Ubuntu 22.04 LTS 部署K8S 1.23.17
一、基础环境准备
1. K8S 虚拟机硬件环境准备
| IP | 主机名 | 配置 | 磁盘 |
|---|---|---|---|
| 10.0.0.20 | master20 | 2c4G | 50G |
| 10.0.0.21 | worker21 | 2c4G | 50G |
| 10.0.0.22 | worker22 | 2c4G | 50G |
配置三个节点:1个 Master 节点和 2个 Worker 节点
2. 所有节点关闭 swap 分区
# 禁用 swap 分区,以便 Kubernetes 正常运行
sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab
3. 确保各个节点 MAC 地址或 product_uuid 唯一
# 确保每个节点的 MAC 地址唯一,以免出现网络冲突
ifconfig ens33 | grep ether | awk '{print $2}'
# 确保节点的 product_uuid 唯一
cat /sys/class/dmi/id/product_uuid
4. 所有节点检查网络节点是否互通
# 确保各节点网络互通,检查是否能 ping 通外网
ping baidu.com
5. 所有节点允许 iptable 检查桥接流量
# 加载内核模块,允许 Kubernetes 使用 iptables 进行桥接流量管理
cat <<EOF | tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
cat <<EOF | tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl --system
6. 所有节点修改 cgroup 的管理进程为 systemd
安装好docker
# 修改 Docker 使用 systemd 作为 cgroup 管理工具
# 检查 Docker 配置是否正确
docker info | grep "Cgroup Driver:"
# 应显示 Cgroup Driver: systemd
7. 所有节点安装 kubeadm,kubelet,kubectl
7.1 K8S 所有节点配置软件源
# 配置阿里云 K8S 镜像源
apt-get update && apt-get install -y apt-transport-https
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update
7.2 各节点查看一下当前环境支持的 k8s 版本
# 查看支持的 Kubernetes 版本
apt-cache madison kubeadm
# 结果显示如下
kubeadm | 1.28.2-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
kubeadm | 1.28.1-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
kubeadm | 1.28.0-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
kubeadm | 1.27.6-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
kubeadm | 1.27.5-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
kubeadm | 1.27.4-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
...
7.3 各节点安装 kubelet kubeadm kubectl
# 安装指定版本的 Kubernetes 组件
apt-get -y install kubelet=1.23.17-00 kubeadm=1.23.17-00 kubectl=1.23.17-00
7.4 各节点检查各组件版本
# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.17", GitCommit:"953be8927218ec8067e1af2641e540238ffd7576", GitTreeState:"clean", BuildDate:"2023-02-22T13:33:14Z", GoVersion:"go1.19.6", Compiler:"gc", Platform:"linux/amd64"}
# kubectl version
Client Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.17", GitCommit:"953be8927218ec8067e1af2641e540238ffd7576", GitTreeState:"clean", BuildDate:"2023-02-22T13:34:27Z", GoVersion:"go1.19.6", Compiler:"gc", Platform:"linux/amd64"}
The connection to the server localhost:8080 was refused - did you specify the right host or port?
# kubelet --version
Kubernetes v1.23.17
8. 检查时区
# 确保节点时区设置为上海时间
ln -svf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
date -R
二、基于 kubeadm 组件初始化 K8S 的 master 组件
1. 提前导入镜像
[root@master20:~]# docker load -i master-1.23.17.tar.gz
2. 使用 kubeadm 初始化 master 节点
[root@master20:~]# kubeadm init --kubernetes-version=v1.23.17 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.100.0.0/16 --service-cidr=10.200.0.0/16 --service-dns-domain=cxjyyds.com --apiserver-advertise-address=10.0.0.20
...
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.0.0.20:6443 --token vedqv5.p8c12pid56cbgm2o \
--discovery-token-ca-cert-hash sha256:26a852b446be7c540fa9fcf020ad929489e8394ed30dd0e659a53c02f82ca3d5
# 将 kubeconfig 文件复制到用户的主目录下,确保 kubectl 可以访问 K8S 集群
[root@master20:~]# mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
# 检查 Kubernetes 控制平面组件状态
[root@master20:~]# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health":"true","reason":""}
token 默认保留 24 小时,因此 24 小时内你的集群必须启动起来!
