创建虚拟机
$ brew install multipass
$ multipass launch -n node1 -m 4G -c 4 -d 40G
$ multipass launch -n node2 -m 4G -c 4 -d 40G
$ multipass launch -n node3 -m 4G -c 4 -d 40G
$ multipass list
Name State IPv4 Image
node1 Running 192.168.64.4 Ubuntu 22.04 LTS
node2 Running 192.168.64.5 Ubuntu 22.04 LTS
node3 Running 192.168.64.6 Ubuntu 22.04 LTS
进入虚拟机节点
$ multipass shell node1
每个虚拟节点都需要执行的命令
$ sudo -i
sudo cp ./source.list /etc/apt/source.list
sudo apt-get update
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo apt-key fingerprint 0EBFCD88
sudo add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io
sudo apt install acl
sudo usermod -aG docker $USER
sudo setfacl -m user:$USER:rw /var/run/docker.sock
sudo docker run hello-world
containerd config default > /etc/containerd/config.toml
vim /etc/containerd/config.toml
SystemdCgroup = false 改为 SystemdCgroup = true
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://ttxrrkr1.mirror.aliyuncs.com"]
systemctl daemon-reload && systemctl restart containerd
sudo apt-get update && sudo apt-get install -y ca-certificates curl software-properties-common apt-transport-https curl
curl -s https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
sudo cp ./kubernetes.list /etc/apt/sources.list.d/
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo swapoff -a
sudo timedatectl set-timezone Asia/Shanghai
sudo systemctl restart rsyslog
sudo mkdir -r /etc/sysctl.d
cp ./k8s.conf /etc/sysctl.d/k8s.conf
sudo sysctl --system
sudo cp ./10-network-security.conf /etc/sysctl.d/10-network-security.conf
sudo sysctl --system
仅需master节点执行
kubeadm config print init-defaults > kubeadm.yaml
apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168.64.4
bindPort: 6443
nodeRegistration:
criSocket: unix:///var/run/containerd/containerd.sock
imagePullPolicy: IfNotPresent
name: node1
taints: null
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: 1.27.0
networking:
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
podSubnet: 10.1.0.0/16
scheduler: {}
$ kubeadm init --config ./kubeadm.yaml
$ kubeadm reset
$ kubeadm join 192.168.64.4:6443 --token rsgn8y.1q19abj5ovvlbmds --discovery-token-ca-cert-hash sha256:34a1537511cfc908225d352a4b1547eeaabbf87cc48ab89df92396f02ab099e9
$ kubeadm token create --print-join-command
$ kubectl get node
$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
$ kubectl get nodes
$ kubectl get cs
$ kubectl get pod -n kube-system
$ journalctl -f -u kubelet
$ wget https://docs.projectcalico.org/v3.14/manifests/calico.yaml --no-check-certificate
- name: CALICO_DISABLE_FILE_LOGGING
value: "true"
- name: CALICO_IPV4POOL_CIDR
value: "10.1.0.0/16"
- name: CALICO_DISABLE_FILE_LOGGING
value: "true"
每个虚拟节点都需要执行的命令
$ wget https://github.com/containerd/nerdctl/releases/download/v1.4.0/nerdctl-1.4.0-linux-amd64.tar.gz
$ tar -zxvf nerdctl-1.4.0-linux-amd64.tar.gz -C /usr/local/bin
$ grep image calico.yaml
image: calico/cni:v3.14.0
image: calico/cni:v3.14.0
image: calico/pod2daemon-flexvol:v3.14.0
image: calico/node:v3.14.0
image: calico/kube-controllers:v3.14.0
$ nerdctl pull calico/cni:v3.14.0
$ nerdctl pull calico/pod2daemon-flexvol:v3.14.0
$ nerdctl pull calico/node:v3.14.0
$ nerdctl pull calico/kube-controllers:v3.14.0