安装kubernetes相关依赖:
"exec-opts": ["native.cgroupdriver=systemd"]
vim /etc/sysconfig :
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
vm.swappiness=0
加载ip_vs内核模块:
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
添加阿里云源:
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
这里默认拉取的是最新版本,也可以指定版本
yum install -y kubectl kubeadm kubelet ipvsadm
systemctl enable kubelet
systemctl start kubelet.service
生成默认文件:
kubeadm config print init-defaults >> init.yaml
修改配置:
修改配置文件 vi init.yaml ,注意修改注释说明的配置
advertiseAddress :填写主节点的ip
name注意要和节点的主机名相同
imageRepository: 用阿里的镜像仓库代替默认的国外的仓库 registry.aliyuncs.com/google_containers
podSubnet :pod网段设置
其他配置项可以根据需要进行修改
列出或拉去镜像:
kubeadm config images list --config init.yaml 列出
kubeadm config images pull --config init.yaml 拉取
kubeadm init --config init.yaml 初始化集群
如果初始化报错unknown service runtime.v1alpha2.RuntimeService,
rm /etc/containerd/config.toml systemctl restart containerd 解决
部署calico
在文件中container下添加
- name: CLUSTER_TYPE
value: "k8s,bgp"
- name: IP_AUTODETECTION_METHOD
value: "interface=eth.*"(注意这里是你实际的网卡的标识)
- name: IP
value: "autodetect"
- name: CALICO_IPV4POOL_IPIP
value: "Always"
- name: CALICO_IPV4POOL_CIDR
value: "192.168.0.0/16"
如果是安装flannel
wget https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
然后将文件中实际的地址修改成init.yaml中的地址段
修改成proxy模式:
kind: KubeProxyConfiguration
metricsBindAddress: ""
mode: "ipvs" # 这里本身可能是"",需要修改为"ipvs"
nodePortAddresses: null
oomScoreAdj: null
portRange: ""
showHiddenMetricsForVersion: ""
udpIdleTimeout: 0s
(还需将证书拷贝到其他节点)
kubeadm常见操作:
kubeadm config print init-defaults
kubeadm token create --print-join-command
for crt in $(find /etc/kubernetes/pki/ -name "*.crt"); do openssl x509 -in $crt -noout -dates; done 查看证书有效期
加入集群:
kubeadm join 47.110.19.11:6443 --token qlrq5y.1yhm3rz9r7ynfqf1 --discovery-token-ca-cert-hash sha256:62579157003c3537deb44b30f652c500e7fa6505b5ef6826d796ba1245283899 --experimental-control-plane
#node(以node的身份加入集群)
kubeadm join 47.110.19.11:6443 --token qlrq5y.1yhm3rz9r7ynfqf1 --discovery-token-ca-cert-hash sha256:62579157003c3537deb44b30f652c500e7fa6505b5ef6826d796ba1245283899
清理环境重新安装
kubeadm reset
rm -rf ~/.kube
system stop kubelet
systemctl stop docker
rm -rf /var/lib/cni/
rm -rf /var/lib/kubelet/*
rm -rf /etc/cni/
rm -rf /etc/kubernetes
rm -rf /var/lib/etcd
ifconfig cni0 down
ifconfig flannel.1 down
ifconfig docker0 down
ip link delete cni0
ip link delete flannel.1
yum remove kubelet kubeadm kubeadm -y
systemctl restart docker