使用kubeadm安装k8s集群
准备kubeadm所需镜像
docker pull gcrxio/kube-apiserver:v1.13.2
docker pull gcrxio/kube-controller-manager:v1.13.2
docker pull gcrxio/kube-scheduler:v1.13.2
docker pull gcrxio/kube-proxy:v1.13.2
docker pull gcrxio/pause:3.1
docker pull gcrxio/etcd:3.2.24
docker pull coredns/coredns:1.2.6
docker tag docker.io/gcrxio/kube-proxy:v1.13.2 k8s.gcr.io/kube-proxy:v1.13.2
docker tag docker.io/gcrxio/kube-scheduler:v1.13.2 k8s.gcr.io/kube-scheduler:v1.13.2
docker tag docker.io/gcrxio/kube-apiserver:v1.13.2 k8s.gcr.io/kube-apiserver:v1.13.2
docker tag docker.io/gcrxio/kube-controller-manager:v1.13.2 k8s.gcr.io/kube-controller-manager:v1.13.2
docker tag docker.io/gcrxio/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24
docker tag docker.io/gcrxio/pause:3.1 k8s.gcr.io/pause:3.1
docker tag docker.io/coredns/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
docker rmi gcrxio/kube-apiserver:v1.13.2
docker rmi gcrxio/kube-controller-manager:v1.13.2
docker rmi gcrxio/kube-scheduler:v1.13.2
docker rmi gcrxio/kube-proxy:v1.13.2
docker rmi gcrxio/pause:3.1
docker rmi gcrxio/etcd:3.2.24
docker rmi coredns/coredns:1.2.6
初始化kubeadm
kubeadm init --pod-network-cidr=192.168.0.0/16
配置kubectl
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
安装etcd
kubectl apply -f \
https://docs.projectcalico.org/v3.4/getting-started/kubernetes/installation/hosted/etcd.yaml
安装calico
kubectl apply -f \
https://docs.projectcalico.org/v3.4/getting-started/kubernetes/installation/hosted/calico.yaml
等待pods加载完成
watch kubectl get pods --all-namespaces
去掉master的taint标记 这样可以在上边部署其他pod
kubectl taint nodes --all node-role.kubernetes.io/master-
查看节点
kubectl get nodes -o wide
添加节点
查看kubeadm token
kubeadm token list
如果过期 创建新的
kubeadm token create
获取--discovery-token-ca-cert-hash
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
在节点机器上运行
kubeadm join 172.10.30.100:6443 \
--token 8gl99n.iu0m7c669vm0d1b1 \
--discovery-token-ca-cert-hash sha256:e3107f0be5fa44f939a6460b0c980a89e6d491dca89f5a44bc6923e40acc8e0b
查看节点
kubectl get nodes