
else
echo -e "\033[32;32m 输入为空,请参照 bash init.sh 主机名 \033[0m \n"
exit 1
fi
}
function Install_depend_environment(){
rpm -qa | grep nfs-utils &> /dev/null && echo -e "\033[32;32m 已完成依赖环境安装,退出依赖环境安装步骤 \033[0m \n" && return
yum install -y nfs-utils curl yum-utils device-mapper-persistent-data lvm2 net-tools conntrack-tools wget vim ntpdate libseccomp libtool-ltdl telnet
echo -e "\033[32;32m 升级Centos7系统内核到5版本,解决Docker-ce版本兼容问题\033[0m \n"
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org && \
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm && \
yum --disablerepo=\* --enablerepo=elrepo-kernel repolist && \
yum --disablerepo=\* --enablerepo=elrepo-kernel install -y kernel-ml.x86_64 && \
yum remove -y kernel-tools-libs.x86_64 kernel-tools.x86_64 && \
yum --disablerepo=\* --enablerepo=elrepo-kernel install -y kernel-ml-tools.x86_64 && \
grub2-set-default 0
modprobe br_netfilter
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl -p /etc/sysctl.d/k8s.conf
ls /proc/sys/net/bridge
}
function Install_docker(){
rpm -qa | grep docker && echo -e "\033[32;32m 已安装docker,退出安装docker步骤 \033[0m \n" && return
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache fast
yum -y install docker-ce
systemctl enable docker.service
systemctl start docker.service
systemctl stop docker.service
echo '{"registry-mirrors": ["https://4xr1qpsp.mirror.aliyuncs.com"]}' > /etc/docker/daemon.json
systemctl daemon-reload
systemctl start docker
}
# 初始化顺序
HostName=$1
Check_linux_system && \
Set_hostname && \
Install_depend_environment && \
Install_docker
两台服务器都执行如下命令(参数为hostname)
chmod +x init.sh
sh init.sh master1
出现如下界面表示成功
4、配置 k8s源
两台服务器都执行如下命令
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
EOF
# 重建 yum缓存
yum makecache fast
5、安装 kubeadm、kubelet、kubectl
# master1 机器上操作
# 安装 kubeadm、kubelet、kubectl v1.19.2 版本,设置 kubelet 开机启动
$ yum install -y kubeadm-1.19.2 kubectl-1.19.2 kubelet-1.19.2 --disableexcludes=kubernetes && systemctl enable --now kubelet
换国内镜像源拉取镜像
# master1 机器上操作
# 查看镜像版本
$ kubeadm config images list
k8s.gcr.io/kube-apiserver:v1.19.2
k8s.gcr.io/kube-controller-manager:v1.19.2
k8s.gcr.io/kube-scheduler:v1.19.2
k8s.gcr.io/kube-proxy:v1.19.2
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.13-0
k8s.gcr.io/coredns:1.7.0
使用如下脚本下载国内镜像,并修改tag为google的tag
新建 kubeadm.sh
#!/bin/bash
set -e
KUBE_VERSION=v1.19.2
KUBE_PAUSE_VERSION=3.2
ETCD_VERSION=3.4.13-0
CORE_DNS_VERSION=1.7.0
GCR_URL=k8s.gcr.io
ALIYUN_URL=registry.cn-hangzhou.aliyuncs.com/google_containers
images=(kube-proxy:${KUBE_VERSION}
kube-scheduler:${KUBE_VERSION}
kube-controller-manager:${KUBE_VERSION}
kube-apiserver:${KUBE_VERSION}
pause:${KUBE_PAUSE_VERSION}
etcd:${ETCD_VERSION}
coredns:${CORE_DNS_VERSION})
for imageName in ${images[@]} ; do
docker pull $ALIYUN_URL/$imageName
docker tag $ALIYUN_URL/$imageName $GCR_URL/$imageName
docker rmi $ALIYUN_URL/$imageName
done
# 运行脚本,拉取镜像
$ bash kubeadm.sh
master 节点安装
# master1 机器上操作
$ kubeadm init \
--apiserver-advertise-address 192.168.194.101 \
--kubernetes-version=v1.19.2 \
--pod-network-cidr=10.244.0.0/16
# 返回结果
# 下面是添加节点需要执行以下命令
kubeadm join 192.168.194.101:6443 --token 9j7db1.wsk48kp1nf19seda \
--discovery-token-ca-cert-hash sha256:259fa842c358c9528689b9c606334f39c65eae92c70d2ddb851e76d5a7df02b2
Node 节点安装
# node1 机器上操作
# 安装 kubeadm kubelet
$ yum install -y kubeadm-1.19.2 kubectl-1.19.2 kubelet-1.19.2 --disableexcludes=kubernetes && systemctl enable --now kubelet
# 添加 node 节点,暂时先忽略错误
$ kubeadm join 192.168.194.101:6443 --token 9j7db1.wsk48kp1nf19seda \
--discovery-token-ca-cert-hash sha256:259fa842c358c9528689b9c606334f39c65eae92c70d2ddb851e76d5a7df02b2 \
--ignore-preflight-errors=all
# 如果添加节点失败,或是想重新添加,可以使用命令,不要在 master 节点使用
$ kubeadm reset
# k8s-master1 机器上操作
# 拷贝 master 机器 kube-proxy pause coredns 镜像
$ docker save -o pause.tar k8s.gcr.io/pause:3.2
$ docker save -o kube-proxy.tar k8s.gcr.io/kube-proxy:v1.19.2
$ docker save -o coredns.tar k8s.gcr.io/coredns:1.7.0
# 使用 scp 或者 rsync 命令 拷贝 pause.tar kube-proxy.tar coredns.tar
$ scp pause.tar kube-proxy.tar coredns.tar k8s-node1:/root/
# k8s-node1 机器上操作
$ docker load -i pause.tar
$ docker load -i kube-proxy.tar
$ docker load -i coredns.tar
安装网络组件 flanneld
# master1
# 下载flannel配置文件
$ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
如果报如下错误,执行下面的命令
The connection to the server localhost:8080 was refused - did you specify the right host or port?
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
查看 node 节点 和 所有pods 是否正常
$ kubectl get node
NAME STATUS ROLES AGE VERSION
master1 Ready master 30m v1.19.2
node1 Ready <none> 24m v1.19.2
$ kubectl get pods -A -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-system coredns-f9fd979d6-6wttw 1/1 Running 0 29m 10.244.0.3 master1 <none> <none>
kube-system coredns-f9fd979d6-zj69t 1/1 Running 0 29m 10.244.0.2 master1 <none> <none>
kube-system etcd-master1 1/1 Running 1 30m 192.168.194.101 master1 <none> <none>
kube-system kube-apiserver-master1 1/1 Running 1 30m 192.168.194.101 master1 <none> <none>
kube-system kube-controller-manager-master1 1/1 Running 1 30m 192.168.194.101 master1 <none> <none>
kube-system kube-flannel-ds-5xhww 1/1 Running 0 15m 192.168.194.101 master1 <none> <none>
kube-system kube-flannel-ds-ld5wg 1/1 Running 0 15m 192.168.194.201 node1 <none> <none>
kube-system kube-proxy-mcb8s 1/1 Running 1 29m 192.168.194.101 master1 <none> <none>
kube-system kube-proxy-sbmbw 1/1 Running 1 24m 192.168.194.201 node1 <none> <none>
kube-system kube-scheduler-master1 1/1 Running 1 30m 192.168.194.101 master1 <none> <none>
参考:https://cloud.tencent.com/developer/article/1638568