虚拟机
| ip | 主机名 | 角色 | 内存 |
|---|---|---|---|
| 192.168.14.132 | master | master | 4g |
| 192.168.14.133 | node1 | worker | 4g |
| 192.168.14.134 | node2 | worker | 4g |
master节点
软件源
http://mirrors.aliyun.com/repo/Centos-7.repo
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
cat >/etc/yum.repos.d/kubernetes.repo<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
EOF
yum -y clean all
yum -y makecache fast
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
sudo yum install -y yum-utils
sudo yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
yum install -y yum-utils device-mapper-persistent-data lvm2 wget net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release openssh-server socat ipvsadm conntrack ntpdate telnet
yum install iptables-services -y
禁用 iptables
service iptables stop && systemctl disable iptables
sudo systemctl start docker
systemctl enable docker
systemctl status docker
cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["https://19b12x6i.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
systemctl daemon-reload
systemctl enable docker
systemctl restart docker
systemctl status docker
cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness = 0
net.bridge.bridge-nf-call-ip6tables = 1
EOF
## 应用sysctl参数而无需重新启动
sudo sysctl --system
#安装ipset、ipvsadm
yum install -y ipset ipvsadm
cat > /etc/modules-load.d/ipvs.conf <<EOF
# Load IPVS at boot
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack_ipv4
EOF
bash /etc/modules-load.d/ipvs.conf
systemctl enable --now systemd-modules-load.service
lsmod | grep -e ip_vs -e nf_conntrack_ipv4
reboot
[`cri-dockerd`](https://github.com/Mirantis/cri-dockerd)
安装go
wget https://golang.google.cn/dl/go1.20.2.linux-amd64.tar.gz
tar -zxvf go1.20.2.linux-amd64.tar.gz -C /usr/local/
sleep 10
cat >>/etc/profile<<EOF
#go 环境变量
export GO111MODULE=on
export GOROOT=/usr/local/go
export GOPATH=/home/gopath
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
EOF
source /etc/profile
go version
安装cri-dockerd
git clone https://github.com/Mirantis/cri-dockerd.git
cd cri-dockerd
mkdir bin
go build -o bin/cri-dockerd
mkdir -p /usr/local/bin
install -o root -g root -m 0755 bin/cri-dockerd /usr/local/bin/cri-dockerd
cp -a packaging/systemd/* /etc/systemd/system
sed -i -e 's,/usr/bin/cri-dockerd,/usr/local/bin/cri-dockerd,' /etc/systemd/system/cri-docker.service
systemctl daemon-reload
systemctl enable cri-docker.service
systemctl enable --now cri-docker.socket
systemctl start cri-docker.service
systemctl status cri-docker.service
传送这个cri-dockerd到node1,node2节点
scp -r cri-dockerd node1:/root/
cd cri-dockerd
mkdir -p /usr/local/bin
install -o root -g root -m 0755 bin/cri-dockerd /usr/local/bin/cri-dockerd
cp -a packaging/systemd/* /etc/systemd/system
sed -i -e 's,/usr/bin/cri-dockerd,/usr/local/bin/cri-dockerd,' /etc/systemd/system/cri-docker.service
systemctl daemon-reload
systemctl enable cri-docker.service
systemctl enable --now cri-docker.socket
systemctl start cri-docker.service
systemctl status cri-docker.service
sed -i "/.*ExecStart=*/c\ExecStart=/usr/local/bin/cri-dockerd --network-plugin=cni --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9 --container-runtime-endpoint fd:// " /etc/systemd/system/cri-docker.service
systemctl daemon-reload
systemctl restart cri-docker.service
systemctl status cri-docker.service
ps -ef|grep dockerd
可以先查询有哪些版本
yum list kubeadm --showduplicates
kubeadm.x86_64 1.26.1-0 kubernetes
kubeadm.x86_64 1.26.2-0 kubernetes
yum install -y kubelet-1.26.2-0 kubeadm-1.26.2-0 kubectl-1.26.2-0 --disableexcludes=kubernetes
systemctl enable kubelet && systemctl start kubelet && systemctl status kubelet
kubeadm init --kubernetes-version=1.26.2 \
--apiserver-advertise-address=192.168.14.132 \
--image-repository registry.aliyuncs.com/google_containers \
--pod-network-cidr=10.244.0.0/16 \
--cri-socket=unix:///var/run/cri-dockerd.sock --v=5
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
export KUBECONFIG=/etc/kubernetes/admin.conf
kubeadm join 192.168.14.132:6443 --token mjb3gb.zt8i272smowrs1i4 \
--discovery-token-ca-cert-hash sha256:87d9cddfc308f2dc932dd9cd672cf006c39fde9762d885323714da116df12036
