|NO.Z.00078|——————————|^^ 部署 ^^|——|KuberNetes&kubeadm.V07|5台Server|——|kubernetes|集群初始化|镜像下载失败|
一、kubernetes集群初始化
### --- kubernetes集群初始化准备——所有节点
~~~ # kubeadm部署官方地址:
~~~ kubeadm官方地址:https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/high-availability/二、k8s-master01节点创建kubeadm-config.yaml配置文件
### --- k8s-master01节点创建kubeadm-config.yaml配置文件
~~~ Master01:(# 注意,如果不是高可用集群,192.168.1.20:16443改为master01的地址,
~~~ # 16443改为apiserver的端口,默认是6443,
~~~ # 注意更改v1.18.5自己服务器kubeadm的版本:kubeadm version)### --- 创建kubeadm-config.yaml配置文件
[root@k8s-master01 kubeadm]# cat kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: 7t2weq.bjbawausm0jaxury
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168.1.11
bindPort: 6443
nodeRegistration:
criSocket: /var/run/dockershim.sock
name: k8s-master01
taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master
---
apiServer:
certSANs:
- 192.168.1.20
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: 192.168.1.20:16443
controllerManager: {}
dns:
type: CoreDNS
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: v1.21.2
networking:
dnsDomain: cluster.local
podSubnet: 172.168.0.0/12
serviceSubnet: 10.96.0.0/12
scheduler: {}~~~ # 注意:
controlPlaneEndpoint: 192.168.1.20:16443 // 若是公司没有高可用集群,直接改为master01的地址
podSubnet: 172.168.0.0/12 // pod的网段
serviceSubnet: 10.96.0.0/12 // service的网段,若是和公司有冲突,尽量去改一下。### --- 更新kubeadm配置版本为最新版本
~~~ # kubeadm版本安装,可能官网版本已经更新,所以需要把file文件转换一下;与当前版本对应。
[root@k8s-master01 ~]# kubeadm config migrate --old-config kubeadm-config.yaml --new-config new.yaml
[root@k8s-master01 ~]# ll
-rw-r--r-- 1 root root 976 Apr 10 21:09 new.yaml~~~ # 查看kubernetes版本号
~~~ 注:若是版本不一致,需要更改kubeadm文件的版本号
[root@k8s-master01 ~]# kubectl version
Client Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.2", GitCommit:"092fbfbf53427de67cac1e9fa54aaa09a28371d7", GitTreeState:"clean", BuildDate:"2021-06-16T12:59:11Z", GoVersion:"go1.16.5", Compiler:"gc", Platform:"linux/amd64"}
The connection to the server localhost:8080 was refused - did you specify the right host or port?~~~ # 若是版本不一致更当前版本号
[root@k8s-master01 ~]# vim new.yaml
kubernetesVersion: v1.21.2### --- 下载kubeadm部署需要的镜像——所有节点
~~~ # 将new.yaml文件复制到其他master节点,
~~~ 之后所有Master节点提前下载镜像,可以节省初始化时间:所有节点下载镜像
[root@k8s-node02 ~]# kubeadm config images pull --config /root/new.yaml~~~ # 查看下载的镜像
[root@k8s-master01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver v1.21.2 106ff58d4308 3 weeks ago 126MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager v1.21.2 ae24db9aa2cc 3 weeks ago 120MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler v1.21.2 f917b8c8f55b 3 weeks ago 50.6MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy v1.21.2 a6ebd1c1ad98 3 weeks ago 131MB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.4.1 0f8457a4c2ec 5 months ago 683kB
registry.cn-hangzhou.aliyuncs.com/google_containers/coredns 1.8.0 296a6d5035e2 8 months ago 42.5MB
registry.cn-hangzhou.aliyuncs.com/google_containers/coredns v1.8.0 296a6d5035e2 8 months ago 42.5MB
registry.cn-hangzhou.aliyuncs.com/google_containers/etcd 3.4.13-0 0369cf4303ff 10 months ago 253MB### --- 设置kubelet开机自启动——所有节点
~~~ (如果启动失败无需管理,初始化成功以后即可启动)
[root@k8s-master01 ~]# systemctl enable --now kubelet 附录一: 镜像下载失败解决方案
### --- 镜像下载失败解决方案——可不执行
~~~ # coredns下载失败解决方案一:
[root@k8s-master01 ~]# docker pull coredns/coredns:1.2.6
[root@k8s-master01 ~]# docker tag coredns/coredns:1.2.6 mirrorgooglecontainers/coredns:1.2.6
[root@k8s-master01 ~]# docker rmi coredns/coredns:1.2.6~~~ # coredns下载失败解决方案二:
[root@k8s-master01 ~]# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.8.0
[root@k8s-master02 ~]# docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.8.0 registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:v1.8.0
[root@k8s-master01 ~]# docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.8.0三、kubernetes集群初始化——k8s-master01
### --- kubernetes初始化说明
~~~ 初始化以后会在/etc/kubernetes目录下生成对应的证书和配置文件,
~~~ 之后其他Master节点加入Master01即可:### --- k8s-master01节点初始化
~~~ # kubernetes集群初始化:k8s-master01节点
~~~ 注:警告可以忽略
~~~ 注、初始化成功以后,会产生Token值,用于其他节点加入时使用,因此要记录下初始化成功生成的token值(令牌值):
[root@k8s-master01 ~]# kubeadm init --config /root/new.yaml --upload-certs
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of the control-plane node running the following command on each as root:
kubeadm join 192.168.1.20:16443 --token 7t2weq.bjbawausm0jaxury \
--discovery-token-ca-cert-hash sha256:c09f2051501a53aaa1e158959d69d4be655d4f475c28c81b5895baddfbd59bf9 \
--control-plane --certificate-key a0243e918b3ae96789f2b2b187e8f18c6d2a8126a366d9e3a06265c8a1537295
Please note that the certificate-key gives access to cluster sensitive data, keep it secret!
