Kubeadm 部署kubernetes

一、环境准备

1.1 操作系统

角色IP部署内容
master 192.168.10.109 kubeadm kubelet kubectl
node1 192.168.10.107 kubeadm kubelet
node2 192.168.10.108 kubeadm kubelet

  修改/etc/hosts文件,加入maste和node节点信息

1.2 关闭防火墙

systemctl stop firewalld
systemctl disable firewalld

1.3 关闭swap

1 swapoff -a
2 修改/etc/fstab 注释掉关于swap部分

二、安装docker

2.1 安装

安装docker
1.更新yum包
    yum update
2.卸载旧版本
    yum remove docker
3.安装依赖
    yum install -y yum-utils device-mapper-persistent-data lvm2
4.设置yum源
    yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
5.安装docker
    yum install docker-ce
6.启动docker
    systemctl start docker
    systemctl enable docker 
7.验证安装是否成功
    docker version

2.2 替换国内源

vi /etc/docker/daemon.json
{
    "registry-mirrors": ["https://registry.docker-cn.com"]
}
systemctl restart docker.service

2.3 配置k8s源

 1 /etc/yum.repos.d/kubernetes.repo
 2 
 3 [kubernetes]
 4 name=Kubernetes Repo
 5 baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
 6 gpgcheck=1
 7 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
 8 enable=1
 9 
10 
11 wget https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
12 rpm --import rpm-package-key.gpg
13 yum repolist

 

三、安装Kubernetes

以下部分在master上执行

3.1 安装kubeadm和相关工具

yum -y install kubelet kubeadm kubectl --disableexcludes=kubernets

此时kubectl可能会起不来,可以在kubeadm init完成后再启动

3.2 kubeadm  config

执行kubeadm config print init-defaults,获取默认的初始化参数文件

kubeadm config print init-defaults > init.default.yaml

将该文件保存备用

3.3 列出所需的镜像列表

kubeadm config images list

k8s.gcr.io/kube-apiserver:v1.18.3
k8s.gcr.io/kube-controller-manager:v1.18.3
k8s.gcr.io/kube-scheduler:v1.18.3
k8s.gcr.io/kube-proxy:v1.18.3
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.3-0
k8s.gcr.io/coredns:1.6.7
 k8s.gcr.io镜像仓库地址在国内无法访问,可以使用下面地址替代
 registry.cn-hangzhou.aliyuncs.com/google_containers
没有v1.18.3就找v1.18.2
images=(kube-apiserver:v1.18.3kube-controller-manager:v1.18.3kube-scheduler:v1.18.3kube-proxy:v1.18.3pause:3.2etcd:3.4.3-0coredns:1.6.7
)

for imageName in ${images[@]};do
    docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
    docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName  k8s.gcr.io/$imageName
    docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName

3.4 初始化环境

kubeadm init 
# 这一步注意,如果需要特定的网络插件,需要额外加参数,具体看网络插件的介绍
保存好 kubeadm join的信息
kubeadm join 192.168.10.109:6443 --token 3fntt0.e0k8ivnl1p6cxesy \
    --discovery-token-ca-cert-hash sha256:f98b963683b0370f6b24ca7ea4577a08acbf9ce9a88902aadfe115b8a2c258a7

 

报错信息  
以下修改在node节点上也执行

1)detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd".
修改或创建/etc/docker/daemon.json,加入下面的内容:
{
  "exec-opts": ["native.cgroupdriver=systemd"]
}
systemctl restart docker

2)/proc/sys/net/bridge/bridge-nf-call-iptables contents are not set to 1

echo "1" >/proc/sys/net/bridge/bridge-nf-call-iptables


3)/proc/sys/net/ipv4/ip_forward contents are not set to 1
echo "1" >/proc/sys/net/ipv4/ip_forward

[ERROR Swap]: running with swap on is not supported. Please disable swap
swapoff -a
vim /etc/fstab 注释掉swap部分

 

3.5 配置授权信息

按照init最后部分提示执行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
此时已经在master上安装完成了Kubernetes,但集群内还没有可以用的Node,并缺乏对容器网络的配置
启动master上的kubelet
systemctl start kubelet && systemctl enable kubelet

 

Kubernetes官方默认策略是worker节点运行Pod,master节点不运行Pod。如果为了测试或开发目的部署单节点集群,可以通过以下命令设置:

kubectl taint nodes --all node-role.kubernetes.io/master-

 

3.6 配置node节点

对于新节点的加入,系统准备和Kubernetes yum源配置过程一样

yum install kubelet kubeadm --disableexcludes=kubernetes

将node节点加入集群

kubeadm join 192.168.10.109:6443 --token 3fntt0.e0k8ivnl1p6cxesy  \
   --discovery-token-ca-cert-hash sha256:f98b963683b0370f6b24ca7ea4577a08acbf9ce9a88902aadfe115b8a2c258a7

在node节点上启动kubelet

systemctl start kubelet && systemctl enable kubelet

 

四、网络插件

在master上执行kubectl get nodes命令,会发现Kubernetes提示节点为NotReady状态,这是因为还没有安装CNI网络插件

 

# kubectl get nodes
NAME     STATUS     ROLES    AGE     VERSION
master   NotReady   master   27m     v1.18.3
node1    NotReady   <none>   4m26s   v1.18.3
node2    NotReady   <none>   4m5s    v1.18.3

4.1 flannel

需要在kubeadm init 时设置 --pod-network-cidr=10.244.0.0/16

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml

 

 4.2 weave

sysctl net.bridge.bridge-nf-call-iptables=1
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

 

4.3 calico

需要 kubeadm init 时设置 --pod-network-cidr=192.168.0.0/16

kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml 

例如选择weave插件,执行命令安装

kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

 

 4.5 验证Kubernetes集群是否安装成功

kubectl  get pods -n kube-system

NAME                             READY   STATUS    RESTARTS   AGE
coredns-66bff467f8-hqqz7         1/1     Running   0          73m
coredns-66bff467f8-z2hr4         1/1     Running   0          73m
etcd-master                      1/1     Running   1          73m
kube-apiserver-master            1/1     Running   1          73m
kube-controller-manager-master   1/1     Running   1          73m
kube-proxy-fhzcv                 1/1     Running   0          50m
kube-proxy-jhmp5                 1/1     Running   0          50m
kube-proxy-n7ldl                 1/1     Running   1          73m
kube-scheduler-master            1/1     Running   1          73m
weave-net-2d6sz                  2/2     Running   0          32m
weave-net-jfxbt                  2/2     Running   0          32m
weave-net-kmj98                  2/2     Running   0          32m

其中有些可能不能启动,大部分原因就是镜像获取不到,如果是k8s.gcr.io仓库的,可以把之前下载

到master上的镜像导入到node节点上

查看pod启动失败的原因 
kubectl -n kube-system describe pod <pod-name>

查看节点是否都Ready

# kubectl get nodes
NAME     STATUS   ROLES    AGE   VERSION
master   Ready    master   73m   v1.18.3
node1    Ready    <none>   50m   v1.18.3
node2    Ready    <none>   50m   v1.18.3

至此,通过kubeadm工具就实现了Kubernetes集群的安装。

 

posted @ 2020-08-10 13:46  Bigberg  阅读(1038)  评论(0编辑  收藏  举报