环境信息
角色 | IP | 系统 |
---|---|---|
master | 10.4.7.152 | Ubuntu18.04 |
node | 10.4.7.162 | Ubuntu18.04 |
1. 操作系统配置(两个节点均需执行)
操作节点:master,node
- 禁用swap
swapoff -a #临时
sed -ri 's/.*swap.*/#&/' /etc/fstab #将/etc/fstab文件的swap行用#注释(永久禁用)
- 关闭防火墙
sudo ufw disable #关闭防火墙
sudo ufw status #查看防火墙状态 Status: inactive
- 关闭SELinux (如果没有安装SELinux,跳过)
getenforce #查看selinux状态
sudo apt install selinux-utils
sudo setenforce 0 #临时关闭
sed -i 's/enforcing/disabled/' /etc/selinux/config #永久关闭 修改/etc/selinux/config文件中设置SELINUX=disabled,然后重启服务器。
- 修改内核参数
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
# 执行以下命令使之生效
sysctl --system
- 加载内核模块
modprobe br_netfilter
lsmod | grep br_netfilter
2. 安装Docker(两个节点均需执行)
操作节点:master,node
为了下一步安装KubeEdge,Docker必须安装19.3以上的版本。
# Docker旧版本卸载
sudo apt-get remove docker docker-engine docker-ce docker.io
# 安装Docker
curl -sSL https://get.daocloud.io/docker | sh
# 在 /etc/docker/daemon.json 文件中添加如下信息:
{ "registry-mirrors": ["https://hub-mirror.c.163.com"] }
使上述配置生效:
sudo systemctl daemon-reload
sudo systemctl restart docker
#安装完成 检验是否安装成功
sudo docker version
3. 安装kubectl,kubelet,kubeadm(两个节点均需执行)
操作节点:master,node
#打开apt源文件:
sudo vim /etc/apt/sources.list
#添加如下:
deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main
#添加public key
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
#然后更新apt源:
sudo apt-get update
#安装kube(可以apt-cache madison 查看可安装的版本列表 )
sudo apt-get install -y kubelet=1.19.8-00 kubeadm=1.19.8-00 kubectl=1.19.8-00
#安装之后查看版本
kubelet --version
4. 在master节点通过kubeadm部署Kubernetes
操作节点:master
- 查询需要的镜像
root@master-152:~# kubeadm config images list --kubernetes-version v1.19.8
k8s.gcr.io/kube-apiserver:v1.19.8
k8s.gcr.io/kube-controller-manager:v1.19.8
k8s.gcr.io/kube-scheduler:v1.19.8
k8s.gcr.io/kube-proxy:v1.19.8
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.13-0
k8s.gcr.io/coredns:1.7.0
- Kubernetes安装
kubeadm init \
--apiserver-advertise-address=10.4.7.152 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.19.8 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16
kubeadm init选项说明:
–apiserver-advertise-address #APIserver所公布的其正在监听的 IP 地址。如果未设置,则使用默认网络接口。
–image-repository #选择拉取 control plane images 的镜像repo (default “k8s.gcr.io”)
–kubernetes-version #选择kubernetes版本.(default “stable-1”)
–service-cidr #指定service的IP 范围.(default “10.96.0.0/12”)
–pod-network-cidr #指定pod的网络,control plane会自动将网络发布到其他节点的node,让其上启动的容器使用此网络。
- 安装成功输出如下:
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.4.7.152:6443 --token 7iddpr.00c75zjjoh78gpbi \
--discovery-token-ca-cert-hash sha256:c5dad4cf76016b5e82e95ba4e69f53559835759b684672de7ea32b8548ef1184
- 按照上面提示,复制config文件
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
- 此时可以看到主节点状态,状态是NotReady
root@master-152:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master-152 NotReady master 6m36s v1.19.8
