【ubuntu 22.04 搭建k8s高可用集群】
然后将你的scheduler以及controll manager .yaml中把port=0 改成对应的数值(port=10251和port=10252)#初始化kubernetes,指定版本号为最新版1.27.1,10.30.20.9为nginx负载均衡机器的IP。#将镜像源设置为阿里云 google_containers 镜像源。#添加Kubernetes的apt源为阿里云的源。#锁定版本,不
·
ubuntu 22.04 搭建k8s(1.27.1)高可用集群
- ubuntu 22.04 搭建k8s(1.27.1)高可用集群
- nginx配置如下
- keepalived 配置如下
- 查看cluster-info
- 查看node信息
- master2 配置
- 添加Kubernetes的apt源为阿里云的源
- node1配置
- 切换root用户
- 检查更新
- 更新安装
- hosts配置
- 关闭swap
- 永久关闭
- 添加加载的内核模块
- 加载内核模块
- 设置内核参数
- 应用内核参数
- 安装curl gnupg2 software-properties-common apt-transport-https ca-certificates
- 安装GPG证书
- 写入软件源信息
- 检查更新
- 安装containerd
- 生成containetd的配置文件
- 修改Containerd的配置文件
- 将镜像源设置为阿里云 google_containers 镜像源
- 重新启动containerd
- 开启启动 containerd服务
- 添加 apt key
- 添加Kubernetes的apt源为阿里云的源
- 检查更新
- 安装kubelet kubeadm kubectl
- 锁定版本,不随 apt upgrade 更新
- 查看
- 开启路由功能
- 运行一下命令将node加入到集群
- node2配置 &&node3配置
- master节点使用 kubectl apply -f 配置网络插件
ubuntu 22.04 搭建k8s(1.27.1)高可用集群
| IP | 主机 |
|---|---|
| 10.30.20.9 | nginx |
| 10.30.20.10 | master1 |
| 10.30.20.11 | master2 |
| 10.30.20.12 | node1 |
| 10.30.20.13 | node2 |
| 10.30.20.14 | node2 |
nginx配置如下
root@ubuntu:~# cat /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 1024;
# multi_accept on;
}
stream {
upstream k8s-apiserver {
server 10.30.20.10:6443;
server 10.30.20.11:6443;
}
server {
listen 6443;
proxy_connect_timeout 1s;
proxy_pass k8s-apiserver;
}
}
###
keepalived 配置如下
root@ubuntu:~# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id 1056
script_user root
enable_script_security
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_nginx1 {
##script "/etc/keepalived/check_nginx1.sh" ##脚本存放位置
##script "< /dev/tcp/10.30.20.9:88"
script "/usr/bin/killall -0 nginx"
interval 1
fall 2
rise 1
}
##k8s vip实例
vrrp_instance VI_3 {
state MASTER
interface ens18
virtual_router_id 53
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass s@66
}
virtual_ipaddress {
10.30.20.9/24 dev ens18 label ens18:0
}
master1配置
检查更新
apt update
更新安装
apt upgrade -y
设置hostname
hostnamectl set-hostname k8s-master1
设置hosts
vim /etc/hosts
##增加下面内容
10.30.20.10 k8s-master01
10.30.20.11 k8s-master02
10.30.20.12 k8s-worker01
10.30.20.13 k8s-worker02
10.30.20.14 k8s-worker03
##关闭swap
swapoff -a
##永久关闭
添加加载的内核模块
tee /etc/modules-load.d/containerd.conf<<EOF
overlay
br_netfilter
EOF
加载内核模块
modprobe overlay && modprobe br_netfilter
设置内核参数
tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
应用内核参数
sysctl --system
安装curl gnupg2 software-properties-common apt-transport-https ca-certificates
apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates
安装GPG证书
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
写入软件源信息
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
上面两个如果无效可以安装阿里云GPG证书如下
# step 2: 安装GPG证书
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
# Step 3: 写入软件源信息
sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
检查更新
apt update
安装containerd
apt install -y containerd.io
如果报下面错误
eading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package containerd.io
E: Couldn't find any package by glob 'containerd.io'
运行尝试运行命令
apt install -y containerd
生成containetd的配置文件
containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1
root@master1:~# ls /etc/containerd/
config.toml
如果提示不存在目录自行创建目录再运行以上命令
root@k8s-master1 :~# mkdir -p /etc/containerd/ && containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1
root@k8s-master1 :~# ls /etc/containerd/
config.toml
修改Containerd的配置文件
root@k8s-master1 :~# sed -i "s#SystemdCgroup\ \=\ false#SystemdCgroup\ \=\ true#g" /etc/containerd/config.toml
root@k8s-master1 :~# cat /etc/containerd/config.toml | grep SystemdCgroup
#将镜像源设置为阿里云 google_containers 镜像源
root@k8s-master1 :~# sed -i "s#registry.k8s.io#registry.cn-hangzhou.aliyuncs.com/chenby#g" /etc/containerd/config.toml
root@k8s-master1 :~# cat /etc/containerd/config.toml | grep sandbox_image
#重新启动containerd
root@k8s-master1 :~# systemctl restart containerd
#开启启动 containerd服务
