zoukankan      html  css  js  c++  java
  • kubeadm 安装 k8s 1.15

    配置

    CentOS 7.6 ,内核版本 4.4 以上
    k8s-master01   192.168.31.205
    k8s-node01     192.168.31.206
    k8s-node02     192.168.31.207
    Habor
    

    准备环境 ( 所有节点上操作 )

    ## 根据 IP 来分别设置 hostname
    hostnamectl set-hostname k8s-master01
    hostnamectl set-hostname k8s-node01
    hostnamectl set-hostname k8s-node02
    
    ## 配置 hosts
    cat >> /etc/hosts << EOF
    192.168.31.205 k8s-master01
    192.168.31.206 k8s-node01
    192.168.31.207 k8s-node02
    EOF
    
    ## 安装依赖包
    yum install conntrack ntpdate ipvsadm ipset jq iptables curl sysstat libseccomp wget net-tools git update -y
    
    ## 设置防火墙为 iptables 并设置空规则 
    systemctl stop firewalld && systemctl disable firewalld
    yum install -y iptables-services && systemctl start iptables && systemctl enable iptables && iptables -F && service iptables save
    
    ## 关闭 selinux
    swapoff -a && sed -i '/ swap / s/^(.*)$/#1/g' /etc/fstab
    setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config 
    
    ## 调整内核参数
    modprobe br_netfilter
    
    cat >> /etc/rc.d/rc.local << EOF
    modprobe br_netfilter
    EOF
    
    chmod +x /etc/rc.d/rc.local
    
    cat > kubernetes.conf << EOF
    net.bridge.bridge-nf-call-iptables = 1
    net.bridge.bridge-nf-call-ip6tables = 1
    net.ipv4.ip_forward = 1
    net.ipv4.tcp_tw_recycle = 0
    vm.swappiness = 0
    vm.overcommit_memory = 1
    vm.panic_on_oom = 0
    fs.inotify.max_user_instances = 8192
    fs.inotify.max_user_watches = 1048576
    fs.file-max = 52706963
    fs.nr_open = 52706963
    net.ipv6.conf.all.disable_ipv6 = 1
    net.netfilter.nf_conntrack_max = 2310720
    EOF
    
    cp kubernetes.conf /etc/sysctl.d/
    sysctl -p /etc/sysctl.d/kubernetes.conf 
    
    ## 关闭系统不需要的服务
    systemctl stop postfix && systemctl disable postfix
    
    ## 设置 rsyslogd 和 systemd journald
    mkdir /var/log/journal
    mkdir /etc/systemd/journald.conf.d
    
    cat > /etc/systemd/journald.conf.d/99-prophet.conf << EOF
    [Journal]
    Storage=persistent
    
    Compress=yes
    
    SyncIntervalSec=5m
    RateLimitInterval=30s
    RateLimitBurst=1000
    
    SystemMaxUse=10G
    
    SystemMaxFileSize=200M
    
    MaxRetentionSec=2week
    
    ForwardToSyslog=no
    EOF
    
    systemctl restart systemd-journald
    
    ## 升级系统内核为 4.4
    rpm -Uvh  https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
    yum --enablerepo=elrepo-kernel install -y kernel-lt
    
    ## 查看上面安装的内核版本是什么
    grub2-set-default 'CentOS Linux (4.4.215-1.el7.elrepo.x86_64) 7 (Core)'
    
    reboot
    
    ## 检查是否为 4.4 内核
    uname -r
    
    ## 查看可启动的内核项
    grep menuentry /boot/grub2/grub.cfg
    

    安装 K8S

    kube-proxy 开启 ipvs 的前置条件 ( 所有节点上操作 )

    cat > /etc/sysconfig/modules/ipvs.modules << EOF
    #!/bin/bash
    modprobe -- ip_vs
    modprobe -- ip_vs_rr
    modprobe -- ip_vs_wrr
    modprobe -- ip_vs_sh
    modprobe -- nf_conntrack_ipv4
    EOF
    
    chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod |grep -e ip_vs -e nf_conntrack_ipv4
    

