zoukankan      html  css  js  c++  java
  • kubeadm安装k8s-1.18.18

    资源准备

    角色主机名ip系统
    master m8s-master01 192.168.219.160 CentOS 7.9.2009
    node m8s-node01 192.168.219.164 CentOS 7.9.2009

    软件信息

    软件版本
    docker 19.03.11
    kubernetes 1.18.18

    一、安装docker

    官方文档配置推荐

    Install required packages

    [root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2

    Add the Docker repository

    [root@localhost ~]# yum-config-manager --add-repo 
      https://download.docker.com/linux/centos/docker-ce.repo

    Install Docker CE

    [root@localhost ~]# yum update -y && yum install -y 
      containerd.io-1.2.13 
      docker-ce-19.03.11 
      docker-ce-cli-19.03.11

    Create /etc/docker

    [root@localhost ~]# mkdir /etc/docker

    Set up the Docker daemon

    [root@localhost ~]# cat > /etc/docker/daemon.json <<EOF
    {
      "exec-opts": ["native.cgroupdriver=systemd"],
      "log-driver": "json-file",
      "log-opts": {
        "max-size": "100m"
      },
      "storage-driver": "overlay2",
      "storage-opts": [
        "overlay2.override_kernel_check=true"
      ]
    }
    EOF

    添加docker加速器

    [root@localhost ~]# vim /etc/docker/daemon.json

    在最后加上
    "registry-mirrors": ["https://n0k07cz2.mirror.aliyuncs.com"]

    [root@localhost ~]# cat /etc/docker/daemon.json

    输出如下

    {
      "exec-opts": ["native.cgroupdriver=systemd"],
      "log-driver": "json-file",
      "log-opts": {
        "max-size": "100m"
      },
      "storage-driver": "overlay2",
      "storage-opts": [
        "overlay2.override_kernel_check=true"
      ],
      "registry-mirrors": ["https://n0k07cz2.mirror.aliyuncs.com"]
    }

    Restart Docker

    [root@localhost ~]# systemctl daemon-reload
    [root@localhost ~]# systemctl restart docker

    二、系统配置(master、node节点)

    1、关闭防火墙

    [root@localhost ~]# systemctl stop firewalld

    2、设置主机名

    k8s-master01

    [root@localhost ~]# hostnamectl set-hostname k8s-master01

    k8s-node01

    [root@localhost ~]# hostnamectl set-hostname k8s-node01

    3、修改主机名(可省略,方便记忆)

    [root@k8s-master01 ~]# vim /etc/hosts
    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    
    192.168.219.160 k8s-master01
    192.168.219.164 k8s-node01

    4、关闭swap分区

    [root@k8s-master01 ~]# swapoff -a
    [root@k8s-master01 ~]# vi /etc/fstab
    #
    # /etc/fstab
    # Created by anaconda on Thu Apr  1 06:39:41 2021
    #
    # Accessible filesystems, by reference, are maintained under '/dev/disk'
    # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
    #
    /dev/mapper/centos-root /                       xfs     defaults        0 0
    UUID=8bb2a63e-0853-417f-8c2d-c231588e4b07 /boot                   xfs     defaults        0 0
    /dev/mapper/centos-home /home                   xfs     defaults        0 0
    # 注释swap相关信息
    # /dev/mapper/centos-swap swap                    swap    defaults        0 0

    5、流量转发

    参考官网

    Setup required sysctl params, these persist across reboots.

    [root@k8s-master01 ~]# cat > /etc/sysctl.d/k8s.conf <<EOF
    net.bridge.bridge-nf-call-iptables  = 1
    net.ipv4.ip_forward                 = 1
    net.bridge.bridge-nf-call-ip6tables = 1
    EOF

    Apply sysctl params without reboot

    [root@k8s-master01 ~]# sysctl --system

    6、新增阿里yum源,这里是Centos 7系统

    [root@k8s-master01 ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

    7、同步时间

    centos6我们一直用的ntp时间服务器,虽然到CentOS7上也可以装ntp。但是各种问题。所以建议centos7使用chrony同步工具

    [root@k8s-master01 ~]# yum install chrony -y
    [root@k8s-master01 ~]# systemctl enable chronyd
    [root@k8s-master01 ~]# systemctl start chronyd
    [root@k8s-master01 ~]# chronyc sources

