使用kubeadm安装kubernetes集群脚本(更新日期:2024.7.19)
目前kubernetes使用的 CRI(容器运行时)主流的是docker和containerd,以下是一个自动化安装kubernetes集群的脚本,并且支持两种运行时,按照如下步骤操作即可。
系统版本为centos 7.9,docker的安装方式我已经试验过没问题了
1. 添加脚本
vi /usr/local/bin/kubestart
将以下内容复制进去
#! /bin/bash
###############################################
## Simple Install Your K8S
###############################################
kube_pod_subnet="10.244.0.0/16"
kube_version="1.23.9"
kube_image_server="registry.cn-hangzhou.aliyuncs.com/google_containers"
crictl_url="https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.21.0/"
crictl_name="crictl-v1.21.0-linux-amd64.tar.gz"
# 关闭SElinux
function init-env-disable-selinux()
{
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
}
# 禁用防火墙
function init-env-disable-firewalld()
{
sudo systemctl stop firewalld
sudo systemctl disable --now firewalld
}
# 添加 kubernetes.repo 文件和一些必要工具
function init-env-repository()
{
# kubernetes.repo
cat > /etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
# backup base.repo
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
# CentOS-Base.repo
cat > /etc/yum.repos.d/CentOS-Base.repo <<EOF
[base]
name=CentOS-\$releasever - Base - mirrors.aliyun.com
failovermethod=priority
baseurl=https://mirrors.aliyun.com/centos/\$releasever/os/\$basearch/
https://mirrors.aliyuncs.com/centos/\$releasever/os/\$basearch/
https://mirrors.cloud.aliyuncs.com/centos/\$releasever/os/\$basearch/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#released updates
[updates]
name=CentOS-\$releasever - Updates - mirrors.aliyun.com
failovermethod=priority
baseurl=https://mirrors.aliyun.com/centos/\$releasever/updates/\$basearch/
https://mirrors.aliyuncs.com/centos/\$releasever/updates/\$basearch/
https://mirrors.cloud.aliyuncs.com/centos/\$releasever/updates/\$basearch/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#additional packages that may be useful
[extras]
name=CentOS-\$releasever - Extras - mirrors.aliyun.com
failovermethod=priority
baseurl=https://mirrors.aliyun.com/centos/\$releasever/extras/\$basearch/
https://mirrors.aliyuncs.com/centos/\$releasever/extras/\$basearch/
https://mirrors.cloud.aliyuncs.com/centos/\$releasever/extras/\$basearch/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-\$releasever - Plus - mirrors.aliyun.com
failovermethod=priority
baseurl=https://mirrors.aliyun.com/centos/\$releasever/centosplus/\$basearch/
https://mirrors.aliyuncs.com/centos/\$releasever/centosplus/\$basearch/
https://mirrors.cloud.aliyuncs.com/centos/\$releasever/centosplus/\$basearch/
gpgcheck=1
enabled=0
gpgkey=https://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
#contrib - packages by Centos Users
[contrib]
name=CentOS-\$releasever - Contrib - mirrors.aliyun.com
failovermethod=priority
baseurl=https://mirrors.aliyun.com/centos/\$releasever/contrib/\$basearch/
https://mirrors.aliyuncs.com/centos/\$releasever/contrib/\$basearch/
https://mirrors.cloud.aliyuncs.com/centos/\$releasever/contrib/\$basearch/
gpgcheck=1
enabled=0
gpgkey=https://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
EOF
# docker.repo
cat > /etc/yum.repos.d/docker-ce.repo <<EOF
[docker-ce-stable]
name=Docker CE Stable - \$basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/\$releasever/\$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-stable-debuginfo]
name=Docker CE Stable - Debuginfo \$basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/\$releasever/debug-\$basearch/stable
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-stable-source]