三、 基于 kubeadm 部署 worker 组件
1. 提前导入镜像
# 在 worker 节点上导入 Kubernetes 相关镜像
[root@worker21:~]# docker load -i slave-1.23.17.tar.gz
[root@worker22:~]# docker load -i slave-1.23.17.tar.gz
2. 在 worker 节点执行加入的命令
# 使用 kubeadm join 命令将 worker 节点加入到 master 节点初始化的集群,使用你上一步生成的 token 即可
[root@worker21:~]# kubeadm join 10.0.0.20:6443 --token vedqv5.p8c12pid56cbgm2o \
--discovery-token-ca-cert-hash sha256:26a852b446be7c540fa9fcf020ad929489e8394ed30dd0e659a53c02f82ca3d5
[root@worker22:~]# kubeadm join 10.0.0.20:6443 --token vedqv5.p8c12pid56cbgm2o \
--discovery-token-ca-cert-hash sha256:26a852b446be7c540fa9fcf020ad929489e8394ed30dd0e659a53c02f82ca3d5
3. master 节点检查集群的 worker 节点列表
[root@master20:~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master20 NotReady control-plane,master 17m v1.23.17
worker21 NotReady <none> 37s v1.23.17
worker22 NotReady <none> 37s v1.23.17
注意:此时,节点状态为 "NotReady",因为网络插件还没有部署
四、部署 flannel 的 CNI 插件
1. 所有节点手动导入镜像
[root@master20:~]# docker load -i cni-v1.5.1-flannel-v0.25.6.tar.gz
[root@master21:~]# docker load -i cni-v1.5.1-flannel-v0.25.6.tar.gz
[root@master22:~]# docker load -i cni-v1.5.1-flannel-v0.25.6.tar.gz
2. 下载 Flannel 的资源清单并修改 Pod 网段
# 下载 Flannel 配置文件,并修改网络段以匹配你的集群配置
[root@master20:~]# wget https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
[root@master21:~]# wget https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
[root@master22:~]# wget https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
[root@master20:~]# vim kube-flannel.yml
...
84 "Network": "10.100.0.0/16",
...
146: image: docker.io/flannel/flannel:v0.25.6
...
173: image: docker.io/flannel/flannel-cni-plugin:v1.5.1-flannel2
...
184: image: docker.io/flannel/flannel:v0.25.6
...
3. 安装 Flannel 组件
[root@master20:~]# kubectl apply -f kube-flannel.yml
namespace/kube-flannel created
serviceaccount/flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created
4. 检查 falnnel 各组件是否安装成功
[root@master20:~]# kubectl get pods -o wide -n kube-flannel
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-flannel-ds-d4lcg 1/1 Running 0 14s 10.0.0.21 worker21 <none> <none>
kube-flannel-ds-hk5rn 1/1 Running 0 14s 10.0.0.22 worker22 <none> <none>
kube-flannel-ds-sjxkg 1/1 Running 0 14s 10.0.0.20 master20 <none> <none>
5. 测试各节点组件
[root@master20:~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master20 Ready control-plane,master 60m v1.23.17
worker21 Ready <none> 44m v1.23.17
worker22 Ready <none> 44m v1.23.17
6. 检查 flannel.1 网卡是否存在
[root@master20:~]# ifconfig flannel.1
flannel.1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 10.100.0.0 netmask 255.255.255.255 broadcast 0.0.0.0
inet6 fe80::90a6:fcff:fe63:7673 prefixlen 64 scopeid 0x20<link>
ether 92:a6:fc:63:76:73 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 12 overruns 0 carrier 0 collisions 0
[root@worker21:~]# ifconfig flannel.1
flannel.1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 10.100.2.0 netmask 255.255.255.255 broadcast 0.0.0.0
inet6 fe80::436:b1ff:fe44:7cea prefixlen 64 scopeid 0x20<link>
ether 06:36:b1:44:7c:ea txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 12 overruns 0 carrier 0 collisions 0
[root@worker22:~]# ifconfig flannel.1
flannel.1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 10.100.1.0 netmask 255.255.255.255 broadcast 0.0.0.0
inet6 fe80::b424:15ff:fe49:6f54 prefixlen 64 scopeid 0x20<link>
ether b6:24:15:49:6f:54 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 12 overruns 0 carrier 0 collisions 0
六、kubectl 工具实现自动补全功能
添加环境变量
[root@master20:~]# kubectl completion bash > ~/.kube/completion.bash.inc
[root@master20:~]# echo source '$HOME/.kube/completion.bash.inc' >> ~/.bashrc
[root@master20:~]# source ~/.bashrc
分类:
kubernetes
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 10年+ .NET Coder 心语 ── 封装的思维:从隐藏、稳定开始理解其本质意义
· 地球OL攻略 —— 某应届生求职总结
· 提示词工程——AI应用必不可少的技术
· Open-Sora 2.0 重磅开源!
· 周边上新:园子的第一款马克杯温暖上架