    三、kubectl、kubelet、 kubeadm安装(master、node节点)

    1、添加阿里kubernetes源信息

    [root@k8s-master01 ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
    [kubernetes]
    name=Kubernetes
    baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
    enabled=1
    gpgcheck=1
    repo_gpgcheck=1
    gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
    EOF

    2、安装

    [root@k8s-master01 ~]# yum -y install kubectl-1.18.18 kubelet-1.18.18 kubeadm-1.18.18

    3、设置kubectl开机自启动

    [root@k8s-master01 ~]# systemctl enable kubelet.service

    四、Kubernetes主节点安装

    1、获取安装文件yml

    [root@k8s-master01 ~]# kubeadm config print init-defaults --kubeconfig ClusterConfiguration > kubeadm.yml

    2、修改安装配置文件

    [root@master01 ~]# vi kubeadm.yml
    

    修改一下注释内容

    apiVersion: kubeadm.k8s.io/v1beta2
    bootstrapTokens:
    - groups:
      - system:bootstrappers:kubeadm:default-node-token
      token: abcdef.0123456789abcdef
      ttl: 24h0m0s
      usages:
      - signing
      - authentication
    kind: InitConfiguration
    localAPIEndpoint:
      # 修改主节点IP
      advertiseAddress: 192.168.219.160
      bindPort: 6443
    nodeRegistration:
      criSocket: /var/run/dockershim.sock
      name: test1
      taints:
      - effect: NoSchedule
        key: node-role.kubernetes.io/master
    ---
    apiServer:
      timeoutForControlPlane: 4m0s
    apiVersion: kubeadm.k8s.io/v1beta2
    certificatesDir: /etc/kubernetes/pki
    clusterName: kubernetes
    controllerManager: {}
    dns:
      type: CoreDNS
    etcd:
      local:
        dataDir: /var/lib/etcd
    # 国内不能访问 Google,修改为阿里云
    imageRepository: registry.aliyuncs.com/google_containers
    kind: ClusterConfiguration
    # 修改为对应的k8s版本
    kubernetesVersion: v1.18.18
    networking:
      dnsDomain: cluster.local
      serviceSubnet: 10.96.0.0/12
    scheduler: {}

    3、可以查看所需镜像

    [root@k8s-master01 ~]# kubeadm config images list --config kubeadm.yml

    输出一下信息

    W0610 02:42:29.980212   83223 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
    registry.aliyuncs.com/google_containers/kube-apiserver:v1.18.18
    registry.aliyuncs.com/google_containers/kube-controller-manager:v1.18.18
    registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.18
    registry.aliyuncs.com/google_containers/kube-proxy:v1.18.18
    registry.aliyuncs.com/google_containers/pause:3.2
    registry.aliyuncs.com/google_containers/etcd:3.4.3-0
    registry.aliyuncs.com/google_containers/coredns:1.6.7

    4、拉取镜像,静等10来分钟,具体快和慢和网络相关

    [root@k8s-master01 ~]# kubeadm config images pull --config kubeadm.yml

    5、安装主节点

    [root@k8s-master01 ~]# kubeadm init --config=kubeadm.yml --upload-certs | tee kubeadm-init.log

    说明 :

    • init 命令是初始化
    • --upload-certs参数可以在后续执行加入节点时自动分发证书文件
    • tee kubeadm-init.log 用以输出日志

    注意:
    安装 kubernetes 版本和下载的镜像版本不统一则会出现
    timed out waiting for the condition 错误。
    想修改配置可以使用 kubeadm reset 命令重置配置,
    重新初始化操作即可。

    安装成功
    image.png

    6、配置 kubectl

    [root@k8s-master01 ~]# mkdir -p $HOME/.kube
    [root@k8s-master01 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
    [root@k8s-master01 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config

    验证是否成功

    [root@k8s-master01 ~]# kubectl get nodes

    显示如下信息

    NAME                 STATUS     ROLES    AGE   VERSION
    k8s-master01         NotReady   master   11m   v1.18.18