root@k8s-master1 :~# systemctl enable containerd
#添加 apt key
root@k8s-master1 :~# curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
#添加Kubernetes的apt源为阿里云的源
root@k8s-master1 :~# apt-add-repository "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"
#检查更新
root@k8s-master1 :~# apt update
#kubelet kubeadm kubectl
root@k8s-master1 :~# apt install -y kubelet kubeadm kubectl
#锁定版本,不随 apt upgrade 更新
root@k8s-master1 :~# apt-mark hold kubelet kubeadm kubectl
查看
root@k8s-master1 :~# kubeadm version
#开启路由功能
root@k8s-master1 :~# sysctl -w net.ipv4.ip_forward=1
#初始化kubernetes,指定版本号为最新版1.27.1,10.30.20.9为nginx负载均衡机器的IP
root@k8s-master1 :~# sudo kubeadm init \
--kubernetes-version=v1.27.1 \
--image-repository registry.aliyuncs.com/google_containers --v=5 \
--control-plane-endpoint "10.30.20.9:6443" \
--upload-certs \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16
#执行成功之后会打印以下信息,记得复制出来
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of the control-plane node running the following command on each as root:
kubeadm join 10.30.20.9:6443 --token lqzqv2.j1unv3hpmmcbcnp4 \
--discovery-token-ca-cert-hash sha256:5cc644c4f2ab3b6396668fda422137c8fb8e38bc56c331996abd87b52aacb425 \
--control-plane --certificate-key c0250397bd7c758966910551463932c1250d2a8646115a6c38af591f2ce803bf
Please note that the certificate-key gives access to cluster sensitive data, keep it secret!
As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use
"kubeadm init phase upload-certs --upload-certs" to reload certs afterward.
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.30.20.9:6443 --token lqzqv2.j1unv3hpmmcbcnp4 \
--discovery-token-ca-cert-hash sha256:5cc644c4f2ab3b6396668fda422137c8fb8e38bc56c331996abd87b52aacb425
#执行成功之后,执行下面操作
#To start using your cluster, you need to run the following as a regular user
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
#Alternatively, if you are the root user, you can run
export KUBECONFIG=/etc/kubernetes/admin.conf
查看cluster-info
root@k8s-master1 :~# kubectl cluster-info
查看node信息
root@k8s-master1 :~# kubectl get nodes
master2 配置
检查更新
root@k8s-master2 :~# apt update
##更新安装
root@k8s-master2 :~# apt upgrade -y
##设置hostname
root@k8s-master2 :~# hostnamectl set-hostname k8s-master1
##设置hosts
root@k8s-master2 :~# vim /etc/hosts
##增加下面内容
10.30.20.10 k8s-master01
10.30.20.11 k8s-master02
10.30.20.12 k8s-worker01
10.30.20.13 k8s-worker02
10.30.20.14 k8s-worker03
关闭swap
root@k8s-master2 :~# swapoff -a
##永久关闭
添加加载的内核模块
root@k8s-master2 :~# tee /etc/modules-load.d/containerd.conf<<EOF
overlay
br_netfilter
EOF
加载内核模块
root@k8s-master2 :~# modprobe overlay && modprobe br_netfilter
设置内核参数
root@k8s-master2 :~# tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
应用内核参数
root@k8s-master2 :~# sysctl --system
安装curl gnupg2 software-properties-common apt-transport-https ca-certificates
root@k8s-master2 :~# apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates
安装GPG证书
root@k8s-master2 :~# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
写入软件源信息
root@k8s-master2 :~# add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
检查更新
root@k8s-master2 :~# apt update
安装containerd
root@k8s-master2 :~# apt install -y containerd.io
生成containetd的配置文件
root@k8s-master2 :~# containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1
修改Containerd的配置文件
root@k8s-master2 :~# sed -i "s#SystemdCgroup\ \=\ false#SystemdCgroup\ \=\ true#g" /etc/containerd/config.toml
root@k8s-master2 :~# cat /etc/containerd/config.toml | grep SystemdCgroup
将镜像源设置为阿里云 google_containers 镜像源
root@k8s-master2 :~# sed -i "s#registry.k8s.io#registry.cn-hangzhou.aliyuncs.com/chenby#g" /etc/containerd/config.toml
root@k8s-master2 :~# cat /etc/containerd/config.toml | grep sandbox_image
重新启动containerd
root@k8s-master2 :~# systemctl restart containerd
开启启动 containerd服务
root@k8s-master2 :~# systemctl enable containerd
添加 apt key
root@k8s-master2 :~# curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
添加Kubernetes的apt源为阿里云的源
