Service Mesh服务网格技术探究---VMWare+k8s集群+Istio系列:k8s集群之master安装

  一、Master安装

  环境准备:

  1、卸载podman

[root@k8s-master ~]# yum remove podman
Dependencies resolved.
================================================================================
 Package         Arch   Version                                Repository  Size
================================================================================
Removing:
 podman          x86_64 3.2.3-0.10.module_el8.4.0+886+c9a8d9ad @appstream  48 M
Removing dependent packages:
 cockpit-podman  noarch 32-2.module_el8.4.0+886+c9a8d9ad       @appstream 410 k
Removing unused dependencies:
 conmon          x86_64 2:2.0.29-1.module_el8.4.0+886+c9a8d9ad @appstream 164 k
 podman-catatonit
                 x86_64 3.2.3-0.10.module_el8.4.0+886+c9a8d9ad @appstream 752 k

Transaction Summary
================================================================================
Remove  4 Packages

Freed space: 50 M
Is this ok [y/N]: y
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                        1/1
  Running scriptlet: cockpit-podman-32-2.module_el8.4.0+886+c9a8d9ad.noar   1/1
  Erasing          : cockpit-podman-32-2.module_el8.4.0+886+c9a8d9ad.noar   1/4
  Erasing          : podman-3.2.3-0.10.module_el8.4.0+886+c9a8d9ad.x86_64   2/4
  Running scriptlet: podman-3.2.3-0.10.module_el8.4.0+886+c9a8d9ad.x86_64   2/4
  Erasing          : podman-catatonit-3.2.3-0.10.module_el8.4.0+886+c9a8d   3/4
  Erasing          : conmon-2:2.0.29-1.module_el8.4.0+886+c9a8d9ad.x86_64   4/4
  Running scriptlet: conmon-2:2.0.29-1.module_el8.4.0+886+c9a8d9ad.x86_64   4/4
  Verifying        : cockpit-podman-32-2.module_el8.4.0+886+c9a8d9ad.noar   1/4
  Verifying        : conmon-2:2.0.29-1.module_el8.4.0+886+c9a8d9ad.x86_64   2/4
  Verifying        : podman-3.2.3-0.10.module_el8.4.0+886+c9a8d9ad.x86_64   3/4
  Verifying        : podman-catatonit-3.2.3-0.10.module_el8.4.0+886+c9a8d   4/4

Removed:
  cockpit-podman-32-2.module_el8.4.0+886+c9a8d9ad.noarch
  conmon-2:2.0.29-1.module_el8.4.0+886+c9a8d9ad.x86_64
  podman-3.2.3-0.10.module_el8.4.0+886+c9a8d9ad.x86_64
  podman-catatonit-3.2.3-0.10.module_el8.4.0+886+c9a8d9ad.x86_64

Complete!

   2、关闭交换区

  临时关闭 

[root@k8s-master ~]# swapoff -a

   永久关闭

[root@k8s-master ~]# sed -i 's/.*swap.*/#&/' /etc/fstab

  3、禁用selinux

  临时禁用

[root@k8s-master ~]# setenforce 0

   永久禁用

[root@k8s-master ~]# sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config

   4、关闭防火墙

[root@k8s-master ~]# systemctl stop firewalld.service
[root@k8s-master ~]# systemctl disable firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

  二、k8s安装

  1、配置系统基本安装源

[root@k8s-master ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2595  100  2595    0     0   3707      0 --:--:-- --:--:-- --:--:--  3707

  2、添加k8s安装源

  编辑/etc/yum.repos.d/kubernetes.repo文件

[root@k8s-master ~]# vim  /etc/yum.repos.d/kubernetes.repo

  在kubernetes.repo文件中增加如下内容:

[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

  3、安装docker

[root@k8s-master ~]# yum install -y yum-utils device-mapper-persistent-data lvm2 net-tools
Repository extras is listed more than once in the configuration
CentOS-8 - Base - mirrors.aliyun.com                                                                                        1.1 MB/s | 7.4 MB     00:06
CentOS-8 - Extras - mirrors.aliyun.com                                                                                       37 kB/s |  10 kB     00:00
CentOS-8 - AppStream - mirrors.aliyun.com                                                                                   1.1 MB/s | 8.9 MB     00:08
Kubernetes                                                                                                                  3.2 kB/s | 844  B     00:00
Kubernetes                                                                                                                   27 kB/s | 3.4 kB     00:00
Importing GPG key 0x307EA071:
 Userid     : "Rapture Automatic Signing Key (cloud-rapture-signing-key-2021-03-01-08_01_09.pub)"
 Fingerprint: 7F92 E05B 3109 3BEF 5A3C 2D38 FEEA 9169 307E A071
 From       : https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
Importing GPG key 0x836F4BEB:
 Userid     : "gLinux Rapture Automatic Signing Key (//depot/google3/production/borg/cloud-rapture/keys/cloud-rapture-pubkeys/cloud-rapture-signing-key-2020-12-03-16_08_05.pub) <glinux-team@google.com>"
 Fingerprint: 59FE 0256 8272 69DC 8157 8F92 8B57 C5C2 836F 4BEB
 From       : https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
Kubernetes                                                                                                                  7.3 kB/s | 975  B     00:00
Importing GPG key 0x3E1BA8D5:
 Userid     : "Google Cloud Packages RPM Signing Key <gc-team@google.com>"
 Fingerprint: 3749 E1BA 95A8 6CE0 5454 6ED2 F09C 394C 3E1B A8D5
 From       : https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
Kubernetes                                                                                                                  193 kB/s | 126 kB     00:00
Package device-mapper-persistent-data-0.8.5-4.el8.x86_64 is already installed.
Package lvm2-8:2.03.11-5.el8.x86_64 is already installed.
Package net-tools-2.0-0.52.20160912git.el8.x86_64 is already installed.
Dependencies resolved.
============================================================================================================================================================
 Package                               Architecture                       Version                                    Repository                        Size
============================================================================================================================================================
Installing:
 yum-utils                             noarch                             4.0.18-4.el8                               base                              71 k

Transaction Summary
============================================================================================================================================================
Install  1 Package

Total download size: 71 k
Installed size: 22 k
Downloading Packages:
yum-utils-4.0.18-4.el8.noarch.rpm                                                                                           185 kB/s |  71 kB     00:00
------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                       183 kB/s |  71 kB     00:00
warning: /var/cache/dnf/base-43708d1174dbbac2/packages/yum-utils-4.0.18-4.el8.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 8483c65d: NOKEY
CentOS-8 - Base - mirrors.aliyun.com                                                                                        2.5 kB/s | 1.6 kB     00:00
Importing GPG key 0x8483C65D:
 Userid     : "CentOS (CentOS Official Signing Key) <security@centos.org>"
 Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D
 From       : https://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-Official
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                    1/1
  Installing       : yum-utils-4.0.18-4.el8.noarch                                                                                                      1/1
  Running scriptlet: yum-utils-4.0.18-4.el8.noarch                                                                                                      1/1
  Verifying        : yum-utils-4.0.18-4.el8.noarch                                                                                                      1/1

