Kubeadm安装Kubernetes集群(二)
目录
一、环境准备
1、操作系统
CentOS 7.2
2、关闭swap
[root@localhost ~]# swapoff -a
## vim /etc/fstab 注释如下语句,注意:centos-swap 可能不一样,如:rhel-swap
/dev/mapper/centos-swap swap swap defaults 0 0
## 验证
[root@localhost ~]# free -m
total used free shared buff/cache available
Mem: 8454 888 5225 20 2339 7214
Swap: 0 0 0
3、关闭selinux
[root@localhost ~]# setenforce 0
[root@localhost ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
4、切换kubernetes yum源
[root@localhost ~]# vim /etc/yum.repos.d/kubernetes.repo
# 写入以下内容
[kuberneten]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
缓存生效
yum makecache
5、修改主机名
二、安装 kubeadm 和相关工具
# 安装最新版本
yum install -y docker kubelet kubeadm kubectl kubernetes-cni
# 指定版本
yum install -y docker kubelet-1.18.6-0.x86_64 kubeadm-1.18.6-0.x86_64 kubectl-1.18.6-0.x86_64 kubernetes-cni
查看安装的版本
[root@localhost ~]# kubectl version
Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.6", GitCommit:"dff82dc0de47299ab66c83c626e08b245ab19037", GitTreeState:"clean", BuildDate:"2020-07-15T16:58:53Z", GoVersion:"go1.13.9", Compiler:"gc", Platform:"linux/amd64"}
The connection to the server localhost:8080 was refused - did you specify the right host or port?
三、下载相关镜像
Node节点需要镜像文件,每次下载比较繁琐,写成shell 每次添加时,直接执行即可
[root@localhost ~]# touch pull_images.sh
[root@localhost ~]# chmod +x ./pull_images.sh
[root@localhost ~]# vi ./pull_images.sh
docker pull mirrorgcrio/kube-apiserver:v1.18.6
docker tag mirrorgcrio/kube-apiserver:v1.18.6 k8s.gcr.io/kube-apiserver:v1.18.6
docker pull mirrorgcrio/kube-controller-manager:v1.18.6
docker tag mirrorgcrio/kube-controller-manager:v1.18.6 k8s.gcr.io/kube-controller-manager:v1.18.6
docker pull mirrorgcrio/kube-scheduler:v1.18.6
docker tag mirrorgcrio/kube-scheduler:v1.18.6 k8s.gcr.io/kube-scheduler:v1.18.6
docker pull mirrorgcrio/kube-proxy:v1.18.6
docker tag mirrorgcrio/kube-proxy:v1.18.6 k8s.gcr.io/kube-proxy:v1.18.6
docker pull docker.io/codedingan/pause:3.2
docker tag docker.io/codedingan/pause:3.2 k8s.gcr.io/pause:3.2
docker pull docker.io/codedingan/etcd:3.4.3-0
docker tag docker.io/codedingan/etcd:3.4.3-0 k8s.gcr.io/etcd:3.4.3-0
docker pull docker.io/codedingan/coredns:1.6.7
docker tag docker.io/codedingan/coredns:1.6.7 k8s.gcr.io/coredns:1.6.7
[root@localhost ~]# sh pull_images.sh
四、拷贝网卡信息解决 NoReady问题
# /etc/cni/*
# kubetctl get node 后节点 noready
# xxx.xxx.xxx.xxx 为node主机
scp -r /etc/cni/ root@xxx.xxx.xxx.xxx:/etc/
五、连接
kubeadm join 172.19.12.169:6443 --token vcu3z1.abpm5p7ul6gikrs4 \
--discovery-token-ca-cert-hash sha256:ee716eaf3c5d4ad1bddbfe1f1972c37741fb76b3eb94b9ffda0ceca07641c3c5
六、问题处理
问题1:添加节点进报错
[root@k8s-node-1 ~]# kubeadm join 172.19.12.169:6443 --token vcu3z1.abpm5p7ul6gikrs4 --discovery-token-ca-cert-hash sha256:ee716eaf3c5d4ad1bddbfe1f1972c37741fb76b3eb94b9ffda0ceca07641c3c5
W0903 11:17:46.269607 10794 join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will be ignored when control-plane flag is not set.
[preflight] Running pre-flight checks
error execution phase preflight: couldn't validate the identity of the API Server: could not find a JWS signature in the cluster-info ConfigMap for token ID "vcu3z1"
To see the stack trace of this error execute with --v=5 or higher
此问题为token过期,处理办法:
# 查看Token列表
kubeadm token list
# 重新生产token
kubeadm token create
# 获取--discovery-token-ca-cert-hash值
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \
openssl dgst -sha256 -hex | sed 's/^.* //'