一、准备工作
两台服务器:master:4C16G
node:4C8G
版本信息:
centos | 7.9 |
Docker | 20.10.24 |
Kubernetes | 1.28.1 |
Flannel | 0.25.1 |
二、系统初始化
2.1设置主机名及hosts文件(所有节点)
hostnamectl set-hostname k8s-master && bash
hostnamectl set-hostname k8s-node1 && bash
vim /etc/hosts
10.10.10.10 master
10.10.10.11 node1
2.2创建虚拟网卡(所有节点)
ifconfig eth0:1 10.10.10.10/22 netmask 255.255.252.0
ifconfig eth0:1 up
#但是按照上述方式修改,重启后会消失,需要修改以下配置
vi /etc/sysconfig/network-scripts/ifcfg-eth0:1
NAME=eth0:1
DEVICE=eth0:1
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=static
NETMASK=255.255.255.0
IPADDR=<public ip>
#查看是否创建成功
ip a | grep eth0
#不同的机器添加虚拟网卡的命令有所区别 可根据情况自行搜索
2.3安装依赖文件(所有节点)
yum install -y conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget vim net-tools git
2.4关闭防火墙并配置iptables规则(所有节点)
systemctl stop firewalld && systemctl disable firewalld
yum -y install iptables-services && systemctl start iptables && systemctl enable iptables && iptables -F && service iptables save
2.5关闭selinux && swap(所有节点)
swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
2.6调整系统参数(所有节点)
modprobe br_netfilter
cat <<EOF> kubernetes.conf
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
EOF
cp kubernetes.conf /etc/sysctl.d/kubernetes.conf
sysctl -p /etc/sysctl.d/kubernetes.conf
2.7kube-proxy开启ipvs的前置条件(所有节点)
cat <<EOF> /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
2.8安装docker(所有节点)
docker版本跟kubernetes版本需相对应,此次安装指定版本 20.10.21
#安装需要的软件包:
yum install -y yum-utils
#安装stable镜像仓库
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#更新yum软件包索引(不是必须步骤 稍微快一些)
yum makecache fast
#开始安装docker引擎(指定版本)
yum install -y docker-ce-20.10.21 docker-ce-cli-20.10.21 containerd.io
# 创建 /etc/docker 目录并修改配置文件
mkdir /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
}
}
EOF
#启动docker
systemctl start docker && systemctl enable docker
三、安装部署kubernetes集群
3.1安装 kubeadm, kubelete, kubectl(所有节点)
#配置yum源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet kubeadm kubectl && systemctl enable kubelet
3.2修改kubelet启动参数(所有节点)
vim /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf
#在 KUBELET_KUBECONFIG_ARGS 后面追加 --node-ip=<public_ip>
#如:--node-ip=10.10.10.10
#启动生效
systemctl daemon-reload
3.3重启kubelet(所有节点)
systemctl restart kubelet
3.4拉取所需镜像(所有节点)
#查看此版本所有各镜像版本
kubeadm config images list --kubernetes-version=1.28.1 --image-repository registry.aliyuncs.com/google_containers
#拉取镜像
kubeadm config images pull --kubernetes-version=1.28.1 --image-repository registry.aliyuncs.com/google_containers
但是pause的镜像,还是会自己去远程镜像仓库拉取,因为需要科学上网,所以就会报错连接不到,因为需要修改拉去地址
# 生成 containerd 的默认配置文件
containerd config default > /etc/containerd/config.toml
# 将仓库地址修改成 k8simage/pause:3.6
vim /etc/containerd/config.toml
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.6"
# 重启 containerd 服务
systemctl daemon-reload
systemctl restart containerd.service
3.5初始化主节点(主节点)
kubeadm init --apiserver-advertise-address=10.10.10.10 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.28.2 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
3.6修改kube-apiserver 配置(主节点)
vim /etc/kubernetes/manifests/kube-apiserver.yaml
四、安装Fannel(子节点安装。master节点可不安装)
4.1下载fannel文件
cd /data/k8s
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
4.2修改 kube-flannel.yml,新增 2 个配置
containers:
- name: kube-flannel
image: docker.io/flannel/flannel:v0.25.1
command:
- /opt/bin/flanneld
args:
- --public-ip=$(PUBLIC_IP)
- --iface=eth0
- --ip-masq
- --kube-subnet-mgr
env:
- name: PUBLIC_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
#安装
kubectl apply -f kube-flannel.yml
五、子节点加入工作节点(子节点)
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.10.10.10:6443 --token tarxeq.ykm1cdpf27z2pp9b \
--discovery-token-ca-cert-hash sha256:641f20cc75e7241653c8532fcde372361ca9771b63b529a7aecba414bef62822
节点都已ready,表明已安装完成啦