zoukankan      html  css  js  c++  java
  • kubeadm安装k8s-1.18.18

    资源准备

    角色主机名ip系统
    master m8s-master01 192.168.219.160 CentOS 7.9.2009
    node m8s-node01 192.168.219.164 CentOS 7.9.2009

    软件信息

    软件版本
    docker 19.03.11
    kubernetes 1.18.18

    一、安装docker

    官方文档配置推荐

    Install required packages

    [root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2

    Add the Docker repository

    [root@localhost ~]# yum-config-manager --add-repo 
      https://download.docker.com/linux/centos/docker-ce.repo

    Install Docker CE

    [root@localhost ~]# yum update -y && yum install -y 
      containerd.io-1.2.13 
      docker-ce-19.03.11 
      docker-ce-cli-19.03.11

    Create /etc/docker

    [root@localhost ~]# mkdir /etc/docker

    Set up the Docker daemon

    [root@localhost ~]# cat > /etc/docker/daemon.json <<EOF
    {
      "exec-opts": ["native.cgroupdriver=systemd"],
      "log-driver": "json-file",
      "log-opts": {
        "max-size": "100m"
      },
      "storage-driver": "overlay2",
      "storage-opts": [
        "overlay2.override_kernel_check=true"
      ]
    }
    EOF

    添加docker加速器

    [root@localhost ~]# vim /etc/docker/daemon.json

    在最后加上
    "registry-mirrors": ["https://n0k07cz2.mirror.aliyuncs.com"]

    [root@localhost ~]# cat /etc/docker/daemon.json

    输出如下

    {
      "exec-opts": ["native.cgroupdriver=systemd"],
      "log-driver": "json-file",
      "log-opts": {
        "max-size": "100m"
      },
      "storage-driver": "overlay2",
      "storage-opts": [
        "overlay2.override_kernel_check=true"
      ],
      "registry-mirrors": ["https://n0k07cz2.mirror.aliyuncs.com"]
    }

    Restart Docker

    [root@localhost ~]# systemctl daemon-reload
    [root@localhost ~]# systemctl restart docker

    二、系统配置(master、node节点)

    1、关闭防火墙

    [root@localhost ~]# systemctl stop firewalld

    2、设置主机名

    k8s-master01

    [root@localhost ~]# hostnamectl set-hostname k8s-master01

    k8s-node01

    [root@localhost ~]# hostnamectl set-hostname k8s-node01

    3、修改主机名(可省略,方便记忆)

    [root@k8s-master01 ~]# vim /etc/hosts
    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    
    192.168.219.160 k8s-master01
    192.168.219.164 k8s-node01

    4、关闭swap分区

    [root@k8s-master01 ~]# swapoff -a
    [root@k8s-master01 ~]# vi /etc/fstab
    #
    # /etc/fstab
    # Created by anaconda on Thu Apr  1 06:39:41 2021
    #
    # Accessible filesystems, by reference, are maintained under '/dev/disk'
    # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
    #
    /dev/mapper/centos-root /                       xfs     defaults        0 0
    UUID=8bb2a63e-0853-417f-8c2d-c231588e4b07 /boot                   xfs     defaults        0 0
    /dev/mapper/centos-home /home                   xfs     defaults        0 0
    # 注释swap相关信息
    # /dev/mapper/centos-swap swap                    swap    defaults        0 0

    5、流量转发

    参考官网

    Setup required sysctl params, these persist across reboots.

    [root@k8s-master01 ~]# cat > /etc/sysctl.d/k8s.conf <<EOF
    net.bridge.bridge-nf-call-iptables  = 1
    net.ipv4.ip_forward                 = 1
    net.bridge.bridge-nf-call-ip6tables = 1
    EOF

    Apply sysctl params without reboot

    [root@k8s-master01 ~]# sysctl --system

    6、新增阿里yum源,这里是Centos 7系统

    [root@k8s-master01 ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

    7、同步时间

    centos6我们一直用的ntp时间服务器,虽然到CentOS7上也可以装ntp。但是各种问题。所以建议centos7使用chrony同步工具

    [root@k8s-master01 ~]# yum install chrony -y
    [root@k8s-master01 ~]# systemctl enable chronyd
    [root@k8s-master01 ~]# systemctl start chronyd
    [root@k8s-master01 ~]# chronyc sources

