0.前提
- 建议大家不要用太老的Linux版本,比如说CentOS7就算是比较老的。我这里用的是Ubuntu20.04
- 安装过程中可能会出现各种各样的问题,不用慌,你所遇到的问题大概率大家都遇到过并且已经完美解决,大家遇到问题之后再根据不同的问题逐个解决。我在下一部分中列举了我所遇到的问题,并给出了解决办法。
1.安装中可能遇到的问题:
1.1 在安装时:
sudo apt install -y kubelet=1.28.2-00 kubectl=1.28.2-00 kubeadm=1.28.2-00
报错:
E: Unable to locate package kubelet
原因:
原因是官方镜像地址需要能访问外网,国内是连接不上的(有时即使挂了VpN也不行)
解决办法:
- 调整vpn(更换节点之类的方法)
- 使用国内镜像改为国内的镜像地址:
- 这里是我需要的镜像kubernetes:
- 执行:
echo “deb [https://mirrors.aliyun.com/kubernetes/apt/](https://mirrors.aliyun.com/kubernetes/apt/) kubernetes-xenial main” | sudo tee /etc/apt/sources.list.d/kubernetes.list(替换成你们需要的镜像,网上搜) - 执行:
sudo apt update - 报错如图所示
- 执行:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 6A030B21BA07F4FB(这个值在报错信息里) - 重新执行:
sudo apt update - 没有报错了,再执行安装命令
1.2 禁用 swap
临时禁用:
sudo swapoff -a
永久禁用交换空间(编辑 /etc/fstab 文件,注释掉或删除包含 /swap.img 的行)
1.3 最后master去除所有污点
kubectl taint nodes --all node-role.kubernetes.io/master-
改为
kubectl taint nodes --all node-role.kubernetes.io/control-plane-
版本不一样,此条命令也不一样
2.具体步骤
适用于1.24之后的版本。单节点配置(一个master节点),自身学习使用。
2.1 检查是否已经安装kubectl, kubelet, kubeadm直接输入命令确定,如果提示没有该指令则正确
kubectl
kubelet
kubeadm
如果之前安装,首先reset,然后使用apt remove和snap remove删除
sudo kubeadm reset
sudo apt remove kubectl kubelet kubeadm
sudo snap remove kubectl kubelet kubeadm
2.2 关闭防火墙
查看防火墙状态 inactive说明是未激活
sudo ufw status
开机不启动防火墙,重启即可生效
sudo ufw disable
2.3 确保docker已经安装,并正确配置cgroup管理器
配置docker
sudo mkdir -p /etc/docker
sudo vi /etc/docker/daemon.json
去阿里云的镜像服务里,找到后进行镜像配置
阿里云登录 - 欢迎登录阿里云,安全稳定的云计算服务平台
配置完后,执行sudo systemctl restart docker
2.4 安装cri-dockerd
以下内容适用1.24之后版本
进入https://github.com/Mirantis/cri-dockerd/releases
下载对应cri-dockerd
博主的机器为ubuntu-20,因此下载cri-dockerd_0.3.12.3-0.ubuntu-focal_amd64.deb
然后适用apt安装,注意选择当前目录:
sudo apt install ./cri-dockerd_0.3.12.3-0.ubuntu-focal_amd64.deb
然后启用cri-dockerd
sudo systemctl daemon-reload
sudo systemctl enable cri-docker.socket
sudo systemctl start cri-docker.socket cri-docker
cri-dockerd --version
ls -al /var/run/cri-dockerd.sock
2.5 安装kubectl, kubelet, kubeadm
安装之前先进行配置(1.1中所提到的问题)
提示:这里描述遇到的问题:
ubuntu 使用apt-get install kubelet提示E: Unable to locate package kubelet
需配置一下镜像源
执行:echo “deb [https://mirrors.aliyun.com/kubernetes/apt/](https://mirrors.aliyun.com/kubernetes/apt/) kubernetes-xenial main” | sudo tee /etc/apt/sources.list.d/kubernetes.list(替换成你们需要的镜像,网上搜)(可能还需要再进入/etc/apt/sources.list.d/kubernetes.list进行修改,因为可能多了一个 " )
执行:sudo apt update
报错
执行: sudo apt-key adv --keyserver keyserver.[ubuntu](https://so.csdn.net/so/search?q=ubuntu&spm=1001.2101.3001.7020).com --recv-keys 6A030B21BA07F4FB(这个值在报错信息里)
重新执行:sudo apt update
没有报错了,在进行安装
# 检查这个kubernetes-cni
sudo apt install -y kubelet=1.28.2-00 kubectl=1.28.2-00 kubeadm=1.28.2-00
# apt list kubernetes-cni -a,可以查找有什么版本
# sudo journalctl -u kubelet # 查看kubelet状态
# systemctl status kubelet # 查看kubelet状态
2.6 禁用swap
sudo vi /etc/default/kubelet
# 添加下面这行
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
sudo systemctl daemon-reload
sudo systemctl restart kubelet
sudo vi /etc/fstab
注释掉带 `/swap.img`的那行
2.7 出错后首先重置
sudo kubeadm reset
rm -rf ~/.kube
sudo rm -rf /etc/cni/net.d
2.8 配置dockerd
sudo vi /etc/containerd/config.toml
#如果看到了这行:
disabled_plugins : ["cri"]
#将这行用#注释或者将"cri"删除
#disabled_plugins : ["cri"]
disabled_plugins : []
#重启容器运行时
sudo systemctl restart containerd
2.9 配置镜像位置
停止cri-docker服务:sudo systemctl stop cri-docker
编辑vi /usr/lib/systemd/system/cri-docker.service
找到ExecStart,在最后添加–pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9
ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9
重新加载服务:sudo systemctl daemon-reload
启动cri-docker服务:sudo systemctl start cri-docker
2.10 kubeadm初始化
