#关闭selinux
vi /etc/selinux/config
将SELINUX=enforcing改为SELINUX=disabled
#关闭防火墙
systemctl disable firewalld.service
systemctl stop firewalld.service
docker-ce镜像
yum install -y yum-utils
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#k8s 镜像
cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
###禁用swap::
swapoff -a ##临时禁用
vi /etc/fstab #永久禁用(加上#号)
#UUID=12cc5bfd-55a6-4081-94be-ee1ef977ed44 swap swap defaults 0 0
#hosts文件配置
10.1.1.207 k8s-master
10.1.1.208 k8s-node01
10.1.1.209 k8s-node02
##安装
yum install docker-ce-18.06.3.ce kubelet-1.13.5 kubeadm-1.13.5 kubectl-1.13.5 --disableexcludes=kubernetes -y
##vi /usr/lib/systemd/system/docker.service
ExecStartPost=/usr/sbin/iptables -P FORWARD ACCEPT
配置docker-ce加速
#mkdir -p /etc/docker
[root@node01 ~]# vi /etc/docker/daemon.json
{
“registry-mirrors”:[“https://registry.docker-cn.com”]
}
cat < /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
##sysctl --system
[root@master ~]# vi /etc/default/kubelet
KUBELET_EXTRA_ARGS=–cgroup-driver=systemd
查看该版本的容器镜像版本:
kubeadm config images list
输出如下
k8s.gcr.io/kube-apiserver:v1.13.4
k8s.gcr.io/kube-controller-manager:v1.13.4
k8s.gcr.io/kube-scheduler:v1.13.4
k8s.gcr.io/kube-proxy:v1.13.4
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.2.24
k8s.gcr.io/coredns:1.2.6
###先将集群所需镜像拉去到本地并重新打tag (所有节点都要操作)
MY_REGISTRY=registry.cn-hangzhou.aliyuncs.com/openthings
docker pull ${MY_REGISTRY}/k8s-gcr-io-kube-apiserver:v1.13.5
docker pull ${MY_REGISTRY}/k8s-gcr-io-kube-controller-manager:v1.13.5
docker pull ${MY_REGISTRY}/k8s-gcr-io-kube-scheduler:v1.13.5
docker pull ${MY_REGISTRY}/k8s-gcr-io-kube-proxy:v1.13.5
docker pull ${MY_REGISTRY}/k8s-gcr-io-etcd:3.2.24
docker pull ${MY_REGISTRY}/k8s-gcr-io-pause:3.1
docker pull ${MY_REGISTRY}/k8s-gcr-io-coredns:1.2.6
##因为kubeadm只识别k8s.gcr.io下的镜像所以需要重新打tag
##k8s.gcr.io/pause:3.1是为pod提供底层基础的容器,它仅为pod分配网络名称空间,IP地址、主机名和存储卷
docker tag ${MY_REGISTRY}/k8s-gcr-io-kube-apiserver:v1.13.5 k8s.gcr.io/kube-apiserver:v1.13.5
docker tag ${MY_REGISTRY}/k8s-gcr-io-kube-scheduler:v1.13.5 k8s.gcr.io/kube-scheduler:v1.13.5
docker tag ${MY_REGISTRY}/k8s-gcr-io-kube-controller-manager:v1.13.5 k8s.gcr.io/kube-controller-manager:v1.13.5
docker tag ${MY_REGISTRY}/k8s-gcr-io-kube-proxy:v1.13.5 k8s.gcr.io/kube-proxy:v1.13.5
docker tag ${MY_REGISTRY}/k8s-gcr-io-etcd:3.2.24 k8s.gcr.io/etcd:3.2.24
docker tag ${MY_REGISTRY}/k8s-gcr-io-pause:3.1 k8s.gcr.io/pause:3.1
docker tag ${MY_REGISTRY}/k8s-gcr-io-coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
docker rmi ${MY_REGISTRY}/k8s-gcr-io-kube-apiserver:v1.13.5
docker rmi ${MY_REGISTRY}/k8s-gcr-io-kube-controller-manager:v1.13.5
docker rmi ${MY_REGISTRY}/k8s-gcr-io-kube-scheduler:v1.13.5
docker rmi ${MY_REGISTRY}/k8s-gcr-io-kube-proxy:v1.13.5
docker rmi ${MY_REGISTRY}/k8s-gcr-io-etcd:3.2.24
docker rmi ${MY_REGISTRY}/k8s-gcr-io-pause:3.1
docker rmi ${MY_REGISTRY}/k8s-gcr-io-coredns:1.2.6
#####重启
[root@nede01 ~]# systemctl enable kubelet docker
[root@nede01 ~]# systemctl start kubelet docker
###初始化只在master上
kubeadm init --kubernetes-version=v1.13.5 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --apiserver-advertise-address=0.0.0.0 --ignore-preflight-errors=Swap
忽略部分=================
[bootstraptoken] creating the “cluster-info” ConfigMap in the “kube-public” namespace
[addons] Applied essential addon: CoreDNS ##这里是从1.11.x开始就用coreDNS(1.11前的版本是用改革前的版本)
[addons] Applied essential addon: kube-proxy ##这个也是1.11.x改版了
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
###下面三行需要执行,如果是root用户就只要执行前两行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown
(
i
d
−
u
)
:
(id -u):
(id−u):(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run “kubectl apply -f [podnetwork].yaml” with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each node
as root:
###node节点要加入集群就需要用使用下面一行。
kubeadm join 10.1.1.207:6443 --token pbuls7.mo2jyhv0cxjjw450 --discovery-token-ca-cert-hash sha256:6f2638010dad94098295fdf444b41227c5159a03e5ef83321ed4e46e7c901370
[root@master ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {“health”: “true”}
[root@master ~]# kubectl get nodes ##STATUS = NotReady是应为还没部署网络插件(flannel)
NAME STATUS ROLES AGE VERSION
master NotReady master 11m v1.13.5
###部署flannel网络插件
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
###查看kube-flannel-ds-amd64-5w79w已经部署好了
[root@master ~]# kubectl get pods -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-86c58d9df4-bfj99 1/1 Running 0 20m 10.244.0.3 master
coredns-86c58d9df4-rbt5m 1/1 Running 0 20m 10.244.0.2 master
etcd-master 1/1 Running 0 20m 172.16.0.70 master
kube-apiserver-master 1/1 Running 0 19m 172.16.0.70 master
kube-controller-manager-master 1/1 Running 0 19m 172.16.0.70 master
kube-flannel-ds-amd64-5w79w 1/1 Running 0 3m49s 172.16.0.70 master
kube-proxy-kpnsw 1/1 Running 0 20m 172.16.0.70 master
kube-scheduler-master 1/1 Running 0 19m 172.16.0.70 master
[root@master ~]# kubectl get node ## STATUS =Ready 可以看到master网络已经好了
NAME STATUS ROLES AGE VERSION
master Ready master 21m v1.13.5
###集群加入节点(kubeadm init 初始化成功后的最后一段在node节点执行)
kubeadm join 10.1.1.207:6443 --token pbuls7.mo2jyhv0cxjjw450 --discovery-token-ca-cert-hash sha256:6f2638010dad94098295fdf444b41227c5159a03e5ef83321ed4e46e7c901370
277
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
