银河麒麟系统V10安装k8s环境
=========================环境准备1-15=========================
1、各节点主机名设置
hostnamectl set-hostname master01
hostnamectl set-hostname worker01
2、主机ip地址配置内容(vim /etc/sysconfig/network-scripts/ifcfg-ens33)
TYPE="Ethernet" PROXY_METHOD="none" BROWSER_ONLY="no" BOOTPROTO="none" DEFROUTE="yes" IPV4_FAILURE_FATAL="no" IPV6INIT="yes" IPV6_AUTOCONF="yes" IPV6_DEFROUTE="yes" IPV6_FAILURE_FATAL="no" IPV6_ADDR_GEN_MODE="stable-privacy" NAME="ens33" DEVICE="ens33" ONBOOT="yes" #本机节点ip IPADDR="172.31.192.66" PREFIX="24" #网关ip GATEWAY="172.31.192.126" DNS1="8.8.8.8"
3、主机名与IP地址解析
# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.31.192.66 master01 172.31.192.67 worker01
4、关闭防火墙
#关闭防火墙
#服务开机不自启
systemctl disable firewalld
#立即停止服务运行
systemctl stop firewalld
#查看防火墙状态
firewall-cmd --state
5、修改SELINUX配置
sed -ri 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
6、crontab -e增加时间同步配置
0 */1 * * * /usr/sbin/ntpdate time1.aliyun.com
7、crotab -l 查看时间同步配置
8、vim /etc/sysctl.d/k8s.conf添加网桥过滤及内核转发配置文件
net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 vm.swappiness = 0
9、加载br_netfilter模块
modprobe br_netfilter
10、lsmod | grep br_netfilter 查看是否加载
11、yum -y install ipset ipvsadm 安装ipset及ipvsadm
如果出现安装错误,ls /etc/yum.repos.d/查看是否有多个 .repo文件,如果是,则把除kylin_x86_64.repo以外的文件,重命名后缀为.repo.bak,安装成功后,再把缀名修改回来
[jcroot@master01 ~]$ sudo yum -y install ipset ipvsadm Docker CE Stable - x86_64 441 B/s | 2.3 kB 00:05 Errors during downloading metadata for repository 'docker-ce-stable': - Status code: 404 for https://mirrors.aliyun.com/docker-ce/linux/centos/10/x86_64/stable/repodata/repomd.xml (IP: 111.51.68.230) Error: Failed to download metadata for repo 'docker-ce-stable': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
12、vim /etc/sysconfig/modules/ipvs.modules配置ipvsadm模块加载方式 ,添加需要加载的模块
#!/bin/bash modprobe -- ip_vs modprobe -- ip_vs_rr modprobe -- ip_vs_wrr modprobe -- ip_vs_sh modprobe -- nf_conntrack
13、授权、运行、检查是否加载
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack
14、关闭swap分区
14.1、临时关闭分区
swapoff -a
14.2、vim /etc/fstab 永远关闭swap分区,需要重启操作系统
#centos注释/etc/fstab内容 #/dev/mapper/centos-swap swap swap defaults 0 0
#麒麟系统注释/etc/fstab内容 #/dev/mapper/klas-swap none swap defaults 0 0
=========================安装docker=========================
1、https://www.cnblogs.com/yulongzhang/p/18509075
=========================安装kubenetes=========================
[kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
2、查看指定版本
# yum list kubeadm.x86_64 --showduplicates | sort -r # yum list kubelet.x86_64 --showduplicates | sort -r # yum list kubectl.x86_64 --showduplicates | sort -r
3、yum安装指定版本
yum -y install kubeadm-1.23.6-0 kubelet-1.23.6-0 kubectl-1.23.6-0
4、配置kubelet(vim /etc/sysconfig/kubelet,目前没有配置也没出问题)
#为了实现docker使用的cgroupdriver与kubelet使用的cgroup的一致性,建议修改如下文件内容。 KUBELET_EXTRA_ARGS="--cgroup-driver=systemd"
5、设置kubelet为开机自启动即可,由于没有生成配置文件,集群初始化后自动启动
systemctl enable kubelet
6、准备kubenetes镜像
#查看需要哪些镜像 [root@master01 ~]# kubeadm config images list --kubernetes-version=v1.23.6 k8s.gcr.io/kube-apiserver:v1.23.6 k8s.gcr.io/kube-controller-manager:v1.23.6 k8s.gcr.io/kube-scheduler:v1.23.6 k8s.gcr.io/kube-proxy:v1.23.6 k8s.gcr.io/pause:3.6 k8s.gcr.io/etcd:3.5.1-0 k8s.gcr.io/coredns/coredns:v1.8.6
#下载指定版本镜像 kubeadm config images list --kubernetes-version=v1.23.6
注意:如果镜像无法下载可以下载国内以下镜像,再重命名
百度网盘链接:https://pan.baidu.com/s/17n76Hnd0oCUa4vnJhnXguw?pwd=kpjd
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.23.6 registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.23.6 registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.23.6 registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.23.6 registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.1-0 registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.8.6 registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6
7、K8S集群初始化(在master节点上执行)
#pod-network-cidr 每个pod都有一个独立的IP地址,这些ip都是从指定的cidr范围内分配的 #apiserver-advertise-address api服务器对外通告的ip地址,其他组件(kubelet、kubectl)会使用这个地址与api服务器进行通信 kubeadm init --kubernetes-version=v1.23.6 --pod-network-cidr=10.224.0.0/16 --apiserver-advertise-address=172.31.192.66
8、集群应用客户端管理集群文件准备
mkdir -p $HOME/.kube cp -i /etc/kubernetes/admin.conf $HOME/.kube/config chown $(id -u):$(id -g) $HOME/.kube/config ls /root/.kube/
9、安装calico网络
https://pan.baidu.com/s/1X54i-SYQtx6jhoqefAvxzg?pwd=ravo
=========================安装kuboard=========================
参考文章:https://kuboard.cn/install/v3/install-in-k8s.html#%E5%AE%89%E8%A3%85
# 您也可以使用下面的指令,唯一的区别是,该指令使用华为云的镜像仓库替代 docker hub 分发 Kuboard 所需要的镜像 kubectl apply -f https://addons.kuboard.cn/kuboard/kuboard-v3-swr.yaml
访问地址:http://your-node-ip-address:30080
默认账号/密码:admin/Kuboard123
========================= %%%注意%%%%=========================
1、已经初始化的集群,查看加入集群命令和密钥
kubeadm token create --print-join-command
2、移除k8s集群中的节点
#master节点执行操作 #安全地驱逐worker01节点上的所有Pods kubectl drain worker01 --delete-emptydir-data --force --ignore-daemonsets #从集群中彻底移除节点worker01 kubectl delete node worker01 #worker节点执行操作,删除node节点集群信息 kubeadm reset
k8s安装参考文章:
https://blog.csdn.net/weixin_46544841/article/details/140533212
https://blog.csdn.net/qq_40279964/article/details/125430992
calico安装文章:
https://blog.csdn.net/liufengheng010/article/details/131025506?spm=1001.2101.3001.6650.5&utm_medium=distribute.pc_relevant.none-task-blog-2~default~BlogCommendFromBaidu~Rate-5-131025506-blog-140533212.235%5Ev43%5Epc_blog_bottom_relevance_base8&depth_1-utm_source=distribute.pc_relevant.none-task-blog-2~default~BlogCommendFromBaidu~Rate-5-131025506-blog-140533212.235%5Ev43%5Epc_blog_bottom_relevance_base8&utm_relevant_index=10
https://blog.csdn.net/ApexPredator/article/details/135083201
