Kubernetes部署(Docker为运行时)
1:环境
三台主机
IP: 10.0.0.10 主机名:master 系统: centos 7.9 配置: 4C 2G
IP: 10.0.0.11 主机名:node1 系统: centos 7.9 配置: 2C 2G
IP: 10.0.0.12 主机名:node2 系统: centos 7.9 配置: 2C 2G
2:基础配置
1、所以节点关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
2、所以节点关闭selinux
sed -i "s/^SELINUX=.*/SELINUX=disabled/g" /etc/selinux/config
setenforce 0
3、所以节点关闭swap
swapoff -a # 临时关闭
vi /etc/fstab 注释到swap那一行 # 永久关闭
sed -i 's/.*swap.*/#&/g' /etc/fstab
4、所有节点添加主机名与IP对应关系
cat >> /etc/hosts << EOF
10.0.0.10 k8s-master
10.0.0.11 k8s-node1
10.0.0.12 k8s-node2
EOF
# 配置Hostname
hostnamectl set-hostname k8s-master
hostnamectl set-hostname k8s-node1
hostnamectl set-hostname k8s-node2
5、将桥接的IPv4流量传递到iptables的链(所有机器执行)、
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
6、所有节点安装docker
# 配置Docker源和kubernetes源
yum install -y yum-utils
yum-config-manager \
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 配置阿里云加速kubernetes源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum -y install docker-ce
# 启动docker
systemctl start docker
systemctl enable docker
# 配置加速
# 配置加速,并设置驱动
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["https://6ze43vnb.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
# 加载daemon并重启docker
systemctl daemon-reload
systemctl restart docker
3:安装Kubeadm以及初始化Kubernetes集群
1:所有节点安装kubeadm,kubelet和kubectl
yum install -y kubelet-1.23.1 kubeadm-1.23.1 kubectl-1.23.1
systemctl enable kubelet --now
2:初始化master节点
- 只在master节点执行
- 由于默认拉取镜像地址k8s.gcr.io国内无法访问,这里指定阿里云镜像仓库地址
- 执行成功以后最后结果会输出
kubeadm init \
--apiserver-advertise-address=10.0.0.10 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.23.1 \
--pod-network-cidr=100.1.0.0/16 \
--service-cidr=172.1.0.0/16
3:kubeadm join 10.0.0.10:6443 --token bs9ygy.iudr36522p081nny \
--discovery-token-ca-cert-hash sha256:4de71c2d7ae5b6f985992dee0fd31dc550244604e8aa618850a494b65dc14902
4:设置kubectl默认访问的api
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
echo "source <(kubectl completion bash)" >> ~/.bashrc
source ~/.bashrc
5:部署calico网络插件
curl https://docs.projectcalico.org/manifests/calico.yaml -O
kubectl apply -f calico.yaml
4:查看集群
# 查看node以及网络插件方面
[root@k8s-master ~]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-85b5b5888d-g6d5g 1/1 Running 0 5m52s
kube-system calico-node-67lp5 1/1 Running 0 12m
kube-system calico-node-f5mgs 1/1 Running 0 14m
kube-system calico-node-f69mb 1/1 Running 0 12m
kube-system coredns-6d8c4cb4d-rpxhq 1/1 Running 0 21m
kube-system coredns-6d8c4cb4d-vc7g6 1/1 Running 0 21m
kube-system etcd-k8s-master 1/1 Running 0 21m
kube-system kube-apiserver-k8s-master 1/1 Running 0 21m
kube-system kube-controller-manager-k8s-master 1/1 Running 0 21m
kube-system kube-proxy-cwgpd 1/1 Running 0 21m
kube-system kube-proxy-rn5w9 1/1 Running 0 17m
kube-system kube-proxy-xb4kj 1/1 Running 0 18m
kube-system kube-scheduler-k8s-master 1/1 Running 0 21m