kubeadm安装k8s 1.18x

4,881次阅读
没有评论

共计 6079 个字符,预计需要花费 16 分钟才能阅读完成。

kubeadm安装k8s 1.18x

k8s更新真的快,想想初次接触时是19年,当时还再搞1.12.x,现在都1.22.x了….(っ °Д °)っ

写个历史版本记录下,以前的文档已经out了

kubeadm 是 Kubernetes 官方支持的安装方式(系统版本推荐:Cent OS 7.6 / 7.7 / 7.8

修改主机名

# master节点
hostnamectl set-hostname master
# 设置 hostname 解析
echo "127.0.0.1   $(hostname)" >> /etc/hosts

# node1节点
hostnamectl set-hostname node1
# 设置 hostname 解析
echo "127.0.0.1   $(hostname)" >> /etc/hosts

# node2节点
hostnamectl set-hostname node2
# 设置 hostname 解析
echo "127.0.0.1   $(hostname)" >> /etc/hosts

安装docker和kubelet

每个节点都需要执行这节步骤

安装docker

1.卸载旧版本

yum remove -y docker \
docker-client \
docker-client-latest \
docker-ce-cli \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine

2.设置yum仓库

yum install -y yum-utils \
device-mapper-persistent-data \
lvm2

# 设置阿里云base/epel源
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
curl -o /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo

yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

3.安装并启动docker

yum install -y docker-ce-19.03.8 docker-ce-cli-19.03.8 containerd.io
systemctl enable docker
systemctl start docker

4.其他配置

# 安装nfs-utils为后续使用nfs做存储

yum install -y nfs-utils
yum install -y wget

# 关闭防火墙
systemctl stop firewalld
systemctl disable firewalld

# 关闭SeLinux
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config

# 关闭swap
swapoff -a
yes | cp /etc/fstab /etc/fstab_bak
cat /etc/fstab_bak |grep -v swap > /etc/fstab

# 修改 /etc/sysctl.conf
# 如果有配置,则修改
sed -i "s#^net.ipv4.ip_forward.*#net.ipv4.ip_forward=1#g"  /etc/sysctl.conf
sed -i "s#^net.bridge.bridge-nf-call-ip6tables.*#net.bridge.bridge-nf-call-ip6tables=1#g"  /etc/sysctl.conf
sed -i "s#^net.bridge.bridge-nf-call-iptables.*#net.bridge.bridge-nf-call-iptables=1#g"  /etc/sysctl.conf
sed -i "s#^net.ipv6.conf.all.disable_ipv6.*#net.ipv6.conf.all.disable_ipv6=1#g"  /etc/sysctl.conf
sed -i "s#^net.ipv6.conf.default.disable_ipv6.*#net.ipv6.conf.default.disable_ipv6=1#g"  /etc/sysctl.conf
sed -i "s#^net.ipv6.conf.lo.disable_ipv6.*#net.ipv6.conf.lo.disable_ipv6=1#g"  /etc/sysctl.conf
sed -i "s#^net.ipv6.conf.all.forwarding.*#net.ipv6.conf.all.forwarding=1#g"  /etc/sysctl.conf
# 可能没有,追加
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf
echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.forwarding = 1"  >> /etc/sysctl.conf
# 执行命令以应用
sysctl -p

安装kubelet/kubeadm/kubectl

1.配置k8s yum源

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
       http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

2.安装kubelet/kubeadm/kubectl

# 安装kubelet/kubeadm/kubectl
# 将 ${k8s_version}替换为kubernetes版本号,例如1.18.9
export k8s_version=1.18.9
yum install -y kubelet-${k8s_version} kubeadm-${k8s_version} kubectl-${k8s_version}

3.调整docker sytemd配置文件

# 修改docker Cgroup Driver为systemd
# # 将/usr/lib/systemd/system/docker.service文件中的这一行 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
# # 修改为 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd
# 如果不修改,在添加 worker 节点时可能会碰到如下错误
# [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". 
# Please follow the guide at https://kubernetes.io/docs/setup/cri/
sed -i "s#^ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd#g" /usr/lib/systemd/system/docker.service