    五、安装从节点

    1、加入节点到集群

    在node节点上执行

    [root@k8s-master01 ~]# kubeadm join 192.168.219.129:6443 --token abcdef.0123456789abcdef 
        --discovery-token-ca-cert-hash sha256:6dad4602dd288cbfbc952e3a9db40ee192ae8c4229479d60b330c95940131c06

    节点验证
    返回主节点查看

    [root@k8s-master01 ~]# kubectl get nodes

    输出如下

    NAME           STATUS      ROLES    AGE     VERSION
    k8s-master01   NotReady    master   40m     v1.18.18
    k8s-node01     NotReady    <none>   5m15s   v1.18.18

    这里的STATUS是NotReady因为coredns,需要安装网络插件
    在master节点上查看 Pods 状态

    [root@k8s-master01 ~]# kubectl get pods -n kube-system -o wide

    输出如下

    NAME                                     READY   STATUS    RESTARTS   AGE   IP                NODE           NOMINATED NODE   READINESS GATES
    coredns-7ff77c879f-94wq9                 1/1     Running   0          24h   192.168.32.129    k8s-master01   <none>           <none>
    coredns-7ff77c879f-kg4gd                 0/1     Running   0          24h   192.168.85.194    k8s-node01     <none>           <none>
    etcd-k8s-master01                        1/1     Running   0          24h   192.168.219.160   k8s-master01   <none>           <none>
    kube-apiserver-k8s-master01              1/1     Running   0          24h   192.168.219.160   k8s-master01   <none>           <none>
    kube-controller-manager-k8s-master01     1/1     Running   1          24h   192.168.219.160   k8s-master01   <none>           <none>
    kube-proxy-qwbpg                         1/1     Running   0          24h   192.168.219.160   k8s-master01   <none>           <none>
    kube-proxy-t92jc                         1/1     Running   0          24h   192.168.219.164   k8s-node01     <none>           <none>
    kube-scheduler-k8s-master01              1/1     Running   1          24h   192.168.219.160   k8s-master01   <none>           <none>

    六、网络插件安装

    在使用使用容器的时候,只是提供一个CNI(Container Network Interface) 标准的通用的接口,容器网络解决方案 flannel,calico,Canal,weave,使用这些解决方案可以满足该协议的所有容器平台提供网络功能。
    Calico链接 https://docs.projectcalico.or...
    Flannel链接 https://github.com/coreos/fla...
    Weave链接 https://www.weave.works/oss/net/
    Canal 链接 https://github.com/projectcal...
    我这里使用的是calico,因为支持网络策略、支持服务网格Istio集成
    官方的安装文档:https://docs.projectcalico.or...

    1、获取yml文档

    [root@k8s-master01 ~]# wget https://docs.projectcalico.org/v3.18/manifests/calico.yaml

    2、安装calico.yml

    [root@k8s-master01 ~]# kubectl apply -f calico.yaml

    验证安装是否成功

    [root@k8s-master01 ~]# kubectl get pods --all-namespaces

    输出如下

    NAMESPACE     NAME                                     READY   STATUS    RESTARTS   AGE
    kube-system   calico-kube-controllers-545578d5-dmzsj   1/1     Running   0          24m
    kube-system   calico-node-rmq5x                        1/1     Running   0          24m
    kube-system   calico-node-v89vb                        1/1     Running   0          24m
    kube-system   coredns-7ff77c879f-94wq9                 1/1     Running   0          56m
    kube-system   coredns-7ff77c879f-kg4gd                 0/1     Running   0          56m
    kube-system   etcd-k8s-master01                        1/1     Running   0          56m
    kube-system   kube-apiserver-k8s-master01              1/1     Running   0          56m
    kube-system   kube-controller-manager-k8s-master01     1/1     Running   1          56m
    kube-system   kube-proxy-qwbpg                         1/1     Running   0          56m
    kube-system   kube-proxy-t92jc                         1/1     Running   0          56m
    kube-system   kube-scheduler-k8s-master01              1/1     Running   1          56m