name=Docker CE Stable - Sources
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/\$releasever/source/stable
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-test]
name=Docker CE Test - \$basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/\$releasever/\$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-test-debuginfo]
name=Docker CE Test - Debuginfo \$basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/\$releasever/debug-\$basearch/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-test-source]
name=Docker CE Test - Sources
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/\$releasever/source/test
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-nightly]
name=Docker CE Nightly - \$basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/\$releasever/\$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-nightly-debuginfo]
name=Docker CE Nightly - Debuginfo \$basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/\$releasever/debug-\$basearch/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
[docker-ce-nightly-source]
name=Docker CE Nightly - Sources
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/\$releasever/source/nightly
enabled=0
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
EOF
# sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
cd /etc/yum.repos.d
for file in *.repo; do
if [[ "$file" != "CentOS-Base.repo" && "$file" != "kubernetes.repo" && "$file" != "docker-ce.repo" ]]; then
mv "$file" "$file.bak"
fi
done
yum clean all
yum makecache
# install tools
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
}
# 安装 kubelet kubeadm kubectl
function init-install-kube()
{
sudo yum install -y kubeadm-${kube_version} kubectl-${kube_version} kubelet-${kube_version} --disableexcludes=kubernetes
}
# 安装docker
function init-docker()
{
# yum install -y wget docker-ce openvswitch* certbot
sudo yum install docker-ce docker-ce-cli containerd.io
systemctl start docker
systemctl enable docker
# 更改 cgroupdriver 为 systemd
if [ ! -d "/etc/docker" ]; then
mkdir /etc/docker
fi
echo -e "{" > /etc/docker/daemon.json
echo -e " \"exec-opts\": [\"native.cgroupdriver=systemd\"]," >> /etc/docker/daemon.json
echo -e " \"registry-mirrors\": [\"https://docker.m.daocloud.io\"]" >> /etc/docker/daemon.json
echo -e "}" >> /etc/docker/daemon.json
systemctl restart docker
systemctl enable kubelet
}
# 安装containerd
function init-containerd()
{
sudo yum install -y wget containerd.io openvswitch* certbot
mkdir -p /etc/containerd
cd /home
wget $crictl_url$crictl_name
tar zxf $crictl_name
mv crictl /usr/local/bin/
rm -rf $crictl_name
echo "overlay" > /etc/modules-load.d/containerd.conf
echo "br_netfilter" >> /etc/modules-load.d/containerd.conf
sudo modprobe overlay
sudo modprobe br_netfilter
echo "net.bridge.bridge-nf-call-iptables = 1" > /etc/sysctl.d/99-kubernetes-cri.conf
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.d/99-kubernetes-cri.conf
echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.d/99-kubernetes-cri.conf
sudo sysctl --system
sudo containerd config default > /etc/containerd/config.toml
sed -i 's/k8s.gcr.io\/pause:3.1/registry.cn-hangzhou.aliyuncs.com\/google_containers\/pause:3.2/g' /etc/containerd/config.toml
sudo systemctl restart containerd
sudo systemctl enable containerd
echo "KUBELET_EXTRA_ARGS=--cgroup-driver=systemd" > /etc/sysconfig/kubelet
echo "runtime-endpoint: unix:///run/containerd/containerd.sock" > /etc/crictl.yaml
echo "image-endpoint: unix:///run/containerd/containerd.sock" >> /etc/crictl.yaml
