zoukankan      html  css  js  c++  java
  • kubernetes实战001 kubeadm安装k8s

    1. 环境初始化

    centos7

    # 配置国内kubernetes yum源
    cat > /etc/yum.repos.d/kubernetes.repo << EOF
    [kubernetes]
    name=Kubernetes Repositry
    baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
    enabled=1
    gpgcheck=0
    EOF
    
    # 关闭防火墙
    systemctl stop firewalld && systemctl disable firewalld
    iptables -F && iptables -X && iptables -F -t nat && iptables -X -t nat && iptables -P FORWARD ACCEPT
    
    # 关闭selinux
    setenforce 0
    sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
    
    # 关闭swap
    swapoff -a
    sed -i '/ swap / s/^(.*)$/#1/g' /etc/fstab
    
    # 加载内核模块
    modprobe br_netfilter
    modprobe ip_vs
    modprobe ip_vs_rr
    modprobe ip_vs_wrr
    modprobe ip_vs_sh
    modprobe nf_conntrack_ipv4
    
    cat > /etc/sysconfig/modules/ipvs.modules <<EOF
    #!/bin/bash
    modprobe -- ip_vs
    modprobe -- ip_vs_rr
    modprobe -- ip_vs_wrr
    modprobe -- ip_vs_sh
    modprobe -- nf_conntrack_ipv4
    modprobe -- br_netfilter
    EOF
    
    chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules
    
    
    # 设置内核参数
    cat << EOF | tee /etc/sysctl.d/k8s.conf
    net.bridge.bridge-nf-call-iptables=1
    net.bridge.bridge-nf-call-ip6tables=1
    net.ipv4.ip_forward=1
    net.ipv4.tcp_tw_recycle=0
    vm.swappiness=0
    vm.overcommit_memory=1
    vm.panic_on_oom=0
    fs.inotify.max_user_watches=89100
    fs.file-max=52706963
    fs.nr_open=52706963
    net.ipv6.conf.all.disable_ipv6=1
    net.netfilter.nf_conntrack_max=2310720
    EOF
    sysctl -p /etc/sysctl.d/k8s.conf
    
    # 配置主机名解析
    echo -e "$(hostname -i)	$(hostname)" >> /etc/hosts
    
    # 国内docker源
    wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo && mv docker-ce.repo /etc/yum.repos.d/
    
    # 安装相关依赖包
    yum clean all && yum makecache fast
    yum install -y conntrack ipvsadm ipset jq sysstat curl iptables libseccomp chrony
    
    # 设置时区
    timedatectl set-timezone "Asia/Shanghai"
    
    # 时间同步
    systemctl start chronyd && systemctl enable chronyd
    
    # 安装docker
    yum install docker-ce-18.06.2.ce -y
    
    # 安装kubeadm
    yum install kubelet-1.14.0 kubeadm-1.14.0 kubectl-1.14.0 --disableexcludes=kubernetes -y
    
    
    # docker配置及服务启动
    cat > /etc/docker/daemon.json <<EOF
    {
      "registry-mirrors":["https://registry.docker-cn.com"],
      "exec-opts": ["native.cgroupdriver=systemd"],
      "log-driver": "json-file",
      "log-opts": {
        "max-size": "100m"
      },
      "storage-driver": "overlay2",
      "storage-opts": [
        "overlay2.override_kernel_check=true"
      ]
    }
    EOF
    systemctl daemon-reload && systemctl restart docker
    
    # 启动kubelet
    systemctl start kubelet && systemctl enable kubelet
    

    2. 单节点master-node

    2.1 master节点

    # 生成初始化配置文件
    mkdir /ops-data && cd /ops-data
    kubeadm config print init-defaults > init.default.yaml
    cat > init.default.yaml << EOF
    apiVersion: kubeadm.k8s.io/v1beta1
    bootstrapTokens:
    - groups:
      - system:bootstrappers:kubeadm:default-node-token
      token: abcdef.0123456789abcdef
      ttl: 24h0m0s
      usages:
      - signing
      - authentication
    kind: InitConfiguration
    localAPIEndpoint:
      advertiseAddress: 192.168.30.60
      bindPort: 6443
    nodeRegistration:
      criSocket: /var/run/dockershim.sock
      name: kubeadm-node1
      taints:
      - effect: NoSchedule
        key: node-role.kubernetes.io/master
    ---
    apiServer:
      timeoutForControlPlane: 4m0s
    apiVersion: kubeadm.k8s.io/v1beta1
    certificatesDir: /etc/kubernetes/pki
    clusterName: kubernetes
    controlPlaneEndpoint: ""
    controllerManager: {}
    dns:
      type: CoreDNS
    etcd:
      local:
        dataDir: /var/lib/etcd
    imageRepository: docker.io/dustise
    kind: ClusterConfiguration
    kubernetesVersion: v1.14.0
    networking:
      dnsDomain: cluster.local
      podSubnet: "10.244.0.0/16"
      serviceSubnet: 10.96.0.0/12
    scheduler: {}
    EOF
    
    # 下载镜像
    kubeadm config images pull --config=init.default.yaml
    
    # 初始化集群
    kubeadm init --config=init.default.yaml
    
    # 配置kubectl
    mkdir -p $HOME/.kube
    sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
    sudo chown $(id -u):$(id -g) $HOME/.kube/config
    
    # 安装网络插件calico
    kubectl apply -f https://docs.projectcalico.org/v3.7/manifests/calico.yaml
    
    # 修改kube-proxy使用ipvs
    kubectl get configmap kube-proxy -n kube-system -o yaml > kube-proxy-configmap.yaml
    sed -i 's/mode: ""/mode: "ipvs"/' kube-proxy-configmap.yaml
    kubectl apply -f kube-proxy-configmap.yaml
    

    2.2 Node节点

    # node 加入集群
    kubeadm join 192.168.30.60:6443 --token abcdef.0123456789abcdef 
        --discovery-token-ca-cert-hash sha256:e1ef4b5294184b0c989ae4bf8d9f59d03d5cae3369296fe777fad3183035f44a
        
    # 修改kubelet cgroup diver为systemd
    sed -i 's/cgroupfs/systemd/g' /var/lib/kubelet/kubeadm-flags.env
    systemctl daemon-reload && systemctl retart kubelet
    

    2.3 验证

    kubectl get cs
    kubectl get nodes
    kubectl get pod --all-namespaces
    kubectl --namespace kube-system describe pod <pod-names>
    
  • 相关阅读:
    spark 读取mongodb失败,报executor time out 和GC overhead limit exceeded 异常
    在zepplin 使用spark sql 查询mongodb的数据
    Unable to query from Mongodb from Zeppelin using spark
    spark 与zepplin 版本兼容
    kafka 新旧消费者的区别
    kafka 新生产者发送消息流程
    spark ui acl 不生效的问题分析
    python中if __name__ == '__main__': 的解析
    深入C++的new
    NSSplitView
  • 原文地址:https://www.cnblogs.com/drfung/p/11850935.html
Copyright © 2011-2022 走看看