部署3节点k8s集群,
设置主机名,主机内存大于等于4G
master节点: master
node节点: node1
node节点: node2
环境初始化
此方式下安装kubernetes集群要求Centos版本要在7.9
[root@master ~]# cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)
1)主机名解析
[root@master ~]# tail -3 /etc/hosts
192.168.235.170 master
192.168.235.171 node1
192.168.235.172 node2
2)时间同步
[root@master ~]# vim /etc/chrony.conf
server ntp1.aliyun.com iburst
[root@master ~]# systemctl start chronyd
[root@master ~]# systemctl enable chronyd --now
[root@master ~]# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 120.25.115.20 2 6 17 16 -167us[ -172us] +/- 20ms
3)关闭防火墙并禁用SELinux
[root@master ~]# systemctl stop firewalld
[root@master ~]# systemctl disable firewalld
[root@master ~]# sed -i '/^SELINUX=/c SELINUX=disabled' /etc/selinux/config
[root@master ~]# setenforce 0
4)禁用swap分区
[root@master ~]# vim /etc/fstab
5)升级操作系统内核
[root@master ~]# rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
[root@master ~]# yum -y install https://www.elrepo.org/elrepo-release-7.0-4.el7.elrepo.noarch.rpm
[root@master ~]# yum --enablerepo="elrepo-kernel" -y install kernel-ml.x86_64
[root@master ~]# grub2-set-default 0
[root@master ~]# grub2-mkconfig -o /boot/grub2/grub.cfg
[root@master ~]# reboot
[root@master ~]# uname -r
5.19.1-1.el7.elrepo.x86_64
6)修改linux的内核参数
[root@master ~]# vim /etc/sysctl.d/kubernetes.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness=0
[root@master ~]# sysctl -p /etc/sysctl.d/kubernetes.conf
[root@master ~]# modprobe br_netfilter
[root@master ~]# lsmod | grep br_netfilter
7)配置ipvs功能
[root@master ~]# yum install ipset ipvsadm -y
[root@master ~]# cat <<EOF > /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack
EOF
[root@master ~]# chmod +x /etc/sysconfig/modules/ipvs.modules
[root@master ~]# /bin/bash /etc/sysconfig/modules/ipvs.modules
[root@master ~]# lsmod | grep -e ip_vs -e nf_conntrack_ipv4
ip_vs_sh 16384 0
ip_vs_wrr 16384 0
ip_vs_rr 16384 0
ip_vs 163840 6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
nf_conntrack 163840 1 ip_vs
nf_defrag_ipv6 24576 2 nf_conntrack,ip_vs
libcrc32c 16384 3 nf_conntrack,xfs,ip_vs
k8s基本环境准备
[root@master ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
[root@master ~]# yum install kubelet-1.24.2 kubeadm-1.24.2 kubectl-1.24.2
[root@master ~]# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"24", GitVersion:"v1.24.2", GitCommit:"f66044f4361b9f1f96f0053dd46cb7dce5e990a8", GitTreeState:"clean", BuildDate:"2022-06-15T14:20:54Z", GoVersion:"go1.18.3", Compiler:"gc", Platform:"linux/amd64"}
[root@master ~]# cat <<EOF > /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--cgroup-driver=systemd"
KUBE_PROXY_MODE="ipvs"
EOF
[root@master ~]# systemctl enable kubelet.service
做完基础环境后创建快照。
使用containerd创建集群
安装containerd,3个节点都安装
[root@master ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
[root@master ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@master ~]# sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
[root@master ~]# yum install containerd.io -y
[root@master ~]# containerd config default | tee /etc/containerd/config.toml
[root@master ~]# sed -i "s#SystemdCgroup\ \=\ false#SystemdCgroup\ \=\ true#g" /etc/containerd/config.toml
[root@master ~]# sed -i "s#k8s.gcr.io#registry.aliyuncs.com/google_containers#g" /etc/containerd/config.toml
[root@master ~]# cat <<EOF | tee /etc/crictl.yaml
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 10
debug: false
EOF
[root@master ~]# systemctl daemon-reload
[root@master ~]# systemctl restart containerd
[root@master ~]# systemctl enable containerd
Created symlink from /etc/systemd/system/multi-user.target.wants/containerd.service to /usr/lib/systemd/system/containerd.service.
验证是否可用
[root@master ~]# crictl pull nginx:alpine
Image is up to date for sha256:804f9cebfdc58964d6b25527e53802a3527a9ee880e082dc5b19a3d5466c43b7
[root@master ~]# crictl images
IMAGE TAG IMAGE ID SIZE
docker.io/library/nginx alpine 804f9cebfdc58 10.2MB
[root@master ~]# crictl rmi nginx:alpine
Deleted: docker.io/library/nginx:alpine
初始化 Master 节点
[root@master ~]# kubeadm config print init-defaults |tee kubeadm.yml
[root@master ~]# vim kubeadm.yml
12 advertiseAddress: 192.168.235.170
17 name: master
30 imageRepository: registry.aliyuncs.com/google_containers
32 kubernetesVersion: 1.24.2
[root@master ~]# kubeadm config images list --config kubeadm.yml
[root@master ~]# kubeadm config images pull --config kubeadm.yml
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-apiserver:v1.24.2
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-controller-manager:v1.24.2
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-scheduler:v1.24.2
[config/images] Pulled registry.aliyuncs.com/google_containers/kube-proxy:v1.24.2
[config/images] Pulled registry.aliyuncs.com/google_containers/pause:3.7
[config/images] Pulled registry.aliyuncs.com/google_containers/etcd:3.5.3-0
[config/images] Pulled registry.aliyuncs.com/google_containers/coredns:v1.8.6
[root@master ~]# crictl images
IMAGE TAG IMAGE ID SIZE
registry.aliyuncs.com/google_containers/coredns v1.8.6 a4ca41631cc7a 13.6MB
registry.aliyuncs.com/google_containers/etcd 3.5.3-0 aebe758cef4cd 102MB
registry.aliyuncs.com/google_containers/kube-apiserver v1.24.2 d3377ffb7177c 33.8MB
registry.aliyuncs.com/google_containers/kube-controller-manager v1.24.2 34cdf99b1bb3b 31MB
registry.aliyuncs.com/google_containers/kube-proxy v1.24.2 a634548d10b03 39.5MB
registry.aliyuncs.com/google_containers/kube-scheduler v1.24.2 5d725196c1f47 15.5MB
registry.aliyuncs.com/google_containers/pause 3.7 221177c6082a8 311kB
[root@master ~]# kubeadm init --config=kubeadm.yml --upload-certs --v=6
[root@master ~]# mkdir -p $HOME/.kube
[root@master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
[root@master ~]# export KUBECONFIG=/etc/kubernetes/admin.conf
添加 Worker 节点
分别在node1和node2里做
kubeadm join 192.168.235.170:6443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:a4ad3ab4961141bd8c1e60c389b7f6a2da394817e83ee0b99dedb195a9055250
安装网络插件
查看集群节点
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master NotReady control-plane 5m19s v1.24.2
node1 NotReady <none> 2m36s v1.24.2
node2 NotReady <none> 2m12s v1.24.2
安装flannel
[root@master ~]# wget http://down.i4t.com/k8s1.24/kube-flannel.yml
[root@master ~]# kubectl apply -f kube-flannel.yml
[root@master ~]# kubectl get pod -n kube-system
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready control-plane 14m v1.24.2
node1 Ready <none> 12m v1.24.2
node2 Ready <none> 11m v1.24.2
部署完成