- flannel部署
#下载flannel部署文件到本地
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
#flannel部署
kubectl apply -f kube-flannel.yml
#flannel部署成功后,查看节点状态
root@master-152:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master-152 Ready master 6m36s v1.19.8
5. 将Node节点添加到K8s集群中
操作节点:node
- 在node节点运行kubeadm join添加该节点到集群,运行命令后需要等待几分钟,后台在下载镜像。
kubeadm join 10.4.7.152:6443 --token mfymh2.rxvxyp2579coacbv \
--discovery-token-ca-cert-hash sha256:9c5b395069f1b327bf4da4f91345674e1f316adf1a6af98a4ea7c466ebacaf68
- 如果token过期或者忘记,在master节点重新获取。
kubeadm token create --print-join-command
kubeadm join 10.4.7.152:6443 --token k66jak.2c6yw8p50jj6g1e9 --discovery-token-ca-cert-hash sha256:9c5b395069f1b327bf4da4f91345674e1f316adf1a6af98a4ea7c466ebacaf68
- 查看节点状态
kubectl get nodes
NAME STATUS ROLES AGE VERSION
master-152 Ready master 6m36s v1.19.8
node-162 Ready <none> 2m33s v1.19.8
二. kubeadm离线安装K8s
角色 | IP | 系统 |
---|---|---|
master | 10.4.7.152 | Ubuntu18.04 |
1. 系统初始化
- 禁用swap
swapoff -a #临时
sed -ri 's/.*swap.*/#&/' /etc/fstab #将/etc/fstab文件的swap行用#注释(永久禁用)
- 关闭防火墙
sudo ufw disable #关闭防火墙
sudo ufw status #查看防火墙状态 Status: inactive
- 关闭SELinux (如果没有安装SELinux,跳过)
getenforce #查看selinux状态
sudo apt install selinux-utils
sudo setenforce 0 #临时关闭
sed -i 's/enforcing/disabled/' /etc/selinux/config #永久关闭 修改/etc/selinux/config文件中设置SELINUX=disabled,然后重启服务器。
- 修改内核参数
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
# 执行以下命令使之生效
sysctl --system
- 加载内核模块
modprobe br_netfilter
lsmod | grep br_netfilter
2. Docker部署
为了下一步安装KubeEdge,Docker必须安装19.3以上的版本。
-
离线安装包下载
网址:https://download.docker.com/linux/ubuntu/dists/xenial/pool/stable/amd64/
下载3个安装包:containerd.io ,docker-ce-cli,docker-ce
选择19.3以上的版本,比如:
docker-ce_20.10.03-0ubuntu-xenial_amd64.deb
docker-ce-cli_20.10.03-0ubuntu-xenial_amd64.deb
containerd.io_1.4.3-1_amd64.deb -
Docker离线安装包安装
dpkg -i containerd.io_1.4.3-1_amd64.deb
dpkg -i docker-ce-cli_20.10.0~3-0~ubuntu-xenial_amd64.deb
dpkg -i docker-ce_20.10.0~3-0~ubuntu-xenial_amd64.deb
- 检验是否安装成功
docker version
3. kubectl,kubelet,kubeadm部署
- 安装包下载
以下操作在可联网的Ubuntu机器。
打开apt源文件:
vim /etc/apt/sources.list
将下行内容添加到文件末尾
deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main
#添加public key
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
#然后更新apt源:
sudo apt-get update
#下载安装包到本地
sudo apt-get download -y kubelet=1.19.8-00 kubeadm=1.19.8-00 kubectl=1.19.8-00
#下载依赖项安装包到本地
sudo apt-get download cri-tools=1.13.0-01 socat=1.7.3.2-2ubuntu2 conntrack kubernetes-cni=0.8.7-00
#查看下载的安装包
ll
total 66904
drwxr-xr-x 2 root root 4096 Aug 5 10:51 ./
drwxr-xr-x 6 lixingli lixingli 4096 Aug 5 07:13 ../
-rw-r--r-- 1 root root 30580 Apr 16 2018 conntrack_1%3a1.4.4+snapshot20161117-6ubuntu2_amd64.deb
-rw-r--r-- 1 root root 8775008 Jan 2 2021 cri-tools_1.13.0-01_amd64.deb
