使用kubeadm在Ubuntu 22.04上部署kubernetes集群,容器运行时选择Containerd,网络Calico。
在所有主机上安装 容器运行时 和 kubeadm
参考官方文档:
Installing kubeadm | Kubernetes
1、安装Containerd
参考官方文档:
containerd/getting-started.md at main · containerd/containerd · GitHub
wget https://github.com/containerd/containerd/releases/download/v1.7.0/containerd-1.7.0-linux-amd64.tar.gz
sudo tar Cxzvf /usr/local containerd-1.7.0-linux-amd64.tar.gz
sudo mkdir -p /usr/local/lib/systemd/system/
cd /usr/local/lib/systemd/system/
sudo wget https://raw.githubusercontent.com/containerd/containerd/main/containerd.service
sudo systemctl daemon-reload
sudo systemctl enable --now containerd
wget https://github.com/opencontainers/runc/releases/download/v1.1.6/runc.amd64
sudo install -m 755 runc.amd64 /usr/local/sbin/runc
wget https://github.com/containernetworking/plugins/releases/download/v1.2.0/cni-plugins-linux-amd64-v1.2.0.tgz
sudo mkdir -p /opt/cni/bin
sudo tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.2.0.tgz
2、安装kubeadm, kubelet and kubectl
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl
sudo curl -fsSLo /etc/apt/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
3、配置cgroup driver
由于 kubeadm 把 kubelet 视为一个系统服务来管理,所以对基于 kubeadm 的安装, 我们推荐使用 systemd
驱动
参考官方文档:
Configuring a cgroup driver | Kubernetes
sudo mkdir /etc/containerd
sudo touch /etc/containerd/config.toml
sudo su
containerd config default > /etc/containerd/config.toml
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
4、初始化控制节点
# 关闭交换分区
sudo swapoff -a
sudo vi /etc/fstab
# 启动br_netfilter
sudo modprobe br_netfilter
sudo su
echo 1 > /proc/sys/net/ipv4/ip_forward
exit
IPADDR=$(hostname -I | awk '{print $1}')
APISERVER=$(hostname -s)
NODENAME=$(hostname -s)
POD_NET="10.244.0.0/16"
sudo kubeadm init --apiserver-advertise-address=$IPADDR \
--apiserver-cert-extra-sans=$APISERVER \
--pod-network-cidr=$POD_NET \
--node-name $NODENAME
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
5、安装 Pod 网络附加组件Calico
参考链接:Quickstart for Calico on Kubernetes | Calico Documentation
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.25.1/manifests/tigera-operator.yaml
wget https://raw.githubusercontent.com/projectcalico/calico/v3.25.1/manifests/custom-resources.yaml
sed -i 's#192.168.0.0/16#10.244.0.0/16#g' custom-resources.yaml
kubectl create -f custom-resources.yaml
6、控制平面节点隔离
默认情况下,出于安全原因,你的集群不会在控制平面节点上调度 Pod。 如果你希望能够在控制平面节点上调度 Pod,例如单机 Kubernetes 集群,请运行:
kubectl taint nodes --all node-role.kubernetes.io/control-plane-
kubectl taint nodes --all node-role.kubernetes.io/master-
7、加入节点参考如下:
# 关闭交换分区
sudo swapoff -a
sudo vi /etc/fstab
# 启动br_netfilter
sudo modprobe br_netfilter
sudo su
echo 1 > /proc/sys/net/ipv4/ip_forward
exit
sudo apt-get update
sudo apt-get install -y kubelet kubeadm
sudo apt-mark hold kubelet kubeadm
sudo kubeadm join 192.168.1.81:6443 --token bvfvc7.jhjicdufxus4f8w1 \
--discovery-token-ca-cert-hash sha256:cacc59e1d64b8e9f14663177f8fda0808c94e4d5c82f43edb9ee2483d3fc9fe1
使用kubectl get nodes验证