As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use
"kubeadm init phase upload-certs --upload-certs" to reload certs afterward.
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.1.20:16443 --token 7t2weq.bjbawausm0jaxury \
--discovery-token-ca-cert-hash sha256:c09f2051501a53aaa1e158959d69d4be655d4f475c28c81b5895baddfbd59bf9 ~~~ # 集群初始化参数说明
[root@k8s-master01 ~]# kubeadm init --config /root/new.yaml --upload-certs
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
export KUBECONFIG=/etc/kubernetes/admin.conf
~~~ 注:配置环境变量;用于访问kubernetes集群
kubeadm join 192.168.1.20:16443 --token 7t2weq.bjbawausm0jaxury \
--discovery-token-ca-cert-hash sha256:c09f2051501a53aaa1e158959d69d4be655d4f475c28c81b5895baddfbd59bf9 \
--control-plane --certificate-key a0243e918b3ae96789f2b2b187e8f18c6d2a8126a366d9e3a06265c8a1537295
~~~ 注:用于将其它k8s-master节注册入到kubernetes集群中
kubeadm join 192.168.1.20:16443 --token 7t2weq.bjbawausm0jaxury \
--discovery-token-ca-cert-hash sha256:c09f2051501a53aaa1e158959d69d4be655d4f475c28c81b5895baddfbd59bf9
~~~ 注:用于将其它k8s-node节点注册到kubernetes集群中### --- 初始化失败解决方案;执行下列操作后再次初始化
~~~ # 初始化失败进行的操作。
[root@k8s-master01 ~]# kubeadm reset -f ; ipvsadm --clear ; rm -rf ~/.kube### --- 配置环境变量,用于访问kubernetes集群
~~~ # 配置环境变量
[root@k8s-master01 ~]# cat <<EOF >> /root/.bashrc
export KUBECONFIG=/etc/kubernetes/admin.conf
EOF
source /root/.bashrc### --- 查看节点状态:
~~~ # 查看k8s-master01是否加入到集群中
[root@k8s-master01 ~]# kubectl get node -owide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
k8s-master01 NotReady control-plane,master 6m28s v1.21.2 192.168.1.11 <none> CentOS Linux 7 (Core) 4.19.12-1.el7.elrepo.x86_64 docker://19.3.15~~~ # 查看创建的kubernetes.service
[root@k8s-master01 ~]# kubectl get service -owide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 7m1s <none>### --- 采用初始化安装方式,所有的系统组件均以容器的方式运行并且在kube-system命名空间内,此时可以查看Pod状态:
~~~ # 查看组件目录
[root@k8s-master01 ~]# ls /etc/kubernetes/manifests/
etcd.yaml kube-apiserver.yaml kube-controller-manager.yaml kube-scheduler.yaml~~~ # 查看生成的pod
[root@k8s-master01 ~]# kubectl get po -n kube-system -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-6f6b8cc4f6-72xlp 0/1 Pending 0 7m8s <none> <none> <none> <none>
coredns-6f6b8cc4f6-8xjzf 0/1 Pending 0 7m8s <none> <none> <none> <none>
etcd-k8s-master01 1/1 Running 0 7m6s 192.168.1.11 k8s-master01 <none> <none>
kube-apiserver-k8s-master01 1/1 Running 0 7m14s 192.168.1.11 k8s-master01 <none> <none>
kube-controller-manager-k8s-master01 1/1 Running 0 7m6s 192.168.1.11 k8s-master01 <none> <none>
kube-proxy-nq598 1/1 Running 0 7m8s 192.168.1.11 k8s-master01 <none> <none>
kube-scheduler-k8s-master01 1/1 Running 0 7m6s 192.168.1.11 k8s-master01 <none> <none>~~~ # 查看已生成的service
[root@k8s-master01 ~]# kubectl get service -n kube-system -owide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 18m k8s-app=kube-dns
Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart
——W.S.Landor
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 无需6万激活码!GitHub神秘组织3小时极速复刻Manus,手把手教你使用OpenManus搭建本
· Manus爆火,是硬核还是营销?
· 终于写完轮子一部分:tcp代理 了,记录一下
· 别再用vector<bool>了!Google高级工程师:这可能是STL最大的设计失误
· 单元测试从入门到精通