K8s从节点配置安装

K8s从节点配置安装

系统准备

  • 查看系统版本
[root@localhost]# cat /etc/centos-release
CentOS Linux release 7.6.1810 (Core) 
  • 获取root权限
[node01@node01~]$ su
Password:                          //直接输入开机密码就行,他不会显示,输入完按回车
[root@node01 node01]
  • 查看本机IP
[root@node01 node01] ifconfig
  • 编辑本机IP地址
[root@node01 node01]# vi /etc/sysconfig/network-scripts/ifcfg-ens33
  • 按i进行编辑
  • 修改

BOOTPROTO=static
ONBOOT=yes

  • 添加

IPADDR=192.168.0.116(IP地址,查看主机IP之后设置到同一网段内)
NETMASK=255.255.255.0(填你的掩码值)
GATEWAY=192.168.0.1( 填你自己的网关)
DNS1=8.8.8.8(采用谷歌的默认DNS服务器)

修改完成后,按ESC退出编辑模式,输入:wq!保存

  • 修改主机名
[root@node01 node01]# vi /etc/hostname       #按i进行编辑 
Master
  • 保存配置,并重启系统
[root@node01 node01]# service network restart
[root@node01 node01]# reboot
  • 添加阿里源
[root@node01~]# rm -rfv /etc/yum.repos.d/*
[root@node01~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
  • 关闭swap,注释swap分区
[root@node01~]# swapoff -a   //临时关闭
[root@node01~]# vi /etc/fstab    //永久性关闭
  • 注释掉swap那一行

#/etc/fstab
#Created by anaconda on Tue Mar 31 22:44:34 2020
#Accessible filesystems, by reference, are maintained under ‘/dev/disk/’.
#See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#After editing this file, run ‘systemctl daemon-reload’ to update systemd
#units generated from this file.
/dev/mapper/cl-root / xfs defaults 0 0
UUID=5fecb240-379b-4331-ba04-f41338e81a6e/boot ext4 defaults 1 2
/dev/mapper/cl-home /home xfs defaults 0 0
#/dev/mapper/cl-swap swap swap defaults 0 0

  • 关闭SElinux

#永久关闭 修改/etc/sysconfig/selinux文件设置
sed -i ‘s/SELINUX=permissive/SELINUX=disabled/’ /etc/sysconfig/selinux
#临时禁用
selinux setenforce 0

  • 关闭防火墙
[root@node01~]systemctl stop firewalld&&systemctl disable firewalld
  • 配置内核参数,将桥接的IPv4流量传递到iptables的链
  • 由于安装docker在后面,所以docker可能无法检测到已配置的内核参数,建议安装完之后重新运行一遍。
[root@node01~]# cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
#按回车
sysctl --system

安装常用包

[root@node01~]# yum install vim bash-completion net-tools gcc -y

使用aliyun源安装docker-ce

[root@node01~]# yum install -y yum-utils device-mapper-persistent-data lvm2
[root@node01~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@node01~]# yum -y install docker-ce

安装docker-ce如果出现以下错

[root@node01~]# yum -y install docker-ce

CentOS-8 - Base - mirrors.aliyun.com
14 kB/s | 3.8 kB 00:00 CentOS-8 - Extras - mirrors.aliyun.com
6.4 kB/s | 1.5 kB 00:00 CentOS-8 - AppStream - mirrors.aliyun.com 16 kB/s | 4.3 kB 00:00 Docker CE Stable - x86_64
40 kB/s | 22 kB 00:00 Error: Problem: package
docker-ce-3:19.03.8-3.el7.x86_64 requires containerd.io >= 1.2.2-3,
but none of the providers can be installed

