安装k8s-v1.20.6
本文将基于虚拟机器中centos7.9安装单节点k8s-v1.20.6。0.系统信息ip: 172.16.89.2hostname: hadoop00user: root1.系统参数配置1.1 关闭swap# 不关闭swap初始化会报错,有办法跳过,但是建议还是关闭swapoff -ased -i.bak '/swap/s/^/#/' /etc/fstab1.2关闭selinuxsetenforc
·
本文将基于虚拟机器中centos7.9安装单节点docker20.10.2和k8s-v1.20.6。
0.系统信息
ip: 172.16.89.2
hostname: hadoop00
user: root1.系统参数配置
1.1 关闭swap
# 不关闭swap初始化会报错,有办法跳过,但是建议还是关闭
swapoff -a
sed -i.bak '/swap/s/^/#/' /etc/fstab1.2关闭selinux
setenforce 0
sed -i 's/^ *SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config1.3网络配置
modprobe br_netfilter
cat > /etc/rc.sysinit << EOF
#!/bin/bash
for file in /etc/sysconfig/modules/*.modules ; do
[ -x $file ] && $file
done
EOF
cat > /etc/sysconfig/modules/br_netfilter.modules << EOF
modprobe br_netfilter
EOF
chmod 755 /etc/sysconfig/modules/br_netfilter.modules
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p /etc/sysctl.d/k8s.conf1.4防火墙配置
# 增加k8s service
cat > /etc/firewalld/services/k8s.xml << EOF
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>K8S</short>
<description>K8s ports, https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/ </description>
<port protocol="tcp" port="6443"/>
<port protocol="tcp" port="2379-2380"/>
<port protocol="tcp" port="10250"/>
<port protocol="tcp" port="10251"/>
<port protocol="tcp" port="10252"/>
<port protocol="tcp" port="30000-32767"/>
<port protocol="tcp" port="10255"/>
<port protocol="udp" port="8472"/>
<port protocol="tcp" port="443"/>
<port protocol="udp" port="53"/>
<port protocol="tcp" port="53"/>
<port protocol="tcp" port="9153"/>
</service>
EOF
firewall-cmd --add-masquerade --permanent
firewall-cmd --reload
firewall-cmd --zone=public --add-service=k8s --permanent
firewall-cmd --reload
firewall-cmd --query-service=k8s
# 最终返回yes表示防火墙配置ok2.安装docker
2.1安装docker20.10.2
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum list docker-ce --showduplicates | sort -r
yum install -y docker-ce-20.10.2 docker-ce-cli-20.10.2 containerd.io
yum -y install bash-completion
source /etc/profile.d/bash_completion.sh
systemctl enable docker && systemctl start docker2.2配置镜像加速
# 下图的****为自己从阿里云申请的加速器地址,需要自己替换
mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://****.mirror.aliyuncs.com"]
}
EOF3.安装k8s
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum clean all
yum -y makecache
yum list kubelet --showduplicates | sort -r
yum install -y kubelet-1.20.6 kubeadm-1.20.6 kubectl-1.20.6
systemctl enable kubelet && systemctl start kubelet
echo "source <(kubectl completion bash)" >> ~/.bash_profile
source ~/.bash_profile4.初始化k8s
kubeadm init --apiserver-advertise-address 172.16.89.2 --pod-network-cidr=10.244.0.0/16 --kubernetes-version=v1.20.6 --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.96.0.0/12
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
source ~/.bash_profile
# 允许master启动pods
kubectl describe node hadoop00 | grep -i taints
kubectl taint nodes hadoop00 node-role.kubernetes.io/master:NoSchedule-5.安装网络
# 官网链接
# https://v1-20.docs.kubernetes.io/zh/docs/concepts/cluster-administration/networking/#how-to-implement-the-kubernetes-networking-model
# 此处选择简单的flannel,如果有更高性能要求可以选择calico
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
# 执行完后看看是否正常启动
kubectl get pods -A
我此处结果如下图:
6.安装dashboard
# 部署dashboard
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml
# 替换为nodePort类型以及增加外部端口
sed -i '/targetPort: 8443/a\ \ \ \ \ \ nodePort: 30001\n\ \ type: NodePort' recommended.yaml
kubectl apply -f recommended.yaml
# 配置dashboard管理员账号
cat > dashboard-svc-account.yaml << EOF
apiVersion: v1
kind: ServiceAccount
metadata:
name: dashboard-admin
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: dashboard-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: dashboard-admin
namespace: kube-system
EOF
kubectl apply -f dashboard-svc-account.yaml
# 获取token
kubectl describe secrets -n kube-system `kubectl get secret -n kube-system | grep admin | awk '{print $1}'` | grep '^token'|awk '{print $2}'
查看dashboard服务
通过ip访问dashbord,我此处地址是:https://172.16.89.2:30001
由于证书问题,如果使用谷歌浏览器会出现如下界面:
鼠标点击浏览器空白部分输入 thisisunsafe
即可正常进入页面
通过上述命令获取token,输入即可登录
至此安装结束。
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献3条内容
所有评论(0)