K8S-部署 master 节点
说在前面:下面初始化环境工作都在 master 节点执行
环境初始化
1、修改hostname
[root@master ~] vim /etc/hostname
将规划好的主节点名称 master 写入 hostname 文件保存即可
[root@master ~] cat /etc/hostname
输出:
master
2、重启
[root@master ~] reboot
3、关闭防火墙
[root@master ~] systemctl stop firewalld
[root@master ~] systemctl disable firewalld
4、关闭selinux
[root@master ~] sed -i 's/enforcing/disabled/' /etc/selinux/config
[root@master ~] setenforce 0
输出:
setenforce: SELinux is disabled
5、关闭swap
注意:由于服务器本来配置就低,这里就不关闭swap,在后面部署过程中忽略swap报错即可,自行选择
[root@master ~] swapoff -a #临时
[root@master ~] vim /etc/fstab #永久
6、时间同步
[root@master ~] yum install -y ntpdate
[root@master ~] ntpdate 0.rhel.pool.ntp.org
输出:
3 Aug 13:50:02 ntpdate[9286]: adjust time server 111.230.189.174 offset 0.018248 sec
7、host绑定
[root@master ~] vim /etc/hosts
192.168.1.24 master24
192.168.1.21 node21
192.168.1.22 node22
192.168.1.23 node23
安装docker
1、配置docker的yum仓库(这里使用阿里云仓库)
[root@master ~] yum -y install yum-utils device-mapper-persistent-data lvm2
[root@master ~] yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
2、安装docker
[root@master ~] yum -y install docker-ce-19.03.7-3.el7 docker-ce-cli-19.03.7-3.el7 containerd.io
3、修改docker cgroup driver为systemd
根据文档CRI installation中的内容,对于使用systemd作为init system的Linux的发行版,使用systemd作为docker的cgroup driver可以确保服务器节点在资源紧张的情况更加稳定,因此这里修改各个节点上docker的cgroup driver为systemd。
[root@master ~] mkdir /etc/docker #没启动docker之前没有该目录
[root@master ~] vim /etc/docker/daemon.json #如果不存在则创建
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
4、启动docker
[root@master ~] systemctl restart docker #启动docker
[root@master ~] systemctl enable docker #开机自启动
[root@master ~] docker info | grep Cgroup
输出:
Cgroup Driver: systemd
修改 docker 的默认存储
注意:如果系统空间较小,建议将 docker 的默认存储存到数据盘目录。
1、修改 docker 的默认存储
[root@master ~]# systemctl stop docker
2、转移数据到 data 路径
[root@master ~]# yum install rsync -y
[root@master ~]# rsync -avzHP /var/lib/docker /data/
3、修改配置文件
[root@master ~]# vim /etc/docker/daemon.json
# 将 "graph":"/data/docker" 填写到 daemon.json 文件,最终内容如下
{
"exec-opts": ["native.cgroupdriver=systemd"],
"graph":"/data/docker"
}
4、启动 docker
[root@master ~]# systemctl start docker
安装kubeadm
1、配置kubenetes的yum仓库(这里使用阿里云仓库)
[root@master ~] cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
[root@master ~] yum makecache
2、安装kubelet、kubectl、kubeadm
[root@master ~] yum -y install kubelet-1.18.2 kubeadm-1.18.2 kubectl-1.18.2
[root@master ~] rpm -aq kubelet kubectl kubeadm
kubectl-1.15.2-0.x86_64
kubelet-1.15.2-0.x86_64
kubeadm-1.15.2-0.x86_64
3、将kubelet加入开机启动,这里刚安装完成不能直接启动。(因为目前还没有集群还没有建立)
[root@master ~] systemctl enable kubelet
master初始化
通过kubeadm --help帮助手册可以看到可以通过kubeadm init初始化一个master节点,然后再通过kubeadm join将一个node节点加入到集群中。
[root@k8s-master ~]# kubeadm --help
Usage:
kubeadm [command]
Available Commands:
alpha Kubeadm experimental sub-commands
completion Output shell completion code for the specified shell (bash or zsh)
config Manage configuration for a kubeadm cluster persisted in a ConfigMap in the cluster
help Help about any command
init Run this command in order to set up the Kubernetes control plane
join Run this on any machine you wish to join an existing cluster
reset Run this to revert any changes made to this host by 'kubeadm init' or 'kubeadm join'
token Manage bootstrap tokens
upgrade Upgrade your cluster smoothly to a newer version with this command
version Print the version of kubeadm
Flags:
-h, --help help for kubeadm
--log-file string If non-empty, use this log file
--log-file-max-size uint Defines the maximum size a log file can grow to. Unit is megabytes. If the value is 0, the maximum file size is unlimited. (default 1800)
--rootfs string [EXPERIMENTAL] The path to the 'real' host root filesystem.
