master :100.10
slave: 100.11
slave:100.12
三台:配置
hostnamectl set-hostname master bash
hostnamectl set-hostname slave bash
hostnamectl set-hostname slave bash
防火墙selinux
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
对应域名解析
cat >> /etc/hosts << EOF
192.168.100.10 master
192.168.100.11 node01
192.168.100.12 node02
EOF
时间同步
timedatectl set-timezone Asia/Shanghai;timedatectl set-local-rtc 0
禁用swap
swapoff -a && sed -i '/swap/s/^/#/' /etc/fstab
free -h 查看禁用效果
配置集群无密登录 master到node01,node02无密码
ssh-keygen -t rsa
ssh-copy-id root@node01
ssh-copy-id root@node02
安装docker(所有机器)
安装docker所需工具
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
配置阿里云docker源
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
指定安装版本的docker
sudo yum install -y docker-ce-18.09.9-3.el7 docker-ce-cli-18.09.9-3.el7
启动docker
sudo systemctl enable docker && systemctl start docker
设置K8s环境
修改内核参数
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
测试
sysctl --system
安装k8s 1.18
执行配置k8s阿里云源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
配置docker加速器 (所有机器)
vi /etc/docker/daemon.json
{"registry-mirrors": ["https://1dmptu91.mirror.aliyuncs.com"]}
重启docker
systemctl daemon-reload
systemctl restart docker
部署k8s组件(所有机器)
yum install kubelet-1.18.0 kubeadm-1.18.0 kubectl-1.18.0
systemctl enable kubelet
更改docker默认Cgroup驱动
在/etc/docker/daemon.json文件中,添加一句话即可,当然这个和我们的设置加速器写在一起了。
cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://1dmptu91.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
master安装好k8s后kubeadm初始化 (时间可能有点长耐心等待)
kubeadm init --kubernetes-version=v1.18.0 --image-repository registry.aliyuncs.com/google_containers --apiserver-advertise-address 192.168.100.10 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12
出现以下页面
初始化完成
初始化完成 按照提示 执行以下命令
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
下方命令在两台slave用于加入master
记不住的此命令列出:kubeadm token create --print-join-command
slave加入集群
在master上kubectl get nodes查看节电 集群
K8s 部署完成
补充
可以看出master的状态是未就绪(NotReady),之所以是这种状态是因为还缺少一个附件flannel,没有网络各Pod是无法通信的
//添加网络组件(flannel),组件flannel可以通过GitHub - flannel-io/flannel: flannel is a network fabric for containers, designed for Kubernetes中获取
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
//如果执行 kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml后出现以下结果,可以在网络上查询raw.githubusercontent.com网址对应的ip,本地hosts加上域名解析后再重试 The connection to the server raw.githubusercontent.com was refused - did you specify the right host or port?
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml podsecuritypolicy.policy/psp.flannel.unprivileged created clusterrole.rbac.authorization.k8s.io/flannel created clusterrolebinding.rbac.authorization.k8s.io/flannel created serviceaccount/flannel created configmap/kube-flannel-cfg created daemonset.apps/kube-flannel-ds created
安装成功!