kubeadm+docker(cri-dockerd)方式部署k8s单master集群 (v1.24.3)

一、环境配置

关闭防火墙
systemctl stop firewalld && systemctl disable firewalld

关闭selinux
setenforce 0
sed -i 's/enforcing/disabled/' /etc/selinux/config

关闭swap
swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab (永久关闭)

主机名与IP对应关系
vi /etc/hosts
192.168.247.101 keepalive-haproxy-01 k8s-master
192.168.247.102 keepalive-haproxy-02 k8s-node1
192.168.247.103 keepalive-haproxy-03 k8s-node2
192.168.247.100 keepalive-haproxy-vip

添加内核优化参数
cat << EOF > /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
user.max_user_namespaces=28633
EOF

使其生效
sysctl -p /etc/sysctl.d/99-kubernetes-cri.conf


配置ipvs转发
yum install -y ipset ipvsadm
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF

chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4

 

配置时间同步
dnf install chronyd -y

cat > /etc/chrony.conf <<EOF
server ntp.aliyun.com iburst
stratumweight 0
driftfile /var/lib/chrony/drift
rtcsync
makestep 10 3
bindcmdaddress 127.0.0.1
bindcmdaddress ::1
keyfile /etc/chrony.keys
commandkey 1
generatecommandkey
logchange 0.5
logdir /var/log/chrony
EOF

systemctl enable chronyd && systemctl start chronyd

二、安装docker-ce

yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install docker-ce

配置加速器
mkdir -p /etc/docker
cat <<EOF > /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"experimental": false,
"debug": false,
"max-concurrent-downloads": 10,
"registry-mirrors": ["https://a7h8080e.mirror.aliyuncs.com"]
}
EOF
systemctl enable docker && systemctl start docker &&  systemctl status docker

下载golang 1.18 版本
wget https://golang.google.cn/dl/go1.18.3.linux-amd64.tar.gz

解压golang至指定目录
tar -C /usr/local/ -zxvf ./go1.18.3.linux-amd64.tar.gz

创建gopath目录
mkdir /home/gopath

添加环境变量,编辑/etc/profile 文件,在文件末尾添加以下配置
export GOROOT=/usr/local/go
export GOPATH=/home/gopath
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin

加载/etc/profile文件
source /etc/profile

配置go proxy代理
go env -w GOPROXY="https://goproxy.io,direct"


验证golang是否安装完成,执行 go version命令

 -

三、部署cri-dockerd

下载cri-dockerd源码
git clone https://github.com/Mirantis/cri-dockerd.git

进入cri-dockerd目录
cd cri-dockerd/

执行 依赖包下载和命令构建
go get && go build
# go get && go build
go: downloading k8s.io/apiserver v0.20.4
go: downloading k8s.io/component-base v0.20.4
go: downloading github.com/sirupsen/logrus v1.8.1
go: downloading github.com/spf13/cobra v1.1.1
go: downloading github.com/spf13/pflag v1.0.5
go: downloading k8s.io/cri-api v0.20.4
go: downloading github.com/go-logr/logr v0.2.0
go: downloading k8s.io/apimachinery v0.20.4
go: downloading k8s.io/klog/v2 v2.4.0
go: downloading github.com/coreos/go-systemd/v22 v22.1.0
go: downloading github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e
go: downloading github.com/pkg/errors v0.9.1
go: downloading google.golang.org/grpc v1.27.1
go: downloading k8s.io/kubernetes v1.20.4
go: downloading github.com/Microsoft/hcsshim v0.8.10-0.20200715222032-5eafd1556990
go: downloading github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e
go: downloading github.com/blang/semver v3.5.1+incompatible
go: downloading github.com/docker/docker v17.12.0-ce-rc1.0.20200916142827-bd33bbf0497b+incompatible
go: downloading github.com/opencontainers/go-digest v1.0.0
go: downloading github.com/opencontainers/image-spec v1.0.1
go: downloading golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8
go: downloading k8s.io/api v0.20.4
go: downloading k8s.io/client-go v0.20.4
go: downloading github.com/emicklei/go-restful v2.9.5+incompatible
go: downloading github.com/inconshreveable/mousetrap v1.0.0
go: downloading github.com/gogo/protobuf v1.3.1
go: downloading go.uber.org/zap v1.10.0
go: downloading github.com/evanphx/json-patch v4.9.0+incompatible
go: downloading github.com/go-openapi/spec v0.19.3
go: downloading github.com/google/uuid v1.1.2
go: downloading golang.org/x/net v0.0.0-20220225172249-27dd8689420f
go: downloading k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd
go: downloading k8s.io/utils v0.0.0-20201110183641-67b214c5f920
go: downloading github.com/google/gofuzz v1.1.0
go: downloading github.com/docker/distribution v2.7.1+incompatible
go: downloading github.com/docker/go-connections v0.4.0
go: downloading github.com/Microsoft/go-winio v0.4.15
go: downloading github.com/opencontainers/runc v1.0.0-rc92
go: downloading github.com/containernetworking/cni v0.8.0
go: downloading github.com/vishvananda/netlink v1.1.0
go: downloading github.com/davecgh/go-spew v1.1.1
go: downloading github.com/docker/go-units v0.4.0
go: downloading github.com/morikuni/aec v1.0.0
go: downloading github.com/JeffAshton/win_pdh v0.0.0-20161109143554-76bb4ee9f0ab
go: downloading github.com/google/cadvisor v0.38.7
go: downloading github.com/golang/protobuf v1.5.2
go: downloading google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a
go: downloading github.com/json-iterator/go v1.1.10
go: downloading go.uber.org/atomic v1.4.0
go: downloading go.uber.org/multierr v1.1.0
go: downloading github.com/go-openapi/jsonpointer v0.19.3
go: downloading github.com/go-openapi/jsonreference v0.19.3
go: downloading github.com/go-openapi/swag v0.19.5
go: downloading sigs.k8s.io/structured-merge-diff/v4 v4.0.2
go: downloading sigs.k8s.io/yaml v1.2.0
go: downloading sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14
go: downloading github.com/googleapis/gnostic v0.4.1
go: downloading gopkg.in/yaml.v2 v2.4.0
go: downloading github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46
go: downloading github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822
go: downloading gopkg.in/inf.v0 v0.9.1
go: downloading go.opencensus.io v0.22.3
go: downloading github.com/cyphar/filepath-securejoin v0.2.2
go: downloading github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6
go: downloading github.com/moby/sys/mountinfo v0.1.3
go: downloading github.com/prometheus/client_golang v1.7.1
go: downloading github.com/prometheus/client_model v0.2.0
go: downloading github.com/prometheus/procfs v0.2.0
go: downloading github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae
go: downloading github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78
go: downloading google.golang.org/protobuf v1.26.0
go: downloading github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96
go: downloading github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd
go: downloading github.com/modern-go/reflect2 v1.0.1
go: downloading github.com/PuerkitoBio/purell v1.1.1
go: downloading github.com/mailru/easyjson v0.7.0
go: downloading github.com/hashicorp/golang-lru v0.5.1
go: downloading golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
go: downloading github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0
go: downloading go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489
go: downloading golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e
go: downloading golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0
go: downloading golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
go: downloading golang.org/x/text v0.3.7
go: downloading github.com/containerd/containerd v1.4.1
go: downloading github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59
go: downloading github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e
go: downloading github.com/godbus/dbus/v5 v5.0.3
go: downloading github.com/beorn7/perks v1.0.1
go: downloading github.com/cespare/xxhash/v2 v2.1.1
go: downloading github.com/prometheus/common v0.10.0
go: downloading github.com/lithammer/dedent v1.1.0
go: downloading github.com/google/go-cmp v0.5.5
go: downloading github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578
go: downloading github.com/imdario/mergo v0.3.7
go: downloading github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369
go: downloading github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f
go: downloading github.com/coreos/go-semver v0.3.0
go: downloading google.golang.org/appengine v1.6.5

