k8s部署

初始化
1.配置yum仓库

mkdir -p /etc/yum.repos.d/repo_bak/
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/repo_bak/
1、若您安装过docker,需要先删掉,之后再安装依赖: sudo yum remove docker docker-common docker-selinux docker-engine sudo yum install -y yum-utils device-mapper-persistent-data lvm2 2、根据版本不同,下载repo文件。您使用的发行版: CentOS/RHEL wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.huaweicloud.com/docker-ce/linux/centos/docker-ce.repo 软件仓库地址替换为: sudo sed -i 's+download.docker.com+mirrors.huaweicloud.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo 3、更新索引文件并安装 sudo yum makecache fast sudo yum install docker-ce echo '[kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg'>/etc/yum.repos.d/kubernetes.repo yum clean all yum makecache

2.配置ssh免密登录

ssh-keygen
scp  /root/.ssh/id_rsa.pub   root@172.18.0.68:/root/.ssh/
scp  /root/.ssh/id_rsa.pub   root@172.18.0.69:/root/.ssh/
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
或
ssh-copy-id -i .ssh/id_rsa.pub  root@172.18.0.68
ssh-copy-id -i .ssh/id_rsa.pub  root@172.18.0.69

3.配置NTP时钟源同步

4.配置hosts文件

scp  /etc/hosts   root@k8s-node1:/etc/hosts
scp  /etc/hosts   root@k8s-node2:/etc/hosts

5.关闭并禁用防火墙,selinux,iptables.service。

systemctl stop firewalld
systemctl disable firewalld
sed -i 's/enforcing/disabled/' /etc/selinux/config

6.禁用swap,如果要永久禁止swap挂载,可以修改/etc/fstab,将与swap有关的配置注释,重启系统即可

swapoff -a

7.安装docker,kubelet,kubectl,kubeadm

yum list kubelet kubeadm kubectl  --showduplicates|sort -r   //查看kubelet kubeadm kubectl版本,其中第一列是包的名字,第二列是版本信息。
yum install kubeadm-1.17.11-0  kubectl-1.17.11-0 kubelet-1.17.11-0      //安装指定版本的kubelet kubeadm kubectl
systemctl   start docker
systemctl   enable docker  kubelet

8.开启ipv4的转发在CentOS7.5版本上依然是必须的

echo "net.ipv4.ip_forward = 1">>/etc/sysctl.conf
echo 'net.bridge.bridge-nf-call-iptables = 1'>>/etc/sysctl.conf
echo 'net.bridge.bridge-nf-call-ip6tables = 1'>>/etc/sysctl.conf
sysctl -p

9.在国内网站站上找到相关的镜像

]# kubeadm config images list --kubernetes-version v1.17.1     //查看安装指定版本 k8s 需要的镜像有哪些
    k8s.gcr.io/kube-apiserver:v1.17.1
    k8s.gcr.io/kube-controller-manager:v1.17.1
    k8s.gcr.io/kube-scheduler:v1.17.1
    k8s.gcr.io/kube-proxy:v1.17.1
    k8s.gcr.io/pause:3.1
    k8s.gcr.io/etcd:3.4.3-0
    k8s.gcr.io/coredns:1.6.5
    
[root@k8s-m ~]# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver-amd64:v1.17.1
[root@k8s-m ~]# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager-amd64:v1.17.1
[root@k8s-m ~]# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler-amd64:v1.17.1
[root@k8s-m ~]# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy-amd64:v1.17.1
[root@k8s-m ~]# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd-amd64:3.4.3-0
[root@k8s-m ~]# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1
[root@k8s-m ~]# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.5
[root@k8s-m ~]# docker images

10.把这些images重新tag一下

docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.5  k8s.gcr.io/coredns:1.6.5
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd-amd64:3.4.3-0 k8s.gcr.io/etcd:3.4.3-0
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler-amd64:v1.17.1 k8s.gcr.io/kube-scheduler:v1.17.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager-amd64:v1.17.1 k8s.gcr.io/kube-controller-manager:v1.17.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver-amd64:v1.17.1 k8s.gcr.io/kube-apiserver:v1.17.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy-amd64:v1.17.1 k8s.gcr.io/kube-proxy:v1.17.1

11.初始化集群

 kubeadm init --kubernetes-version=1.17.1 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12

12.查看监听端口

 ss  -tnlp

13.查看错误日志

tail -f /var/log/messages

14.保存的系统提示命令

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

15.如果初始化失败,执行下面命令

kubeadm reset

16.Node节点安装kubelet kubectl kebeadm docker-ce

17.master节点

]# kubectl  get  cs                 查看组件健康信息
]# kubectl  get nodes            查看节点信息
]# kubectl   get ns                 查看所有名称空间
]# kubectl  get  pods  -n   kube-system    查看指定名称空间下运行的Pod,系统级的pod都在kube-system名称空间中 

