kubernetes集群部署
环境
两台服务器,都是CentOS Linux release 7.9.2009 (Core)
master节点部署
安装docker
https://blog.csdn.net/yorao4565/article/details/126332047
服务器配置
- 配置hostname
将要连接的服务器的hostname配置到hosts中(只需要在master部署)
vim /etc/hosts
1.1.1.103 k8s-node2
1.1.1.102 k8s-master
- 修改docker的驱动程序为systemd(为了正常运行kubelet)
vim /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
systemctl daemon-reload
systemctl restart docker
- 关闭swap(为了正常运行kubelet)
swapoff -a
- 关闭防火墙,进行时间同步等
yum安装
新增yum源
cd /etc/yum.repos.d/
vim kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
yum makecache fast
安装kubelet、kubeadm、kubectl
选择的版本为1.23.10
yum install -y kubelet-1.23.10 kubeadm-1.23.10 kubectl-1.23.10
安装完后,kubelet启动失败,后续init之后就可以正常启动
启动master
建议直接init,提前执行kubeadm config images pull会有问题
kubeadm init --image-repository=registry.aliyuncs.com/google_containers
#registry.aliyuncs.com/google_containers为国内镜像地址
如果启动成功,会出现successful字段;
控制台输出末尾会出现join命令:
kubeadm join 1.1.1.102:6443 --token fmf7jr.zzc9o4o3oyklndly \
--discovery-token-ca-cert-hash sha256:9b909c4ae4bf48e008389b7d2c68373f258414d8c9ce74210baead75ec10a5c3
查看启动情况
[root@localhost /]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
localhost.localdomain NotReady control-plane,master 158m v1.23.10
此时NAME为默认localhost,可以使用以下命令进行配置:
hostnamectl --static set-hostname k8s-master
使用配置文件启动(推荐)
首先获得配置文件
kubeadm config print init-defaults > init-config.yaml
保存该文件并修改,可以配置相关参数,配置完成后可以使用配置文件进行启动:
kubeadm join --config=/home/k8s/init.config.yaml
?
- 如果init过程中pull镜像失败,可以删除container配置文件并重启container
rm /etc/containerd/config.toml
systemctl restart containerd
- init失败后,需要reset在重新尝试
kubeadm reset
- The connection to the server localhost:8080 was refused - did you specify the right host or port?
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> /etc/profile
source /etc/profile
其他节点部署
首先安装docker,与master一致(相关配置同样需要)
再安装kubeadm和kubelet(不需要kubectl)
kubeadm join
直接命令行join(即使用master安装时最后一行log)
kubeadm join 1.1.1.102:6443 --token fmf7jr.zzc9o4o3oyklndly --discovery-token-ca-cert-hash sha256:9b909c4ae4bf48e008389b7d2c68373f258414d8c9ce74210baead75ec10a5出
join前需要配置hostname
配置文件join
kubeadm config print join-defaults > join.config.yaml
修改并保存配置文件
vim join.config.yaml
#修改:
apiServerEndpoint: 1.1.1.102:6443
token: fmf7jr.zzc9o4o3oyklndly
tlsBootstrapToken: fmf7jr.zzc9o4o3oyklndly
name: k8s-node2
#与命令行一致
join命令为:
kubeadm join --config=/home/k8s/join.config.yaml
查看结果:
在master节点:
[root@localhost /]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
localhost.localdomain NotReady control-plane,master 158m v1.23.10
k8s-node2 NotReady <none> 91m v1.23.10
安装网络插件CNI(calico)
在master节点执行
kubectl apply -f "https://docs.projectcalico.org/manifests/calico.yaml"
命令执行后,需要一段时间进行安装,安装完成后,进行查看:
kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-66966888c4-tr2zw 1/1 Running 0 9m31s
kube-system calico-node-t6m4m 0/1 Running 0 9m31s
kube-system calico-node-vtr7p 0/1 Running 0 9m31s
kube-system coredns-6d8c4cb4d-m2tbp 1/1 Running 0 6d3h
kube-system coredns-6d8c4cb4d-p4s4j 1/1 Running 0 6d3h
kube-system etcd-localhost.localdomain 1/1 Running 0 6d2h
kube-system kube-apiserver-localhost.localdomain 1/1 Running 0 6d2h
kube-system kube-controller-manager-localhost.localdomain 1/1 Running 0 6d2h
kube-system kube-proxy-844fj 1/1 Running 0 6d2h
kube-system kube-proxy-hlrrd 1/1 Running 0 6d3h
kube-system kube-scheduler-localhost.localdomain 1/1 Running 0 6d2h
全部pod处于running阶段
kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-node2 Ready <none> 6d2h v1.23.10
localhost.localdomain Ready control-plane,master 6d3h v1.23.10