echo "timeout: 10" >> /etc/crictl.yaml
echo "debug: false" >> /etc/crictl.yaml
sudo systemctl restart kubelet
sudo systemctl enable kubelet
}
function init-env-kubeconfig()
{
if [ ! -d "/etc/kubernetes" ]; then
mkdir /etc/kubernetes
fi
echo -e "apiVersion: kubeadm.k8s.io/v1beta3" > /etc/kubernetes/kubeadm.yaml
echo -e "kind: InitConfiguration" >> /etc/kubernetes/kubeadm.yaml
echo -e "bootstrapTokens:" >> /etc/kubernetes/kubeadm.yaml
echo -e " - ttl: \"0\"" >> /etc/kubernetes/kubeadm.yaml
echo -e "---" >> /etc/kubernetes/kubeadm.yaml
echo -e "apiVersion: kubeadm.k8s.io/v1beta3" >> /etc/kubernetes/kubeadm.yaml
echo -e "kind: ClusterConfiguration" >> /etc/kubernetes/kubeadm.yaml
echo -e "networking:" >> /etc/kubernetes/kubeadm.yaml
echo -e " podSubnet: \"${kube_pod_subnet}\"" >> /etc/kubernetes/kubeadm.yaml
echo -e "kubernetesVersion: \"v${kube_version}\"" >> /etc/kubernetes/kubeadm.yaml
echo -e "imageRepository: \"${kube_image_server}\"" >> /etc/kubernetes/kubeadm.yaml
}
function init-env-kubecomp()
{
# default calico cni
echo -e "https://docs.projectcalico.org/manifests/calico.yaml" > /etc/kubernetes/kubeenv.list
# flannel: cni config url
# echo -e "https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml" > /etc/kubernetes/kubeenv.list
}
function init-env()
{
init-env-disable-selinux
init-env-disable-firewalld
init-env-repository
init-install-kube
if [[ -z $2 ]]
then
init-docker
elif [[ $2 == "docker" ]]
then
init-docker
elif [[ $2 == "containerd" ]]
then
init-containerd
else
echo "only support docker or containerd"
exit 1
fi
init-env-kubeconfig
init-env-kubecomp
}
function run-kube()
{
sudo swapoff -a && sysctl -w vm.swappiness=0
sudo sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab
systemctl restart kubelet
echo "1" > /proc/sys/net/bridge/bridge-nf-call-iptables
echo "1" > /proc/sys/net/ipv4/ip_forward
kubeadm init --config /etc/kubernetes/kubeadm.yaml
rm -rf $HOME/.kube
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
iptables -P FORWARD ACCEPT
while read line
do
kubectl apply -f $line
done < /etc/kubernetes/kubeenv.list
}
function help()
{
echo -e "Commands:"
echo -e " init-env :\t(Init): Initialize the environment configuration, simplify configuring node, such as disable selinux, install docker or containerd..."
echo -e " run-kube :\t(Init): deploy Kubernetes as your want by editing /etc/kubernetes/kubeenv.list. Now it includes calico, flannel"
}
case $1 in
"init-env")
init-env $*
;;
"run-kube")
run-kube $*
;;
"--help")
help
;;
*)
help
;;
esac
2. 修改为可执行文件
sudo chmod +x /usr/local/bin/kubestart
3. 支持的命令
然后你就可以使用以下两条命令去创建你的k8s集群了
# 初始化各种环境配置
kubestart init-env
# 启动集群,应用cni
kubestart run-kube
# 帮助命令
kubestart help
查看是否安装成功
kubectl get node
4. 可能遇到的问题
- 关于镜像拉取,目前dockerhub已经不能使用,脚本里面设置了镜像代理:
https://docker.m.daocloud.io,拉不下来的可以自己使用docker pull命令多拉几次,仍然不好使或者您的集群可以顺利从dockerhub拉去镜像不需要代理的话,可以去掉这个配置:
vi /etc/docker/daemon.json
# 删除掉这行
"registry-mirrors": ["https://docker.m.daocloud.io"]
# 删除掉之后注意保持json文件格式正确,上一行末尾的逗号去掉,然后保存执行
systemctl restart docker
systemctl enable kubelet
PS 脚本说明:
- 脚本开头的几个参数,是关于你想使用的 k8s 版本以及 crictl 安装包,想要使用其他版本的可以在开头改一下。
想要查看目前支持哪些版本可以使用以下命令:
yum list --showduplicates kubeadm --disableexcludes=kubernetes
-
kubestart init-env命令后面还可以添加其他参数,选择容器运行时,可以使用docker或者containerd,默认是 docker -
执行
kubeadm init命令使用的是/etc/kubernetes/kubeadm.yaml配置文件启动的,如果有特殊需要,在执行完init-env命令后去修改这个文件内容就可以,其实启动集群的方式就是这条命令:
kubeadm init --config /etc/kubernetes/kubeadm.yaml
- 默认使用的是
calico作为 cni 应用,你如果想使用其他的,去修改一下脚本里面的init-env-kubecomp函数即可。