18.master部署Flannel

]# kubectl apply  -f  https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
 [如果下载不了,点击链接,复制就好](https://blog.csdn.net/weixin_45483207/article/details/112547571)
]# docker images      可以看到flannel镜像已经下载完成
REPOSITORY                    TAG                   IMAGE ID            CREATED               SIZE
quay.io/coreos/flannel        v0.12.0-amd64         4e9f801d2217        35 hours ago          52.8MB

19.镜像备份

master]# docker save quay.io/coreos/flannel:v0.12.0-amd64 -o flannel.tar
node]# flannel.tar   root@172.18.0.68:~
node]# flannel.tar   root@172.18.0.69:~

Node节点解包
docker load -i flannel.tar
docker  pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 k8s.gcr.io/pause:3.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy-amd64:v1.17.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy-amd64:v1.17.1 k8s.gcr.io/kube-proxy:v1.17.1

检查
docker images

20.加入Node节点

重新生成加入命令
master ~]# kubeadm token create --print-join-command

加入集群
kubeadm join 172.18.0.67:6443 --token vs1bna.tsws2f3ya91p0yn0     --discovery-token-ca-cert-hash sha256:37fcee2d33ffea2ad9a151b4c7fcde927ea146e45ea899b76d0ae646a2a53146  --ignore-preflight-errors=Swap

加入集群
kubeadm join 172.18.0.67:6443 --token vs1bna.tsws2f3ya91p0yn0     --discovery-token-ca-cert-hash sha256:37fcee2d33ffea2ad9a151b4c7fcde927ea146e45ea899b76d0ae646a2a53146  --ignore-preflight-errors=Swap

21.检查

master ~]# kubectl get pods --all-namespaces
NAMESPACE     NAME                                            READY   STATUS    RESTARTS   AGE
kube-system   coredns-6955765f44-sfptk                    1/1     Running          4               18h
kube-system   coredns-6955765f44-xf9jt                     1/1     Running          3               18h
kube-system   etcd-k8s-master                                    1/1     Running          3               18h
kube-system   kube-apiserver-k8s-master                   1/1     Running          3               18h
kube-system   kube-controller-manager-k8s-master    1/1     Running         5                18h
kube-system   kube-flannel-ds-amd64-55nwh             1/1     Running         3                 18h
kube-system   kube-flannel-ds-amd64-vhrf9               1/1     Running         3                  15h
kube-system   kube-flannel-ds-amd64-vpm9f             1/1     Running         0                   15h
kube-system   kube-proxy-fds8b                                 1/1     Running         3                   18h
kube-system   kube-proxy-jt2ws                                 1/1     Running         0                    15h
kube-system   kube-proxy-wh7d4                              1/1     Running         0                     15h
kube-system   kube-scheduler-k8s-master                1/1     Running         4                     18h

master ~]# kubectl get pods -n kube-system  -o wide    //查看某一个名称空间pod详情
NAME                                 READY   STATUS    RESTARTS   AGE   IP            NODE         NOMINATED NODE   READINESS GATES
coredns-6955765f44-sfptk             1/1     Running   4          19h   10.244.0.9    k8s-master   <none>           <none>
coredns-6955765f44-xf9jt             1/1     Running   3          19h   10.244.0.10   k8s-master   <none>           <none>
etcd-k8s-master                      1/1     Running   3          19h   172.18.0.67   k8s-master   <none>           <none>
kube-apiserver-k8s-master            1/1     Running   3          19h   172.18.0.67   k8s-master   <none>           <none>
kube-controller-manager-k8s-master   1/1     Running   5          19h   172.18.0.67   k8s-master   <none>           <none>
kube-flannel-ds-amd64-55nwh          1/1     Running   3          18h   172.18.0.67   k8s-master   <none>           <none>
kube-flannel-ds-amd64-vhrf9          1/1     Running   3          15h   172.18.0.69   k8s-node2    <none>           <none>
kube-flannel-ds-amd64-vpm9f          1/1     Running   0          15h   172.18.0.68   k8s-node1    <none>           <none>
kube-proxy-fds8b                     1/1     Running   3          19h   172.18.0.67   k8s-master   <none>           <none>
kube-proxy-jt2ws                     1/1     Running   0          15h   172.18.0.68   k8s-node1    <none>           <none>
kube-proxy-wh7d4                     1/1     Running   0          15h   172.18.0.69   k8s-node2    <none>           <none>
kube-scheduler-k8s-master            1/1     Running   4          19h   172.18.0.67   k8s-master   <none>           <none>

master ~]# kubectl   get  nodes    //查看集群节点状态
NAME         STATUS   ROLES    AGE   VERSION
k8s-master   Ready    master   19h   v1.17.4
k8s-node1    Ready    <none>   15h   v1.17.4
k8s-node2    Ready    <none>   15h   v1.17.4 

22.测试

master ~]# kubectl  describe  node k8s-node1     //查看node详细信息
Taints:                   <none>      //污点信息
 Unschedulable:      false       //是否不可被调度 
posted @ 2021-11-21 16:37  不会跳舞的胖子  阅读(114)  评论(0编辑  收藏  举报