Installed:
  yum-utils-4.0.18-4.el8.noarch

Complete!
[root@k8s-master ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Repository extras is listed more than once in the configuration
Adding repo from: https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@k8s-master ~]# yum -y install docker-ce
Repository extras is listed more than once in the configuration
Docker CE Stable - x86_64                                                                                                    37 kB/s |  15 kB     00:00
Error:
 Problem: problem with installed package buildah-1.21.4-1.module_el8.4.0+886+c9a8d9ad.x86_64
  - package buildah-1.21.4-1.module_el8.4.0+886+c9a8d9ad.x86_64 requires runc >= 1.0.0-26, but none of the providers can be installed
  - package buildah-1.19.7-2.module_el8.4.0+830+8027e1c4.x86_64 requires runc >= 1.0.0-26, but none of the providers can be installed
  - package buildah-1.19.7-1.module_el8.4.0+781+acf4c33b.x86_64 requires runc >= 1.0.0-26, but none of the providers can be installed
  - package containerd.io-1.4.3-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.4.3-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.4.3-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - package containerd.io-1.4.3-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - package containerd.io-1.4.3-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package containerd.io-1.4.3-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package docker-ce-3:20.10.8-3.el8.x86_64 requires containerd.io >= 1.4.1, but none of the providers can be installed
  - package containerd.io-1.4.3-3.2.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.4.3-3.2.el8.x86_64 obsoletes runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.4.3-3.2.el8.x86_64 conflicts with runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - package containerd.io-1.4.3-3.2.el8.x86_64 obsoletes runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - package containerd.io-1.4.3-3.2.el8.x86_64 conflicts with runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package containerd.io-1.4.3-3.2.el8.x86_64 obsoletes runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package containerd.io-1.4.4-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package containerd.io-1.4.4-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package containerd.io-1.4.8-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package containerd.io-1.4.8-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package containerd.io-1.4.9-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package containerd.io-1.4.9-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - cannot install the best candidate for the job
  - package runc-1.0.0-56.rc5.dev.git2abd837.module_el8.3.0+569+1bada2e4.x86_64 is filtered out by modular filtering
  - package runc-1.0.0-64.rc10.module_el8.4.0+522+66908d0c.x86_64 is filtered out by modular filtering
  - package runc-1.0.0-65.rc10.module_el8.4.0+819+4afbd1d6.x86_64 is filtered out by modular filtering
  - package runc-1.0.0-70.rc92.module_el8.4.0+786+4668b267.x86_64 is filtered out by modular filtering
  - package runc-1.0.0-71.rc92.module_el8.4.0+833+9763146c.x86_64 is filtered out by modular filtering
  - package containerd.io-1.4.4-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.4.4-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.4.4-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - package containerd.io-1.4.4-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - package containerd.io-1.4.6-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - package containerd.io-1.4.8-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.4.8-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.4.8-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - package containerd.io-1.4.8-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - package containerd.io-1.4.9-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.4.9-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.4.9-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - package containerd.io-1.4.9-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)
[root@k8s-master ~]#

   问题1:在执行yum -y install docker-ce时出现类似: package containerd.io-1.4.4-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64的错误。

  解决方案:

  从报错内容来看,应该是containerd.io包出现冲突,到containerd下载页面查看最新版本为containerd.io-1.3.7-3.1.el8.x86_64.rpm,重新下载该包,然后进行安装。

[root@k8s-master ~]# wget https://download.docker.com/linux/centos/8/x86_64/edge/Packages/containerd.io-1.3.7-3.1.el8.x86_64.rpm
--2021-09-16 19:33:13--  https://download.docker.com/linux/centos/8/x86_64/edge/Packages/containerd.io-1.3.7-3.1.el8.x86_64.rpm
Resolving download.docker.com (download.docker.com)... 18.65.191.124, 18.65.191.34, 18.65.191.111, ...
Connecting to download.docker.com (download.docker.com)|18.65.191.124|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 30388860 (29M) [binary/octet-stream]
Saving to: ‘containerd.io-1.3.7-3.1.el8.x86_64.rpm’

containerd.io-1.3.7-3.1.el8.x86_64.rpm           100%[=======================================================================================================>]  28.98M  1.20MB/s    in 27s

2021-09-16 19:33:40 (1.08 MB/s) - ‘containerd.io-1.3.7-3.1.el8.x86_64.rpm’ saved [30388860/30388860]

[root@k8s-master ~]# yum install containerd.io-1.3.7-3.1.el8.x86_64.rpm
Repository extras is listed more than once in the configuration
Last metadata expiration check: 0:09:59 ago on Thu 16 Sep 2021 07:23:49 PM CST.
Error:
 Problem: problem with installed package buildah-1.21.4-1.module_el8.4.0+886+c9a8d9ad.x86_64
  - package buildah-1.21.4-1.module_el8.4.0+886+c9a8d9ad.x86_64 requires runc >= 1.0.0-26, but none of the providers can be installed
  - package buildah-1.19.7-1.module_el8.4.0+781+acf4c33b.x86_64 requires runc >= 1.0.0-26, but none of the providers can be installed
  - package buildah-1.19.7-2.module_el8.4.0+830+8027e1c4.x86_64 requires runc >= 1.0.0-26, but none of the providers can be installed
  - package containerd.io-1.3.7-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package containerd.io-1.3.7-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64
  - package containerd.io-1.3.7-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.3.7-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-70.rc92.module_el8.4.0+673+eabfc99d.x86_64
  - package containerd.io-1.3.7-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - package containerd.io-1.3.7-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-73.rc93.module_el8.4.0+830+8027e1c4.x86_64
  - conflicting requests
  - package runc-1.0.0-56.rc5.dev.git2abd837.module_el8.3.0+569+1bada2e4.x86_64 is filtered out by modular filtering
  - package runc-1.0.0-64.rc10.module_el8.4.0+522+66908d0c.x86_64 is filtered out by modular filtering
  - package runc-1.0.0-65.rc10.module_el8.4.0+819+4afbd1d6.x86_64 is filtered out by modular filtering
  - package runc-1.0.0-70.rc92.module_el8.4.0+786+4668b267.x86_64 is filtered out by modular filtering
  - package runc-1.0.0-71.rc92.module_el8.4.0+833+9763146c.x86_64 is filtered out by modular filtering
(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)
[root@k8s-master ~]#

