环境:Alma8 server (centos8),k8s的节点最少需要2G以上内存,阿里云购买的2G内存安装不了,需要开启swap安装后再关闭swap。
1.设置静态IP地址(每个节点上都操作)
nmtui
nmcli c reload
nmcli c up enp0s3
2.修改主机名(每个节点主机名不能相同)(每个节点上都操作)
hostnamectl set-hostname xxx
3.关闭交换分区 (每个节点上都操作)
sudo swapoff -a
sudo vim /etc/fstab #去除交换分区
4.设置时间(每个节点上都操作)
systemctl start chronyd
systemctl enable chronyd
5.关闭防火墙(每个节点上都操作)
systemctl stop firewalld
systemctl disable firewalld
systemctl stop iptables
systemctl disable iptables
vim /etc/selinux/config #改 SELINUX=disabled 或 sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0
6.修改内核参数(每个节点上都操作)
yum install ipset ipvsadm wget -y
cat << EOF | sudo tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
sysctl -p
modprobe overlay
modprobe br_netfilter
mkdir /etc/sysconfig/modules/
cat << EOF > /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack
EOF
chmod +x /etc/sysconfig/modules/ipvs.modules
/bin/bash /etc/sysconfig/modules/ipvs.modules
7.配置网络参数(每个节点上都操作)
tee /etc/sysctl.d/kubernetes.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.ipv4.conf.all.rp_filter = 1
EOF
sysctl --system
sysctl -p
8.安装containerd.io(每个节点上都操作)
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum install -y containerd.io
mkdir /etc/containerd -p
containerd config default > /etc/containerd/config.toml
vim /etc/containerd/config.toml
修改
# SystemdCgroup = false 改为 SystemdCgroup = true
# sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"
#...使用阿里云的镜像
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://yoin8n1g.mirror.aliyuncs.com"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."k8s.gcr.io"]
endpoint = ["https://registry.aliyuncs.com/google_containers"]
systemctl enable containerd
systemctl restart containerd
8.安装Kubernetes组件(每个节点上都操作)
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum makecache
yum install -y kubelet kubeadm kubectl
vim /etc/sysconfig/kubelet
#修改为(如果想使用swap,则下面 KUBELET_EXTRA_ARGS=“–fail-swap-on=false” )(主节点上操作)
KUBELET_EXTRA_ARGS=""
KUBELET_CGROUP_ARGS="--cgroup-driver=systemd"
KUBE_PROXY_MODE="ipvs"
systemctl enable kubelet
systemctl restart kubelet
crictl config runtime-endpoint unix:///run/containerd/containerd.sock
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc
9.安装主节点(主节点上操作)
kubeadm init --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16 --control-plane-endpoint=keepalived的虚拟IP或dns
10.安装出错时重置,不出错时不用执行(每个节点上都操作)
#kubeadm reset --cert-dir string
kubeadm reset
11.添加配置文件,普通用户权限下操作一遍,普通用户才可以正常使用命令
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
12.修改配置
kubectl edit cm kube-proxy -n kube-system
#把mode = "" 改为 mode = "ipvs"
13.添加子节点,安装成功主节点后,会显示
#scp linux@192.168.1.100:$HOME/.kube/config $HOME/.kube/config
#sudo chown $(id -u):$(id -g) $HOME/.kube/config
#sudo cp -i $HOME/.kube/config /etc/kubernetes/admin.conf
#sudo chown root:root /etc/kubernetes/admin.conf
#sudo su
#cd
#sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
#exit
##复制过来的(所有工作节点上操作)
kubeadm join ip地址:6443 --token xxxxxx --discovery-token-ca-cert-hash sha256:xxxxx
复制去工作节点运行,安装子节点
14.下载网络插件,安装成功后节点之间才可以通信
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
# 将IP改为和pod-network-cidr一致,即10.244.0.0/16
kubectl apply -f kube-flannel.yml
多主节点k8s搭建和高可用搭建教程等更多资源可关注公众号“幕光科技”查看