文章目录
- 操作流程:
- 前置:Docker和K8S安装版本匹配查看
- 0.1:安装指定docker版本
- **[1 — 7] ** [ 配置K8S主从集群前置准备操作 ]
- 一:主节点操作 查看主机域名->编辑域名->域名配置
- 二:安装自动填充,虚拟机默认没有
- 三:关闭防火墙
- 四:关闭交换空间
- 五:禁用 Selinux
- 六: 允许 ip tables 检查桥接流量
- 七:设置K8S相关系统参数
- 7.0:镜像加速
- 7.1:K8S仓库国内源
- 7.2:配置 sysctl 参数,网桥和地址转发,重新启动后配置不变
- 7.2.1:配置sysctl 内核参数而不重新启动
- 八:安装K8S -- kubelet,kubeadm,kubectl核心组件
- 8.1:安装命令
- 8.2 前置-注意:安装网络插件coredns,否则在第九步执行init会卡住
- 九:kubeadm init生成Node
- 9.1: 当前主节点执行
- 9.1.1:master节点操作address=192.168.56.101
- 9.2: 上述会生成如下日志说明成功
- 9.4: 根据日志提示 <font color = red>执行 对应指令 mkdir 等
- 9.5 配置calico网络
- 9.6 修改calico.yaml
- 9.7:执行calico.yaml生成pod
- 9.7.1:kubectl apply -f calico.yaml
- 9.7.2:查看pod信息:
- 9.7.3:查看node信息:
操作流程:
主节点:安装coredns -> init初始化 主节点(此时还没有安装calico)
从节点:基于主节点生成join命令加入集群
主节点:安装calico:apply 生成pod,此时没有调整yaml网卡
coredns 和calico pod 运行成功
但是 calico-node-cl8f2 运行失败
查看 解决链接
前置:Docker和K8S安装版本匹配查看
因为之前写过一篇,calico一直异常,步骤一样所以怀疑是版本不匹配,这次看都是成功的
Kubernetes 版本 Docker 版本
1.20 19.03
1.21 20.10
1.22 20.10
1.23 20.10
1.24 20.10
0.1:安装指定docker版本
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo: yum-config-manager:找不到命令 -> 执行
sudo yum install yum-utils
yum list docker-ce --showduplicates | sort -r
[root@10 ~]# yum list docker-ce --showduplicates | sort -r
已加载插件:fastestmirror
已安装的软件包
可安装的软件包
* updates: mirrors.ustc.edu.cn
Loading mirror speeds from cached hostfile
* extras: mirrors.ustc.edu.cn
docker-ce.x86_64 3:26.0.0-1.el7 docker-ce-stable
。。。。
docker-ce.x86_64 3:20.10.8-3.el7 docker-ce-stable
docker-ce.x86_64 3:20.10.5-3.el7 docker-ce-stable
yum install docker-ce-20.10.8-3.el7 -y
**[1 — 7] ** [ 配置K8S主从集群前置准备操作 ]
一:主节点操作 查看主机域名->编辑域名->域名配置
[root@localhost ~]# hostname
localhost.localdomain
[root@localhost ~]# hostnamectl set-hostname adam-init-master
[root@localhost ~]# hostname
adam-init-master
[root@localhost ~]#
[root@vbox-master-01-vbox-01 ~]# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
# 以下添加
192.168.56.104 adam-init-master
192.168.56.105 adam-init-slaver-one
二:安装自动填充,虚拟机默认没有
[root@vbox-master-01-vbox-01 ~]# yum -y install bash-completion
已加载插件:fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Determining fastest mirrors
* base: ftp.sjtu.edu.cn
* extras: mirrors.nju.edu.cn
* updates: mirrors.aliyun.com
三:关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
四:关闭交换空间
free -h
swapoff -a
sed -i 's/.*swap.*/#&/' /etc/fstab
free -h
五:禁用 Selinux
sed -i “s/^SELINUX=enforcing/SELINUX=disabled/g” /etc/sysconfig/selinux
[root@nodemaster /]# sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux
六: 允许 ip tables 检查桥接流量
iptables -F && iptables -X && iptables -F -t nat && iptables -X -t nat && iptables -P FORWARD ACCEPT
七:设置K8S相关系统参数
7.0:镜像加速
第一行驱动
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://hnkfbj7x.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
7.1:K8S仓库国内源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
# 是否开启本仓库
enabled=1
# 是否检查 gpg 签名文件
gpgcheck=0
# 是否检查 gpg 签名文件
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
7.2:配置 sysctl 参数,网桥和地址转发,重新启动后配置不变
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
7.2.1:配置sysctl 内核参数而不重新启动
sysctl --system
八:安装K8S – kubelet,kubeadm,kubectl核心组件
8.1:安装命令
[root@master local]# sudo yum install -y kubelet-1.23.0 kubeadm-1.23.0 kubectl-1.23.0 --disableexcludes=kubernetes --nogpgcheck
已安装:
kubeadm.x86_64 0:1.23.0-0 kubectl.x86_64 0:1.23.0-0 kubelet.x86_64 0:1.23.0-0
作为依赖被安装:
conntrack-tools.x86_64 0:1.4.4-7.el7 cri-tools.x86_64 0:1.26.0-0
kubernetes-cni.x86_64 0:1.2.0-0 libnetfilter_cthelper.x86_64 0:1.0.0-11.el7
libnetfilter_cttimeout.x86_64 0:1.0.0-7.el7 libnetfilter_queue.x86_64 0:1.0.2-2.el7_2
socat.x86_64 0:1.7.3.2-2.el7
完毕!
