Kubernetes 1.31安装笔记
##准备工作:
1.修改主机名:
hostnamectl set-hostname k8s-master
hostnamectl set-hostname k8s-node1
2.关闭交换分区,关闭防火墙,关闭selinux
swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab
systemctl stop firewalld
systemctl disable firewalld
sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0
3.hosts添加主机名解析
vi /etc/hosts
192.168.1.177 k8s-master
192.168.1.178 k8s-node1
4.添加linux内核参数iptables转发功能开启
vi /etc/sysctl.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
执行命令:
modprobe br_netfilter
sysctl --system #参数生效
5.安装docker 源(阿里云)
yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: 添加软件源信息
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# Step 3
#sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
# Step 4: 更新并安装Docker-CE
yum makecache fast
yum -y install docker-ce
6.添加docker驱动和镜像加速器
mkdir -p /etc/docker/
cat >> /etc/docker/daemon.json << EOF
{
"registry-mirrors":["https://p3kgr6db.mirror.aliyuncs.com",
"https://docker.m.daocloud.io",
"https://your_id.mirror.aliyuncs.com",
"https://docker.nju.edu.cn/",
"https://docker.anyhub.us.kg",
"https://dockerhub.jobcher.com",
"https://dockerhub.icu",
"https://docker.ckyl.me",
"https://cr.console.aliyun.com"
],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
#启动和开机自启
systemctl start docker
systemctl enable docker
7.安装cri-dockerd(1.24之后的版本需要安装cri组件)
wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.15/cri-dockerd-0.3.15-3.fc35.x86_64.rpm
指定链接下自行下载
https://github.com/Mirantis/cri-dockerd/releases
#根据linux版本(rocky linux centos 8)强制安装不需要依赖包
rpm -ivh cri-dockerd-0.3.15-3.fc35.x86_64.rpm --nodeps --force
sed -i "s#ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd://#ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9#g" /usr/lib/systemd/system/cri-docker.service
systemctl daemon-reload
systemctl enable cri-docker.service
systemctl restart cri-docker.service
systemctl restart docker
8.添加Kubernetes源(阿里云)
vi /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v1.31/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v1.31/rpm/repodata/repomd.xml.key
#指定源安装组件,同时启动kubelet节点开机自启
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
systemctl enable kubelet
systemctl start kubelet
9.使用kubeadm 初始化k8s-master
#修改主机--apiserver-advertise-addressIP地址,和kubernetes-version版本
kubeadm init --apiserver-advertise-address=192.168.1.177 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.31.1 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --cri-socket=unix:///var/run/cri-dockerd.sock --ignore-preflight-errors=all
#初始化成功页面,过程是根据网络情况等待时间
#执行三条下面命令:
#即可执行kubectl get nodes成功不会报错
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
节点安装需要1-8步骤安装组件和环境
10.节点安装步骤
使用kubeadm查看安装需要的组件
[root@k8s-master yum.repos.d]# kubeadm config images list
registry.k8s.io/kube-apiserver:v1.31.0
registry.k8s.io/kube-controller-manager:v1.31.0
registry.k8s.io/kube-scheduler:v1.31.0
registry.k8s.io/kube-proxy:v1.31.0
registry.k8s.io/coredns/coredns:v1.11.3
registry.k8s.io/pause:3.10
registry.k8s.io/etcd:3.5.15-0
[root@k8s-master yum.repos.d]#
下载版本需要的组件容器
#!/bin/bash
# Script For Quick Pull K8S Docker Images
# by Hellxz Zhang <hellxz001@foxmail.com>
# please run kubeadm for get version msg. e.g `kubeadm config images list --kubernetes-version v1.31.0`
# then modified the Version's ENV, Saved and Run.
KUBE_VERSION=v1.31.0
PAUSE_VERSION=3.10
CORE_DNS_VERSION=v1.11.3
ETCD_VERSION=3.5.15-0
# pull aliyuncs mirror docker images
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:$KUBE_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:$KUBE_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:$KUBE_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:$KUBE_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:$PAUSE_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:$CORE_DNS_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:$ETCD_VERSION
11.例如:下面出现的是添加节点需要的密钥和token(安装时用自己生成的)
kubeadm join 192.168.117.110:6443 --token h7m4c0.5v5adnyafbx18j60 \
--discovery-token-ca-cert-hash sha256:3334d8e5fabbf52922c00b4d705a3c7fc50fc81e7f3f7a21a1860e5b6e2dcf26 --cri-socket=unix:///var/run/cri-dockerd.sock
节点成功注册上提示:
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
o apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.