centos8 单机安装k8s
本机环境:centos8
参考博客:https://blog.csdn.net/witton/article/details/107085155
1. 环境准备
-
卸载podman
centos8默认安装了podman容器,它和docker可能存在冲突,最好卸载掉
sudo yum remove podman
-
关闭交换区
sudo swapoff -a #临时关闭 sudo sed -i 's/.*swap.*/#&/' /etc/fstab #永久关闭交换区
-
禁用selinux
setenforce 0 #临时关闭 sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config #永久关闭
-
关闭防火墙
sudo systemctl stop firewalld.service sudo systemctl disable firewalld.service
2. k8s安装
-
配置系统基本安装源
sudo curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo
-
添加K8s安装源
将以下内容保存到/etc/yum.repos.d/kubernetes.repo
[kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
-
安装docker
sudo yum install -y yum-utils device-mapper-persistent-data lvm2 net-tools sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo yum -y install docker-ce
使用docker加速
mkdir -p /etc/docker vim /etc/docker/daemon.json { "registry-mirrors" : ["https://mj9kvemk.mirror.aliyuncs.com"] }
-
安装kubectl、kubelet、kubeadm
sudo yum install -y kubectl kubelet kubeadm sudo systemctl enable kubelet sudo systemctl start kubelet kubeadm version kubectl version --client kubelet --version
-
初始化kubernetes集群
kubeadm init --apiserver-advertise-address=0.0.0.0 \ --apiserver-cert-extra-sans=127.0.0.1 \ --image-repository=registry.aliyuncs.com/google_containers \ --ignore-preflight-errors=all \ --kubernetes-version=v1.21.1 \ --service-cidr=10.10.0.0/16 \ --pod-network-cidr=10.18.0.0/16
可能会报如下错误
detected “cgroupfs” as the Docker cgroup driver
查看docker信息
docker info | grep Cgroup
修改驱动
/usr/lib/systemd/system/docker.service # 在ExecStart命令中添加 --exec-opt native.cgroupdriver=systemd
重启服务
systemctl daemon-reload systemctl restart docker docker info | grep Cgroup
重新执行初始化工作
kubeadm init --apiserver-advertise-address=0.0.0.0 \ --apiserver-cert-extra-sans=127.0.0.1 \ --image-repository=registry.aliyuncs.com/google_containers \ --ignore-preflight-errors=all \ --kubernetes-version=v1.21.1 \ --service-cidr=10.10.0.0/16 \ --pod-network-cidr=10.18.0.0/16
-
部署后续
如果出现错误可以根据提示自行修复
创建目录:
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
获取节点信息
kubectl get node kubectl get pod --all-namespaces
-
安装calico网络
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
-
安装kubernetes-dashboard
wget https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended.yaml # 修改文件 vi recommended.yaml kind: Service apiVersion: v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboard spec: type: NodePort #添加这行 ports: - port: 443 targetPort: 8443 nodePort: 30000 #添加这行 selector: k8s-app: kubernetes-dashboard
创建pod
kubectl create -f recommended.yaml kubectl get svc -n kubernetes-dashboard
3.web创建pod
web页面登录 https://ip:30000/#/login
3.1 token登录
-
创建Token
kubectl create sa dashboard-admin -n kube-system
-
授权Token访问权限
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
-
获取Token
ADMIN_SECRET=$(kubectl get secrets -n kube-system | grep dashboard-admin | awk '{print $1}') DASHBOARD_LOGIN_TOKEN=$(kubectl describe secret -n kube-system ${ADMIN_SECRET} | grep -E '^token' | awk '{print $2}') echo ${DASHBOARD_LOGIN_TOKEN}
3.2 部署服务
kubectl taint nodes --all node-role.kubernetes.io/master-
3.3常用Token命
kubeadm token list #查看Token
kubeadm token create #创建Token
kubeadm token delete TokenXXX #删除 Token
kubeadm token create --print-join-command #初始化master节点时,node节点加入集群命令
token=$(kubeadm token generate)
kubeadm token create $token --print-join-command --ttl=0
kubeadm token list | awk -F" " '{print $1}' |tail -n 1 # 打印第一行
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')