    安装 Docker 软件 ( 所有节点上操作 )

    yum install -y yum-utils device-mapper-persistent-data lvm2
    yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
    yum install -y docker-ce
    
    mkdir /etc/docker
    
    cat > /etc/docker/daemon.json << EOF
    {
      "registry-mirrors": ["http://hub-mirror.c.163.com"],
      "exec-opts": ["native.cgroupdriver=systemd"],
      "log-driver": "json-file",
      "log-opts": {
        "max-size": "100m"
      }
    }
    EOF
    
    mkdir -p /etc/systemd/system/docker.service.d
    
    systemctl daemon-reload && systemctl restart docker && systemctl enable docker
    

    安装 Kubeadm 主从配置 ( k8s-master01 上操作 )

    cat << EOF > /etc/yum.repos.d/kubernetes.repo 
    [kubernetes]
    name=Kubernetes
    baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
    enabled=1
    gpgcheck=0
    repo_gpgcheck=0
    gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
    http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
    EOF
    
    yum install -y kubeadm-1.15.1 kubectl-1.15.1 kubelet-1.15.1
    systemctl enable kubelet.service
    
    ## 初始化主节点
    kubeadm config print init-defaults > kubeadm-config.yaml
    
    vi kubeadm-config.yaml 
    # 修改IP
    advertiseAddress: 192.168.31.205
    # 修改版本
    kubernetesVersion: v1.15.1
    # 在 dnsDomain: cluster.local 下添加
    podSubnet: "10.244.0.0/16"
    # 修改镜像库
    把 imageRepository: k8s.gcr.io 换成
    imageRepository: registry.aliyuncs.com/google_containers
    # 在最后指定 kubeproxy 的工作模式
    ---
    apiVersion: kubeproxy.config.k8s.io/v1alpha1
    kind: KubeProxyConfiguration
    featureGates:
      SupportIPVSProxyMode: true
    mode: ipvs 
    
    kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log
    
    ## 我们可以在 kubeadm-init.log 文件中找到 k8s 集群中的重要信息,保存好这个文件以后备用
    
    ## 配置一个管理账号
    mkdir -p $HOME/.kube
    cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
    chown $(id -u):$(id -g) $HOME/.kube/config
    kubectl get node
    

    部署网络 ( k8s-master01 上操作 )

    mkdir -p /usr/local/install-k8s/{core,plugin}
    mv kubeadm-config.yaml kubeadm-init.log /usr/local/install-k8s/core/
    cd /usr/local/install-k8s/plugin
    mkdir flannel && cd flannel/
    wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
    kubectl create -f kube-flannel.yml
    kubectl get pod -n kube-system
    

    node 节点加入集群 ( 在 node 节点上操作 )

    cat << EOF > /etc/yum.repos.d/kubernetes.repo 
    [kubernetes]
    name=Kubernetes
    baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
    enabled=1
    gpgcheck=0
    repo_gpgcheck=0
    gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
    http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
    EOF
    
    yum install -y kubeadm-1.15.1 kubectl-1.15.1 kubelet-1.15.1
    systemctl enable kubelet.service
    
    kubeadm join 192.168.31.205:6443 --token abcdef.0123456789abcdef 
        --discovery-token-ca-cert-hash sha256:86f649df69f361692a9ba4e3dde7746c61107a0eeadce61c0d485b911cf64fff 
    

    检查状态( k8s-master01 上操作 )

    kubectl get node
    kubectl get pod -n kube-system -o wide
    
  • 相关阅读:
    171. Excel Sheet Column Number (Easy)
    349. Intersection of Two Arrays (Easy)
    453. Minimum Moves to Equal Array Elements (Easy)
    657. Judge Route Circle (Easy)
    CSS笔记
    保存页面状态
    UI开发总结
    ubuntu 下配置munin
    反向代理配置
    JavaScript 高级程序设计第二版
  • 原文地址:https://www.cnblogs.com/klvchen/p/12373232.html
Copyright © 2011-2022 走看看