kubeadm部署k8s-1.18.18

lxjian01

资源准备

主机名ip
k8s-master1192.168.219.161
k8s-node1192.168.219.162
k8s-node2192.168.219.163

软件信息

软件版本
docker19.03.11
kubernetes1.18.18

一、安装docker

官方文档配置推荐

Install required packages

[root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2

Add the Docker repository

[root@localhost ~]# yum-config-manager --add-repo \
  https://download.docker.com/linux/centos/docker-ce.repo

Install Docker CE

[root@localhost ~]# yum install -y containerd.io-1.2.13 docker-ce-19.03.11 docker-ce-cli-19.03.11

Create /etc/docker

[root@localhost ~]# mkdir /etc/docker

Set up the Docker daemon

[root@localhost ~]# cat > /etc/docker/daemon.json <<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ]
}
EOF

添加docker加速器

[root@localhost ~]# vim /etc/docker/daemon.json

在最后加上
"registry-mirrors": ["https://n0k07cz2.mirror.aliyuncs.com"]

[root@localhost ~]# cat /etc/docker/daemon.json

输出如下

{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ],
  "registry-mirrors": ["https://n0k07cz2.mirror.aliyuncs.com"]
}

Restart Docker

[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl restart docker

二、系统配置(master、node节点)

1、关闭防火墙

[root@localhost ~]# systemctl stop firewalld

2、设置主机名

161主机名k8s-master1、162主机名k8s-node1、163主机名k8s-node2

[root@localhost ~]# hostnamectl set-hostname <主机名>

3、在master添加hosts

[root@k8s-master1 ~]# cat >> /etc/hosts << EOF
192.168.219.161 k8s-master1
192.168.219.162 k8s-node1
192.168.219.163 k8s-node2
EOF

4、关闭swap分区

[root@k8s-master1 ~]# swapoff -a
[root@k8s-master1 ~]# vi /etc/fstab
#
# /etc/fstab
# Created by anaconda on Thu Apr  1 06:39:41 2021
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=8bb2a63e-0853-417f-8c2d-c231588e4b07 /boot                   xfs     defaults        0 0
/dev/mapper/centos-home /home                   xfs     defaults        0 0
# 注释swap相关信息
# /dev/mapper/centos-swap swap                    swap    defaults        0 0

5、流量转发

参考官网

Setup required sysctl params, these persist across reboots.

[root@k8s-master1 ~]# cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-iptables  = 1
net.ipv4.ip_forward                 = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF

Apply sysctl params without reboot

[root@k8s-master1 ~]# sysctl --system

6、新增阿里yum源,这里是Centos 7系统

[root@k8s-master1 ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

7、同步时间

centos6我们一直用的ntp时间服务器,虽然到CentOS7上也可以装ntp。但是各种问题。所以建议centos7使用chrony同步工具

[root@k8s-master1 ~]# yum install chrony -y
[root@k8s-master1 ~]# systemctl enable chronyd
[root@k8s-master1 ~]# systemctl start chronyd
[root@k8s-master1 ~]# chronyc sources

三、kubectl、kubelet、 kubeadm安装(master、node节点)

1、添加阿里kubernetes源信息

[root@k8s-master1 ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

2、安装

[root@k8s-master1 ~]# yum -y install kubectl-1.18.18 kubelet-1.18.18 kubeadm-1.18.18

3、设置kubectl开机自启动

[root@k8s-master1 ~]# systemctl enable kubelet.service

四、Kubernetes主节点安装

1、获取安装文件yml

[root@k8s-master1 ~]# kubeadm config print init-defaults --kubeconfig ClusterConfiguration > kubeadm.yml

2、修改安装配置文件

[root@k8s-master1 ~]# vi kubeadm.yml

修改一下注释内容

apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
  - system:bootstrappers:kubeadm:default-node-token
  token: abcdef.0123456789abcdef
  ttl: 24h0m0s
  usages:
  - signing
  - authentication
kind: InitConfiguration
localAPIEndpoint:
  # 修改主节点IP
  advertiseAddress: 192.168.219.161
  bindPort: 6443
nodeRegistration:
  criSocket: /var/run/dockershim.sock
  name: test1
  taints:
  - effect: NoSchedule
    key: node-role.kubernetes.io/master
---
apiServer:
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns:
  type: CoreDNS
etcd:
  local:
    dataDir: /var/lib/etcd
# 国内不能访问 Google,修改为阿里云
imageRepository: registry.aliyuncs.com/google_containers
kind: ClusterConfiguration
# 修改为对应的k8s版本
kubernetesVersion: v1.18.18
networking:
  dnsDomain: cluster.local
  serviceSubnet: 10.96.0.0/12
scheduler: {}