worker节点
软件源
http://mirrors.aliyun.com/repo/Centos-7.repo
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
cat >/etc/yum.repos.d/kubernetes.repo<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
EOF
yum -y clean all
yum -y makecache fast
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
sudo yum install -y yum-utils
sudo yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
yum install -y yum-utils device-mapper-persistent-data lvm2 wget net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release openssh-server socat ipvsadm conntrack ntpdate telnet
yum install iptables-services -y
禁用 iptables
service iptables stop && systemctl disable iptables
sudo systemctl start docker
systemctl enable docker
systemctl status docker
cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["https://19b12x6i.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
systemctl daemon-reload
systemctl enable docker
systemctl restart docker
systemctl status docker
cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness = 0
net.bridge.bridge-nf-call-ip6tables = 1
EOF
## 应用sysctl参数而无需重新启动
sudo sysctl --system
#安装ipset、ipvsadm
yum install -y ipset ipvsadm
cat > /etc/modules-load.d/ipvs.conf <<EOF
# Load IPVS at boot
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack_ipv4
EOF
bash /etc/modules-load.d/ipvs.conf
systemctl enable --now systemd-modules-load.service
lsmod | grep -e ip_vs -e nf_conntrack_ipv4
reboot
[`cri-dockerd`](https://github.com/Mirantis/cri-dockerd)
安装go
wget https://golang.google.cn/dl/go1.20.2.linux-amd64.tar.gz
tar -zxvf go1.20.2.linux-amd64.tar.gz -C /usr/local/
sleep 10
cat >>/etc/profile<<EOF
#go 环境变量
export GO111MODULE=on
export GOROOT=/usr/local/go
export GOPATH=/home/gopath
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin
EOF
source /etc/profile
go version
安装cri-dockerd
git clone https://github.com/Mirantis/cri-dockerd.git
cd cri-dockerd
mkdir bin
go build -o bin/cri-dockerd
mkdir -p /usr/local/bin
install -o root -g root -m 0755 bin/cri-dockerd /usr/local/bin/cri-dockerd
cp -a packaging/systemd/* /etc/systemd/system
sed -i -e 's,/usr/bin/cri-dockerd,/usr/local/bin/cri-dockerd,' /etc/systemd/system/cri-docker.service
systemctl daemon-reload
systemctl enable cri-docker.service
systemctl enable --now cri-docker.socket
systemctl start cri-docker.service
systemctl status cri-docker.service
传送这个cri-dockerd到node1,node2节点
scp -r cri-dockerd node1:/root/
cd cri-dockerd
mkdir -p /usr/local/bin
install -o root -g root -m 0755 bin/cri-dockerd /usr/local/bin/cri-dockerd
cp -a packaging/systemd/* /etc/systemd/system
sed -i -e 's,/usr/bin/cri-dockerd,/usr/local/bin/cri-dockerd,' /etc/systemd/system/cri-docker.service
systemctl daemon-reload
systemctl enable cri-docker.service
systemctl enable --now cri-docker.socket
systemctl start cri-docker.service
systemctl status cri-docker.service
sed -i "/.*ExecStart=*/c\ExecStart=/usr/local/bin/cri-dockerd --network-plugin=cni --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9 --container-runtime-endpoint fd:// " /etc/systemd/system/cri-docker.service
systemctl daemon-reload
systemctl restart cri-docker.service
systemctl status cri-docker.service
ps -ef|grep dockerd
可以先查询有哪些版本
yum list kubeadm --showduplicates
kubeadm.x86_64 1.26.1-0 kubernetes
kubeadm.x86_64 1.26.2-0 kubernetes
yum install -y kubelet-1.26.2-0 kubeadm-1.26.2-0 kubectl-1.26.2-0 --disableexcludes=kubernetes
systemctl enable kubelet && systemctl start kubelet && systemctl status kubelet
worker节点假如集群
kubeadm join 192.168.14.132:6443 --token mjb3gb.zt8i272smowrs1i4 --discovery-token-ca-cert-hash sha256:87d9cddfc308f2dc932dd9cd672cf006c39fde9762d885323714da116df12036 --cri-socket /var/run/cri-dockerd.sock
master节点
export KUBECONFIG=/etc/kubernetes/admin.conf
kubectl get nodes
NAME STATUS ROLES AGE VERSION
master NotReady control-plane 15m v1.26.2
node1 NotReady <none> 10s v1.26.2
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 分享一个免费、快速、无限量使用的满血 DeepSeek R1 模型,支持深度思考和联网搜索!
· 使用C#创建一个MCP客户端
· ollama系列1:轻松3步本地部署deepseek,普通电脑可用
· 基于 Docker 搭建 FRP 内网穿透开源项目(很简单哒)
· 按钮权限的设计及实现