查了很久ubuntu18.04使用containerd部署k8s集群相关的文章比较少,磨了两天终于是弄好了,在此记录一下部署过程。
机器准备:
- 192.168.101.90 k8s-api # CPU*2 内存2048
- 192.168.101.91 k8s-master1 # CPU*2 内存2048
- 192.168.101.92 k8s-master2 # CPU*2 内存2048
- 192.168.101.93 k8s-worker1 # CPU*2 内存2048
使用nginx准备k8s-apiserver
nginx配置
upstream k8s-apiserver {
server k8s-master1:6443;
server k8s-master2:6443;
}
server {
listen 6443;
proxy_connect_timeout 1s;
proxy_pass k8s-apiserver;
}
upstream ingress-http {
server 192.168.101.93:30080;
}
server {
listen 80;
proxy_connect_timeout 1s;
proxy_pass ingress-http;
}
upstream ingress-https {
server 192.168.101.93:30443;
}
server {
listen 443;
proxy_connect_timeout 1s;
proxy_pass ingress-https;
}
关闭swap
# 临时关闭swap
swapoff -a
# 永久关闭swap
sed -i '/swap/s/^/#/' /etc/fstab
#设置主机名
hostnamectl set-hostname k8s-api
bash
hostnamectl set-hostname k8s-master1
bash
hostnamectl set-hostname k8s-master2
bash
hostnamectl set-hostname k8s-worker1
bash
基础环境
sed -i '/swap/s/^/#/' /etc/fstab
swapoff -a
ufw disable
systemctl stop firewalld.service
cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
modprobe overlay
modprobe br_netfilter
modprobe -- ip_vs
modprobe -- ip_vs_sh
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- nf_conntrack
cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
sysctl -p /etc/sysctl.conf && sysctl --system
安装containerd
apt-get update && sudo apt-get install -y containerd
mkdir -p /etc/containerd && containerd config default | sudo tee /etc/containerd/config.toml
修改/etc/containerd/config.toml,修改sandbox_image
sed -i 's#SystemdCgroup = false#SystemdCgroup = true#g' /etc/containerd/config.toml
grep SystemdCgroup /etc/containerd/config.toml
sed -i "s#k8s.gcr.io/pause#registry.aliyuncs.com/google_containers/pause#g" /etc/containerd/config.toml
grep sandbox_image /etc/containerd/config.toml
重启
systemctl daemon-reload && systemctl enable containerd && systemctl restart containerd
安装配置 kubelet kubeadm kubectl
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
tee /etc/apt/sources.list.d/kubernetes.list <<'EOF'
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update && apt-get install -y kubelet kubeadm kubectl
#使用containerd作为运行时
crictl config runtime-endpoint /run/containerd/containerd.sock
## 文件存储目录调整(这一步可以省略)
cat << EOF >> /etc/default/kubelet
KUBELET_EXTRA_ARGS=--root-dir=/www/kubelet
EOF
# 重启,并设置开机启动
systemctl daemon-reload && systemctl enable kubelet && systemctl restart kubelet
sudo apt-mark hold kubelet kubeadm kubectl
创建集群
kubeadm 初始化
初始化在k8s-master0上执行
sudo kubeadm init \
--control-plane-endpoint "192.168.101.90:6443" \
--upload-certs \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16 \
--image-repository registry.aliyuncs.com/google_containers
添加节点
kubeadm join 192.168.101.90:6443 --token 3ydum6.nb2jco95p7zm8lvo --discovery-token-ca-cert-hash sha256:2431537da77cc23bb2d0f3ceec96b64e7132e96e6856b8ee158b849b848f2bc7 --control-plane --certificate-key e2401be44c11fe05aaa35b2770aa176121404a140b76f9e3e38356e81ce66bab
kubeadm join 192.168.101.90:6443 --token 3ydum6.nb2jco95p7zm8lvo --discovery-token-ca-cert-hash sha256:2431537da77cc23bb2d0f3ceec96b64e7132e96e6856b8ee158b849b848f2bc7
安装flannel插件
sudo kubeadm init --image-repository registry.aliyuncs.com/google_containers --control-plane-endpoint=192.168.101.90:6443 --pod-network-cidr=10.244.0.0/16 --v=5
查看节点
kubectl get nodes
kubectl get pod -A