查看默认安装k8s的版本
root@node2:~# kubeadm config images list
I0704 19:36:34.960375 2728 version.go:252] remote version is much newer: v1.21.2; falling back to: stable-1.18
W0704 19:36:39.141047 2728 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.c
onfig.k8s.io kubeproxy.config.k8s.io]k8s.gcr.io/kube-apiserver:v1.18.20
k8s.gcr.io/kube-controller-manager:v1.18.20
k8s.gcr.io/kube-scheduler:v1.18.20
k8s.gcr.io/kube-proxy:v1.18.20
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.3-0
k8s.gcr.io/coredns:1.6.7
查看指定版本
root@node2:~# kubeadm config images list --kubernetes-version=v1.18.1
W0704 19:44:36.581475 4091 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.c
onfig.k8s.io kubeproxy.config.k8s.io]k8s.gcr.io/kube-apiserver:v1.18.1
k8s.gcr.io/kube-controller-manager:v1.18.1
k8s.gcr.io/kube-scheduler:v1.18.1
k8s.gcr.io/kube-proxy:v1.18.1
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.3-0
k8s.gcr.io/coredns:1.6.7
因为谷歌不能使用,用阿里源下载镜像到本地
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.18.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.18.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.18.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.3-0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.7
docker pull registry.aliyuncs.com/google_containers/kube-apiserver:v1.18.1
单节点初始化
kubeadm init --apiserver-advertise-address=10.0.0.142 --apiserver-bind-port=6443 --kubernetes-version=v1.18.1 --pod-network-cidr=10.10.0.0/16 --service-cidr=10.20.0.0/16 --service-dns-domain=linux40.local --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers --ignore-preflight-errors=swap
高可用 master 初始化:
kubeadm init --apiserver-advertise-address=172.31.3.101 --control-planeendpoint=172.31.7.248(vip地址) --apiserver-bind-port=6443 --kubernetes-version=v1.17.3 --podnetwork-cidr=10.10.0.0/16 --service-cidr=172.26.0.0/16 --service-dns-domain=magedu.local --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers --ignore-preflighterrors=swap
下面截图是个认证文件
执行提示的命令
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
这时候就可以看下node信息
root@k8s:~# kubectl get node
NAME STATUS ROLES AGE VERSION
k8s.master.net NotReady master 9m19s v1.18.1
root@k8s:~#
部署网络主件
root@k8s:~# wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
--2021-07-04 21:16:23-- https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 185.199.111.133, 185.199.108.133, 185.199.109.133, ...
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|185.199.111.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 4813 (4.7K) [text/plain]
Saving to: ‘kube-flannel.yml’
kube-flannel.yml 100%[====================================================>] 4.70K --.-KB/s in 0s
2021-07-04 21:16:27 (17.7 MB/s) - ‘kube-flannel.yml’ saved [4813/4813]
打开刚下载的yml文件
root@k8s:~# vim kube-flannel.yml
保存退出后执行
root@k8s:~# kubectl apply -f kube-flannel.yml
测试能否下载镜像
root@k8s:~# docker pull quay.io/coreos/flannel:v0.14.0
v0.14.0: Pulling from coreos/flannel
Digest: sha256:4a330b2f2e74046e493b2edc30d61fdebbdddaaedcb32d62736f25be8d3c64d5
Status: Image is up to date for quay.io/coreos/flannel:v0.14.0
quay.io/coreos/flannel:v0.14
去node节点机器添加node到k8s
root@node2:/etc# kubeadm join 10.0.0.142:6443 --token fwji1t.7aj12u6au4l97i4d \
> --discovery-token-ca-cert-hash sha256:2620e7935deb69f155c24536a75a26c21d10642c7cd5f580863bc44f24d874b6
创建容器并进入容器测试能否上外网
root@k8s:~# kubectl run net-test2 --image=alpine --replicas=2 sleep 360000
Flag --replicas has been deprecated, has no effect and will be removed in the future.
pod/net-test2 created
进入test1容器,测试网络能不能通
root@k8s:~# kubectl exec -it net-test1 sh
安装dashboard
https://github.com/kubernetes/dashboard/releases
复制dashboard的连接打开
https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.1/aio/deploy/recommended.yaml
全选复制并创建yml文件
root@k8s:~# vim dashboard-2.0.1.yml
启动dashboard
root@k8s:~# kubectl apply -f dashboard-2.0.1.yml
创建dashboard的管理员账号
root@k8s:~# cat admin-user.yml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
保存执行创建
root@k8s:~# kubectl apply -f admin-user.yml
取token登录
root@k8s:~# kubectl get secret -n kubernetes-dashboard
root@k8s:~# kubectl describe secret admin-user-token-xxx -n kubernetes-dashboard