作者微信
微

Kubernetes安装

小技术 7个月前 (08-20) 0 999+

Kubernetes安装

初始化工具安装卸载docker容器

sudo yum remove docker 
docker-client 
docker-client-latest 
docker-common 
docker-latest 
docker-latest-logrotate 
docker-logrotate 
docker-engine

配置yum源

查看yum 是否正在运行
ps aux|grep yum
如果有多条以上 使用命令删除
kill -9 8976(pid)

yum install -y yum-utils
yum-config-manager 
--add-repo 
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

安装docker


yum install -y docker-ce-20.10.7 docker-ce-cli-20.10.7  containerd.io-1.4.6

systemctl enable docker
systemctl restart docker

配置加速

这里额外添加了docker的生产环境核心配置cgroup

sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://82m9ar63.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF

systemctl daemon-reload
systemctl restart docker

每台机器设置自己的名字

#各个机器设置自己的域名
hostnamectl set-hostname k8s-master
hostnamectl set-hostname k8s-node1

关闭防火墙以及wasp

sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab

systemctl stop firewalld
systemctl disable firewalld

允许 iptables 检查桥接流量


cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system

上面的内容只是准备阶段

安装kubelete kubeadm kubectl

sudo yum install -y kubelet-1.20.9 kubeadm-1.20.9 kubectl-1.20.9 --disableexcludes=kubernetes

systemctl enable kubelet
systemctl restart kubelet

再每台机子上执行将ip地址指向服务器名

echo "192.168.89.136  cluster-endpoint" >> /etc/hosts

仅在master节点上执行

# 以下对master集群操作
sudo tee ./images.sh <<-'EOF'
#!/bin/bash
images=(
kube-apiserver:v1.20.9
kube-proxy:v1.20.9
kube-controller-manager:v1.20.9
kube-scheduler:v1.20.9
coredns:1.7.0
etcd:3.4.13-0
pause:3.2
)
for imageName in ${images[@]} ; do
docker pull registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/$imageName
done
EOF

chmod +x ./images.sh && ./images.sh

运行主节点初始化

kubeadm init 
--apiserver-advertise-address=192.168.89.136 
--control-plane-endpoint=cluster-endpoint 
--image-repository registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images 
--kubernetes-version v1.20.9 
--service-cidr=10.96.0.0/16 
--pod-network-cidr=192.168.0.0/16 
--v=5

#说明 192.168.89.136 为master节点的IP地址需要更改

出现以下内容说明主节点运行成功


Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of control-plane nodes by copying certificate authorities
and service account keys on each node and then running the following as root:

kubeadm join cluster-endpoint:6443 --token f9aovh.xesfqzvxqhlj39bj 
--discovery-token-ca-cert-hash sha256:64c79e28f2e3e116cc3f11e80c804ff56471c809497d9cb48a5de2cfb1dc8d17 
--control-plane

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join cluster-endpoint:6443 --token f9aovh.xesfqzvxqhlj39bj 
--discovery-token-ca-cert-hash sha256:64c79e28f2e3e116cc3f11e80c804ff56471c809497d9cb48a5de2cfb1dc8d17

如果有其他错误，请删除服务器重新安装一下就可以了

查看容器运行情况
kubectl get pods -A
每隔1秒查询一下运行情况
watch -n 1 kubectl get pods -A

再master节点执行命令

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

部署网络部署网络插件需要指定版本V3.18

curl https://docs.projectcalico.org/v3.18/manifests/calico.yaml -O
kubectl apply -f calico.yaml

在node节点执行命令

进入node节点
kubeadm join cluster-endpoint:6443 --token dsmsgo.bphigc88l8jk34hh 
--discovery-token-ca-cert-hash sha256:cb6a43c19a43ca0c6829acc1bbf7b2171ce4197f9b825077efb50f2bc9b8a44d

进入master 查看运行情况 kubectl get pods -A

新令牌

kubeadm token create --print-join-command

验证集群节点状态

kubectl get nodes

安装可视化界面（自己安装一直失败以下可以不用看了）

kubernetes官方提供的可视化界面

https://github.com/kubernetes/dashboard

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.3.1/aio/deploy/recommended.yaml

kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard

type: ClusterIP 改为 type: NodePort

kubectl get svc -A |grep kubernetes-dashboard

安装成功访问： https://集群任意IP:端口 https://139.198.165.238:32759

如果安装失败可视化界面删除操作

删除现有的dashboard pod
kubectl delete service kubernetes-dashboard --namespace=kubernetes-dashboard
kubectl delete service dashboard-metrics-scraper --namespace=kubernetes-dashboard
kubectl delete deployment kubernetes-dashboard --namespace=kubernetes-dashboard
kubectl delete deployment dashboard-metrics-scraper --namespace=kubernetes-dashboard