K8S
一、准备三台虚拟机
node1:192.168.1.1 kuberdm,kubelet,kubectl,docker-ce
node2:192.168.1.2 kuberdm,kubelet,kubectl,docker-ce
node3:192.168.1.3 kuberdm,kubelet,kubectl,docker-ce二、步骤一(所有节点都执行)
$ iptables -F # 清空防火墙策略
$ setenforce 0 # 关闭selinux
$ ntpdate pool.ntp.org # 同步网络时间
$ systemctl stop firewalld # 关闭防火墙
$ vim /etc/hosts # 域名解析
192.168.1.1 node1
192.168.1.2 node2
192.168.1.3 node3
$ vim /etc/fstab
#UUID=* swap swap defaults 0 0 # 注释掉swap分区
$ echo "0" > /proc/sys/vm/swappiness # 修改参数
$ echo 'net.ipv4.ip forward = 1' >>/etc/sysctl.conf
$ cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip nonlocal_bind = 1
net.ipv4.ip forward = 1
vm.swappiness=0
EOF
$ cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- br_netfilter
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
$ chmod 755 /etc/sysconfig/modules/ipvs.modules
$ bash /etc/sysconfig/modules/ipvs.modules
$ lsmod|grep -E "ip_vs|nf_conntrack_ipv4"
$ shutdown -r now
# 安装docker
$ wget -O /etc/yum.repos.d/Centos-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
$ yum -y install yum-utils device-mapper-persistent-data lvm2
$ yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
$ yum -y install docker-ce
$ systemctl start docker && systemctl enable docker
cat << END > /etc/docker/daemon.json
{
"registry-mirrors":[ "https://nyakyfun.mirror.aliyuncs.com" ]
}
END
$ systemctl daemon-reload
$ systemctl restart docker
$ docker version
$ cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
$ yum -y info kubeadm
$ yum install -y kubelet kubeadm kubectl
# 由于官网未开放同步方式, 可能会有索引gpg检查失败的情况, 这时请用 yum install -y --nogpgcheck kubelet kubeadm kubectl
$ systemctl enable kubelet && systemctl start kubelet三、node1执行
$ kubeadm config print init-defaults > kubeadm-config.yaml
$ kubeadm config images pull --config kubeadm-config.yaml
# 如果没有这个文件 kubeadm config images pull --image-repository=registry.aliyuncs.com/google_containers
$ vim kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/vlbeta2
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- s1gning
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168 80.12 # 更改为node1本机IP
bindPort: 6443
nodeRegistration:
criSocket: /var/run/dockershim.sock
name: 192.168.80.12 # 更改为node1本机IP
taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master
---
apiServer:
timeoutForControLPlane: 4m0s
apiVersion: kubeadm.k8s.io/vlbeta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns:
type: CoreDNS
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: v1.17.4 # 更改为当前版本
networking:
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
podSubnet: 10.244.0.0/16
scheduler: {}
$ kubeadm init --config kubeadm-config.yaml
# 参数解释:
--image-repository 因为是从阿里云拉取的docker镜像,需要指定仓库来启动
--pod-network-cidr 指定pod内部的tcp网络
--apiserver-advertise-address 本机绑定的IP地址
执行完后,根据提示信息执行步骤
$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
通过docker pull拉取calico镜像
$ docker pull calico/node
$ docker pull calico/cni
$ docker pull calico/pod2daemon-flexvol
$ docker pull calico/kube-controllers
下载flannel.yaml文件
$ wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
$ sed -i 's@quay.io@quay.azk8s.cn@g' kube-flannel.yml
# 修改完后,应用
$ kubectl apply -f kube-flannel.yml
# 查看node节点和组件
$ kubectl get cs
$ kubectl get nodes
$ kubectl get pods -n kube-system四、重新安装环境
# 重置master
$ kubeadm reset
$ kubectl get nodes
$ vim kubeadm-config.yaml
networking:
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
podSubnet: 10.244.0.0/16 #添加这个内容
$ kubeadm init --config kubeadm-config.yaml
$ mkdir -p $HOME/.kube
$ cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ chown $(id -u):$(id -g) $HOME/.kube/config
$ kubectl get nodes
$ kubectl apply -f kube-flannel.yml
$ kubeadm config print join-defaults > kubeadm-config.yaml
$ vi kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
caCertPath: /etc/kubernetes/pki/ca.crt
discovery:
bootstrapToken:
apiServerEndpoint: mster:6443 # 更改为masterIP
token: abcdef.0123456789abcdef
unsafeSkipCAVerification: true
timeout: 5m0s
tlsBootstrapToken: abcdef.0123456789abcdef
kind: JoinConfiguration
nodeRegistration:
criSocket: /var/run/dockershim.sock
name: 192.168.132.132 # 更改为节点IP
taints: null
$ systemctl stop kubelet
$ rm -rf /etc/kubernetes/*
$ rm -rf /var/lib/kubelet/* # 会报错不影响
$ kubeadm join --config kubeadm-config.yaml
$ systemctl restart kubeletERROR
# [ERROR CRI]: container runtime is not running
rm /etc/containerd/config.toml
systemctl restart containerd
kubeadm init
# [ERROR Port-10250]: Port 10250 is in use
kubeadm reset作者:admin 创建时间:2023-04-27 13:37
最后编辑:admin 更新时间:2024-07-17 15:26
最后编辑:admin 更新时间:2024-07-17 15:26