  问题2:在执行yum install containerd.io-1.3.7-3.1.el8.x86_64.rpm时出现类似:Problem: problem with installed package buildah-1.21.4-1.module_el8.4.0+886+c9a8d9ad.x86_64的错误。

  解决方案:执行以下命令

[root@k8s-master ~]# yum erase podman buildah
Repository extras is listed more than once in the configuration
No match for argument: podman
Dependencies resolved.
=================================================================================================================================================================================================
 Package                                      Architecture                      Version                                                              Repository                             Size
=================================================================================================================================================================================================
Removing:
 buildah                                      x86_64                            1.21.4-1.module_el8.4.0+886+c9a8d9ad                                 @appstream                             30 M
Removing unused dependencies:
 container-selinux                            noarch                            2:2.164.1-1.module_el8.4.0+886+c9a8d9ad                              @appstream                             47 k
 containers-common                            x86_64                            1:1.3.1-5.module_el8.4.0+886+c9a8d9ad                                @appstream                            231 k
 criu                                         x86_64                            3.15-1.module_el8.4.0+641+6116a774                                   @appstream                            1.4 M
 fuse-overlayfs                               x86_64                            1.6-1.module_el8.4.0+886+c9a8d9ad                                    @appstream                            145 k
 fuse3                                        x86_64                            3.2.1-12.el8                                                         @baseos                                90 k
 fuse3-libs                                   x86_64                            3.2.1-12.el8                                                         @baseos                               279 k
 libnet                                       x86_64                            1.1.6-15.el8                                                         @appstream                            170 k
 libslirp                                     x86_64                            4.3.1-1.module_el8.4.0+575+63b40ad7                                  @appstream                            129 k
 runc                                         x86_64                            1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad                            @appstream                             12 M
 slirp4netns                                  x86_64                            1.1.8-1.module_el8.4.0+641+6116a774                                  @appstream                             98 k

Transaction Summary
=================================================================================================================================================================================================
Remove  11 Packages

Freed space: 44 M
Is this ok [y/N]: y
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                                         1/1
  Erasing          : buildah-1.21.4-1.module_el8.4.0+886+c9a8d9ad.x86_64                                                                                                                    1/11
  Erasing          : containers-common-1:1.3.1-5.module_el8.4.0+886+c9a8d9ad.x86_64                                                                                                         2/11
  Erasing          : container-selinux-2:2.164.1-1.module_el8.4.0+886+c9a8d9ad.noarch                                                                                                       3/11
  Running scriptlet: container-selinux-2:2.164.1-1.module_el8.4.0+886+c9a8d9ad.noarch                                                                                                       3/11
  Erasing          : fuse-overlayfs-1.6-1.module_el8.4.0+886+c9a8d9ad.x86_64                                                                                                                4/11
  Erasing          : slirp4netns-1.1.8-1.module_el8.4.0+641+6116a774.x86_64                                                                                                                 5/11
  Erasing          : runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64                                                                                                                  6/11
  Erasing          : criu-3.15-1.module_el8.4.0+641+6116a774.x86_64                                                                                                                         7/11
  Erasing          : libnet-1.1.6-15.el8.x86_64                                                                                                                                             8/11
  Running scriptlet: libnet-1.1.6-15.el8.x86_64                                                                                                                                             8/11
  Erasing          : libslirp-4.3.1-1.module_el8.4.0+575+63b40ad7.x86_64                                                                                                                    9/11
  Erasing          : fuse3-3.2.1-12.el8.x86_64                                                                                                                                             10/11
  Erasing          : fuse3-libs-3.2.1-12.el8.x86_64                                                                                                                                        11/11
  Running scriptlet: fuse3-libs-3.2.1-12.el8.x86_64                                                                                                                                        11/11
  Verifying        : buildah-1.21.4-1.module_el8.4.0+886+c9a8d9ad.x86_64                                                                                                                    1/11
  Verifying        : container-selinux-2:2.164.1-1.module_el8.4.0+886+c9a8d9ad.noarch                                                                                                       2/11
  Verifying        : containers-common-1:1.3.1-5.module_el8.4.0+886+c9a8d9ad.x86_64                                                                                                         3/11
  Verifying        : criu-3.15-1.module_el8.4.0+641+6116a774.x86_64                                                                                                                         4/11
  Verifying        : fuse-overlayfs-1.6-1.module_el8.4.0+886+c9a8d9ad.x86_64                                                                                                                5/11
  Verifying        : fuse3-3.2.1-12.el8.x86_64                                                                                                                                              6/11
  Verifying        : fuse3-libs-3.2.1-12.el8.x86_64                                                                                                                                         7/11
  Verifying        : libnet-1.1.6-15.el8.x86_64                                                                                                                                             8/11
  Verifying        : libslirp-4.3.1-1.module_el8.4.0+575+63b40ad7.x86_64                                                                                                                    9/11
  Verifying        : runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64                                                                                                                 10/11
  Verifying        : slirp4netns-1.1.8-1.module_el8.4.0+641+6116a774.x86_64                                                                                                                11/11

Removed:
  buildah-1.21.4-1.module_el8.4.0+886+c9a8d9ad.x86_64      container-selinux-2:2.164.1-1.module_el8.4.0+886+c9a8d9ad.noarch    containers-common-1:1.3.1-5.module_el8.4.0+886+c9a8d9ad.x86_64
  criu-3.15-1.module_el8.4.0+641+6116a774.x86_64           fuse-overlayfs-1.6-1.module_el8.4.0+886+c9a8d9ad.x86_64             fuse3-3.2.1-12.el8.x86_64
  fuse3-libs-3.2.1-12.el8.x86_64                           libnet-1.1.6-15.el8.x86_64                                          libslirp-4.3.1-1.module_el8.4.0+575+63b40ad7.x86_64
  runc-1.0.0-74.rc95.module_el8.4.0+886+c9a8d9ad.x86_64    slirp4netns-1.1.8-1.module_el8.4.0+641+6116a774.x86_64

Complete!

