kubeadm 添加master及node

1、添加master

新master服务器初始化

添加k8s源

$ cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0   # 注意这里要改为0,否则会报错
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
exclude=kube* 
EOF

执行以下操作

注意:这里就不过多说明,如果想要了解,请参考k8s部署文档

$ swapoff -a
$ cp /etc/fstab /etc/fstab_bak 
$ cat /etc/fstab_bak |grep -v swap > /etc/fstab
$ cat /etc/fstab  
$ cat <<EOF >  /etc/sysctl.d/k8s.conf
vm.swappiness = 0
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
$ modprobe br_netfilter 
$ sysctl -p /etc/sysctl.d/k8s.conf 
$ modprobe br_netfilter 
$ sysctl -p /etc/sysctl.d/k8s.conf 
$ cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash                                                                      
modprobe -- ip_vs                                                               
modprobe -- ip_vs_rr                                                             
modprobe -- ip_vs_wrr                                                           
modprobe -- ip_vs_sh                                                            
modprobe -- nf_conntrack_ipv4                                                    
EOF
$ chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4

安装docker

请参考docker安装、升级、更改数据目录

修改docker

$ vi /etc/docker/daemon.json
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {"max-size":"200m", "max-file":"3"}
}
$ systemctl restart docker

安装kubectl

$ yum install kubelet-1.23.6 kubeadm-1.23.6 kubectl-1.23.6 --disableexcludes=Kubernetes  -y

生成token

$ kubeadm token create --print-join-command
kubeadm join xxx.xxx.xxx.xxx:6443 --token zw2rjh.mub91ffa4dj8dt21h7 --discovery-token-ca-cert-hash sha256:84fb4d1d7081f4b95f6e9b1f2a3e2a41be9fsart3dsa5ac90cd11528b4cb9 

生成新证书

$ kubeadm init phase upload-certs --upload-certs
I0803 10:16:24.896995  116398 version.go:255] remote version is much newer: v1.24.3; falling back to: stable-1.23
[upload-certs] Storing the certificates in Secret "kubeadm-certs" in the "kube-system" Namespace
[upload-certs] Using certificate key:
92a62b8e4b99f610f51c5390e98984f987f07f3e21dc5fgdfgs2344b2f165b3  # 这里就是生成的新证书

注意:1.16版本前参数为--experimental-upload-certs,1.16及1.16版本以后为--upload-certs,命令不对就会出现unknown flag --experimental-upload-certs的错误

master 添加

1.16版本前参数为--experimental-control-plane --certificate-key ,1.16及1.16版本以后为--control-plane --certificate-key

$ kubeadm join 192.168.9.200:6443 --token 2eo2fa.3v78yblnc2zamf1t --discovery-token-ca-cert-hash sha256:84fb4d1d7081f4b95f6e9b1f2a3e2a41be9fsart3dsa5ac90cd11528b4cb9 --control-plane --certificate-key 92a62b8e4b99f610f51c5390e98984f987f07f3e21dc5fgdfgs2344b2f165b3

添加node

生成命令,拷贝安装即可

$ kubeadm token create --print-join-command
kubeadm join xxx.xxx.xxx.xxx:6443 --token 2eo2fa.3v78yblnc2zamf1t --discovery-token-ca-cert-hash sha256:84fb4d1d7081f4b95f6e9b1f2a3e2a41be9fsart3dsa5ac90cd11528b4cb9
posted @ 2022-08-03 10:29  兰嘉轩  阅读(325)  评论(0编辑  收藏  举报