root@k8s-master2 :~# apt-add-repository "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"
检查更新
root@k8s-master2 :~# apt update
kubelet kubeadm kubectl
如果想安装指定版本等号后面加版本号如下:
root@k8s-master2 :~# apt install -y kubelet=1.21.5-00 kubeadm=1.21.5-00 kubectl=1.21.5-00
如果想安装最新版本命令如下:
root@k8s-master2 :~# apt install -y kubelet kubeadm kubectl
锁定版本,不随 apt upgrade 更新
root@k8s-master2 :~# apt-mark hold kubelet kubeadm kubectl
查看
root@k8s-master2 :~# kubeadm version
开启路由功能
root@k8s-master2 :~# sysctl -w net.ipv4.ip_forward=1
初始化kubernetes,指定版本号为最新版1.27.1,10.30.20.9为nginx负载均衡机器的IP
root@k8s-master2 :~# sudo kubeadm init \
--kubernetes-version=v1.27.1 \
--image-repository registry.aliyuncs.com/google_containers --v=5 \
--control-plane-endpoint "10.30.20.9:6443" \
--upload-certs \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16
执行一下命令将master2加入到master集群中
root@k8s-master2 :~# kubeadm join 10.30.20.9:6443 --token lqzqv2.j1unv3hpmmcbcnp4 \
--discovery-token-ca-cert-hash sha256:5cc644c4f2ab3b6396668fda422137c8fb8e38bc56c331996abd87b52aacb425 \
--control-plane --certificate-key c0250397bd7c758966910551463932c1250d2a8646115a6c38af591f2ce803bf
执行成功之后,执行下面操作
#To start using your cluster, you need to run the following as a regular user
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
#Alternatively, if you are the root user, you can run
export KUBECONFIG=/etc/kubernetes/admin.conf
查看cluster-info
root@k8s-master2 :~# kubectl cluster-info
##查看node信息
root@k8s-master2 :~# kubectl get nodes
node1配置
切换root用户
sudo su -
检查更新
apt update
更新安装
apt upgrade -y
hosts配置
vim /etc/hosts
## 增加下面内容
10.30.20.10 k8s-master01
10.30.20.11 k8s-master02
10.30.20.12 k8s-worker01
10.30.20.13 k8s-worker02
10.30.20.14 k8s-worker03
关闭swap
swapoff -a
永久关闭
添加加载的内核模块
tee /etc/modules-load.d/containerd.conf<<EOF
overlay
br_netfilter
EOF
加载内核模块
modprobe overlay && modprobe br_netfilter
设置内核参数
tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
应用内核参数
sysctl --system
安装curl gnupg2 software-properties-common apt-transport-https ca-certificates
apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates
安装GPG证书
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
写入软件源信息
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
检查更新
apt update
安装containerd
apt install -y containerd.io
生成containetd的配置文件
containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1
修改Containerd的配置文件
sed -i "s#SystemdCgroup\ \=\ false#SystemdCgroup\ \=\ true#g" /etc/containerd/config.toml
cat /etc/containerd/config.toml | grep SystemdCgroup
将镜像源设置为阿里云 google_containers 镜像源
sed -i "s#registry.k8s.io#registry.cn-hangzhou.aliyuncs.com/chenby#g" /etc/containerd/config.toml
cat /etc/containerd/config.toml | grep sandbox_image
重新启动containerd
systemctl restart containerd
开启启动 containerd服务
systemctl enable containerd
添加 apt key
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
添加Kubernetes的apt源为阿里云的源
apt-add-repository "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"
检查更新
apt update
安装kubelet kubeadm kubectl
apt install -y kubelet kubeadm kubectl
锁定版本,不随 apt upgrade 更新
apt-mark hold kubelet kubeadm kubectl
查看
kubeadm version
开启路由功能
sysctl -w net.ipv4.ip_forward=1
运行一下命令将node加入到集群
kubeadm join 10.30.20.9:6443 --token lqzqv2.j1unv3hpmmcbcnp4 \
--discovery-token-ca-cert-hash sha256:5cc644c4f2ab3b6396668fda422137c8fb8e38bc56c331996abd87b52aacb425
node2配置 &&node3配置
配置与node一样这里不做说明
master节点使用 kubectl apply -f 配置网络插件
[root@master ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
出现报错
The connection to the server raw.githubusercontent.com was refused - did you specify the right host or port?
解决方法:
解析出raw.githubusercontent.com的ip 配置host
配置完成运行一下命令发现node已经ready
root@k8s-master1:~# kubectl get nodes
##报错
运行命令 kubectl get cs报错
解决办法
解决方法:
cd /etc/kubernetes/manifest
然后将你的scheduler以及controll manager .yaml中把port=0 改成对应的数值(port=10251和port=10252)
过几分钟重新执行命令
kubectl get cs
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
23
0- 0
已为社区贡献2条内容
所有评论(0)