基于kubeadm快速部署kubernetes K8S V1.17.4集群,并部署Dashboard Web页面,实现可视化查看Kubernetes资源
主机配置规划
服务器名称(hostname) | 系统版本 | 配置 | 内网IP | 外网IP(模拟) |
---|---|---|---|---|
k8s-master | CentOS7.7 | 2C/4G/20G | 172.16.1.110 | 10.0.0.110 |
k8s-node01 | CentOS7.7 | 2C/4G/20G | 172.16.1.111 | 10.0.0.111 |
k8s-node02 | CentOS7.7 | 2C/4G/20G | 172.16.1.112 | 10.0.0.112 |
注意:没有swap分区
预定完成目标项
1、在所有节点上安装Docker和kubeadm
2、部署Kubernetes Master
3、部署容器网络插件
4、部署 Kubernetes Worker,并将节点加入Kubernetes集群中
5、部署Dashboard Web页面,可视化查看Kubernetes资源
关于二进制安装
kubeadm 是 Kubernetes 官方支持的安装方式,“二进制” 不是。本文档采用 kubernetes.io 官方推荐的 kubeadm 工具安装 kubernetes 集群。
架构图
安装docker、安装kubeadm,kubelet和kubectl
注意:所有机器都要安装
脚本如下:
[root@k8s-master k8s_install]# pwd
/root/k8s_install
# 脚本信息如下【支持多次执行】
[root@k8s-master k8s_install]# cat install_kubelet.sh
#!/bin/sh
##### 在 master 节点和 worker 节点都要执行 【所有机器执行】
# 加载环境变量
. /etc/profile
. /etc/bashrc
###############################################
# 添加主机名与IP对应关系(每台主机必须设置主机名)
# 如下命令:没有则添加信息 若使用请根据自身主机情况修改 ★★★★★ 「你需要修改处」
grep '172.16.1.110.*k8s-master' /etc/hosts || echo "172.16.1.110 k8s-master" >> /etc/hosts
grep '172.16.1.111.*k8s-node01' /etc/hosts || echo "172.16.1.111 k8s-node01" >> /etc/hosts
grep '172.16.1.112.*k8s-node02' /etc/hosts || echo "172.16.1.112 k8s-node02" >> /etc/hosts
###############################################
# 必要的基础配置或包安装
## 必须安装 nfs-utils 才能挂载 nfs 网络存储
yum install -y nfs-utils
## wget 用于下载文件
yum install -y wget
## 其他必要包
yum install -y conntrack ipvsadm ipset
# 关闭 防火墙
systemctl stop firewalld
systemctl disable firewalld
systemctl stop iptables
systemctl disable iptables
# 关闭 SeLinux
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
# 关闭 swap , 本次涉及的机器没有swap,因此注释了
## 如果有swap分区则放开注释
#swapoff -a
#yes | cp /etc/fstab /etc/fstab_bak
#cat /etc/fstab_bak | grep -v swap > /etc/fstab
# 时间设置
## 时区设置:东八区,上海
ls -l /etc/localtime | grep 'Asia/Shanghai' || (rm -f /etc/localtime && ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime)
## 时间同步定时任务:没有则添加定,进行时间同步
crontab -l | grep 'ntpdate' || echo -e "# time sync\n*/10 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1" >> /var/spool/cron/root
## 查看硬件时间 hwclock --show
## 系统时间同步到硬件时间
hwclock --systohc
# 关闭邮件服务
systemctl stop postfix.service && systemctl disable postfix.service
###############################################
# 修改 /etc/sysctl.conf
# 开启 ip_forward 转发并解决流量路由不正确问题
# 如果有配置,则修改
sed -i "s#^net.ipv4.ip_forward.*#net.ipv4.ip_forward = 1#g" /etc/sysctl.conf
sed -i "s#^net.ipv4.tcp_tw_recycle.*#net.ipv4.tcp_tw_recycle = 0#g" /etc/sysctl.conf
sed -i "s#^net.bridge.bridge-nf-call-ip6tables.*#net.bridge.bridge-nf-call-ip6tables = 1#g" /etc/sysctl.conf
sed -i "s#^net.bridge.bridge-nf-call-iptables.*#net.bridge.bridge-nf-call-iptables = 1#g" /etc/sysctl.conf
# IPv6 转发
sed -i "s#^net.ipv6.conf.all.forwarding.*#net.ipv6.conf.all.forwarding = 1#g" /etc/sysctl.conf
sed -i "s#^net.netfilter.nf_conntrack_max.*#net.netfilter.nf_conntrack_max = 2310720#g" /etc/sysctl.conf
## 如下两条非必要
sed -i "s#^fs.file-max.*#fs.file-max = 52706963#g" /etc/sysctl.conf
sed -i "s#^fs.nr_open.*#fs.nr_open = 52706963#g" /etc/sysctl.conf
# 如果没有,追加
grep 'net.ipv4.ip_forward = 1' /etc/sysctl.conf || echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
grep 'net.ipv4.tcp_tw_recycle = 0' /etc/sysctl.conf || echo "net.ipv4.tcp_tw_recycle = 0" >> /etc/sysctl.conf
grep 'net.bridge.bridge-nf-call-ip6tables = 1' /etc/sysctl.conf || echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf
grep 'net.bridge.bridge-nf-call-iptables = 1' /etc/sysctl.conf || echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
grep 'net.ipv6.conf.all.forwarding = 1' /etc/sysctl.conf || echo "net.ipv6.conf.all.forwarding = 1" >> /etc/sysctl.conf
grep 'net.netfilter.nf_conntrack_max = 2310720' /etc/sysctl.conf || echo "net.netfilter.nf_conntrack_max = 2310720" >> /etc/sysctl.conf
grep 'fs.file-max = 52706963' /etc/sysctl.conf || echo "fs.file-max = 52706963" >> /etc/sysctl.conf
grep 'fs.nr_open = 52706963' /etc/sysctl.conf || echo "fs.nr_open = 52706963" >> /etc/sysctl.conf
# 执行命令以生效
sysctl -p
#### 说明:上面的命令中/etc/sysctl.conf可以用/etc/sysctl.d/k8s.conf替换;生效使用sysctl -p /etc/sysctl.d/k8s.conf 命令
###############################################
# kube-proxy 开启ipvs的前置条件【本步骤可忽略,但推荐使用IPVS】
modprobe br_netfilter
cat > /etc/sysconfig/modules/ipvs.modules << EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
###############################################
# 安装 docker
## 参考文档如下
# https://www.cnblogs.com/zhanglianghhh/p/9891293.html
# https://docs.docker.com/install/linux/docker-ce/centos/
# https://docs.docker.com/install/linux/linux-postinstall/
## 卸载旧版本 根据需要放开注释
#yum remove -y docker \
#docker-client \
#docker-client-latest \
#docker-common \
#docker-latest \
#docker-latest-logrotate \
#docker-logrotate \
#docker-selinux \
#docker-engine-selinux \
#docker-engine
## 设置 docker yum repository
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
## 安装docker
# yum install -y docker-ce
yum install -y docker-ce-19.03.8
## 启动docker服务,这样可以创建/etc/docker目录
systemctl start docker
## 配置daemon
## 1、修改docker Cgroup Driver为systemd;2、日志格式设定
## 如果不修改,在添加 worker 节点时可能会碰到如下错误
## [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd".
## Please follow the guide at https://kubernetes.io/docs/setup/cri/
cat > /etc/docker/daemon.json << EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
}
}
EOF
## 开机自启动
systemctl stop docker && systemctl daemon-reload && systemctl ena