下载kubeadm等
yum install -y kubelet-1.23.1 kubeadm-1.23.1 kubectl-1.23.1
systemctl enable kubelet
Kubeadm: kubeadm是一个工具,用来初始化k8s集群的
kubelet: 安装在集群所有节点上,用于启动Pod的
kubectl: 通过kubectl可以部署和管理应用,查看各种资源,创建、删除和更新各种组件
此时enable kubelet就可以,后续kubeadm配置集群的时候kubelet会自动start。
通过包安装k8s.1.23.1
把tar包安装到master和两台node节点上,然后解压
docker load -i k8s-images-v1.23.1.tar.gz
随后执行kubeadm init命令
kubeadm init --kubernetes-version=1.23.1 --apiserver-advertise-address=100.64.252.90 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=SystemVerification
得到执行成功的提示,如下,其中提示的如何使用cluster的三行命令要记录下来
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
然后针对root节点的加入,也有如下提示信息
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 100.64.252.90:6443 --token nx6awa.f7wswhi76xkqb47k \
--discovery-token-ca-cert-hash sha256:f00eb17f12061780a4d5f8dd0b681a74079e8cecdbd37d78d64432793f2fb41b
配置kubectl文件
集群初始化以后,需要授权kubectl,从而让他管理整个集群
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
新建一个文件夹,然后把kubernetes文件夹下的admin.conf 复制到这个文件夹中,并命名为config文件,接下来修改它的权限
sudo chown $(id -u):$(id -g) $HOME/.kube/config
将 $HOME/.kube/config
文件的所有权更改为当前用户和其主组。这通常在手动复制或修改该文件后需要执行,以确保当前用户对该文件有适当的访问权限,从而可以无障碍地使用 kubectl
等工具管理 Kubernetes 集群。
查看该配置
kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://100.64.252.90:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: REDACTED
client-key-data: REDACTED
可以看到current-context 当前上下文是kubernetes-admin@kubernetes,而他在管理集群kubernetes,查看name 为kubernetes的集群,即为100.64.252.90的集群
而用户kubernetes-admin是被授权了的
此时查看kubectl所管理的node,发现只有master节点一个,而且status为NotReady
kubectl get nodes
>
NAME STATUS ROLES AGE VERSION
master NotReady control-plane,master 24m v1.23.1
查看目前的pod状态
kubectl get pods -n kube-system
>
NAME READY STATUS RESTARTS AGE
coredns-6d8c4cb4d-6r5tl 0/1 Pending 0 25m
coredns-6d8c4cb4d-gnwtr 0/1 Pending 0 25m
etcd-master 1/1 Running 0 26m
kube-apiserver-master 1/1 Running 0 26m
kube-controller-manager-master 1/1 Running 0 26m
kube-proxy-g8c56 1/1 Running 0 25m
kube-scheduler-master 1/1 Running 0 26m
可以看到coredns是pending状态,这是因为目前没有安装calico,没有办法为dns服务器分配ip,而其余的pod都是正常运行的,因为他们都是使用当前master的ip地址
kubectl get pods -n kube-system -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-6d8c4cb4d-6r5tl 0/1 Pending 0 29m <none> <none> <none> <none>
coredns-6d8c4cb4d-gnwtr 0/1 Pending 0 29m <none> <none> <none> <none>
etcd-master 1/1 Running 0 29m 100.64.252.90 master <none> <none>
kube-apiserver-master 1/1 Running 0 29m 100.64.252.90 master <none> <none>
kube-controller-manager-master 1/1 Running 0 29m 100.64.252.90 master <none> <none>
kube-proxy-g8c56 1/1 Running 0 29m 100.64.252.90 master <none> <none>
kube-scheduler-master 1/1 Running 0 29m 100.64.252.90 master <none> <none>