单机部署kubernetels

1. 系统优化

# 配置主机名
hostnamectl set-hostname xxx
# 主机名称解析
cat /etc/hosts
172.18.129.68 xxx
# 主机安全配置
关闭firewalld

systemctl stop firewalld

systemctl disable firewalld

firewall-cmd --state
sed -ri 's/SELINUX=enforcing/SELINUX=disabled/' etc/selinux/config

# 关闭swap分区
swapoff -a

# 永久关闭swap分区（使用kubeadm部署必须关闭swap分区，修改配置文件后需要重启操作系统）
cat etc/fstab
#/dev/mapper/cl-swap swap swap defaults 0 0

# 在swap文件系统对应的行，行首添加#表示注释

# 添加网桥过滤及地址转发
cat etc/sysctl.d/k8s.conf

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

net.ipv4.ip_

forward = 1

vm.swappiness = 0

# 加载br_netfilter模块

modprobe br_netfilter

# 查看模块

lsmod | grep br_netfilter

# 使配置文件生效

sysctl -p etc/sysctl.d/k8s.conf

# 开启ipvs
yum -y install ipset ipvsadm

# 在所有节点添加ipvs模块（所有节点执行）

cat > etc/sysconfig/modules/ipvs.modules <<EOF

#!/bin/bash

modprobe -- ip_vs

modprobe -- ip_vs_rr

modprobe -- ip_vs_wrr

modprobe -- ip_vs_sh

modprobe -- nf_conntrack_ipv4

EOF

# 加载并检查模块

chmod 755 etc/sysconfig/modules/ipvs.modules && bash etc/sysconfig/modules/ipvs.modules && lsmod

| grep -e ip_vs -e nf_conntrack_ipv4

2. 安装docker-ce版本

wget -O etc/yum.repos.d/docker-ce.repo https://mirrors.tuna.tsinghua.edu.cn/dockerce/linux/centos/docker-ce.repo

查看合适的docker版本，本次安装最新的版本

yum list docker-ce.x86_64 --showduplicates | sort -r

# 安装docker

yum -y install docker

3. 添加修改daemon.json文件,修改默认存储驱动及国内镜像

cat etc/docker/daemon.json

{

"exec-opts": ["native.cgroupdriver=systemd"],

"log-driver": "json-file",

"log-opts": {

"max-size": "100m"

},

"storage-driver": "overlay2",

"storage-opts": [

"overlay2.override_kernel_check=true"

],

"registry-mirrors": [

"https://registry.docker-cn.com",

"http://hub-mirror.c.163.com",

"https://docker.mirrors.ustc.edu.cn"

]

}

# 配置完后，重新reload json文件及重启docker

systemctl daemon-reload

systemctl restart docker

# 使用docker info查看Registry Mirrors是不是修改成功

4. 安装kubectl,kubeadm,kubelet软件

 cat /etc/yum.repos.d/kubernetes.repo 
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0

执行安装

yum -y install kubectl kubeadm kubelet
yum install  kubelet-1.22.2-0.x86_64  kubeadm-1.22.2-0.x86_64 kubectl-1.22.2-0.x86_64 -y
# 建议部署1.24以下版本

5. k8s集群容器镜像准备

# 执行kubeadm config images list 查看K8S集群需要的docker镜像
kubeadm config images list
k8s.gcr.io/kube-apiserver:v1.22.13
k8s.gcr.io/kube-controller-manager:v1.22.13
k8s.gcr.io/kube-scheduler:v1.22.13
k8s.gcr.io/kube-proxy:v1.22.13
k8s.gcr.io/pause:3.5
k8s.gcr.io/etcd:3.5.0-0
k8s.gcr.io/coredns/coredns:v1.8.4

# 使用docker pull方式拉取以上镜像(拉取阿里云镜像)
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.25.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.25.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.25.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.25.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.8
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns/coredns:v1.9.3
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:v1.9.3
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.18.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.4-0

6. 初始化K8S集群

kubeadm init --kubernetes-version="v1.22.2" --apiserver-advertise-address=172.18.129.68 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.122.0.0/16

参数解释：

--image-repository 因为是从阿里云拉取的docker镜像，需要指定仓库来启动

--pod-network-cidr 指定pod内部的tcp网络

--apiserver-advertise-address 本机绑定的IP地址

执行完后，根据提示信息执行步骤

mkdir -p $HOME/.kube

sudo cp -i etc/kubernetes/admin.conf $HOME/.kube/config

sudo chown $(id -u):$(id -g) $HOME/.kube/config

7 拉取calico镜像及配置文件

通过docker pull拉取calico镜像

docker pull calico/node

docker pull calico/cni

docker pull calico/pod2daemon-flexvol

docker pull calico/kube-controllers



下载calico.yml文件

wget https://docs.projectcalico.org/manifests/calico.yaml


修改cidr的地址为172（K8S初始化时指定的pod网络地址,如初始化为其他IP,则修改对应IP）
- name: CALICO_IPV4POOL_CIDR
  value: "172.30.0.0/16"
- name: IP_AUTODETECTION_METHOD  # DaemonSet中添加该环境变量
  value: interface=ens160    # 指定内网网卡
  
  
修改完后，应用

kubectl apply -f calico.yml

8. 查看运行状态

[root@lan calico]# kubectl get nodes
NAME   STATUS   ROLES                  AGE   VERSION
lan    Ready    control-plane,master   50m   v1.22.2
[root@lan calico]# kubectl get pods -A
NAMESPACE     NAME                                       READY   STATUS    RESTARTS   AGE
kube-system   calico-kube-controllers-867d8d6bd8-26nz9   1/1     Running   0          43m
kube-system   calico-node-8qkx4                          1/1     Running   0          43m
kube-system   coredns-7f6cbbb7b8-9zh75                   1/1     Running   0          50m
kube-system   coredns-7f6cbbb7b8-n82dj                   1/1     Running   0          50m
kube-system   etcd-lan                                   1/1     Running   1          50m
kube-system   kube-apiserver-lan                         1/1     Running   0          50m
kube-system   kube-controller-manager-lan                1/1     Running   0          50m
kube-system   kube-proxy-jhnzp                           1/1     Running   0          50m
kube-system   kube-scheduler-lan                         1/1     Running   1          50m