4.设置国内镜像仓库

# 修改/etc/docker/daemon.json
cat >/etc/docker/daemon.json<<EOF
{"registry-mirrors": ["https://registry.cn-hangzhou.aliyuncs.com"]}
EOF

5.重启docker/kubelet

systemctl daemon-reload
systemctl restart docker
systemctl enable kubelet && systemctl start kubelet

# 此时kubelet状态时启动失败的,可以忽略,因为需要后面步骤初始化后才能正常启动

初始化master节点

配置apiserver

# 此时是单master节点,则以master ip为apiserver
export MASTER_IP=x.x.x.x

# 替换 apiserver.demo 为 您想要的 dnsName
export APISERVER_NAME=apiserver.demo

# Kubernetes容器组所在的网段,该网段安装完成后,由kubernetes创建,事先并不存在于您的物理网络中
export POD_SUBNET=10.100.0.1/16
echo "${MASTER_IP}    ${APISERVER_NAME}" >> /etc/hosts

生成kubeadm配置文件

# 确保上面两个APISERVER_NAME和POD_SUBNET已配置

cat <<EOF > ./kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: v${1}
imageRepository: registry.aliyuncs.com/k8sxio
controlPlaneEndpoint: "${APISERVER_NAME}:6443"
networking:
  serviceSubnet: "10.96.0.0/16"
  podSubnet: "${POD_SUBNET}"
  dnsDomain: "cluster.local"
EOF

初始化master节点

# 根据kubeadm配置文件初始化,期间会拉取镜像等等,确保网速ok,估计10min左右
kubeadm init --config=kubeadm-config.yaml --upload-certs

# 配置 kubectl
rm -rf /root/.kube/
mkdir /root/.kube/
cp -i /etc/kubernetes/admin.conf /root/.kube/config

安装calico网络插件

# 参考文档 https://docs.projectcalico.org/v3.13/getting-started/kubernetes/self-managed-onprem/onpremises
echo "安装calico-3.13.1"
rm -f calico-3.13.1.yaml
wget https://kuboard.cn/install-script/calico/calico-3.13.1.yaml
kubectl apply -f calico-3.13.1.yaml

查看master状态

# 查看kube-system空间所有pod状态
watch kubectl get pod -n kube-system -o wide

# 查看所有节点状态
kubectl get nodes -o wide

初始化worker节点

获取新增节点命令

# 在master节点执行,获取加入的命令
# kubeadm token create --print-join-command

# 样例
[root@master ~]# kubeadm token create --print-join-command
W0429 13:08:33.264079   23679 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
kubeadm join apiserver.demo:6443 --token d0vdnm.o2imjbqk7c4i2zh3     --discovery-token-ca-cert-hash sha256:88d17e93c45bc15c6a1d2fa7bf12bb0a86281ffdc9ddc979050967f7e55d3a6d

节点加入集群

# 新节点需要将apiserver.demo配置host解析
export MASTER_IP=x.x.x.x
export APISERVER_NAME=apiserver.demo
echo "${MASTER_IP}    ${APISERVER_NAME}" >> /etc/hosts

# 加入集群,请修改为自己在master上获取的集群加入的命令
kubeadm join apiserver.demo:6443 --token d0vdnm.o2imjbqk7c4i2zh3     --discovery-token-ca-cert-hash sha256:88d17e93c45bc15c6a1d2fa7bf12bb0a86281ffdc9ddc979050967f7e55d3a6d

查看集群所有节点状态

# 在master上查看所有节点状态
kubectl get nodes

[root@master ~]# kubectl get nodes
NAME     STATUS   ROLES    AGE     VERSION
master   Ready    master   5m3s   v1.18.9
node1    Ready    <none>   2m26s   v1.18.9
node2    Ready    <none>   3m56s   v1.18.9

正文完
k8s
2021-05-09
 1
xadocker
版权声明:本站原创文章,由 xadocker 2021-05-09发表,共计6079字。
转载说明:除特殊说明外本站文章皆由CC-4.0协议发布,转载请注明出处。
K8s中的权限-用户管理
多集群多prometheus实例下的管理
Jenkins多节点结构
k8s部署中间件-redis
评论(没有评论)