--skip-headers If true, avoid header prefixes in the log messages
--skip-log-headers If true, avoid headers when opening log files
-v, --v Level number for the log level verbosity
Use "kubeadm [command] --help" for more information about a command.
1、配置忽略swap报错
[root@k8s-master ~]# vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--fail-swap-on=false"
2、初始化master
--kubernetes-version #指定Kubernetes版本
--image-repository #由于kubeadm默认是从官网k8s.grc.io下载所需镜像,国内无法访问,所以这里通过--image-repository指定为阿里云镜像仓库地址
--pod-network-cidr #指定pod网络段
--service-cidr #指定service网络段
--ignore-preflight-errors=Swap #忽略swap报错信息
[root@k8s-master ~]# kubeadm init --kubernetes-version=v1.18.2 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap
......
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.1.41:6443 --token a4pjca.ubxvfcsry1je626j \
--discovery-token-ca-cert-hash sha256:784922b9100d1ecbba01800e7493f4cba7ae5c414df68234c5da7bca4ef0c581
3、按照上面初始化成功提示创建配置文件
[root@k8s-master ~]# mkdir -p $HOME/.kube
[root@k8s-master ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master ~]# chown $(id -u):$(id -g) $HOME/.kube/config
[root@k8s-master ~]# docker image ls #初始化完成后可以看到所需镜像也拉取下来了
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.aliyuncs.com/google_containers/kube-scheduler v1.15.2 88fa9cb27bd2 2 weeks ago 81.1MB
registry.aliyuncs.com/google_containers/kube-proxy v1.15.2 167bbf6c9338 2 weeks ago 82.4MB
registry.aliyuncs.com/google_containers/kube-apiserver v1.15.2 34a53be6c9a7 2 weeks ago 207MB
registry.aliyuncs.com/google_containers/kube-controller-manager v1.15.2 9f5df470155d 2 weeks ago 159MB
registry.aliyuncs.com/google_containers/coredns 1.3.1 eb516548c180 7 months ago 40.3MB
registry.aliyuncs.com/google_containers/etcd 3.3.10 2c4adeb21b4f 8 months ago 258MB
registry.aliyuncs.com/google_containers/pause 3.1 da86e6ba6ca1 20 months ago 742kB
4、按照上面初始化成功提示创建配置文件
方法一
[root@k8s-master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
[root@k8s-master ~]# kubectl get pods -n kube-system |grep flannel #验证flannel网络插件是否部署成功(Running即为成功)
# 由于flannel默认是从国外拉取镜像,所以经常拉取不到,故使用下面方法二进行安装
方法二
[root@k8s-master ~]# wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
[root@k8s-master ~]# sed -i 's#quay.io#quay-mirror.qiniu.com#g' kube-flannel.yml #替换仓库地址
[root@k8s-master ~]# kubectl apply -f kube-flannel.yml
注意:如果两者都拉取不到则直接采用导入方式,自行下载 flanneld-v0.14.0-amd64.docker 镜像
[root@master ~] docker load < flanneld-v0.14.0-amd64.docker
修改kube-flannel.yml中的镜像地址为导入的地址
强制重启容器
[root@master ~] kubectl replace --force -f kube-flannel.yml