    三、kubectl、kubelet、 kubeadm安装(master、node节点)

    1、添加阿里kubernetes源信息

    [root@k8s-master01 ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
    [kubernetes]
    name=Kubernetes
    baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
    enabled=1
    gpgcheck=1
    repo_gpgcheck=1
    gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
    EOF

    2、安装

    [root@k8s-master01 ~]# yum -y install kubectl-1.18.18 kubelet-1.18.18 kubeadm-1.18.18

    3、设置kubectl开机自启动

    [root@k8s-master01 ~]# systemctl enable kubelet.service

    四、Kubernetes主节点安装

    1、获取安装文件yml

    [root@k8s-master01 ~]# kubeadm config print init-defaults --kubeconfig ClusterConfiguration > kubeadm.yml

    2、修改安装配置文件

    [root@master01 ~]# vi kubeadm.yml
    

    修改一下注释内容

    apiVersion: kubeadm.k8s.io/v1beta2
    bootstrapTokens:
    - groups:
      - system:bootstrappers:kubeadm:default-node-token
      token: abcdef.0123456789abcdef
      ttl: 24h0m0s
      usages:
      - signing
      - authentication
    kind: InitConfiguration
    localAPIEndpoint:
      # 修改主节点IP
      advertiseAddress: 192.168.219.160
      bindPort: 6443
    nodeRegistration:
      criSocket: /var/run/dockershim.sock
      name: test1
      taints:
      - effect: NoSchedule
        key: node-role.kubernetes.io/master
    ---
    apiServer:
      timeoutForControlPlane: 4m0s
    apiVersion: kubeadm.k8s.io/v1beta2
    certificatesDir: /etc/kubernetes/pki
    clusterName: kubernetes
    controllerManager: {}
    dns:
      type: CoreDNS
    etcd:
      local:
        dataDir: /var/lib/etcd
    # 国内不能访问 Google,修改为阿里云
    imageRepository: registry.aliyuncs.com/google_containers
    kind: ClusterConfiguration
    # 修改为对应的k8s版本
    kubernetesVersion: v1.18.18
    networking:
      dnsDomain: cluster.local
      serviceSubnet: 10.96.0.0/12
    scheduler: {}

    3、可以查看所需镜像

    [root@k8s-master01 ~]# kubeadm config images list --config kubeadm.yml

    输出一下信息

    W0610 02:42:29.980212   83223 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
    registry.aliyuncs.com/google_containers/kube-apiserver:v1.18.18
    registry.aliyuncs.com/google_containers/kube-controller-manager:v1.18.18
    registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.18
    registry.aliyuncs.com/google_containers/kube-proxy:v1.18.18
    registry.aliyuncs.com/google_containers/pause:3.2
    registry.aliyuncs.com/google_containers/etcd:3.4.3-0
    registry.aliyuncs.com/google_containers/coredns:1.6.7

    4、拉取镜像,静等10来分钟,具体快和慢和网络相关

    [root@k8s-master01 ~]# kubeadm config images pull --config kubeadm.yml

    5、安装主节点

    [root@k8s-master01 ~]# kubeadm init --config=kubeadm.yml --upload-certs | tee kubeadm-init.log

    说明 :

    • init 命令是初始化
    • --upload-certs参数可以在后续执行加入节点时自动分发证书文件
    • tee kubeadm-init.log 用以输出日志

    注意:
    安装 kubernetes 版本和下载的镜像版本不统一则会出现
    timed out waiting for the condition 错误。
    想修改配置可以使用 kubeadm reset 命令重置配置,
    重新初始化操作即可。

    安装成功
    image.png

    6、配置 kubectl

    [root@k8s-master01 ~]# mkdir -p $HOME/.kube
    [root@k8s-master01 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
    [root@k8s-master01 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config

    验证是否成功

    [root@k8s-master01 ~]# kubectl get nodes

    显示如下信息

    NAME                 STATUS     ROLES    AGE   VERSION
    k8s-master01         NotReady   master   11m   v1.18.18

