kubeadm搭建简单版kubernetes集群
Kubernetes 1.20.0
Docker 19.03.0
网络:calico
集群配置:
k8s-master , ks8-node1 , k8s-node2
操作系统:rhel7.6
1.系统环境配置
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config
systemctl stop firewalld
systemctl disable firewalld
swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab
cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
sysctl --system
#系统仓库配置
cat <<EOF | tee /etc/yum.repos/system.repo
[base]
name=CentOS-7 - Base - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/os/x86_64
http://mirrors.aliyun.com/centos/7/os/x86_64/
http://mirrors.aliyun.com/centos/7/os/x86_64/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#released updates
[updates]
name=CentOS-7 - Updates - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/updates/x86_64/
http://mirrors.aliyun.com/centos/7/updates/x86_64/
http://mirrors.aliyun.com/centos/7/updates/x86_64/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#additional packages that may be useful
[extras]
name=CentOS-7 - Extras - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/extras/x86_64/
http://mirrors.aliyun.com/centos/7/extras/x86_64/
http://mirrors.aliyun.com/centos/7/extras/x86_64/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-7 - Plus - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/centosplus/x86_64/
http://mirrors.aliyun.com/centos/7/centosplus/x86_64/
http://mirrors.aliyun.com/centos/7/centosplus/x86_64/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#contrib - packages by Centos Users
[contrib]
name=CentOS-7 - Contrib - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/7/contrib/x86_64/
http://mirrors.aliyun.com/centos/7/contrib/x86_64/
http://mirrors.aliyun.com/centos/7/contrib/x86_64/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
EOF
#yum update&& update upgrade
2. docker安装
#docker 仓库配置
mkdir -p /etc/docker
wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
tee /etc/docker/daemon.json <<EOF { "registry-mirrors": ["https://5twf62k1.mirror.aliyuncs.com"] } EOF systemctl daemon-reload systemctl resta
yum install -y yum-utils device-mapper-persistent-data lvm2 wget
yum install ipvsadm ipset sysstat conntrack libseccomp -y
yum install -y docker-ce-19.03.0 docker-ce-cli-19.03.0
cat <<EOF | sudo tee /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": ["https://6blvkhyf.mirror.aliyuncs.com"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
systemctl disable docker
systemctl enable docker
systemctl start docker
3. kubernetes安装
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
yum clean all yum makecache -y yum repolist all
yum -y install kubectl-1.20.0
yum -y install kubelet-1.20.0
yum -y install kubeadm-1.20.0
cat >> kubernetes.sh << eof
#!/bin/bash
K8S_VERSION=v1.20.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.20.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.20.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.20.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.20.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns
eof
bash kubernetes.sh
systemctl start kubelet && systemctl enable kubelet
4. kubeadm初始化集群
kubeadm init --pod-network-cidr=192.168.0.0/16 --service-cidr=172.10.0.0/16 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version 1.20.0
#余下操作按照master节点的提示操作即可
5.网络配置 - Calico
#Calico
首先从官网下载对应的calico软件包,然后解压,再吧里边的image都导入到docker最后进行kubectl apply -f calico.yaml 即可
6.已知错误处理
Node加入master
#重新生成node节点token
kubectl get secret -n kube-system | grep bootstrap-token #查看当前环境中的token和有效时间
kubectl get secret -n kube-system bootstrap-token-31r6fe -o yaml #查看bootstrap token信息,其中expiration就是过期时间,用base64命令解密可以看到准确时间
echo "expiration里的字符串" | base64 --decode #查看过期时间
MjAyMS0wNS0zMVQwMToyNTowOC0wNDowMA==
kubectl delete secret -n kube-system bootstrap-token-31r6fe #删除过期token
kubeadm token create --print-join-command #生成新的node节点密钥
#重新生成master节点token
kubeadm init phase upload-certs --upload-certs
或者所有节点重置kubeadm
#kubeadm reset