1.docker部署
操作系统:Ubuntu 20.04.6 LTS
修改dns配置
vim /etc/systemd/resolved.conf
[Resolve]
DNS=8.8.8.8 114.114.114.114
删除或者修改文件名
mv /etc/resolv.conf /etc/resolv.conf.bak
将 /etc/systemd/resolved.conf 新建快捷方式为 /etc/resolv.conf
ln -s /run/systemd/resolve/resolv.conf /etc/
最后重启网络
sudo systemctl restart systemd-resolved
如提示sudo: unable to resolve host db: Name or service not known
则将主机名添加至/etc/hosts 127.0.0.1
修改镜像源
1、备份镜像配置文件
sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak
2、文件中加入国内镜像,以下是阿里的
deb http://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
3、生效
sudo apt update
二、安装指定版本docker
1、 先删除已有的docker相关组件
sudo apt-get autoremove docker docker-ce docker-engine docker.io containerd runc
2、 更新apt
sudo apt-get update
3、 安装依赖包
sudo apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common
4、 安装key
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
5、 添加镜像源
sudo add-apt-repository \
"deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu \
$(lsb_release -cs) \
stable"
6、 更新apt
sudo apt-get update
7、 查看已有的docker版本
sudo apt-cache policy docker-ce
本次安装24.0.6
8、 安装
sudo apt-get install docker-ce=5:24.0.7-1~ubuntu.20.04~focal
9、 安装完成后验证
docker info
三、安装swarm并创建集群
1、 修改配置文件
sudo vim /etc/default/docker
加入如下内容,如已有docker_opts,则追加两个-H的参数
DOCKER_OPTS="-H 0.0.0.0:2375 –H unix:///var/run/docker.sock"
2、 重启docker服务
sudo service docker restart
3、 修改daemon文件
sudo vim /etc/docker/daemon.json
加入如下内容
{
"registry-mirrors": ["http://hub-mirror.c.163.com",
"https://docker.mirrors.ustc.edu.cn",
"https://registry.docker-cn.com",
"http://hub-mirror.c.163.com",
"https://docker.mirrors.ustc.edu.cn",
"https://docker.mirrors.ustc.edu.cn",
"https://6kx4zyno.mirror.aliyuncs.com"
]
}
4、 重启daemon
sudo systemctl daemon-reload
sudo systemctl restart docker
2.k8s部署
添加hosts文件
cat <> /etc/hosts
192.168.106.138 k8s-master
192.168.106.139 k8s-node1
192.168.106.139 k8s-node2
EOF
2.1系统配置
关闭防火墙
ufw disable
关闭swap分区
swapoff -a
sed -i '/swap/ s%/swap%#/swap%g' /etc/fstab
修改内核参数
modprobe overlay
modprobe br_netfilter
cat <<EOF >> /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
cat <<EOF >> /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl --system
#重启主机,请慎重
#reboot
2.2.安装容器运行环境
apt install -y containerd
配置containerd的配置文件
containerd config default | tee /etc/containerd/config.toml
str1="registry.k8s.io/pause:3.6"
str2="registry.aliyuncs.com/google_containers/pause:3.9"
sed -i "/sandbox_image/ s%${str1}%${str2}%g" /etc/containerd/config.toml
sed -i '/SystemdCgroup/ s/false/true/g' /etc/containerd/config.toml
#修改结果如下
#grep sandbox_image /etc/containerd/config.toml
# sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"
# grep SystemdCgroup /etc/containerd/config.toml
# SystemdCgroup = true
重启containerd服务
systemctl restart containerd
systemctl status containerd
安装runc和cni,上传runc.amd64和cni-plugins-linux-amd64-v1.1.1.tgz至/root
install -m 755 runc.amd64 /usr/local/sbin/runc
mkdir -p /opt/cni/bin
tar xf cni-plugins-linux-amd64-v1.1.1.tgz -C /opt/cni/bin/
2.3. 安装k8s
更新apt源,添加国内aliyun源
apt-get install -y apt-transport-https ca-certificates
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update
默认安装最新版的k8s组件,或指定版本:kubeadm=1.26.5-00
apt-get install -y kubelet kubeadm kubectl
禁止自动更新
apt-mark hold kubelet kubeadm kubectl
systemctl enable --now kubelet
加Environment这一行,否则后面init的时候会一直提示:kubelet not running
vim /lib/systemd/system/kubelet.service
[Service]
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --cgroup-driver=cgroupfs"
ExecStart=/usr/bin/kubelet
Restart=always
StartLimitInterval=0
RestartSec=10
最后重启kubelet服务,查看kubelet的状态,提示:loaded,可以忽略
systemctl daemon-reload
systemctl restart kubelet
systemctl status kubelet
2.4. 配置master节点
初始化master节点
kubeadm init --image-repository registry.aliyuncs.com/google_containers --apiserver-advertise-address=your_ipaddress --pod-network-cidr=10.168.0.0/16 --control-plane-endpoint=k8s-master
#在这条命令执行成功之后,最后会有一条:kubeadm join 的命令,拷贝这条命令到node节点上面执行,就可以把这个节点添加到集群里面去。
#再在master节点上面执行以下命令,用于配置kubectl命令连接到集群。
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
2.5.配置node
修改containerd配置内镜像源地址为国内镜像源
vi /etc/containerd/config.toml
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"
重启containerd服务
systemctl daemon-reload
systemctl restart containerd
#在这条命令执行成功之后,最后会有一条:kubeadm join 的命令,拷贝这条命令到node节点上面执行,就可以把这个节点添加到集群里面去。
kubeadm join k8s-master:6443 --token xxx --discovery-token-ca-cert-hash xxxxx
2.6. kubelet配置参数
kubelet添加参数为系统预留资源
\#!/bin/bash
rm -rf /var/lib/kubelet/cpu_manager_state
cat > /etc/default/kubelet << EOF
KUBELET_EXTRA_ARGS=--enforce-node-allocatable=pods --cgroup-driver=systemd --cpu-manager-policy=static --kube-reserved=cpu=1,memory=500Mi,ephemeral-storage=10Gi --system-reserved=cpu=1,memory=500Mi,ephemeral-storage=10Gi --eviction-hard=memory.available<500Mi,nodefs.available<10%
EOF
systemctl restart kubelet
systemctl status kubelet
2.7. calicoI网络插件
“ps:在整个kubernetes集群里,pod都是分布在不同的主机上的,为了实现这些pod的跨主机通信所以我们必须要安装CNI网络插件”
下载上传calico.yaml至/root(或使用flannel[ˈflanl])
修改pod网段
vi /root/calico.yaml
- name: CALICO_IPV4POOL_CIDR
value: "10.168.0.0/16"
安装
kubectl apply -f calico.yaml