3、可以查看所需镜像

[root@k8s-master1 ~]# kubeadm config images list --config kubeadm.yml

输出一下信息

W0610 02:42:29.980212   83223 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
registry.aliyuncs.com/google_containers/kube-apiserver:v1.18.18
registry.aliyuncs.com/google_containers/kube-controller-manager:v1.18.18
registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.18
registry.aliyuncs.com/google_containers/kube-proxy:v1.18.18
registry.aliyuncs.com/google_containers/pause:3.2
registry.aliyuncs.com/google_containers/etcd:3.4.3-0
registry.aliyuncs.com/google_containers/coredns:1.6.7

4、拉取镜像,静等10来分钟,具体快和慢和网络相关

[root@k8s-master1 ~]# kubeadm config images pull --config kubeadm.yml

5、安装主节点

[root@k8s-master1 ~]# kubeadm init --config=kubeadm.yml --upload-certs | tee kubeadm-init.log

说明 :

  • init 命令是初始化
  • --upload-certs参数可以在后续执行加入节点时自动分发证书文件
  • tee kubeadm-init.log 用以输出日志

注意:
安装 kubernetes 版本和下载的镜像版本不统一则会出现
timed out waiting for the condition 错误。
想修改配置可以使用 kubeadm reset 命令重置配置,
重新初始化操作即可。

安装成功
image.png

6、配置 kubectl

[root@k8s-master1 ~]# mkdir -p $HOME/.kube
[root@k8s-master1 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master1 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config

验证是否成功

[root@k8s-master1 ~]# kubectl get nodes

显示如下信息

NAME                 STATUS     ROLES    AGE   VERSION
k8s-master1         NotReady   master   11m   v1.18.18

五、安装从节点

1、加入节点到集群

在node1节点上执行

[root@k8s-node1 ~]# kubeadm join 192.168.219.161:6443 --token abcdef.0123456789abcdef 
    --discovery-token-ca-cert-hash sha256:6dad4602dd288cbfbc952e3a9db40ee192ae8c4229479d60b330c95940131c06

在node2节点上执行

[root@k8s-node2 ~]# kubeadm join 192.168.219.161:6443 --token abcdef.0123456789abcdef 
    --discovery-token-ca-cert-hash sha256:6dad4602dd288cbfbc952e3a9db40ee192ae8c4229479d60b330c95940131c06

节点验证
返回主节点查看

[root@k8s-master1 ~]# kubectl get nodes

输出如下

NAME           STATUS      ROLES    AGE     VERSION
k8s-master1   NotReady    master   40m     v1.18.18
k8s-node1     NotReady    <none>   5m15s   v1.18.18
k8s-node2     NotReady    <none>   5m15s   v1.18.18

这里的STATUS是NotReady因为coredns,需要安装网络插件
在master节点上查看 Pods 状态

[root@k8s-master1 ~]# kubectl get pods -n kube-system -o wide

输出如下

NAME                                     READY   STATUS    RESTARTS   AGE   IP                NODE           NOMINATED NODE   READINESS GATES
coredns-7ff77c879f-94wq9                 1/1     Running   0          24h   192.168.32.129    k8s-master1   <none>           <none>
coredns-7ff77c879f-kg4gd                 0/1     Running   0          24h   192.168.85.194    k8s-node1     <none>           <none>
etcd-k8s-master1                        1/1     Running   0          24h   192.168.219.161   k8s-master1   <none>           <none>
kube-apiserver-k8s-master1              1/1     Running   0          24h   192.168.219.161   k8s-master1   <none>           <none>
kube-controller-manager-k8s-master1     1/1     Running   1          24h   192.168.219.161   k8s-master1   <none>           <none>
kube-proxy-qwbpg                         1/1     Running   0          24h   192.168.219.161   k8s-master1   <none>           <none>
kube-proxy-t92jc                         1/1     Running   0          24h   192.168.219.162   k8s-node1     <none>           <none>
kube-scheduler-k8s-master1              1/1     Running   1          24h   192.168.219.161   k8s-master1   <none>           <none>

六、网络插件安装

在使用使用容器的时候,只是提供一个CNI(Container Network Interface) 标准的通用的接口,容器网络解决方案 flannel,calico,Canal,weave,使用这些解决方案可以满足该协议的所有容器平台提供网络功能。
Calico链接 https://docs.projectcalico.or...
Flannel链接 https://github.com/coreos/fla...
Weave链接 https://www.weave.works/oss/net/
Canal 链接 https://github.com/projectcal...
我这里使用的是calico,因为支持网络策略、支持服务网格Istio集成
官方的安装文档:https://docs.projectcalico.or...