    五、安装从节点

    1、加入节点到集群

    在node节点上执行

    [root@k8s-master01 ~]# kubeadm join 192.168.219.129:6443 --token abcdef.0123456789abcdef 
        --discovery-token-ca-cert-hash sha256:6dad4602dd288cbfbc952e3a9db40ee192ae8c4229479d60b330c95940131c06

    节点验证
    返回主节点查看

    [root@k8s-master01 ~]# kubectl get nodes

    输出如下

    NAME           STATUS      ROLES    AGE     VERSION
    k8s-master01   NotReady    master   40m     v1.18.18
    k8s-node01     NotReady    <none>   5m15s   v1.18.18

    这里的STATUS是NotReady因为coredns,需要安装网络插件
    在master节点上查看 Pods 状态

    [root@k8s-master01 ~]# kubectl get pods -n kube-system -o wide

    输出如下

    NAME                                     READY   STATUS    RESTARTS   AGE   IP                NODE           NOMINATED NODE   READINESS GATES
    coredns-7ff77c879f-94wq9                 1/1     Running   0          24h   192.168.32.129    k8s-master01   <none>           <none>
    coredns-7ff77c879f-kg4gd                 0/1     Running   0          24h   192.168.85.194    k8s-node01     <none>           <none>
    etcd-k8s-master01                        1/1     Running   0          24h   192.168.219.160   k8s-master01   <none>           <none>
    kube-apiserver-k8s-master01              1/1     Running   0          24h   192.168.219.160   k8s-master01   <none>           <none>
    kube-controller-manager-k8s-master01     1/1     Running   1          24h   192.168.219.160   k8s-master01   <none>           <none>
    kube-proxy-qwbpg                         1/1     Running   0          24h   192.168.219.160   k8s-master01   <none>           <none>
    kube-proxy-t92jc                         1/1     Running   0          24h   192.168.219.164   k8s-node01     <none>           <none>
    kube-scheduler-k8s-master01              1/1     Running   1          24h   192.168.219.160   k8s-master01   <none>           <none>

    六、网络插件安装

    在使用使用容器的时候,只是提供一个CNI(Container Network Interface) 标准的通用的接口,容器网络解决方案 flannel,calico,Canal,weave,使用这些解决方案可以满足该协议的所有容器平台提供网络功能。
    Calico链接 https://docs.projectcalico.or...
    Flannel链接 https://github.com/coreos/fla...
    Weave链接 https://www.weave.works/oss/net/
    Canal 链接 https://github.com/projectcal...
    我这里使用的是calico,因为支持网络策略、支持服务网格Istio集成
    官方的安装文档:https://docs.projectcalico.or...

    1、获取yml文档

    [root@k8s-master01 ~]# wget https://docs.projectcalico.org/v3.18/manifests/calico.yaml

    2、安装calico.yml

    [root@k8s-master01 ~]# kubectl apply -f calico.yaml

    验证安装是否成功

    [root@k8s-master01 ~]# kubectl get pods --all-namespaces

    输出如下

    NAMESPACE     NAME                                     READY   STATUS    RESTARTS   AGE
    kube-system   calico-kube-controllers-545578d5-dmzsj   1/1     Running   0          24m
    kube-system   calico-node-rmq5x                        1/1     Running   0          24m
    kube-system   calico-node-v89vb                        1/1     Running   0          24m
    kube-system   coredns-7ff77c879f-94wq9                 1/1     Running   0          56m
    kube-system   coredns-7ff77c879f-kg4gd                 0/1     Running   0          56m
    kube-system   etcd-k8s-master01                        1/1     Running   0          56m
    kube-system   kube-apiserver-k8s-master01              1/1     Running   0          56m
    kube-system   kube-controller-manager-k8s-master01     1/1     Running   1          56m
    kube-system   kube-proxy-qwbpg                         1/1     Running   0          56m
    kube-system   kube-proxy-t92jc                         1/1     Running   0          56m
    kube-system   kube-scheduler-k8s-master01              1/1     Running   1          56m

