环境准备
VMware 虚拟机3台,配置IP地址并能够连接互联网;
如果是云端环境, 可以配置3台ECS,并能够连接互联网;
Xshell远程连接工具
OS: ubuntu20.04 LTS
Docker安装
sudo apt-get update
sudo apt-get install \
ca-certificates \
curl \
gnupg \
lsb-release
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io
Docker 安装完成后运行如下命令,验证docker安装是否成功
sudo docker run hello-world
修改Docker的Cgroup Driver 为 systemd
vi /etc/docker/daemon.json
添加如下内容
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
systemctl restart docker
安装kubernetes
在master 和 work node 上都执行如下任务:
Hosts文件配置
vi /etc/hosts
172.24.172.97 k8s-master
172.24.172.99 k8s-node01
172.24.172.98 k8s-node02
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system
由于境内的主机无法直接连接Google的资源,需要使用Aliyu上的kubernetes资源,参考如下命令:
apt-get update && apt-get install -y apt-transport-https
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubelet kubeadm kubectl
至此, 3个节点的基础配置安装完成。
Master节点配置
kubeadm init \
--apiserver-advertise-address=172.24.172.97 \
--image-repository registry.aliyuncs.com/google_containers \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16 \
--ignore-preflight-errors=all
安装完成之后按照提示执行如下命令
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Work节点配置
kubeadm join 172.24.172.97:6443 --token 6diho5.vdwyppkbddtqhdj3 \
--discovery-token-ca-cert-hash sha256:7d7d36b61236862ac04810ea49d29e3987ad235eb9fb40449f78dacec98e588d
网络插件配置
按照如上步骤完成3个节点的配置后,如果执行kubectl get nodes 会看到3个节点的状态都是Notready 。
接下来还需要配置网络插件,可以选择Flannel 或者Calico .
参考: https://projectcalico.docs.tigera.io/getting-started/kubernetes/self-managed-onprem/onpremises#install-calico-with-kubernetes-api-datastore-50-nodes-or-less
本次以Calico演示:
curl https://projectcalico.docs.tigera.io/manifests/calico.yaml -O
修改yaml 文件中的内容, 将CALICO_IPV4POOL_CIDR 参数启用,并配置值为10.244.0.0/16 (与kubeadm init时一致)
kubectl apply -f calico.yaml
至此, 完成安装。