  以上问题都解决后,继续安装docker-ce,经过1-2分钟的等待后顺利完成安装。

[root@k8s-master ~]# yum -y install docker-ce
Repository extras is listed more than once in the configuration
Last metadata expiration check: 0:15:55 ago on Thu 16 Sep 2021 07:23:49 PM CST.
Dependencies resolved.
=================================================================================================================================================================================================
 Package                                           Architecture                   Version                                                         Repository                                Size
=================================================================================================================================================================================================
Installing:
 docker-ce                                         x86_64                         3:20.10.8-3.el8                                                 docker-ce-stable                          22 M
Installing dependencies:
 container-selinux                                 noarch                         2:2.164.1-1.module_el8.4.0+886+c9a8d9ad                         AppStream                                 52 k
 containerd.io                                     x86_64                         1.4.9-3.1.el8                                                   docker-ce-stable                          30 M
 docker-ce-cli                                     x86_64                         1:20.10.8-3.el8                                                 docker-ce-stable                          29 M
 docker-ce-rootless-extras                         x86_64                         20.10.8-3.el8                                                   docker-ce-stable                         4.6 M
 docker-scan-plugin                                x86_64                         0.8.0-3.el8                                                     docker-ce-stable                         4.2 M
 fuse-overlayfs                                    x86_64                         1.6-1.module_el8.4.0+886+c9a8d9ad                               AppStream                                 73 k
 fuse3                                             x86_64                         3.2.1-12.el8                                                    base                                      50 k
 fuse3-libs                                        x86_64                         3.2.1-12.el8                                                    base                                      94 k
 libcgroup                                         x86_64                         0.41-19.el8                                                     base                                      70 k
 libslirp                                          x86_64                         4.3.1-1.module_el8.4.0+575+63b40ad7                             AppStream                                 69 k
 slirp4netns                                       x86_64                         1.1.8-1.module_el8.4.0+641+6116a774                             AppStream                                 51 k

Transaction Summary
=================================================================================================================================================================================================
Install  12 Packages

Total download size: 90 M
Installed size: 377 M
Downloading Packages:
(1/12): fuse3-3.2.1-12.el8.x86_64.rpm                                                                                                                            217 kB/s |  50 kB     00:00
(2/12): libcgroup-0.41-19.el8.x86_64.rpm                                                                                                                         224 kB/s |  70 kB     00:00
(3/12): container-selinux-2.164.1-1.module_el8.4.0+886+c9a8d9ad.noarch.rpm                                                                                       340 kB/s |  52 kB     00:00
(4/12): fuse3-libs-3.2.1-12.el8.x86_64.rpm                                                                                                                       220 kB/s |  94 kB     00:00
(5/12): fuse-overlayfs-1.6-1.module_el8.4.0+886+c9a8d9ad.x86_64.rpm                                                                                              407 kB/s |  73 kB     00:00
(6/12): libslirp-4.3.1-1.module_el8.4.0+575+63b40ad7.x86_64.rpm                                                                                                  411 kB/s |  69 kB     00:00
(7/12): slirp4netns-1.1.8-1.module_el8.4.0+641+6116a774.x86_64.rpm                                                                                               296 kB/s |  51 kB     00:00
(8/12): docker-ce-20.10.8-3.el8.x86_64.rpm                                                                                                                       409 kB/s |  22 MB     00:55
(9/12): docker-ce-cli-20.10.8-3.el8.x86_64.rpm                                                                                                                   460 kB/s |  29 MB     01:05
(10/12): docker-ce-rootless-extras-20.10.8-3.el8.x86_64.rpm                                                                                                      419 kB/s | 4.6 MB     00:11
(11/12): docker-scan-plugin-0.8.0-3.el8.x86_64.rpm                                                                                                               436 kB/s | 4.2 MB     00:09
(12/12): containerd.io-1.4.9-3.1.el8.x86_64.rpm                                                                                                                  373 kB/s |  30 MB     01:22
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                            1.1 MB/s |  90 MB     01:22
warning: /var/cache/dnf/docker-ce-stable-ab4061364e2cf0db/packages/containerd.io-1.4.9-3.1.el8.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Docker CE Stable - x86_64                                                                                                                                         11 kB/s | 1.6 kB     00:00
Importing GPG key 0x621E9F35:
 Userid     : "Docker Release (CE rpm) <docker@docker.com>"
 Fingerprint: 060A 61C5 1B55 8A7F 742B 77AA C52F EB6B 621E 9F35
 From       : https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                                         1/1
  Installing       : docker-scan-plugin-0.8.0-3.el8.x86_64                                                                                                                                  1/12
  Running scriptlet: docker-scan-plugin-0.8.0-3.el8.x86_64                                                                                                                                  1/12
  Installing       : docker-ce-cli-1:20.10.8-3.el8.x86_64                                                                                                                                   2/12
  Running scriptlet: docker-ce-cli-1:20.10.8-3.el8.x86_64                                                                                                                                   2/12
  Running scriptlet: container-selinux-2:2.164.1-1.module_el8.4.0+886+c9a8d9ad.noarch                                                                                                       3/12
  Installing       : container-selinux-2:2.164.1-1.module_el8.4.0+886+c9a8d9ad.noarch                                                                                                       3/12
  Running scriptlet: container-selinux-2:2.164.1-1.module_el8.4.0+886+c9a8d9ad.noarch                                                                                                       3/12
  Installing       : containerd.io-1.4.9-3.1.el8.x86_64                                                                                                                                     4/12
  Running scriptlet: containerd.io-1.4.9-3.1.el8.x86_64                                                                                                                                     4/12
  Installing       : libslirp-4.3.1-1.module_el8.4.0+575+63b40ad7.x86_64                                                                                                                    5/12
  Installing       : slirp4netns-1.1.8-1.module_el8.4.0+641+6116a774.x86_64                                                                                                                 6/12
  Running scriptlet: libcgroup-0.41-19.el8.x86_64                                                                                                                                           7/12
  Installing       : libcgroup-0.41-19.el8.x86_64                                                                                                                                           7/12
  Running scriptlet: libcgroup-0.41-19.el8.x86_64                                                                                                                                           7/12
  Installing       : fuse3-libs-3.2.1-12.el8.x86_64                                                                                                                                         8/12
  Running scriptlet: fuse3-libs-3.2.1-12.el8.x86_64                                                                                                                                         8/12
  Installing       : fuse3-3.2.1-12.el8.x86_64                                                                                                                                              9/12
  Installing       : fuse-overlayfs-1.6-1.module_el8.4.0+886+c9a8d9ad.x86_64                                                                                                               10/12
  Running scriptlet: fuse-overlayfs-1.6-1.module_el8.4.0+886+c9a8d9ad.x86_64                                                                                                               10/12
  Installing       : docker-ce-3:20.10.8-3.el8.x86_64                                                                                                                                      11/12
  Running scriptlet: docker-ce-3:20.10.8-3.el8.x86_64                                                                                                                                      11/12
  Installing       : docker-ce-rootless-extras-20.10.8-3.el8.x86_64                                                                                                                        12/12
  Running scriptlet: docker-ce-rootless-extras-20.10.8-3.el8.x86_64                                                                                                                        12/12
  Running scriptlet: container-selinux-2:2.164.1-1.module_el8.4.0+886+c9a8d9ad.noarch                                                                                                      12/12
  Running scriptlet: docker-ce-rootless-extras-20.10.8-3.el8.x86_64                                                                                                                        12/12
  Verifying        : fuse3-3.2.1-12.el8.x86_64                                                                                                                                              1/12
  Verifying        : fuse3-libs-3.2.1-12.el8.x86_64                                                                                                                                         2/12
  Verifying        : libcgroup-0.41-19.el8.x86_64                                                                                                                                           3/12
  Verifying        : container-selinux-2:2.164.1-1.module_el8.4.0+886+c9a8d9ad.noarch                                                                                                       4/12
  Verifying        : fuse-overlayfs-1.6-1.module_el8.4.0+886+c9a8d9ad.x86_64                                                                                                                5/12
  Verifying        : libslirp-4.3.1-1.module_el8.4.0+575+63b40ad7.x86_64                                                                                                                    6/12
  Verifying        : slirp4netns-1.1.8-1.module_el8.4.0+641+6116a774.x86_64                                                                                                                 7/12
  Verifying        : containerd.io-1.4.9-3.1.el8.x86_64                                                                                                                                     8/12
  Verifying        : docker-ce-3:20.10.8-3.el8.x86_64                                                                                                                                       9/12
  Verifying        : docker-ce-cli-1:20.10.8-3.el8.x86_64                                                                                                                                  10/12
  Verifying        : docker-ce-rootless-extras-20.10.8-3.el8.x86_64                                                                                                                        11/12
  Verifying        : docker-scan-plugin-0.8.0-3.el8.x86_64                                                                                                                                 12/12

