kubernetes-环境搭建

1.版本

2022/06/
系统CentOS_7.9
k8s 版本：v1.23
#tab命令补全
yum install -y bash-completion
echo "source <(kubectl completion bash)" >> ~/.bashrc

2.机器清单

系统	    规格	角色
CentOS 7.X	4核4G	Master
CentOS 7.X	4核4G	Node

3.修改主机名和解析等

#Master执行
hostnamectl  set-hostname master
cat >> /etc/hosts <<EOF
192.168.1.10  master
192.168.1.11  node
EOF

#Node执行
hostnamectl  set-hostname node
cat >> /etc/hosts <<EOF
192.168.1.10  master
192.168.1.11  node
EOF

#master和node关闭swap
swapoff -a
sed -ir 's/.*swap.*/#&/' /etc/fstab

4.Master 和 Node 都执行

4.1.在Master和Node机器上配置yum源

curl -s -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
curl -s -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

4.2.系统参数修改

setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
swapoff -a
sed -i 's/.*swap.*/#&/' /etc/fstab
systemctl disable   firewalld
systemctl stop   firewalld
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
modprobe overlay
modprobe br_netfilter

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
EOF

modprobe br_netfilter
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh 
modprobe -- nf_conntrack
EOF

chmod 755 /etc/sysconfig/modules/ipvs.modules
bash /etc/sysconfig/modules/ipvs.modules
lsmod | grep -e ip_vs -e nf_conntrack
sysctl --system

4.3.安装iptables

yum -y install iptables-services
systemctl start iptables
systemctl enable iptables
iptables -F
service iptables save

5.安装和配置Docker,Master和Node都执行

yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum -y install docker-ce

mkdir /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "registry-mirrors": ["https://e6vlzg9v.mirror.aliyuncs.com"]
}
EOF
cat /etc/docker/daemon.json

systemctl daemon-reload 
systemctl start docker.service
systemctl enable docker.service
systemctl status docker.service

6.安装kubeadm,Master和Node都执行

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
setenforce 0
yum install -y --nogpgcheck kubelet-1.23.3  kubectl-1.23.3  kubeadm-1.23.3
#注意Master节点上没初始化前不要启动kubelet服务

7.kubeadm初始化k8s,Master执行

kubeadm init --image-repository=registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --kubernetes-version=v1.23.3

#普通用户运行K8S的,请执行
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

#root用户运行K8S,请执行
export KUBECONFIG=/etc/kubernetes/admin.conf
echo 'export KUBECONFIG=/etc/kubernetes/admin.conf' >> /etc/profile

#kubeadm初始化完再启动kubelet
systemctl start kubelet.service
systemctl enable kubelet.service
systemctl status kubelet.service

8.加入工作node节点,Node执行

#上面初始化成功直接显示命令
kubeadm token create --print-join-command
kubeadm join 192.168.1.10:6443 --token 4jk15f.426e4q0kgbs89gxv --discovery-token-ca-cert-hash sha256:3530bc8e2d6371655b8b1a95c5ec183fcc006c3218d9affe812a5e3bddb20382

#如没有保存，可以执行下面语句输出join命令。
kubeadm token create --print-join-command

9.安装k8s网络插件,Master执行

curl https://docs.projectcalico.org/manifests/calico.yaml -O && kubectl apply -f calico.yaml

10.部署tomcat验证,Master执行

kubectl get node
#显示Ready时再执行下面语句,创建一个tomcat应用并访问
kubectl create deployment  tomcat --image=tomcat
kubectl expose deployment tomcat  --port=8080 --target-port=8080 --type=NodePort
kubectl get service
#浏览器访问应用
http://xxxxx:xxx