安装准备
- 系统:CentOS7
- Linux内核:4.x.x
- 内核:2核以上
- 内存:2~4G
- 数量:3台
优化系统
# 设置主机名称
hostnamectl set-hostname xxx
# 禁用SELinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
# 关闭swap
swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab
# 设置 iptables 桥接流量
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
安装docker
# 配置yum源
yum install -y yum-utils
yum-config-manager \
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 安装docker
yum install -y docker-ce docker-ce-cli containerd.io
# 设置开机启动
systemctl enable docker
systemctl start docker
# 配置阿里镜像加速【略,作者在另一篇文章中有介绍】
安装 kubelet、kubeadm、kubectl
# 配置 kubernetes 镜像源
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF
# 安装k8s组件
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
# 设置开机自启
systemctl enable kubelet
systemctl start kubelet
主节点 - 使用 kubeadm 引导集群
# 安装三剑客脚本
tee ./images.sh <<-'EOF'
#!/bin/bash
images=(
kube-apiserver:vx.x.x
kube-proxy:vx.x.x
kube-controller-manager:vx.x.x
kube-scheduler:vx.x.x
coredns:x.x.x
etcd:x.x.x
pause:x.x.x
)
for imageName in ${images[@]} ; do
docker pull registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/$imageName
done
EOF
# 修改权限,并运行
chmod +x ./images.sh && ./images.sh
子节点 - 安装 kube-proxy
# 安装 kube-proxy
docker pull registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/kube-proxy:vx.x.x
初始化主节点
# 所有子节点添加 master 域名映射,以下需要修改为master-ip的
echo "192.168.0.155 cluster-endpoint" >> /etc/hosts
# 主节点初始化,填写自己的主节点IP 与 版本号
kubeadm init \
--apiserver-advertise-address=x.x.x.x \
--control-plane-endpoint=cluster-endpoint \
--image-repository registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images \
--kubernetes-version vx.x.x \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=100.168.0.0/16
初始化结果
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of control-plane nodes by copying certificate authorities
and service account keys on each node and then running the following as root:
kubeadm join cluster-endpoint:6443 --token ri8qbf.6f4439lw4yqf079k \
--discovery-token-ca-cert-hash sha256:0b2ef0f49db62472711899c904bda7bf99c97373a081d14de8a0692bddc901f9 \
--control-plane
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join cluster-endpoint:6443 --token ri8qbf.6f4439lw4yqf079k \
--discovery-token-ca-cert-hash sha256:0b2ef0f49db62472711899c904bda7bf99c97373a081d14de8a0692bddc901f9
其中有两组 token,分别用于向集群中添加【master节点】 或 【node节点】。
设置 .kube/config
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
安装 Flannel 网络插件
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/a70459be0084506e4ec919aa1c114638878db11b/Documentation/kube-flannel.yml
添加 node 节点
# 将【节点token】复制到对应的【节点服务器】,然后执行
kubeadm join cluster-endpoint:6443 --token x5g4uy.wpjjdbgra92s25pp \
--discovery-token-ca-cert-hash sha256:6255797916eaee52bf9dda9429db616fcd828436708345a308f4b917d3457a22
检验集群
# 查看所有节点信息
kubectl get nodes
突发状况解决方案:
-
忘记token
kubeadm token create --print-join-command