Installed:
  container-selinux-2:2.164.1-1.module_el8.4.0+886+c9a8d9ad.noarch       containerd.io-1.4.9-3.1.el8.x86_64                        docker-ce-3:20.10.8-3.el8.x86_64
  docker-ce-cli-1:20.10.8-3.el8.x86_64                                   docker-ce-rootless-extras-20.10.8-3.el8.x86_64            docker-scan-plugin-0.8.0-3.el8.x86_64
  fuse-overlayfs-1.6-1.module_el8.4.0+886+c9a8d9ad.x86_64                fuse3-3.2.1-12.el8.x86_64                                 fuse3-libs-3.2.1-12.el8.x86_64
  libcgroup-0.41-19.el8.x86_64                                           libslirp-4.3.1-1.module_el8.4.0+575+63b40ad7.x86_64       slirp4netns-1.1.8-1.module_el8.4.0+641+6116a774.x86_64

Complete!
[root@k8s-master ~]#

  4、为docker配置阿里云加速

  可以登录阿里云官网地址,按照操作文档获取加速器的地址,如下图:

  创建文件并编辑daemon.json

[root@k8s-master ~]# mkdir -p /etc/docker
[root@k8s-master ~]# vim /etc/docker/daemon.json

  在文件中设置第一步从阿里云获取到的加速地址

{
  "registry-mirrors": ["https://uppmlc0d.mirror.aliyuncs.com"]
}

  以上docker-ce安装成功,接下来开始安装k8s。

  5、安装kubectl、kubelet、kubeadm

  安装kubectl、kubelet、kubeadm,设置kubelet开机启动,并启动kublet

[root@k8s-master ~]# yum install -y kubectl kubelet kubeadm

Repository extras is listed more than once in the configuration
Last metadata expiration check: 0:03:04 ago on Tue 28 Sep 2021 05:33:31 PM CST.
Dependencies resolved.
==================================================================================================
Package Architecture Version Repository Size
==================================================================================================
Installing:
kubeadm x86_64 1.22.2-0 kubernetes 9.3 M
kubectl x86_64 1.22.2-0 kubernetes 9.6 M
kubelet x86_64 1.22.2-0 kubernetes 23 M
Installing dependencies:
conntrack-tools x86_64 1.4.4-10.el8 base 204 k
cri-tools x86_64 1.13.0-0 kubernetes 5.1 M
kubernetes-cni x86_64 0.8.7-0 kubernetes 19 M
libnetfilter_cthelper x86_64 1.0.0-15.el8 base 24 k
libnetfilter_cttimeout x86_64 1.0.0-11.el8 base 24 k
libnetfilter_queue x86_64 1.0.4-3.el8 base 31 k
socat x86_64 1.7.3.3-2.el8 AppStream 302 k


Transaction Summary
==================================================================================================
Install 10 Packages


