初学安装k8s遇见不少问题,经过查阅众多资料和实操,将安装过程呈现如下,主要为初学者提供便利。
# 修改hostname master 节点
$ hostnamectl set-hostname k8sm
# node节点 如有多个node节点可依次命名,因为内存有限我只起了一个node
$ hostnamectl set-hostname k8sn1
# 各服务节点host修改
$ vim /etc/hosts
$ service network restart
# k8s master和node节点同步执行 BEGIN
# 安装docker,所有k8s节点均要安装
# 下载docker安装脚本
$ curl -fsSL get.docker.com -o get-docker.sh
# 运行脚本
$ sh get-docker.sh --mirror Aliyun
# 重新加载配置
$ systemctl daemon-reload
# 启动docker
$ systemctl enable docker
# 启动docker
$ systemctl restart docker
# 查看docker版本
$ docker version
# 关闭防火墙
$ systemctl stop firewalld
$ systemctl disable firewalld
# 禁用SELINUX
$ setenforce 0
$ sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
# 如要永久禁用 需要重启
$ vim /etc/selinux/config
SELINUX=disabled
$ reboot
# 修改k8s.conf
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
# 关闭swap 临时关闭
$ swapoff -a
# 如要永久关闭swap,vim /etc/fstab 把加载swap分区的那行记录注释掉即可
#修改kubernete为阿里云镜像源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
#安装
$ yum install -y --nogpgcheck kubelet kubeadm kubectl
#启动
$ systemctl enable kubelet && systemctl start kubelet
# 编辑文件
$ vim /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf
# Note: This dropin only works with kubeadm and kubelet v1.11+
[Service]
CPUAccounting=true
MemoryAccounting=true
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"
Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"
#Environment="KUBE_ALLOW_PRIV=--allow-privileged=false"
# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically
EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env
# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use
# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file.
EnvironmentFile=-/etc/sysconfig/kubelet
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS
# 新建编辑文件
$ vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://82m9ar63.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
#重新加载配置
$ systemctl daemon-reload
#重启docker
$ systemctl restart docker
#重启kubelet
$ systemctl restart kubelet
# k8s master和node节点同步执行 END
# k8s master节点kubeadm初始化操作: --apiserver-advertise-address=本机IP;--kubernetes-version=当前版本
kubeadm init --image-repository=registry.aliyuncs.com/google_containers --apiserver-advertise-address=10.79.41.13 --pod-network-cidr=10.244.0.0/16 --kubernetes-version=v1.23.4
#执行结果
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.79.41.13:6443 --token dhn5cj.czgh2d4lhb47asij \
--discovery-token-ca-cert-hash sha256:01986242795f53558213cf7db4e61e63089b257b764ca3fafd6d502f89ea805a
# matser 节点配置网络 flannel network 复制文章内容 https://blog.csdn.net/qq_22409661/article/details/113371921
$ kubectl apply -f kube-flannel.yml
$ kubectl get node
NAME STATUS ROLES AGE VERSION
k8sm Ready control-plane,master 26m v1.23.4
# k8s node节点join操作,根据matser执行结果命令操作
$ kubeadm join 10.79.41.13:6443 --token dhn5cj.czgh2d4lhb47asij \
--discovery-token-ca-cert-hash sha256:01986242795f53558213cf7db4e61e63089b257b764ca3fafd6d502f89ea805a
# 执行join错误 [ERROR FileContent--proc-sys-net-ipv4-ip_forward]: /proc/sys/net/ipv4/ip_forward contents are not set to 1
$ echo 1 > /proc/sys/net/ipv4/ip_forward
# kubeadm join 执行结果
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
$ kubectl get node
NAME STATUS ROLES AGE VERSION
k8sm Ready control-plane,master 32m v1.23.4
k8sn1 Ready <none> 118s v1.23.4
——整体完