1. 准备环境
系统 | IP地址 | 容器运行时版本 | 角色 |
---|---|---|---|
CentOS 7.9 | 192.168.31.60 | Docker version 20.10.7 | Master |
CentOS 7.9 | 192.168.31.61 | Docker version 20.10.7 | Node1 |
CentOS 7.9 | 192.168.31.62 | Docker version 20.10.7 | Node2 |
1.1 初始化系统(所有机器)
设置hostname,并且配置hsot
cat >> /etc/hosts << EOF
192.168.31.60 master1
192.168.31.61 node1
192.168.31.62 node2
EOF
关闭防火墙,SELINUX,修改打开最大文件数
# 关闭防火墙
sed -ri 's#(SELINUX=).*#\1disabled#' /etc/selinux/config
setenforce 0
systemctl disable firewalld && systemctl stop firewalld
# 修改打开最大文件数
echo "* soft nofile 65535" >> /etc/security/limits.conf
echo "* hard nofile 65535" >> /etc/security/limits.conf
# 关闭selinux
setenforce 0
sed -i 's/SELinux=enforcing/SELinux=disabled/' /etc/sysconfig/selinux
关闭swap
# 关闭 swap
swapoff -a
yes | cp /etc/fstab /etc/fstab_bak
cat /etc/fstab_bak |grep -v swap > /etc/fstab
修改内核配置
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --system
加载ipvs内核
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
# 授权
chmod 755 /etc/sysconfig/modules/ipvs.modules
# 加载模块
bash /etc/sysconfig/modules/ipvs.modules
# 查看加载
lsmod | grep -e ip_vs -e nf_conntrack_ipv4
1.2 安装容器运行时 (所有机器)
安装docker,也自己可以选择安装containerd
yum -y install yum-utils
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum -y install docker-ce
配置
systemd
和启用overlayFS
mkdir -p /etc/docker
cat > /etc/docker/daemon.json << EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"registry-mirrors": ["https://sndmyqod.mirror.aliyuncs.com"]
}
EOF
systemctl daemon-reload
systemctl enable docker && systemctl start docker
初始化完成后最后全部重启一次,以避免奇怪的bug
1.3 配置k8s源安装k8s (所有机器)
配置K8S的yum源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
# 更新yum缓存
yum makecache
# 查看版本
yum list kubelet --showduplicates
安装k8s 1.21.1
# 安装k8s
yum install -y kubelet-1.21.1 kubeadm-1.21.1 kubectl-1.21.1
# 安装ipvs相关
yum -y install ipvsadm ipset
systemctl enable kubelet
1.4 init k8s (master机器)
创建kubeadm初始化文件
cat <<EOF > ./kubeadm-config.yaml
---
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: v1.21.1
imageRepository: registry.aliyuncs.com/k8sxio
controlPlaneEndpoint: "master1:6443"
networking:
serviceSubnet: "10.96.0.0/16"
podSubnet: "10.100.0.0/16"
dnsDomain: "cluster.local"
dns:
type: CoreDNS
imageRepository: docker.io
imageTag: 1.8.0
---
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
cgroupDriver: systemd
EOF
拉取镜像并且镜像初始化
# 抓取k8s镜像
kubeadm config images pull --config=kubeadm-config.yaml
# 初始化
kubeadm init --config=kubeadm-config.yaml --upload-certs
# 配置 kubectl
rm -rf /root/.kube/
mkdir /root/.kube/
cp -i /etc/kubernetes/admin.conf /root/.kube/config
安装CNI flannel
export POD_SUBNET=10.100.0.0/16
wget https://kuboard.cn/install-script/flannel/flannel-v0.14.0.yaml
sed -i "s#10.244.0.0/16#${POD_SUBNET}#" flannel-v0.14.0.yaml
kubectl apply -f ./flannel-v0.14.0.yaml
获得join的token
# 只在 master 节点执行
kubeadm token create --print-join-command
kubeadm join master1:6443 --token lvbs42.dipqavhf69gh6807 --discovery-token-ca-cert-hash sha256:d82e83290f1d14a2b69fe3196ddeb421206bb796e8a3672a9f8e2d993fda7929
1.4 join k8s (node机器)
拿到上面生成的join直接加入即可
kubeadm join master1:6443 --token lvbs42.dipqavhf69gh6807 --discovery-token-ca-cert-hash sha256:d82e83290f1d14a2b69fe3196ddeb421206bb796e8a3672a9f8e2d993fda7929
1.5 安装 ingress-nginx和metrics-server
补全kubectl
# 配置bash_completion补全
source /usr/share/bash-completion/bash_completion
echo 'source <(kubectl completion bash)' >>~/.bashrc
kubectl completion bash >/etc/bash_completion.d/kubectl
安装ingress-nginx
# 可以下载yaml文件,在dockerhub中替换镜像地址即可
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.47.0/deploy/static/provider/baremetal/deploy.yaml
安装metrics-server
# 下载yaml
wget https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
# 应用
kubectl applu -f components.yaml
修改镜像地址
registry.aliyuncs.com/k8sxio/metrics-server:v0.5.0
增加- --kubelet-insecure-tls
1.6 安装nfs-clinet
安装nfs-client
wget https://raw.githubusercontent.com/kubernetes-sigs/nfs-subdir-external-provisioner/master/deploy/rbac.yaml
wget https://raw.githubusercontent.com/kubernetes-retired/external-storage/master/nfs-client/deploy/class.yaml
wget https://raw.githubusercontent.com/kubernetes-sigs/nfs-subdir-external-provisioner/master/deploy/deployment.yaml
class.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: managed-nfs-storage
provisioner: nfs-client # or choose another name, must match deployment's env PROVISIONER_NAME'
parameters:
archiveOnDelete: "false"
deployment.yaml
应用文件
kubectl apply -f rbac.yaml
kubectl apply -f deployment.yaml
kubectl apply -f class.yaml