Total download size: 67 M
Installed size: 313 M
Downloading Packages:
(1/10): libnetfilter_cthelper-1.0.0-15.el8.x86_64.rpm 164 kB/s | 24 kB 00:00
(2/10): libnetfilter_cttimeout-1.0.0-11.el8.x86_64.rpm 152 kB/s | 24 kB 00:00
(3/10): libnetfilter_queue-1.0.4-3.el8.x86_64.rpm 226 kB/s | 31 kB 00:00
(4/10): socat-1.7.3.3-2.el8.x86_64.rpm 507 kB/s | 302 kB 00:00
(5/10): conntrack-tools-1.4.4-10.el8.x86_64.rpm 179 kB/s | 204 kB 00:01
(6/10): 14bfe6e75a9efc8eca3f638eb22c7e2ce759c67f95b43b16fae4ebabd 369 kB/s | 5.1 MB 00:14
(7/10): 601174c7fbdf37f053d43088913525758704610e8036f0afd422d6e6a 466 kB/s | 9.3 MB 00:20
(8/10): 994be6998becbaa99f3c42cd8f2299364fb6f5c597b5ba1eb5db860d6 309 kB/s | 9.6 MB 00:31
(9/10): 80864433372b7120669c95335d54aedd2cb7e2002b41e5686e71d5605 569 kB/s | 23 MB 00:42
(10/10): db7cb5cb0b3f6875f54d10f02e625573988e3e91fd4fc5eef0b1876b 507 kB/s | 19 MB 00:37
--------------------------------------------------------------------------------------------------
Total 1.1 MB/s | 67 MB 00:58
warning: /var/cache/dnf/kubernetes-d03a9fe438e18cac/packages/14bfe6e75a9efc8eca3f638eb22c7e2ce759c 67f95b43b16fae4ebabde1549f3-cri-tools-1.13.0-0.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 3e1ba8d5: NOKEY
Kubernetes 39 kB/s | 3.4 kB 00:00
Importing GPG key 0x307EA071:
Userid : "Rapture Automatic Signing Key (cloud-rapture-signing-key-2021-03-01-08_01_09.pub)"
Fingerprint: 7F92 E05B 3109 3BEF 5A3C 2D38 FEEA 9169 307E A071
From : https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
Key imported successfully
Importing GPG key 0x836F4BEB:
Userid : "gLinux Rapture Automatic Signing Key (//depot/google3/production/borg/cloud-rapture /keys/cloud-rapture-pubkeys/cloud-rapture-signing-key-2020-12-03-16_08_05.pub) <glinux-team@google .com>"
Fingerprint: 59FE 0256 8272 69DC 8157 8F92 8B57 C5C2 836F 4BEB
From : https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
Key imported successfully
Kubernetes 11 kB/s | 975 B 00:00
Importing GPG key 0x3E1BA8D5:
Userid : "Google Cloud Packages RPM Signing Key <gc-team@google.com>"
Fingerprint: 3749 E1BA 95A8 6CE0 5454 6ED2 F09C 394C 3E1B A8D5
From : https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
Key imported successfully
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : kubectl-1.22.2-0.x86_64 1/10
Installing : cri-tools-1.13.0-0.x86_64 2/10
Installing : socat-1.7.3.3-2.el8.x86_64 3/10
Installing : libnetfilter_queue-1.0.4-3.el8.x86_64 4/10
Running scriptlet: libnetfilter_queue-1.0.4-3.el8.x86_64 4/10
Installing : libnetfilter_cttimeout-1.0.0-11.el8.x86_64 5/10
Running scriptlet: libnetfilter_cttimeout-1.0.0-11.el8.x86_64 5/10
Installing : libnetfilter_cthelper-1.0.0-15.el8.x86_64 6/10
Running scriptlet: libnetfilter_cthelper-1.0.0-15.el8.x86_64 6/10
Installing : conntrack-tools-1.4.4-10.el8.x86_64 7/10
Running scriptlet: conntrack-tools-1.4.4-10.el8.x86_64 7/10
Installing : kubernetes-cni-0.8.7-0.x86_64 8/10
Installing : kubelet-1.22.2-0.x86_64 9/10
Installing : kubeadm-1.22.2-0.x86_64 10/10
Running scriptlet: kubeadm-1.22.2-0.x86_64 10/10
Verifying : conntrack-tools-1.4.4-10.el8.x86_64 1/10
Verifying : libnetfilter_cthelper-1.0.0-15.el8.x86_64 2/10
Verifying : libnetfilter_cttimeout-1.0.0-11.el8.x86_64 3/10
Verifying : libnetfilter_queue-1.0.4-3.el8.x86_64 4/10
Verifying : socat-1.7.3.3-2.el8.x86_64 5/10
Verifying : cri-tools-1.13.0-0.x86_64 6/10
Verifying : kubeadm-1.22.2-0.x86_64 7/10
Verifying : kubectl-1.22.2-0.x86_64 8/10
Verifying : kubelet-1.22.2-0.x86_64 9/10
Verifying : kubernetes-cni-0.8.7-0.x86_64 10/10


Installed:
conntrack-tools-1.4.4-10.el8.x86_64 cri-tools-1.13.0-0.x86_64
kubeadm-1.22.2-0.x86_64 kubectl-1.22.2-0.x86_64
kubelet-1.22.2-0.x86_64 kubernetes-cni-0.8.7-0.x86_64
libnetfilter_cthelper-1.0.0-15.el8.x86_64 libnetfilter_cttimeout-1.0.0-11.el8.x86_64
libnetfilter_queue-1.0.4-3.el8.x86_64 socat-1.7.3.3-2.el8.x86_64


Complete!


[root@k8s-master ~]# systemctl enable kubelet
Created symlink /etc/systemd/system/multi-user.target.wants/kubelet.service → /usr/lib/systemd/system/kubelet.service.
[root@k8s-master ~]# systemctl start kubelet
[root@k8s-master ~]#

  查看k8s版本

[root@k8s-master ~]# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.2", GitCommit:"8b5a19147530eaac9476b0ab82980b4088bbc1b2", GitTreeState:"clean", BuildDate:"2021-09-15T21:37:34Z", GoVersion:"go1.16.8", Compiler:"gc", Platform:"linux/amd64"}
[root@k8s-master ~]# kubectl version --client

Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.2", GitCommit:"8b5a19147530eaac9476b0ab82980b4088bbc1b2", GitTreeState:"clean", BuildDate:"2021-09-15T21:38:50Z", GoVersion:"go1.16.8", Compiler:"gc", Platform:"linux/amd64"}
[root@k8s-master ~]# kubelet --version
Kubernetes v1.22.2
[root@k8s-master ~]#

  6、初始化k8s集群

[root@k8s-master ~]# kubeadm init --apiserver-advertise-address=0.0.0.0 --apiserver-cert-extra-sans=127.0.0.1 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.22.2  --service-cidr=10.10.0.0/16 --pod-   network-cidr=10.18.0.0/16

  问题1:初始化失败,通过查看报错信息,发现有如下错误:[ERROR ImagePull]: failed to pull image registry.aliyuncs.com/google_containers/coredns:v1.8.4: output: Error response from daemon: manifest for registry.aliyuncs.com/google_containers/coredns:v1.8.4 not found: manifest unknown: manifest unknown

, error: exit status 1。详细错误信息如下:

[init] Using Kubernetes version: v1.22.2
[preflight] Running pre-flight checks
        [WARNING FileExisting-tc]: tc not found in system path
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
error execution phase preflight: [preflight] Some fatal errors occurred:
        [ERROR ImagePull]: failed to pull image registry.aliyuncs.com/google_containers/coredns:v1.8.4: output: Error response from daemon: manifest for registry.aliyuncs.com/google_containers/coredns:v1.8.4 not found: manifest unknown: manifest unknown
, error: exit status 1
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

  解决方案:从错误内容来看,应该是google_containers/coredns:v1.8.4这个镜像没有找到,执行docker images命令,确认该镜像文件确实没有。

[root@k8s-master ~]# docker images
REPOSITORY                                                        TAG       IMAGE ID       CREATED        SIZE
registry.aliyuncs.com/google_containers/kube-apiserver            v1.22.2   e64579b7d886   4 weeks ago    128MB
registry.aliyuncs.com/google_containers/kube-controller-manager   v1.22.2   5425bcbd23c5   4 weeks ago    122MB
registry.aliyuncs.com/google_containers/kube-scheduler            v1.22.2   b51ddc1014b0   4 weeks ago    52.7MB
registry.aliyuncs.com/google_containers/kube-proxy                v1.22.2   873127efbc8a   4 weeks ago    104MB
registry.aliyuncs.com/google_containers/etcd                      3.5.0-0   004811815584   3 months ago   295MB
registry.aliyuncs.com/google_containers/pause                     3.5       ed210e3e4a5b   6 months ago   683kB