构建完成后生成cri-dockerd命令

接下来执行cri-dockerd命令的安装及环境配置命令
install -o root -g root -m 0755 cri-dockerd /usr/bin/cri-dockerd
cp -a packaging/systemd/* /etc/systemd/system

systemctl daemon-reload
systemctl enable cri-docker.service
systemctl enable --now cri-docker.socket

四、 安装kubeadm、kubelet、kubectl(每个节点都执行

添加阿里云yum源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

检查yum源是不是有跟kube相关的安装源
# yum list | grep kube

指定版本安装
yum install kubeadm kubectl kubelet -y
设置开机自启 systemctl enable kubelet && systemctl start kubelet

也可执行 yum list kubeadm kubelet kubectl --showduplicates | sort -r 按照输出的列表项安装特定版本.
拉取k8s指定版本的镜像 kubeadm config images pull
--cri-socket unix:///var/run/cri-dockerd.sock --image-repository registry.aliyuncs.com/google_containers

master节点执行如下命令安装k8s

kubeadm init --kubernetes-version=v1.24.3 \
--pod-network-cidr=10.224.0.0/16 \
--apiserver-advertise-address=192.168.247.101 \
--cri-socket unix:///var/run/cri-dockerd.sock \
--image-repository registry.aliyuncs.com/google_containers

 查看 /var/log/messages 日志可以找到相关报错

该问题可能属于k8s代码问题,解决办法使用国内源下载该版本镜像,然后重新打tag
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6 k8s.gcr.io/pause:3.6

 

 重新执行执行初始化命令,即可成功

# kubeadm init --kubernetes-version=v1.24.3 --pod-network-cidr=10.224.0.0/16 --apiserver-advertise-address=192.168.247.101 --cri-socket unix:///var/run/cri-dockerd.sock --image-repository registry.aliyuncs.com/google_containers

接下来在worker节点上执行相关的操作,worker节点与master节点的操作步骤的唯一区别是:master节点执行kubeadm init操作,woker节点执行kubeadm join操作,
因此上面的步骤除了kubeadm init步骤之外,其他所有的步骤woker节点同样也需要执行。
执行kubeadm init 成功之后输出的 最后一行kubeadm join 命令

kubeadm config images pull --cri-socket unix:///var/run/cri-dockerd.sock --image-repository registry.aliyuncs.com/google_containers

kubeadm join 192.168.247.101:6443 --token o4zf8w.rw20jhmskiyk0ton --discovery-token-ca-cert-hash sha256:376e215a51620ac699223ac80cbd57f2adcf46b2c0eef0a7dfd003a55f7dac78 --cri-socket unix:///var/run/cri-dockerd.sock

参考文档:https://blog.csdn.net/u011415722/article/details/125472772

posted @ 2022-07-19 01:32  cyh00001  阅读(3331)  评论(0编辑  收藏  举报