Kubernetes 安装
环境配置
关闭防火墙: 如果是云服务器,需要设置安全组策略放行端口
1systemctl stop firewalld
2systemctl disable firewalld
修改 hostname
1hostnamectl set-hostname k8s-01
2echo "127.0.0.1 $(hostname)" >> /etc/hosts
3reboot
关闭 selinux:
1sed -i 's/enforcing/disabled/' /etc/selinux/config
2setenforce 0
关闭 swap:
1swapoff -a
2sed -ri 's/.*swap.*/#&/' /etc/fstab
修改 /etc/sysctl.conf
1# 如果有配置,则修改
2sed -i "s#^net.ipv4.ip_forward.*#net.ipv4.ip_forward=1#g" /etc/sysctl.conf
3sed -i "s#^net.bridge.bridge-nf-call-ip6tables.*#net.bridge.bridge-nf-call-ip6tables=1#g" /etc/sysctl.conf
4sed -i "s#^net.bridge.bridge-nf-call-iptables.*#net.bridge.bridge-nf-call-iptables=1#g" /etc/sysctl.conf
5sed -i "s#^net.ipv6.conf.all.disable_ipv6.*#net.ipv6.conf.all.disable_ipv6=1#g" /etc/sysctl.conf
6sed -i "s#^net.ipv6.conf.default.disable_ipv6.*#net.ipv6.conf.default.disable_ipv6=1#g" /etc/sysctl.conf
7sed -i "s#^net.ipv6.conf.lo.disable_ipv6.*#net.ipv6.conf.lo.disable_ipv6=1#g" /etc/sysctl.conf
8sed -i "s#^net.ipv6.conf.all.forwarding.*#net.ipv6.conf.all.forwarding=1#g" /etc/sysctl.conf
9# 可能没有,追加
10echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
11echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf
12echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
13echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
14echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf
15echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.conf
16echo "net.ipv6.conf.all.forwarding = 1" >> /etc/sysctl.conf
17# 执行命令以应用
18sysctl -p
安装 docker
1sudo yum remove docker*
2sudo yum install -y yum-utils
3#配置docker yum 源
4sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
5#安装docker 19.03.9
6yum install -y docker-ce-3:19.03.9-3.el7.x86_64 docker-ce-cli-3:19.03.9-3.el7.x86_64 containerd.io
7
8#安装docker 19.03.9 docker-ce 19.03.9
9yum install -y docker-ce-19.03.9-3 docker-ce-cli-19.03.9 containerd.io
10
11#启动服务
12systemctl start docker
13systemctl enable docker
14
15sudo systemctl daemon-reload
16sudo systemctl restart docker
安装 k8s 核心(都执行)
配置 K8S 的 yum 源
1cat <<EOF > /etc/yum.repos.d/kubernetes.repo
2[kubernetes]ß
3name=Kubernetes
4baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
5enabled=1
6gpgcheck=0
7repo_gpgcheck=0
8gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
9 http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
10EOF
卸载旧版本,安装新版本
1yum remove -y kubelet kubeadm kubectl
2
3# 查看可以安装的版本
4yum list kubelet --showduplicates | sort -r
5
6# 安装kubelet、kubeadm、kubectl 指定版本
7yum install -y kubelet-1.21.0 kubeadm-1.21.0 kubectl-1.21.0
8
9# 开机启动kubelet
10systemctl enable kubelet && systemctl start kubelet
初始化 master 节点
创建 images.sh,vim images.sh粘贴以下命令
1docker pull k8s.gcr.io/kube-apiserver:v1.21.9
2docker pull k8s.gcr.io/kube-controller-manager:v1.21.9
3docker pull k8s.gcr.io/kube-scheduler:v1.21.9
4docker pull k8s.gcr.io/kube-proxy:v1.21.9
5docker pull k8s.gcr.io/pause:3.4.1
6docker pull k8s.gcr.io/etcd:3.4.13-0
7docker pull k8s.gcr.io/coredns/coredns:v1.8.0
1chmod +x images.shß
2sh images.sh
kubeadm init master 节点
1kubeadm init \
2--apiserver-advertise-address=192.168.99.19 \
3--kubernetes-version v1.23.3 \
4--service-cidr=10.99.0.0/16 \
5--pod-network-cidr=10.124.0.0/16
复制相关文件夹
1 mkdir -p $HOME/.kube
2 sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
3 sudo chown $(id -u):$(id -g) $HOME/.kube/config
导出环境变量
1export KUBECONFIG=/etc/kubernetes/admin.conf
部署一个 pod 网络
1kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
命令检查
1kubectl get pod -A ##获取集群中所有部署好的应用Pod
2kubectl get nodes ##查看集群所有机器的状态
初始化 worker 节点(worker 执行)
1##过期怎么办
2kubeadm token create --print-join-command
3kubeadm join --token y1eyw5.ylg568kvohfdsfco --discovery-token-ca-cert-hash sha256: 6c35e4f73f72afd89bf1c8c303ee55677d2cdb1342d67bb23c852aba2efc7c73
验证集群
1#获取所有节点
2kubectl get nodes