sudo kubeadm init --kubernetes-version=v1.28.2 --apiserver-advertise-address=0.0.0.0 --image-repository registry.aliyuncs.com/google_containers --ignore-preflight-errors=Swap --pod-network-cidr=10.24.0.0/16 --cri-socket unix:///var/run/cri-dockerd.sock
–pod-network-cidr=可以自由设置
2.11 出错使用下述进行debug
sudo journalctl -xeu kubelet
2.12 init成功后,提示如下,表示成功了
配置登录选项
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
2.13 init成功后,检查kubectl
kubectl get pod -A
此时仍有两个没有打开
2.14 需配置网络
创建文件flannel.yaml,内容如下,
---
kind: Namespace
apiVersion: v1
metadata:
name: kube-flannel
labels:
k8s-app: flannel
pod-security.kubernetes.io/enforce: privileged
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: flannel
name: flannel
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- nodes/status
verbs:
- patch
- apiGroups:
- networking.k8s.io
resources:
- clustercidrs
verbs:
- list
- watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: flannel
name: flannel
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: flannel
subjects:
- kind: ServiceAccount
name: flannel
namespace: kube-flannel
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: flannel
name: flannel
namespace: kube-flannel
---
kind: ConfigMap
apiVersion: v1
metadata:
name: kube-flannel-cfg
namespace: kube-flannel
labels:
tier: node
k8s-app: flannel
app: flannel
data:
cni-conf.json: |
{
"name": "cbr0",
"cniVersion": "0.3.1",
"plugins": [
{
"type": "flannel",
"delegate": {
"hairpinMode": true,
"isDefaultGateway": true
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
net-conf.json: |
{
"Network": "10.244.0.0/16",
"Backend": {
"Type": "vxlan"
}
}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: kube-flannel-ds
namespace: kube-flannel
labels:
tier: node
app: flannel
k8s-app: flannel
spec:
selector:
matchLabels:
app: flannel
template:
metadata:
labels:
tier: node
app: flannel
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
values:
- linux
hostNetwork: true
priorityClassName: system-node-critical
tolerations:
- operator: Exists
effect: NoSchedule
serviceAccountName: flannel
initContainers:
- name: install-cni-plugin
image: rancher/mirrored-flannelcni-flannel-cni-plugin:v1.0.0
#image: docker.io/rancher/mirrored-flannelcni-flannel-cni-plugin:v1.1.2
command:
- cp
args:
- -f
- /flannel
- /opt/cni/bin/flannel
volumeMounts:
- name: cni-plugin
mountPath: /opt/cni/bin
- name: install-cni
image: lizhenliang/flannel:v0.11.0-amd64
#image: docker.io/rancher/mirrored-flannelcni-flannel:v0.21.5
command:
- cp
args:
- -f
- /etc/kube-flannel/cni-conf.json
- /etc/cni/net.d/10-flannel.conflist
volumeMounts:
- name: cni
mountPath: /etc/cni/net.d
- name: flannel-cfg
mountPath: /etc/kube-flannel/
containers:
- name: kube-flannel
image: lizhenliang/flannel:v0.11.0-amd64
#image: docker.io/rancher/mirrored-flannelcni-flannel:v0.21.5
command:
- /opt/bin/flanneld
args:
- --ip-masq
- --kube-subnet-mgr
resources:
requests:
cpu: "100m"
memory: "50Mi"
securityContext:
privileged: false
capabilities:
add: ["NET_ADMIN", "NET_RAW"]
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: EVENT_QUEUE_DEPTH
value: "5000"
volumeMounts:
- name: run
mountPath: /run/flannel
- name: flannel-cfg
mountPath: /etc/kube-flannel/
- name: xtables-lock
mountPath: /run/xtables.lock
volumes:
- name: run
hostPath:
path: /run/flannel
- name: cni-plugin
hostPath:
path: /opt/cni/bin
- name: cni
hostPath:
path: /etc/cni/net.d
- name: flannel-cfg
configMap:
name: kube-flannel-cfg
- name: xtables-lock
hostPath:
path: /run/xtables.lock
type: FileOrCreate
创建完成后执行kubectl apply -f flannel.yaml,执行很快,但是需要等待一会才会启动,一会儿会出现:
2.15 现在master可以在去除所有污点
kubectl taint nodes --all node-role.kubernetes.io/control-plane-
3.结尾
大家遇到什么问题欢迎在评论区讨论,也可以私信我。
过程中存在什么问题欢迎大家批评指正。
如果觉得有用可以点赞、收藏、关注。
2278
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
