kubernetes v1.16.4 高可用集群安装_apt install -y kubelet=1.16.4-00 kubectl=1.16.4-00-CSDN博客

本文链接：https://blog.csdn.net/qq_42832309/article/details/105661637

kubernetes v1.16.4 高可用集群安装
一，基础环境配置：
1.机器信息(centos 7.6)
192.168.1.2 kubernetes-001 master1
192.168.1.3 kubernetes-002 master2
192.168.1.4 kubernetes-003 master3
192.168.1.100 kubernetes-vip
192.168.1.5 kubernetes-node1 node1

2.关闭防火墙和swap
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i ‘s/^ *SELINUX=enforcing/SELINUX=disabled/g’ /etc/selinux/config

3.时间同步（请自行进行时间同步）

4.修改内核参数
本文的k8s网络使用flannel，该网络需要设置内核参数bridge-nf-call-iptables=1，修改这个参数需要系统有br_netfilter模块
[root@kubernetes-001l ~]# modprobe br_netfilter ###临时加载模块
[root@kubernetes-001l ~]# lsmod |grep br_netfilter
br_netfilter 22256 0
bridge 151336 1 br_netfilter
##永久加载模块
[root@kubernetes-001l ~]# cat > /etc/rc.sysinit << EOF

#!/bin/bash
for file in /etc/sysconfig/modules/*.modules ; do
[ -x $file ] && $file
done
EOF
[root@kubernetes-001l ~]# cat > /etc/sysconfig/modules/br_netfilter.modules << EOF
modprobe br_netfilter
EOF
[root@kubernetes-001l ~]# chmod 755 /etc/sysconfig/modules/br_netfilter.modules
#修改内核参数
[root@kubernetes-001l ~]# cat < /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
##加载已修改的内核
[root@kubernetes-001l ~]# sysctl -p /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

5：配置免密码访问：
[root@kubernetes-001l ~]# cat /etc/hosts ###所有机器都执行
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.2 kubernetes-001l
192.168.1.3 kubernetes-002l
192.168.1.4 kubernetes-003l
192.168.1.5 kubernetes-node1
192.168.1.100 kubernetes-vip
把pubkey互相加入所有机器；
[root@kubernetes-001l .ssh]# cat authorized_keys
#kubernetes-002l
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDI3MqRQgvRIvhnCYOdXuquKGIxahfBYWm17h3blQixUNKGAS08FK75LwwMYYwm1CC6968q2FwKLv37F0T8tcUTFwYh7Swggxn8D4kv6tV/U69ht1WB2OKgUoKoMZwSSQH9+J3lwlKq8zu2df5zzWnnzrdh4r root@kubernetes-002l
#kubernetes-003l
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJn4tCFZRYjzZZsGHC79ly2M2IHEf3NQpUpntOdwlTJOGcsgMxBwpLvObKvceeCFfUynAF4+7P0DKwF3lN24s0BUXbHHaRJgKQfvZcXO3eK5fd6uUCrjPSPy3//TvF+Kd3vn/ogt7kyL2xRE/hM/nyfTqEwT4ZXd4rP root@kubernetes-003l
#kubernetes-node1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8cOXTTpLHCCWMt4bVlT3B/TT8kGF7YzE8UXu0GlmiKkqeo9VRdXwnoG8GN2xBh83P+4Az7w6ehAcdN0a35Ghg8EgLUTyTrPkWOcbFPCoUPUOEmsIPAyQCtxrklg4W5CwvbvHp//b6ilZQf4IdPyjbS2NoC2i6u+iYYv root@kubernetes-node1

二：开始安装docker，kubeadm，kubectl，kubelet
安装依赖包：
yum install -y yum-utils device-mapper-persistent-data lvm2
设置docker源：
#官方源
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
#国内源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@kubernetes-001l yum.repos.d]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Loaded plugins: fastestmirror
adding repo from: http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
grabbing file http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
查看docker版本：
[root@kubernetes-001l ~]# yum list docker-ce --showduplicates | sort -r
本次安装docker-ce-18.09.9（最好安装此版本或者高于此版本）
yum -y install docker-ce-18.09.9

配置代理：
cd /lib/systemd/system && mkdir docker.service.d && cd docker.service.d/
vim proxy.conf ##填写自己的代理
[Service]
Environment=“http_proxy=********”
Environment=“https_proxy=**********”

配置镜像加速
mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-‘EOF’
{
“registry-mirrors”: [“https://v16stybc.mirror.aliyuncs.com”]
}
EOF
启动docker并设置开机自启：
[root@kubernetes-001l docker.service.d]# systemctl daemon-reload
[root@kubernetes-001l docker.service.d]# systemctl start docker
[root@kubernetes-001l docker.service.d]# systemctl enable docker
设置kubernetes源(所有机器都需要)：
cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum clean all && yum makecache

安装keepalived
yum -y install keepalived
[root@kubernetes-001l ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
router_id kubernetes-001l #主调度器的主机名

}

vrrp_instance VI_1 {
state MASTER
interface enp0s25
virtual_router_id 140
nopreempt
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.1.100 #VIP地址声明
}
}
systemctl restart keepalived.service
systemctl enable keepalived.service

yum install -y kubelet-1.16.4 kubectl-1.16.4kubeadm-1.16.4
systemctl enable kubelet.service
[root@kubernetes-001l ~]# cat kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
kubernetesVersion: stable
apiServer:
certSANs:

kubernetes-001l
kubernetes-002l
kubernetes-003l
kubernetes-vip
networking:
dnsDomain: cluster.local
podSubnet: “10.244.0.0/16”
controlPlaneEndpoint: “kubernetes-vip:6443”

kubeadm init --config kubeadm-config.yaml

You can now join any number of control-plane nodes by copying certificate authorities
and service account keys on each node and then running the following as root:

kubeadm join kubernetes-vip:6443 --token b1bkf.rymsan74c38
–discovery-token-ca-cert-hash sha256:e69d96baa04f9b2636cdc5048878a43f45b04fb6644df
–control-plane

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join kubernetes-vip:6443 --token b1bkf.rymsan74c38
–discovery-token-ca-cert-hash sha256:e69d96baa045048878a43fa67c28b5556644df

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(i d - u) :$ (id -g) $HOME/.kube/config