  使用docker命令拉取镜像

[root@k8s-master ~]# docker pull registry.aliyuncs.com/google_containers/coredns:1.8.4
1.8.4: Pulling from google_containers/coredns
c6568d217a00: Pull complete
bc38a22c706b: Pull complete
Digest: sha256:6e5a02c21641597998b4be7cb5eb1e7b02c0d8d23cce4dd09f4682d463798890
Status: Downloaded newer image for registry.aliyuncs.com/google_containers/coredns:1.8.4
registry.aliyuncs.com/google_containers/coredns:1.8.4

  虽然此时该镜像文件已经有了,但是这里有个比较坑的地方,从控制台中的错误信息来看kubeadm初始化时需要的版本号是v1.8.4,而刚才拉取的镜像版本号是1.8.4,缺少了字母”v”,所以我们需要对镜像重新命名,然后删除原来的。最后再通过docker images命令发现该镜像文件已经有了。

  该问题解决,继续初始化。。。

[root@k8s-master ~]# docker tag registry.aliyuncs.com/google_containers/coredns:1.8.4 registry.aliyuncs.com/google_containers/coredns:v1.8.4
[root@k8s-master ~]# docker rmi registry.aliyuncs.com/google_containers/coredns:1.8.4
Untagged: registry.aliyuncs.com/google_containers/coredns:1.8.4
[root@k8s-master ~]# docker images
REPOSITORY                                                        TAG       IMAGE ID       CREATED        SIZE
registry.aliyuncs.com/google_containers/kube-apiserver            v1.22.2   e64579b7d886   4 weeks ago    128MB
registry.aliyuncs.com/google_containers/kube-proxy                v1.22.2   873127efbc8a   4 weeks ago    104MB
registry.aliyuncs.com/google_containers/kube-controller-manager   v1.22.2   5425bcbd23c5   4 weeks ago    122MB
registry.aliyuncs.com/google_containers/kube-scheduler            v1.22.2   b51ddc1014b0   4 weeks ago    52.7MB
registry.aliyuncs.com/google_containers/etcd                      3.5.0-0   004811815584   3 months ago   295MB
registry.aliyuncs.com/google_containers/coredns                   v1.8.4    8d147537fb7d   3 months ago   47.6MB
registry.aliyuncs.com/google_containers/pause                     3.5       ed210e3e4a5b   6 months ago   683kB

  问题2:初始化仍然失败,先是根据控制台提示信息,执行systemctl status kubelet发现服务启动报错,再根据控制台提示执行 journalctl -xeu kubelet命令,通过报错信息发现有如下错误:failed to run Kubelet: misconfiguration: kubelet cgroup driver: \"systemd\" is different from docker cgroup driver: >。应该是指cgroup driver版本不一致造成的。详细错误信息如下:

[root@k8s-master ~]# systemctl status kubelet
● kubelet.service - kubelet: The Kubernetes Node Agent
   Loaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor preset: disabled)
  Drop-In: /usr/lib/systemd/system/kubelet.service.d
           └─10-kubeadm.conf
   Active: activating (auto-restart) (Result: exit-code) since Fri 2021-09-17 10:43:46 CST; 5s ago
     Docs: https://kubernetes.io/docs/
  Process: 98822 ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS (code=exited, status=1/FAILURE)
 Main PID: 98822 (code=exited, status=1/FAILURE)
[root@k8s-master ~]# journalctl -xeu kubelet
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- Unit kubelet.service has finished starting up.
--
-- The start-up result is done.
Sep 17 10:44:06 k8s-master kubelet[99004]: Flag --network-plugin has been deprecated, will be removed along with dockershim.
Sep 17 10:44:06 k8s-master kubelet[99004]: Flag --network-plugin has been deprecated, will be removed along with dockershim.
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.567382   99004 server.go:440] "Kubelet version" kubeletVersion="v1.22.1"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.567676   99004 server.go:868] "Client rotation is on, will bootstrap in background"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.571664   99004 certificate_store.go:130] Loading cert/key pair from "/var/lib/kubelet/pki/kubelet-client-current.pem".
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.574461   99004 dynamic_cafile_content.go:155] "Starting controller" name="client-ca-bundle::/etc/kubernetes/pki/ca.crt"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.640572   99004 server.go:687] "--cgroups-per-qos enabled, but --cgroup-root was not specified.  defaulting to /"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.640930   99004 container_manager_linux.go:280] "Container manager verified user specified cgroup-root exists" cgroupRoot=[]
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.641002   99004 container_manager_linux.go:285] "Creating Container Manager object based on Node Config" nodeConfig={RuntimeCgroupsName: SystemCgroupsName: KubeletCgroupsName: >
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.641053   99004 topology_manager.go:133] "Creating topology manager with policy per scope" topologyPolicyName="none" topologyScopeName="container"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.641071   99004 container_manager_linux.go:320] "Creating device plugin manager" devicePluginEnabled=true
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.641126   99004 state_mem.go:36] "Initialized new in-memory state store"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.641197   99004 kubelet.go:314] "Using dockershim is deprecated, please consider using a full-fledged CRI implementation"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.641244   99004 client.go:78] "Connecting to docker on the dockerEndpoint" endpoint="unix:///var/run/docker.sock"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.641268   99004 client.go:97] "Start docker client with request timeout" timeout="2m0s"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.649280   99004 docker_service.go:566] "Hairpin mode is set but kubenet is not enabled, falling back to HairpinVeth" hairpinMode=promiscuous-bridge
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.649313   99004 docker_service.go:242] "Hairpin mode is set" hairpinMode=hairpin-veth
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.649405   99004 cni.go:239] "Unable to update cni config" err="no networks found in /etc/cni/net.d"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.651903   99004 cni.go:239] "Unable to update cni config" err="no networks found in /etc/cni/net.d"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.651960   99004 docker_service.go:257] "Docker cri networking managed by the network plugin" networkPluginName="cni"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.652018   99004 cni.go:239] "Unable to update cni config" err="no networks found in /etc/cni/net.d"
Sep 17 10:44:06 k8s-master kubelet[99004]: I0917 10:44:06.659821   99004 docker_service.go:264] "Docker Info" dockerInfo=&{ID:VQUW:ZPAN:JTRU:ILYA:BRMI:KXJB:I4N2:4WV3:IMXL:3EH4:TMWH:FWGR Containers:0 ContainersRunning:0 ContainersPaus>
Sep 17 10:44:06 k8s-master kubelet[99004]: E0917 10:44:06.659866   99004 server.go:294] "Failed to run kubelet" err="failed to run Kubelet: misconfiguration: kubelet cgroup driver: \"systemd\" is different from docker cgroup driver: >
Sep 17 10:44:06 k8s-master systemd[1]: kubelet.service: Main process exited, code=exited, status=1/FAILURE
Sep 17 10:44:06 k8s-master systemd[1]: kubelet.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://access.redhat.com/support
--
-- The unit kubelet.service has entered the 'failed' state with result 'exit-code'.
lines 1753-1788/1788 (END)