    3、查看 nodes状态

    [root@k8s-master01 ~]# kubectl get nodes

    显示STATUS -Ready代表网络已经组成
    输出如下

    NAME           STATUS   ROLES    AGE   VERSION
    k8s-master01   Ready    master   24h   v1.18.18
    k8s-node01     Ready    <none>   24h   v1.18.18

    七、容器部署

    这里需要注意的是,之前使用 --replicas方式已经不推荐使用了
    Flag --replicas has been deprecated, has no effect and will be removed in the future.
    在K8S v1.18.0以后,–replicas已弃用 ,推荐用 deployment 创建 pods。
    我这里使用nginx-1.18.0容器,作为示例

    [root@k8s-master01 ~]# vi nginx-deployment.yaml

    内容如下:

    apiVersion: apps/v1         #指定api版本,此值必须在kubectl apiversion中 
    kind: Deployment            # 指定创建资源的角色/类型  
    metadata:                   #资源的元数据/属性
      name: nginx-deployment    #资源的名字,在同一个namespace中必须唯一  
      labels:                   #设定资源的标签
        app: nginx
    spec:                       #指定该资源的内容 
      replicas: 1               #创建1个nginx容器 
      selector:                 #节点选择
        matchLabels:
          app: nginx             
      template:
        metadata:
          labels:
            app: nginx           #设定资源的标签
        spec:
          containers:
          - name: nginx             #容器的名字
            image: nginx:1.18.0     #容器使用的镜像地址  
            ports:
            - containerPort: 80     #容器开发对外的端口
    ---
    apiVersion: v1               # API 版本号
    kind: Service                # 类型,如:Pod/ReplicationController/Deployment/Service/Ingress
    metadata:                    # 元数据
      name: nginx-deployment     # Kind 的名称
    spec:
      ports:  
        - port: 80               # Service 暴露的端口
          targetPort: 80         # Pod 上的端口,这里是将 Service 暴露的端口转发到 Pod 端口上
      type: LoadBalancer         # 类型
      selector:                  # 标签选择器
        app: nginx               # 需要和上面部署的 Deployment 标签名对应

    1、容器部署发布

    [root@k8s-master01 ~]# kubectl apply -f nginx-deployment.yaml

    2、查看pods

    [root@k8s-master01 ~]# kubectl get pods

    显示如下

    NAME                                READY   STATUS    RESTARTS   AGE
    nginx-deployment-75ddd4d4b4-6gtx5   1/1     Running   0          26h

    3、查看deployment

    [root@k8s-master01 ~]# kubectl get deployments

    显示如下

    NAME               READY   UP-TO-DATE   AVAILABLE   AGE
    nginx-deployment   1/1     1            1           26h

    4、查看service

    [root@k8s-master01 ~]# kubectl get services

    显示如下

    NAME               TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
    kubernetes         ClusterIP      10.96.0.1        <none>        443/TCP        27h
    nginx-deployment   LoadBalancer   10.100.103.238   <pending>     80:32234/TCP   26h

    验证服务
    访问:http://192.168.219.160:32234/
    image.png

    5、查看资源对象详情

    如:service、pod、deployment等

    [root@k8s-master01 ~]# kubectl describe service nginx-deployment

    6、服务删除

    [root@k8s-master01 ~]# kubectl delete -f nginx-deployment.yaml

    参考

    https://blog.csdn.net/qq_3241...
    https://cloud.tencent.com/dev...

  • 相关阅读:
    iOS 在Host App 与 App Extension 之间发送通知
    将博客搬至CSDN
    ios7 UITableView 分割线在 使用selectedBackgroundView 选中时有些不显示
    UITableViewCell 分割线如何满屏
    CocoaPods管理的项目移植到别人电脑后找不到头文件
    iOS Touch ID 简易开发教程
    iOS内存泄露统计
    iOS开发之Objective-c的AES128加密和解密算法的实现
    iOS中使用RNCryptor对资源文件加密
    iOS持续集成:命令行创建工程
  • 原文地址:https://www.cnblogs.com/netflix/p/14965581.html
Copyright © 2011-2022 走看看