k8s-v1.22.5部署文档(ubuntu1804)

1,# 临时关闭
sudo swapoff -a
# 永久关闭
sudo vi /etc/fstab
## 第二行注释掉 (注释swap分区)
# /dev/mapper/ubuntu--vg-swap_1 none swap sw 0 0

2,安装docker
sudo apt install docker.io

修改daemon.json文件
sudo vim /etc/docker/daemon.json
#输入以下内容,第一项为镜像源,第二项为驱动,是为了使得其与k8s驱动一致
{
"registry-mirrors": ["https://82m9ar63.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}

启动docker
sudo systemctl daemon-reload
sudo systemctl restart docker

3,安装kubelet,kubectl,kubeadm
使得 apt 支持 ssl 传输
sudo apt-get update && sudo apt-get install -y apt-transport-https

下载 gpg 密钥
sudo curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg |sudo apt-key add -

添加 k8s 镜像源(不要更改版本代号)
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF

更新源列表
sudo apt-get update

4,安装kube
sudo apt-get install -y kubelet=1.22.5-00 kubeadm=1.22.5-00 kubectl=1.22.5-00
sudo systemctl start kubelet
sudo systemctl enable kubelet

查看镜像列表
kubeadm config images list --kubernetes-version v1.22.5

下载基础镜像
for i in `kubeadm config images list --kubernetes-version v1.22.5`; do
imageName=${i#k8s.gcr.io/}
docker pull registry.aliyuncs.com/google_containers/$imageName
docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
docker rmi registry.aliyuncs.com/google_containers/$imageName
done;
会发现有错误,是由于其中一个镜像命名有误,手动拉取。
sudo docker pull registry.aliyuncs.com/google_containers/coredns:v1.8.4
sudo docker tag registry.aliyuncs.com/google_containers/coredns:v1.8.4 k8s.gcr.io/coredns/coredns:v1.8.4
sudo docker rmi registry.aliyuncs.com/google_containers/coredns:v1.8.4

5,执行kubeadm init
sudo kubeadm init \
--ignore-preflight-errors=all \
--apiserver-advertise-address=192.168.80.128 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.22.5 \
--service-cidr=10.1.0.0/16 \
--pod-network-cidr=10.244.0.0/16 \
--v=6

注释:加上 --upload-certs 参数,会输出类似以下,用于添加master节点
kubeadm join 192.168.81.100:6443 --token ocb5tz.pv252zn76rl4l3f6 \
--discovery-token-ca-cert-hash sha256:141bbeb79bf58d81d551f33ace207c7b19bee1cfd7790112ce26a6a300eee5a2 \
--experimental-control-plane --certificate-key 20366c9cdbfdc1435a6f6d616d988d027f2785e34e2df9383f784cf61bab9826 --ignore-preflight-errors=all

此时会报 I0919 20:19:00.148468 7781 round_trippers.go:454] GET https://192.168.80.128:6443/healthz?timeout=10s in 0 milliseconds 类似日志
在等一两分钟
0919 20:19:21.304687 7781 round_trippers.go:454] POST https://192.168.80.128:6443/api/v1/namespaces/kube-system/serviceaccounts?timeout=10s 201 Created in 9 milliseconds
I0919 20:19:21.323945 7781 round_trippers.go:454] POST https://192.168.80.128:6443/api/v1/namespaces/kube-system/configmaps?timeout=10s 201 Created in 14 milliseconds
I0919 20:19:21.419775 7781 round_trippers.go:454] POST https://192.168.80.128:6443/apis/apps/v1/namespaces/kube-system/daemonsets?timeout=10s 201 Created in 71 milliseconds
I0919 20:19:21.440327 7781 round_trippers.go:454] POST https://192.168.80.128:6443/apis/rbac.authorization.k8s.io/v1/clusterrolebindings?timeout=10s 201 Created in 18 milliseconds
I0919 20:19:21.448702 7781 round_trippers.go:454] POST https://192.168.80.128:6443/apis/rbac.authorization.k8s.io/v1/namespaces/kube-system/roles?timeout=10s 201 Created in 8 milliseconds
I0919 20:19:21.454705 7781 round_trippers.go:454] POST https://192.168.80.128:6443/apis/rbac.authorization.k8s.io/v1/namespaces/kube-system/rolebindings?timeout=10s 201 Created in 5 milliseconds
[addons] Applied essential addon: kube-proxy
I0919 20:19:21.456516 7781 loader.go:372] Config loaded from file: /etc/kubernetes/admin.conf
I0919 20:19:21.457900 7781 loader.go:372] Config loaded from file: /etc/kubernetes/admin.conf

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.80.128:6443 --token cafgtj.u77ynf6ep78q7jd4 \
--discovery-token-ca-cert-hash sha256:5fa4568505cb947d6e684b2ea5e5ba17d6f70d86ddee7a36573a496ffd8e58f9 ###这个需要记录,用于其他计算节点加入集群

添加当前系统用户kubectl控制权限
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

注释:在其他node计算节点上部署加入集群时,到了执行kubeadm init 这一步时,不用执行kubeadm init,直接执行sudo kubeadm join 既可加入集群

 

6,搭建calico网络
k8s可以选择flannel 网络、calico网络等多种管理集群的网络。calico性能较好
wget https://docs.projectcalico.org/manifests/calico.yaml
#可以修改为自定义ip,默认是192.168.0.0/16,需要与上面配置时相同
#sed -i 's/192.168.0.0\/16/10.244.0.0\/16/g' calico.yaml
sudo kubectl apply -f calico.yaml

7,查看
kubectl -n kube-system get pods # 查看所有基础组件是否Running状态
kubectl get nodes 查看节点是否Ready状态
kubectl get all 查看集群状态

8,配置kubectl命令自动补全
安装bash-completion工具
sudo apt install bash-completion

执行bash_completion
source /usr/share/bash-completion/bash_completion

加载kubectl completion
#在bash 中设置当前 shell 的自动补全(切换终端后会失效)
source <(kubectl completion bash)

#在bash shell 中永久的添加自动补全(永久有效,不受切换终端影响)
echo "source <(kubectl completion bash)" >> ~/.bashrc

 

参考:https://blog.csdn.net/weixin_51969975/article/details/126307397

posted on 2022-09-19 21:33  SZ_文彬  阅读(436)  评论(0编辑  收藏  举报