  • cannot install the best candidate for the job
  • package containerd.io-1.2.10-3.2.el7.x86_64 is excluded
  • package containerd.io-1.2.13-3.1.el7.x86_64 is excluded
  • package containerd.io-1.2.2-3.3.el7.x86_64 is excluded
  • package containerd.io-1.2.2-3.el7.x86_64 is excluded
  • package containerd.io-1.2.4-3.1.el7.x86_64 is excluded
  • package containerd.io-1.2.5-3.1.el7.x86_64 is excluded
  • package containerd.io-1.2.6-3.3.el7.x86_64 is excluded (try to add ‘–skip-broken’ to skip uninstallable packages or ‘–nobest’ to use
    not only best candidate packages)

解决方法

[root@node01~]# wget https://download.docker.com/linux/centos/7/x86_64/edge/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm
[root@node01~]# yum install containerd.io-1.2.6-3.3.el7.x86_64.rpm

然后再安装docker-ce即可成功

  • 添加aliyundocker仓库加速器
[root@node01~]# mkdir -p /etc/docker
[root@node01~]# tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://fl791z1h.mirror.aliyuncs.com"]
}
EOF
[root@node01~]# systemctl daemon-reload
[root@node01~]# systemctl restart docker
  • 启动Docker
[root@node01~]sudo systemctl enable docker
[root@node01~]sudo systemctl start docker

安装kubectl、kubelet、kubeadm

  • 添加阿里kubernetes源
[root@node01~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
  • 安装
[root@node01~]# yum install kubectl kubelet kubeadm                 //未指定版本,默认安装最新版本
                   yum -y install kubelet-1.11.0-0 kubeadm-1.11.0-0 kubectl-1.11.0-0 kubernetes-cni-0.6.0   //安装指定版本    
[root@node01~]# systemctl enable kubelet

加入集群(创建master节点是初始化后最后两行)

[root@node01~] #kubeadm join 192.168.1.128:6443 --token pkfsg0.dffj2guzcs1qtrgb \
    --discovery-token-ca-cert-hash sha256:ec1d036975f1d18072efe6d5c48d05884c7a644313d1c76fae8f42fb9f34261a
    //此处的一定要对应master初始化后的两行。

成功标志:最后出现让你用kubectl get nodes 查询一下。
若出现以下错误:

(1)[WARNING IsDockerSystemdCheck]: detected “cgroupfs” as the Docker cgroup driver. The recommended driver is “systemd”. Please follow theguide at https://kubernetes.io/docs/setup/cri/

解决方法:
cat < /etc/docker/daemon.json
{
“exec-opts”: [“native.cgroupdriver=systemd”]
}
EOF
重启docker:systemctl restart docker

(2)经过几分钟之后并不提示加入集群成功,而是提示no route to host

解决方法:
最可能的原因是防火墙没关,master和node的都关掉
systemctl stop firewalld&&systemctl disable firewalld

(3)错误提示:error execution phase preflight: couldn’t validate the identity of the API Server: could not find a JWS signature in the cluster-info ConfigMap for token ID “8o3t48” To see the stack trace of this error execute with --v=5 or higher

错误原因:master的token过期了。
解决方法:在master重新生成token

[root@node01~]  # kubeadm token create

424mp7.nkxx07p940mkl2nd
[root@node01~]#openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'

d88fb55cb1bd659023b11e61052b39bbfe99842b0636574a16c76df186fd5e0d

Node节点重新join就可以了

[root@node01~]# kubeadm join 192.168.169.21:6443 –token 424mp7.nkxx07p940mkl2nd \--discovery-token-ca-cert-hash sha256:d88fb55cb1bd659023b11e61052b39bbfe99842b0636574a16c76df186fd5e0d

版权声明:本文为博主原创文章,未经博主允许不得转载,如有类似,欢迎留言。

  • 1
    点赞
  • 0
    评论
  • 1
    收藏
  • 一键三连
    一键三连
  • 扫一扫,分享海报

©️2021 CSDN 皮肤主题: 游动-白 设计师:白松林 返回首页
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、C币套餐、付费专栏及课程。

余额充值