零. 关闭swap
# 临时关闭
swapoff -a
# 永久关闭
sudo vi /etc/fstab
## 第二行注释掉
UUID=e2048966-750b-4795-a9a2-7b477d6681bf / ext4 errors=remount-ro 0 1
# /dev/fd0 /media/floppy0 auto rw,user,noauto,exec,utf8 0 0
一. 安装docker
apt install docker.io
# curl -sSL https://get.daocloud.io/docker | sh
修改daemon.json文件
vim /etc/docker/daemon.json
#输入以下内容,第一项为镜像源,第二项为驱动,是为了使得其与k8s驱动一致
{
"registry-mirrors": ["https://82m9ar63.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
启动docker
sudo systemctl daemon-reload
sudo systemctl restart docker
二. 安装kubelet,kubectl,kubeadm
使得 apt 支持 ssl 传输
apt-get update && apt-get install -y apt-transport-https
下载 gpg 密钥
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
添加 k8s 镜像源(不要更改版本代号)
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
更新源列表
apt-get update
三. 安装kube
apt-get install -y kubelet=1.24.3-00 kubeadm=1.24.3-00 kubectl=1.24.3-00
systemctl start kubelet
systemctl enable kubelet
查看镜像列表
kubeadm config images list --kubernetes-version v1.24.3
考察使用的是docker还是containerd(默认是containerd)
- docker版本
直接写到一个脚本里
#docker版本,containerd版本不需要执行
for i in `kubeadm config images list --kubernetes-version v1.24.3`; do
imageName=${i#k8s.gcr.io/}
docker pull registry.aliyuncs.com/google_containers/$imageName
docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
docker rmi registry.aliyuncs.com/google_containers/$imageName
done;
会发现有错误,是由于其中一个镜像命名有误,手动拉取。
拉取结束后,由于kubeadm存在bug,其在初始化时使用的版本不一定一致。
- containerd版本(默认会出错,正常现象)
kubeadm init --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=192.168.0.0/16
结束后,执行命令
kubeadm init --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=192.168.0.0/16
其会超时错误。查看log
journalctl -xeu kubelet | grep Failed
发现其需要特殊的某一镜像的版本。手动拉取。
- docker版本
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.5
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.5 k8s.gcr.io/pause:3.5
- containerd版本
crictl pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.5
ctr -n k8s.io i tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.5 k8s.gcr.io/pause:3.5
重新初始化
kubeadm reset
kubeadm init --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=192.168.0.0/16
记下输出的token如下:
kubeadm join 192.168.101.131:6443 --token e0qtrx.bh8u98o8f4isukwh \
--discovery-token-ca-cert-hash sha256:4a3b4f07143ea022b320b8efda41746ea4c36ffed7a0d6efa215702ce4cd96a7
按指示执行:
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
配置
crictl config runtime-endpoint unix:///run/containerd/containerd.sock
crictl config image-endpoint unix:///run/containerd/containerd.sock
四. 搭建calico网络
k8s可以选择flannel 网络、calico网络等多种管理集群的网络。calico性能较好
代码如下:
wget https://docs.projectcalico.org/manifests/calico.yaml
## 可以修改为自定义ip,默认是192.168.0.0/16,需要与上面配置时相同
# sed -i 's/192.168.0.0\/16/10.244.0.0\/16/g' calico.yaml
kubectl apply -f calico.yaml
五. 查看
kubectl get nodes
kubectl get all
六. 参考
https://blog.csdn.net/SHELLCODE_8BIT/article/details/122192034
https://blog.csdn.net/wurenmoke/article/details/124399150
https://blog.csdn.net/Bruce1114/article/details/124636325
https://blog.csdn.net/shell811127/article/details/119300254
https://projectcalico.docs.tigera.io/getting-started/kubernetes/quickstart