1、获取yml文档

[root@k8s-master1 ~]# wget https://docs.projectcalico.org/v3.18/manifests/calico.yaml

2、安装calico.yml

[root@k8s-master1 ~]# kubectl apply -f calico.yaml

验证安装是否成功

[root@k8s-master1 ~]# kubectl get pods --all-namespaces

输出如下

NAMESPACE     NAME                                     READY   STATUS    RESTARTS   AGE
kube-system   calico-kube-controllers-545578d5-dmzsj   1/1     Running   0          24m
kube-system   calico-node-rmq5x                        1/1     Running   0          24m
kube-system   calico-node-v89vb                        1/1     Running   0          24m
kube-system   coredns-7ff77c879f-94wq9                 1/1     Running   0          56m
kube-system   coredns-7ff77c879f-kg4gd                 0/1     Running   0          56m
kube-system   etcd-k8s-master1                        1/1     Running   0          56m
kube-system   kube-apiserver-k8s-master1              1/1     Running   0          56m
kube-system   kube-controller-manager-k8s-master1     1/1     Running   1          56m
kube-system   kube-proxy-qwbpg                         1/1     Running   0          56m
kube-system   kube-proxy-t92jc                         1/1     Running   0          56m
kube-system   kube-scheduler-k8s-master1              1/1     Running   1          56m

3、查看 nodes状态

[root@k8s-master1 ~]# kubectl get nodes

显示STATUS -Ready代表网络已经组成
输出如下

NAME           STATUS   ROLES    AGE   VERSION
k8s-master1   Ready    master   24h   v1.18.18
k8s-node1     Ready    <none>   24h   v1.18.18
k8s-node2     Ready    <none>   24h   v1.18.18

七、容器部署

这里需要注意的是,之前使用 --replicas方式已经不推荐使用了
Flag --replicas has been deprecated, has no effect and will be removed in the future.
在K8S v1.18.0以后,–replicas已弃用 ,推荐用 deployment 创建 pods。
我这里使用nginx-1.18.0容器,作为示例

[root@k8s-master1 ~]# vi nginx-deployment.yaml

内容如下:

apiVersion: apps/v1         #指定api版本,此值必须在kubectl apiversion中 
kind: Deployment            # 指定创建资源的角色/类型  
metadata:                   #资源的元数据/属性
  name: nginx-deployment    #资源的名字,在同一个namespace中必须唯一  
  labels:                   #设定资源的标签
    app: nginx
spec:                       #指定该资源的内容 
  replicas: 1               #创建1个nginx容器 
  selector:                 #节点选择
    matchLabels:
      app: nginx             
  template:
    metadata:
      labels:
        app: nginx           #设定资源的标签
    spec:
      containers:
      - name: nginx             #容器的名字
        image: nginx:1.18.0     #容器使用的镜像地址  
        ports:
        - containerPort: 80     #容器开发对外的端口
---
apiVersion: v1               # API 版本号
kind: Service                # 类型,如:Pod/ReplicationController/Deployment/Service/Ingress
metadata:                    # 元数据
  name: nginx-deployment     # Kind 的名称
spec:
  ports:  
    - port: 80               # Service 暴露的端口
      targetPort: 80         # Pod 上的端口,这里是将 Service 暴露的端口转发到 Pod 端口上
  type: LoadBalancer         # 类型
  selector:                  # 标签选择器
    app: nginx               # 需要和上面部署的 Deployment 标签名对应

1、容器部署发布

[root@k8s-master1 ~]# kubectl apply -f nginx-deployment.yaml

2、查看pods

[root@k8s-master1 ~]# kubectl get pods

显示如下

NAME                                READY   STATUS    RESTARTS   AGE
nginx-deployment-75ddd4d4b4-6gtx5   1/1     Running   0          26h

3、查看deployment

[root@k8s-master1 ~]# kubectl get deployments

显示如下

NAME               READY   UP-TO-DATE   AVAILABLE   AGE
nginx-deployment   1/1     1            1           26h

4、查看service

[root@k8s-master1 ~]# kubectl get services

显示如下

NAME               TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
kubernetes         ClusterIP      10.96.0.1        <none>        443/TCP        27h
nginx-deployment   LoadBalancer   10.100.103.238   <pending>     80:32234/TCP   26h

验证服务
访问:http://192.168.219.161:32234/
image.png

5、查看资源对象详情

如:service、pod、deployment等

[root@k8s-master1 ~]# kubectl describe service nginx-deployment

6、服务删除

[root@k8s-master1 ~]# kubectl delete -f nginx-deployment.yaml

参考

https://blog.csdn.net/qq_3241...
https://cloud.tencent.com/dev...

阅读 1.2k
1 声望
0 粉丝
0 条评论
1 声望
0 粉丝
文章目录
宣传栏