k8s--使用 kubeadm 搭建 k8s 1.25.3 版本
环境准备
# 节点ip 172.25.131.227 k8s-master-01 # 设置主机名 ~]# hostnamectl set-hostname k8s-master-01 # 设置hosts解析 echo "172.25.131.227 k8s-master-01" >>/etc/hosts
Kubernetes 环境初始化
禁用交换分区。为了保证 kubelet 正常工作,你必须禁用交换分区。详情见 安装 kubeadm
~]# swapoff -a ~]# sed -i 's/.*swap.*/#&/' /etc/fstab
关闭selinux与防火墙
~]# setenforce 0 ~]# sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config ~]# systemctl disable firewalld ~]# systemctl stop firewalld
配置kubernetes
~]# cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf overlay br_netfilter EOF ~]# modprobe overlay ~]# modprobe br_netfilter # 配置内核转发 ~]# cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 EOF # 配置生效 sysctl --system
containerd 安装
# 配置yum源 ~]# yum install -y yum-utils ~]# yum-config-manager \ --add-repo \ https://download.docker.com/linux/centos/docker-ce.repo # 安装 ~]# yum install containerd.io -y # 启动 ~]# systemctl enable containerd ~]# systemctl start containerd # 生成默认配置 ~]# containerd config default > /etc/containerd/config.toml # 修改默认配置 ~]# vim /etc/containerd/config.toml sandbox_image = "registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.8" # 修改为阿里云镜像地址 SystemdCgroup = true # 使用systemd cgroup # 重启 ~]# systemctl daemon-reload ~]# systemctl enable --now containerd ~]# systemctl restart containerd
安装 Kubernetes 组件
# 配置aliyun 的源 ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF # 安装kubelet kubeadm kubectl ~]# yum install kubelet kubeadm kubectl --nogpgcheck -y # 设置kubelet自启动 ~]# systemctl enable kubelet # 设置crictl ~]# crictl config --set runtime-endpoint=unix:///run/containerd/containerd.sock
初始化集群
~]# kubeadm init --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers \
--apiserver-advertise-address=172.25.131.227 \
--kubernetes-version=v1.25.3 \
--service-cidr=192.16.0.0/16 \
--pod-network-cidr=10.0.0.0/16 # 参数说明 --image-repository 指定镜像源 --apiserver-advertise-address apiserver地址 --service-cidr service ip网段 --pod-network-cidr pod网段 --kubernetes-version 指定版本
# 执行成功结果
配置网络插件 calico
~]# kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
查看节点状态
~]# kubectl get node