资源:
master:4C8G ubuntu18.04操作系统
node1:2C4G ubuntu18.04操作系统
node2:2C4G ubuntu18.04操作系统
初始化:
一、系统级别配置
1.禁用swap
swapoff -a
/etc/fstab里包含swap那一行注释掉
2.修改ubuntu系统镜像源:
把/etc/apt/sources.list文件修改成如下
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
3.更新
apt-get update && apt-get upgrade -y
4.安装docker
apt-get install -y docker.io
使用阿里云加速
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://alzgoonw.mirror.aliyuncs.com"],
"live-restore": true
}
systemctl daemon-reload
systemctl restart docker
systemctl enable docker
5.定义源
vim /etc/apt/sources.list.d/kubernetes.list
文件内容为:deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
6.
curl -s https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
7.更新
apt-get update
8.
apt-get install -y kubeadm=1.18.1-00 kubelet=1.18.1-00 kubectl=1.18.1-00
##将这三个版本指定(mark)住,避免被更新
apt-mark hold kubelet kubeadm kubectl
【-----------------------以上1-8步骤 master节点及node节点都需要执行操作-----------------------】
【-------------------------------以下9-16步骤master节点部署操作完成---------------------------------】
9.下载calico.yaml文件
wget https://docs.projectcalico.org/manifests/calico.yaml
10.修改容器网段,放开注释CALICO_IPV4POOL_CIDR
# The default IPv4 pool to create on startup if none exists. Pod IPs will be
# chosen from this range. Changing this value after installation will have
# no effect. This should fall within `--cluster-cidr`.
- name: CALICO_IPV4POOL_CIDR ###放开注释
value: "192.168.0.0/16" ###放开注释,也可自行定义网段。
11.master节点/etc/hosts 添加本地dns指向master
10.171.31.139 k8smaster
12.下载k8s镜像并重新打tag(因去k8s官方拉取镜像太慢,从阿里云源拉取并打tag为k8s官方的镜像)
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.18.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.18.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.18.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.7
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.3-0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.18.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.18.1 k8s.gcr.io kube-controller-manager:v1.18.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.18.1 k8s.gcr.io/kube-scheduler:v1.18.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.18.1 k8s.gcr.io/kube-proxy:v1.18.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2 k8s.gcr.io/pause:3.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.7 k8s.gcr.io/coredns:1.6.7
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.3-0 k8s.gcr.io/etcd:3.4.3-0
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.18.1 k8s.gcr.io/kube-apiserver:v1.18.1
13.生成kubeadm-config.yaml文件,文件内容如下:
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: 1.18.1 ###指定kubernetes版本
controlPlaneEndpoint: "k8smaster:6443" ###这里的主机名称要与上次/etc/hosts文件中对应
networking:
podSubnet: 192.168.0.0/16 ##注意这里有两个空格缩进
##master节点配置要求4C4G以上,若低于2C,此步会报错
kubeadm init --config=kubeadm-config.yaml --upload-certs | tee kubeadm-init.out
14.使用普通用户配置kube环境,所以需使用普通用户执行一下命令,正常使用root用户也可以,此步操作主要为了普通用户能使用kubectl命令
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
sudo cp /root/calico.yaml .
使用刚刚下载的calico.yaml文件apply网络组件
kubectl apply -f calico.yaml
15.kubectl命令补全设置(普通用户执行)
sudo apt-get install bash-completion -y
source
echo "source > $HOME/.bashrc
16.查看我们本可以包含在kubeadm-config中的其他值。创建集群时的yaml文件
sudo kubeadm config print init-defaults
【-------------------------------以上9-16步骤master节点部署操作完成---------------------------------】
【-----------------------------------以下17-19步骤在node节点操作完成---------------------------------】
部署node节点
前面的1-8步
17.node节点/etc/hosts 添加本地dns指向master
18.下载k8s镜像并重新打tag(因去k8s官方拉取镜像太慢,从阿里云源拉取并打tag为k8s官方的镜像)
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.18.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.7
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.18.1 k8s.gcr.io/kube-proxy:v1.18.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2 k8s.gcr.io/pause:3.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.7 k8s.gcr.io/coredns:1.6.7
19.加入集群
kubeadm join \
--token jv30w2.1qvzm23v7e7vep07 \
k8smaster:6443 \
--discovery-token-ca-cert-hash \
sha256:34bf8d456d1a369f891828fc768fd39d8566d9021648dcd71ce6dcc22d7c3703
token通过在master节点执行查看(token会在24小时内过期)
sudo kubeadm token list
若已过期执行sudo kubeadm token create创建
sha256后面的密钥通过在master节点执行获取
openssl x509 -pubkey \
-in /etc/kubernetes/pki/ca.crt | openssl rsa \
-pubin -outform der 2>/dev/null | openssl dgst \
-sha256 -hex | sed 's/ˆ.* //'
【-----------------------------------以上17-19步骤在node节点操作完成---------------------------------】
再通过kubectl get nodes查看各节点状态,如果都为ready状态了,说明集群一安装成功