8.2 前置-注意:安装网络插件coredns,否则在第九步执行init会卡住
docker pull coredns/coredns
docker tag coredns/coredns:latest registry.aliyuncs.com/google_containers/coredns/coredns:v1.8.0
[root@master kubernetes]# docker pull coredns/coredns
[root@master kubernetes]# docker tag coredns/coredns:latest registry.aliyuncs.com/google_containers/coredns/coredns:v1.8.0
九:kubeadm init生成Node
9.1: 当前主节点执行
9.1.1:master节点操作address=192.168.56.101
kubeadm init --kubernetes-version=yourversion --image-repository=registry.aliyuncs.com/google_containers --apiserver-advertise-address=your IP
kubeadm init --kubernetes-version=v1.23.0 --image-repository=registry.aliyuncs.com/google_containers --apiserver-advertise-address=192.168.56.104
9.2: 上述会生成如下日志说明成功
主节点生成:
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.56.104:6443 --token zxnok7.i6i4b4id4y5q1nsa \
--discovery-token-ca-cert-hash sha256:7760cfca134b2df5ef7757e7a6756a13e66415665dd48ae94a20d98b812c277d
9.4: 根据日志提示 执行 对应指令 mkdir 等
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown
(
i
d
−
u
)
:
(id -u):
(id−u):(id -g) $HOME/.kube/config
export KUBECONFIG=/etc/kubernetes/admin.conf
9.5 配置calico网络
wget --no-check-certificate https://projectcalico.docs.tigera.io/archive/v3.25/manifests/calico.yaml
[root@master kubernetes]# wget --no-check-certificate https://projectcalico.docs.tigera.io/archive/v3.25/manifests/calico.yaml
--2023-05-03 02:23:02-- https://projectcalico.docs.tigera.io/archive/v3.25/manifests/calico.yaml
正在解析主机 projectcalico.docs.tigera.io (projectcalico.docs.tigera.io)... 13.228.199.255, 18.139.194.139, 2406:da18:880:3800::c8, ...
正在连接 projectcalico.docs.tigera.io (projectcalico.docs.tigera.io)|13.228.199.255|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:238089 (233K) [text/yaml]
正在保存至: “calico.yaml”
100%[=====================================================================================>] 238,089 392KB/s 用时 0.6s
2023-05-03 02:23:03 (392 KB/s) - 已保存 “calico.yaml” [238089/238089])
9.6 修改calico.yaml
执行ip addr 查看固定网卡名
[root@master kubernetes]# vi calico.yaml
当前 为enp0s3
# CLUSTER_TYPE 下方添加信息
- name: CLUSTER_TYPE
value: "k8s,bgp"
# 下方为新增内容
- name: IP_AUTODETECTION_METHOD
value: "interface=网卡名称(enp0s3)"
9.7:执行calico.yaml生成pod
9.7.1:kubectl apply -f calico.yaml
[root@10 ~]# kubectl apply -f calico.yaml
poddisruptionbudget.policy/calico-kube-controllers configured
serviceaccount/calico-kube-controllers unchanged
serviceaccount/calico-node unchanged
9.7.2:查看pod信息:
[root@10 ~]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-64cc74d646-ftk5q 1/1 Running 0 2m1s
kube-system calico-node-qhspk 1/1 Running 0 2m1s
kube-system coredns-6d8c4cb4d-gdfr6 1/1 Running 0 13m
kube-system coredns-6d8c4cb4d-wr97f 1/1 Running 0 13m
kube-system etcd-adam-init-master 1/1 Running 1 14m
kube-system kube-apiserver-adam-init-master 1/1 Running 1 14m
kube-system kube-controller-manager-adam-init-master 1/1 Running 1 14m
kube-system kube-proxy-2xsdb 1/1 Running 0 13m
kube-system kube-scheduler-adam-init-master 1/1 Running 1 14m
9.7.3:查看node信息:
[root@10 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
adam-init-master Ready control-plane,master 14m v1.23.0
