k8s搭建
使用kubeadm搭建
centos7 docker-ce kubenetes1.18.2
升级内核(非必要)
1.设置主机名
hostnamectl set-hostname master
hostnamectl set-hostname node1
2.关闭防火墙、selinux、swap
systemctl disable firewalld --now
setenforce 0
sed -i “s/^SELINUX=enforcing/SELINUX=disabled/g” /etc/selinux/config
swapoff -a
echo “vm.swappiness = 0”>> /etc/sysctl.conf
sed -i ‘s/.swap./#&/’ /etc/fstab
sysctl -p
3.配置内核参数,将桥接的IPV4流量传递到iptbales链
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl --system
4.配置阿里源
cd /etc/yum.repos.d
mv CentOS-Base.repo CentOS-Base.repo.bak
mv epel.repo epel.repo.bak
curl https://mirrors.aliyun.com/repo/Centos-7.repo -o CentOS-Base.repo
sed -i ‘s/gpgcheck=1/gpgcheck=0/g’ /etc/yum.repos.d/CentOS-Base.repo #等于0表示对这个源下载的rpm包不进行校验
curl https://mirrors.aliyun.com/repo/epel-7.repo -o epel.repo
5.配置docker repo
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O/etc/yum.repos.d/docker-ce.repo
6.配置kubenetes源为阿里源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 Kubernetes源设为阿里
如果gpgcheck设为1,会进行校验,就会报错如下,所以这里设为0
repomd.xml signature could not be verified for kubernetes
7.更新yum缓存
yum clean all
yum makecache
yum repolist
安装docker版本 docker-ce 社区版
yum list docker-ce --showduplicates | sort -r
yum install -y docker-ce
systemctl enable docker && systemctl start docker
docker version
8.设置docker的镜像源
vim /etc/docker/daemon.json
{
“exec-opts”: [“native.cgroupdriver=systemd”],
“log-driver”: “json-file”,
“log-opts”: {
“max-file”: “3”,
“max-size”: “100m”
},
“registry-mirrors”: [“https://www.docker-cn.com”]
}
systemctl daemon-reload
systemctl restart docker
9.安装kubeadm、kubelet、kubectl
yum install kubelet-1.18.2 kubectl-1.18.2 kubeadm-1.18.2
systemctl enable kubelet && systemctl start kubelet
10.进行k8s初始化,修改–apiserver-advertise-address=内网/外网 master地址
kubeadm init --kubernetes-version=v1.18.2 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.0.104 --ignore-preflight-errors=Swap --image-repository registry.cn-hangzhou.aliyuncs.com/google_containers
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown
(
i
d
−
u
)
:
(id -u):
(id−u):(id -g) $HOME/.kube/config
初始化之后会生成一个加入进群的join(例)
kubeadm join 192.168.0.104:6443 --token 0iheaf.binj4jssiok73a15
–discovery-token-ca-cert-hash sha256:5a1cbce4f18b6b31a865e16c4c581baafea43487798825a8b2a18740c4f39a3a
新加入节点前,将master上/etc/cni/net.d/10-flannel.conflist文件cp到新node节点上
scp /etc/cni/net.d/10-flannel.conflist 192.168.0.106:/etc/cni/net.d/10-flannel.conflist
scp $HOME/.kube/config root@k8s-node1:~/
mkdir -p $HOME/.kube
sudo mv $HOME/config $HOME/.kube/config
sudo chown
(
i
d
−
u
)
:
(id -u):
(id−u):(id -g) $HOME/.kube/config
11.将pod网络部署到集群,这个可以按照官网的直接拉(或者用阿里)
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml (不可用)
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel-rbac.yml (不可用)
kubectl apply -f ./kube-flannel.yml
执行成功的前提是只有一个网卡
12.重启master的kubelet
systemctl restart kubelet
11.查看pod
kubectl get pod -n kube-system