先奉献官方安装文档 :https://kubernetes.io/docs/tasks/tools/
Before you begin
- One or more machines running one of:
- Ubuntu 16.04+
- Debian 9+
- CentOS 7
- Red Hat Enterprise Linux (RHEL) 7
- Fedora 25+
- HypriotOS v1.0.1+
- Flatcar Container Linux (tested with 2512.3.0)
- 2 GB or more of RAM per machine (any less will leave little room for your apps)
- 2 CPUs or more
- Full network connectivity between all machines in the cluster (public or private network is fine)
- Unique hostname, MAC address, and product_uuid for every node. See here for more details.
- Certain ports are open on your machines. See here for more details.
- Swap disabled. You MUST disable swap in order for the kubelet to work properly
请务必阅读官方安装前建议,可以增加成功率,尤其注意2核CPU , 至少2G内存,2个以上inux
1、设置ip static
cd /etc/sysconfig/network-scripts/
vim ifcfg-XXXX
2 、设置hostname,分别设置三台主机,并且三台主机之间ping hostname 可以通
sudo hostnamectl set-hostname m
sudo hostnamectl set-hostname w1
sudo hostnamectl set-hostname w2
vim /etc/hosts(三台主机都要设置)
192.168.18.4 m
192.168.18.5 w1
192.168.18.6 w2
3、安装docker ,参考https://blog.csdn.net/saber872138/article/details/110678209
4、更新yum
yum -y update
yum install -y conntrack ipvsadm ipset jq sysstat curl iptables libseccomp
5、关闭防火墙
systemctl stop firewalld && systemctl disable firewalld
firewall-cmd --state
6 、Set SELinux in permissive mode (effectively disabling it)
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
或者
setenforce 0
# vi /etc/selinux/config
SELINUX=disabled
sestatus
7、关闭swap分区
sudo swapoff -a
vim /etc/fstab 文件中的 swap配置 ,把swap那行关掉
free -g (查看)
8、iptables accept 规则
iptables -F && iptables -X && iptables -F -t nat && iptables -X -t nat && iptables -P FORWARD ACCEPT
9、Letting iptables see bridged traffic
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system
10、Installing kubeadm, kubelet and kubectl
You will install these packages on all of your machines:
-
kubeadm
: the command to bootstrap the cluster. -
kubelet
: the component that runs on all of the machines in your cluster and does things like starting pods and containers. -
kubectl
: the command line util to talk to your cluster.
1)
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF
sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
sudo systemctl enable --now kubelet
2)如果已经存在 /etc/docker/daemon.json
vim /etc/docker/daemon.json
"exec-opts":["native.cgroupdriver=systemd"]
如果没有
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"exec-opts":["native.cgroupdriver=systemd"]
}
EOF
systemctl restart docker
3)检验kubelet cgroup 是否为systemd ,如果是修改,如果不是就找不到文件
sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
4)systemctl enable kubelet && systemctl start kubelet
5) 查看kubeadm使用的镜像
kubeadm config images list
k8s.gcr.io/kube-apiserver:v1.19.4
k8s.gcr.io/kube-controller-manager:v1.19.4
k8s.gcr.io/kube-scheduler:v1.19.4
k8s.gcr.io/kube-proxy:v1.19.4
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.13-0
k8s.gcr.io/coredns:1.7.0
解决国外镜像不能访问的问题,创建kubeadm.sh脚本,用于拉取镜像/打tag/删除原有镜像
======================================================================================kubeadm.sh #!/bin/bash set -e KUBE_VERSION=v1.19.4 KUBE_PAUSE_VERSION=3.2 ETCD_VERSION=3.4.13-0 CORE_DNS_VERSION=1.7.0 GCR_URL=k8s.gcr.io #registry.aliyuncs.com/google_containers #registry.cn-hangzhou.aliyuncs.com/google-containers ALIYUN_URL=registry.aliyuncs.com/google_containers images=(kube-proxy:${KUBE_VERSION} kube-scheduler:${KUBE_VERSION} kube-controller-manager:${KUBE_VERSION} kube-apiserver:${KUBE_VERSION} pause:${KUBE_PAUSE_VERSION} etcd:${ETCD_VERSION} coredns:${DNS_VERSION}) for imageName in ${images[@]} ; do docker pull $ALIYUN_URL/$imageName docker tag $ALIYUN_URL/$imageName $GCR_URL/$imageName docker rmi $ALIYUN_URL/$imageName done
=======================================================================
sh /kubeadm.sh
查看所有images,没有的少数镜像,可以手动拉取,然后重新设置tag,删除旧的镜像
docker images -a
docker pull registry.aliyuncs.com/google_containers/coredns:1.7.0
docker tag registry.aliyuncs.com/google_containers/coredns:1.7.0 k8s.gcr.io/coredns:1.7.0
docker rmi -f registry.aliyuncs.com/google_containers/coredns:1.7.0
11、安装calico.yaml
wget https://docs.projectcalico.org/v3.9/manifests/calico.yaml
cat calico.yaml | grep image
docker pull calico/cni:v3.9.6
docker pull calico/pod2daemon-flexvol:v3.9.6
docker pull calico/node:v3.9.6
docker pull calico/kube-controllers:v3.9.6
kubectl apply -f https://docs.projectcalico.org/v3.9/manifests/calico.yaml
12 init kubeadm
kubeadm init --kubernetes-version=1.19.4 --apiserver-advertise-address=192.168.11.9 --pod-network-cidr=192.168.0.0/16 --ignore-preflight-errors=all
成功之后,console输出
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/configYou should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.11.9:6443 --token 7whmfp.o05ms39j9ee9ijpo \
--discovery-token-ca-cert-hash sha256:2cdd1946331c1b0215097a5f2af626c81824560fc51e14acff08775e5d9b1322 --ignore-preflight-errors=all
设置权限 执行 12步的输入内容
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
13 子节点执行
kubeadm join 192.168.18.4:6443 --token 7whmfp.o05ms39j9ee9ijpo \
--discovery-token-ca-cert-hash sha256:2cdd1946331c1b0215097a5f2af626c81824560fc51e14acff08775e5d9b1322 --ignore-preflight-errors=all
11,12步设置集群主节点 ,13步在子节点执行