3节点安装Kubernetes(1.23)
版本选择
Kubernetes 版本 | 1.23.9 |
---|---|
Docker版本 | 20.10.21 |
阿里云源配置
Base源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
k8s源
cat >> /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum clean all && yum makecache
如果在 yum makecache出现下面的报错,加下dns
"Could not resolve host: mirrors.cloud.aliyuncs.com; Unknown error"
cat >> /etc/resolv.conf << EOF
nameserver 8.8.8.8
nameserver 114.114.114.114
EOF
升级系统内核
sudo yum -y update
host准备
cat >> /etc/hosts << EOF
192.168.149.130 master
192.168.149.131 slave-1
192.168.149.132 slave-2
EOF
每台机器上的/etc/hosts文件都需要修改
同步时间
yum install -y ntp
ntpdate cn.pool.ntp.org
timedatectl set-timezone Asia/Shanghai
timedatectl set-local-rtc 1
timedatectl set-ntp 1
依赖安装
yum install -y yum-utils device-mapper-persistent-data lvm2 iptables flannel
Docker 安装
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine \
docker-ce
# 设置docker镜像源
yum-config-manager \
--add-repo \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install -y docker-ce docker-ce-cli containerd.io
sudo systemctl start docker
sudo systemctl enable docker
打开iptables内生的桥接相关功能
echo "1" >/proc/sys/net/bridge/bridge-nf-call-iptables
echo "1" >/proc/sys/net/bridge/bridge-nf-call-ip6tables
关闭selinux
setenforce 0
禁用swap分区
# swap 关闭
sudo swapoff -a
# 永久关闭
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
安装kubeadm、kubelet和kubectl (节点都执行)
# 查看可用版本
yum list kubeadm kubelet kubectl --showduplicates | sort -r
# 1.24 之后不支持docker了
yum install kubeadm-1.23.9 kubelet-1.23.9 kubectl-1.23.9 -y
systemctl enable kubelet
配置kubelet的cgroup(节点都执行)
因为使用docker作为OCI,所以把使用ccgroupfs。
vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--cgroup-driver=cgroupfs"
systemctl daemon-reload
配置cni网络插件(节点都执行)
这里采用默认的官方默认crio 插件
wget https://raw.githubusercontent.com/cri-o/cri-o/main/contrib/cni/10-crio-bridge.conf
mkdir -p /etc/cni/net.d
sudo cp 10-crio-bridge.conf /etc/cni/net.d
启动k8s集群
kubeadm init --kubernetes-version=1.23.0 --pod-network-cidr=10.244.0.0/16 --image-repository=registry.aliyuncs.com/google_containers
出现:
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.149.130:6443 --token 8lrgl7.vlozd3ceyvml3cle \
--discovery-token-ca-cert-hash sha256:f45b67727aa61f0e556d9a53d8f99da2eb3807baedba289fda51c29ebb8c6bc0
说明集群启动成功了!
加入节点
kubeadm join 192.168.149.130:6443 --token 8lrgl7.vlozd3ceyvml3cle \
--discovery-token-ca-cert-hash sha256:f45b67727aa61f0e556d9a53d8f99da2eb3807baedba289fda51c29ebb8c6bc0
初始化工作
root 用户
export KUBECONFIG=/etc/kubernetes/admin.conf
非root用户
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
查看k8s日志
journalctl -xe
journalctl -xefu kubelet
清空集群
rm -rf /etc/kubernetes/*
rm -rf ~/.kube/*
rm -rf /var/lib/etcd/*
kubeadm reset -f