  既然原因清楚了,那么解决起来就方便了。首先,编辑/usr/lib/systemd/system/docker.service文件,找到ExecStart,在后面增加 --exec-opt native.cgroupdriver=systemd,然后重载配置文件并重启服务,最后通过docker info | grep Cgroup命令发现已经修改为systemd,问题得到解决。

  具体如下:

[root@k8s-master system]# vim /usr/lib/systemd/system/docker.service
[root@k8s-master system]# systemctl daemon-reload && systemctl restart docker
[root@k8s-master system]# docker info | grep Cgroup
 Cgroup Driver: systemd
 Cgroup Version: 1
[root@k8s-master system]#

  以上2个问题解决后,继续kubeadm init工作,终于出现了Your Kubernetes control-plane has initialized successfully!

  说明已经初始化完成,这里控制台最后的kubeadm join 。。。最好是找个地方保存起来,因为后面node加入集群的时候会用到。

[root@k8s-master system]# kubeadm init --apiserver-advertise-address=0.0.0.0 --apiserver-cert-extra-sans=127.0.0.1 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.22.2  --service-cidr=10.10.0.0/16 --pod-   network-cidr=10.18.0.0/16
[init] Using Kubernetes version: v1.22.2
[preflight] Running pre-flight checks
        [WARNING FileExisting-tc]: tc not found in system path
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [k8s-master kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 192.168.186.132 127.0.0.1]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [k8s-master localhost] and IPs [192.168.186.132 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [k8s-master localhost] and IPs [192.168.186.132 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Starting the kubelet
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
[control-plane] Creating static Pod manifest for "kube-scheduler"
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[apiclient] All control plane components are healthy after 7.004367 seconds
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config-1.22" in namespace kube-system with the configuration for the kubelets in the cluster
[upload-certs] Skipping phase. Please see --upload-certs
[mark-control-plane] Marking the node k8s-master as control-plane by adding the labels: [node-role.kubernetes.io/master(deprecated) node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]
[mark-control-plane] Marking the node k8s-master as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: en5aq7.2fnljgjetdr3ou5w
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to get nodes
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.186.132:6443 --token en5aq7.2fnljgjetdr3ou5w \
        --discovery-token-ca-cert-hash sha256:c4055de4f7fe4bef818e7a8dbede04a84ff75e6126d30d94deea28deee4abd82
[root@k8s-master system]#

  按照控制台中提示的信息,执行以下命令:

[root@k8s-master ~]# mkdir -p $HOME/.kube
[root@k8s-master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config

  再执行以下命令查看状态,此时为NotReady,这是因为coredns pod没有启动,缺少网络pod。

[root@k8s-master ~]# kubectl get node
NAME         STATUS     ROLES                  AGE    VERSION
k8s-master   NotReady   control-plane,master   173m   v1.22.2
[root@k8s-master ~]# kubectl get pod --all-namespaces
NAMESPACE     NAME                                 READY   STATUS    RESTARTS   AGE
kube-system   coredns-7f6cbbb7b8-2rrnn             0/1     Pending   0          174m
kube-system   coredns-7f6cbbb7b8-h96bs             0/1     Pending   0          174m
kube-system   etcd-k8s-master                      1/1     Running   0          175m
kube-system   kube-apiserver-k8s-master            1/1     Running   0          175m
kube-system   kube-controller-manager-k8s-master   1/1     Running   0          175m
kube-system   kube-proxy-tr5vg                     1/1     Running   0          174m
kube-system   kube-scheduler-k8s-master            1/1     Running   0          175m

  接下来安装calico网络,安装完成稍等一会再查看信息,节点已经处于Ready状态。

[root@k8s-master ~]# kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
configmap/calico-config created
customresourcedefinition.apiextensions.k8s.io/bgpconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/bgppeers.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/blockaffinities.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/clusterinformations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/felixconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/globalnetworkpolicies.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/globalnetworksets.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/hostendpoints.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipamblocks.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipamconfigs.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipamhandles.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ippools.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/kubecontrollersconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/networkpolicies.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/networksets.crd.projectcalico.org created
clusterrole.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrolebinding.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrole.rbac.authorization.k8s.io/calico-node created
clusterrolebinding.rbac.authorization.k8s.io/calico-node created
daemonset.apps/calico-node created
serviceaccount/calico-node created
deployment.apps/calico-kube-controllers created
serviceaccount/calico-kube-controllers created
Warning: policy/v1beta1 PodDisruptionBudget is deprecated in v1.21+, unavailable in v1.25+; use policy/v1 PodDisruptionBudget
poddisruptionbudget.policy/calico-kube-controllers created
[root@k8s-master ~]# ^C
[root@k8s-master ~]# kubectl get node
NAME         STATUS   ROLES                  AGE    VERSION
k8s-master   Ready    control-plane,master   3h2m   v1.22.1
[root@k8s-master ~]# kubectl get pod --all-namespaces
NAMESPACE     NAME                                       READY   STATUS    RESTARTS   AGE
kube-system   calico-kube-controllers-74b8fbdb46-xjgf4   1/1     Running   0          6m32s
kube-system   calico-node-v2rnl                          1/1     Running   0          6m32s
kube-system   coredns-7f6cbbb7b8-2rrnn                   1/1     Running   0          3h1m
kube-system   coredns-7f6cbbb7b8-h96bs                   1/1     Running   0          3h1m
kube-system   etcd-k8s-master                            1/1     Running   0          3h2m
kube-system   kube-apiserver-k8s-master                  1/1     Running   0          3h2m
kube-system   kube-controller-manager-k8s-master         1/1     Running   0          3h2m
kube-system   kube-proxy-tr5vg                           1/1     Running   0          3h1m
kube-system   kube-scheduler-k8s-master                  1/1     Running   0          3h2m
[root@k8s-master ~]#

  k8s集群的master已经安装完成,下一篇介绍kubernetes-dashboard的安装与配置。

  ~~~未完待续

 

  

posted @ 2021-09-17 11:29  人生就是一场修行  阅读(611)  评论(0编辑  收藏  举报