-rw-r--r-- 1 root root 7763176 Feb 18 20:03 kubeadm_1.19.8-00_amd64.deb
-rw-r--r-- 1 root root 8352916 Feb 18 20:03 kubectl_1.19.8-00_amd64.deb
-rw-r--r-- 1 root root 18226180 Feb 18 20:03 kubelet_1.19.8-00_amd64.deb
-rw-r--r-- 1 root root 24995436 Jan 2 2021 kubernetes-cni_0.8.7-00_amd64.deb
-rw-r--r-- 1 root root 341772 Apr 4 2018 socat_1.7.3.2-2ubuntu2_amd64.deb
- 安装包安装
复制安装包到目标机器
(注意安装顺序)
dpkg -i kubernetes-cni_0.8.7-00_amd64.deb
dpkg -i conntrack_1%3a1.4.4+snapshot20161117-6ubuntu2_amd64.deb
dpkg -i socat_1.7.3.2-2ubuntu2_amd64.deb
dpkg -i cri-tools_1.13.0-01_amd64.deb
dpkg -i kubectl_1.19.8-00_amd64.deb
dpkg -i kubelet_1.19.8-00_amd64.deb
dpkg -i kubeadm_1.19.8-00_amd64.deb
#检查是否安装成功
keadm version
kubectl version
kubelet --version
4. Master节点启动
- 镜像列表查询
root@master-152:~# kubeadm config images list --kubernetes-version v1.19.8 --image-repository registry.aliyuncs.com/google_containers
registry.aliyuncs.com/google_containers/kube-apiserver:v1.19.8
registry.aliyuncs.com/google_containers/kube-controller-manager:v1.19.8
registry.aliyuncs.com/google_containers/kube-scheduler:v1.19.8
registry.aliyuncs.com/google_containers/kube-proxy:v1.19.8
registry.aliyuncs.com/google_containers/pause:3.2
registry.aliyuncs.com/google_containers/etcd:3.4.13-0
registry.aliyuncs.com/google_containers/coredns:1.7.0
–kubernetes-version #kubernetes版本号
–image-repository #选择拉取的镜像repo (default “k8s.gcr.io”)
- 镜像打包
在已经安装K8s的master机器上,执行以下操作,打包镜像。打包完毕后,将镜像copy到目标机器。
docker save -o kube-apiserver-1-19-8.tar registry.aliyuncs.com/google_containers/kube-apiserver:v1.19.8
docker save -o kube-controller-manager-1-19-8.tar registry.aliyuncs.com/google_containers/kube-controller-manager:v1.19.8
docker save -o kube-scheduler-1-19-8.tar registry.aliyuncs.com/google_containers/kube-scheduler:v1.19.8
docker save -o kube-proxy-1-19-8.tar registry.aliyuncs.com/google_containers/kube-proxy:v1.19.8
docker save -o pause-3-2.tar registry.aliyuncs.com/google_containers/pause:3.2
docker save -o etcd-3-4-13-0.tar registry.aliyuncs.com/google_containers/etcd:3.4.13-0
docker save -o coredns-1-7-0.tar registry.aliyuncs.com/google_containers/coredns:1.7.0
#查看已打包的镜像
ll
drwxr-xr-x 2 root root 4096 Aug 6 02:59 ./
drwxr-xr-x 7 lixingli lixingli 4096 Aug 6 02:58 ../
-rw-rw-r-- 1 lixingli lixingli 45365760 Jul 26 08:29 coredns-1-7-0.tar
-rw-rw-r-- 1 lixingli lixingli 254679040 Jul 26 08:27 etcd-3-4-13-0.tar
-rw-rw-r-- 1 lixingli lixingli 120077824 Jul 26 07:35 kube-apiserver-1-19-8.tar
-rw-rw-r-- 1 lixingli lixingli 112070144 Jul 26 07:46 kube-controller-manager-1-19-8.tar
-rw-rw-r-- 1 lixingli lixingli 119683072 Jul 26 07:36 kube-proxy-1-19-8.tar
-rw-rw-r-- 1 lixingli lixingli 47775232 Jul 26 07:45 kube-scheduler-1-19-8.tar
-rw-rw-r-- 1 lixingli lixingli 692736 Jul 26 08:28 pause-3-2.tar
- 镜像加载
docker load -i kube-apiserver-1-19-8.tar