    3、查看 nodes状态

    [root@k8s-master01 ~]# kubectl get nodes

    显示STATUS -Ready代表网络已经组成
    输出如下

    NAME           STATUS   ROLES    AGE   VERSION
    k8s-master01   Ready    master   24h   v1.18.18
    k8s-node01     Ready    <none>   24h   v1.18.18

    七、容器部署

    这里需要注意的是,之前使用 --replicas方式已经不推荐使用了
    Flag --replicas has been deprecated, has no effect and will be removed in the future.
    在K8S v1.18.0以后,–replicas已弃用 ,推荐用 deployment 创建 pods。
    我这里使用nginx-1.18.0容器,作为示例

    [root@k8s-master01 ~]# vi nginx-deployment.yaml

    内容如下:

    apiVersion: apps/v1         #指定api版本,此值必须在kubectl apiversion中 
    kind: Deployment            # 指定创建资源的角色/类型  
    metadata:                   #资源的元数据/属性
      name: nginx-deployment    #资源的名字,在同一个namespace中必须唯一  
      labels:                   #设定资源的标签
        app: nginx
    spec:                       #指定该资源的内容 
      replicas: 1               #创建1个nginx容器 
      selector:                 #节点选择
        matchLabels:
          app: nginx             
      template:
        metadata:
          labels:
            app: nginx           #设定资源的标签
        spec:
          containers:
          - name: nginx             #容器的名字
            image: nginx:1.18.0     #容器使用的镜像地址  
            ports:
            - containerPort: 80     #容器开发对外的端口
    ---
    apiVersion: v1               # API 版本号
    kind: Service                # 类型,如:Pod/ReplicationController/Deployment/Service/Ingress
    metadata:                    # 元数据
      name: nginx-deployment     # Kind 的名称
    spec:
      ports:  
        - port: 80               # Service 暴露的端口
          targetPort: 80         # Pod 上的端口,这里是将 Service 暴露的端口转发到 Pod 端口上
      type: LoadBalancer         # 类型
      selector:                  # 标签选择器
        app: nginx               # 需要和上面部署的 Deployment 标签名对应

    1、容器部署发布

    [root@k8s-master01 ~]# kubectl apply -f nginx-deployment.yaml

    2、查看pods

    [root@k8s-master01 ~]# kubectl get pods

    显示如下

    NAME                                READY   STATUS    RESTARTS   AGE
    nginx-deployment-75ddd4d4b4-6gtx5   1/1     Running   0          26h

    3、查看deployment

    [root@k8s-master01 ~]# kubectl get deployments

    显示如下

    NAME               READY   UP-TO-DATE   AVAILABLE   AGE
    nginx-deployment   1/1     1            1           26h

    4、查看service

    [root@k8s-master01 ~]# kubectl get services

    显示如下

    NAME               TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
    kubernetes         ClusterIP      10.96.0.1        <none>        443/TCP        27h
    nginx-deployment   LoadBalancer   10.100.103.238   <pending>     80:32234/TCP   26h

    验证服务
    访问:http://192.168.219.160:32234/
    image.png

    5、查看资源对象详情

    如:service、pod、deployment等

    [root@k8s-master01 ~]# kubectl describe service nginx-deployment

    6、服务删除

    [root@k8s-master01 ~]# kubectl delete -f nginx-deployment.yaml

    参考

    https://blog.csdn.net/qq_3241...
    https://cloud.tencent.com/dev...

  • 相关阅读:
    SQL Server Audit监控触发器状态
    SQL Server 数据变更时间戳(timestamp)在复制中的运用
    SQL Server 更改跟踪(Chang Tracking)监控表数据
    SQL Server 变更数据捕获(CDC)监控表数据
    SQL Server 事件通知(Event notifications)
    SQL Server 堆表行存储大小(Record Size)
    SQL Server DDL触发器运用
    SQL Server 默认跟踪(Default Trace)
    SQL Server 创建数据库邮件
    SQL Server 跨网段(跨机房)FTP复制
  • 原文地址:https://www.cnblogs.com/netflix/p/14965581.html
Copyright © 2011-2022 走看看