docker load -i coredns-1-7-0.tar
docker load -i etcd-3-4-13-0.tar
docker load -i kube-controller-manager-1-19-8.tar
docker load -i kube-proxy-1-19-8.tar
docker load -i kube-scheduler-1-19-8.tar
docker load -i pause-3-2.tar
#查看加载的镜像
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.aliyuncs.com/google_containers/kube-proxy v1.19.8 ea03182b84a2 5 months ago 118MB
registry.aliyuncs.com/google_containers/kube-apiserver v1.19.8 9ba91a90b7d1 5 months ago 119MB
registry.aliyuncs.com/google_containers/kube-controller-manager v1.19.8 213ae7795128 5 months ago 111MB
registry.aliyuncs.com/google_containers/kube-scheduler v1.19.8 919a3f36437d 5 months ago 46.5MB
registry.aliyuncs.com/google_containers/etcd 3.4.13-0 0369cf4303ff 11 months ago 253MB
registry.aliyuncs.com/google_containers/coredns 1.7.0 bfe3a36ebd25 13 months ago 45.2MB
registry.aliyuncs.com/google_containers/pause 3.2 80d28bedfe5d 17 months ago 683kB
- k8s安装
kubeadm init \
--apiserver-advertise-address=10.4.7.153 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.19.8 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16
安装成功,屏幕输出如下:
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.4.7.153:6443 --token yirah5.tcwkxhm9ui1kd8bg \
--discovery-token-ca-cert-hash sha256:4e99dac259dd662932056b26fe8ff85208ad22ef8fe9700b86e7418af6bf92f6
按照上面提示,复制config文件
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
此时可以看到主节点状态,状态是NotReady
root@master-152:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master-152 NotReady master 20m v1.19.8
5. flannel部署
- 安装包下载
在已经安装K8s的master机器上,执行以下操作,打包镜像,然后复制到目标机器。
#下载flannel部署文件到本地
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
#打包flannel镜像
docker save -o flannel-0-14-0.tar quay.io/coreos/flannel:v0.14.
#查看下载项目
ll
total 67324
drwxrwxr-x 2 lixingli lixingli 4096 Aug 6 06:43 ./
drwxr-xr-x 7 lixingli lixingli 4096 Aug 6 02:58 ../
-rw------- 1 root root 68921344 Aug 6 06:42 flannel-0-14-0.tar
-rw-rw-r-- 1 lixingli lixingli 4813 Jul 25 14:30 kube-flannel.yml
- flannel部署
#加载镜像
docker load -i flannel-v-0-14-0.tar
#查看镜像
docker images | grep flannel
quay.io/coreos/flannel v0.14.0 8522d622299c 2 months ago 67.9MB
#flannel部署
kubectl apply -f kube-flannel.yml
#查看节点状态,状态变为Ready
root@master-152:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master-152 Ready master 20m v1.19.8
#查看pods状态,所有pods处于Running状态
root@master-152:~# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-6d56c8448f-shkd8 1/1 Running 0 22m
kube-system coredns-6d56c8448f-t6gnk 1/1 Running 0 22m
kube-system etcd-lixingli 1/1 Running 0 22m
kube-system kube-apiserver-lixingli 1/1 Running 0 22m
kube-system kube-controller-manager-lixingli 1/1 Running 0 22m
kube-system kube-flannel-ds-cmpqv 1/1 Running 0 2m24s
kube-system kube-proxy-pd2bt 1/1 Running 0 22m
kube-system kube-scheduler-lixingli 1/1 Running 0 22m