企业级CentOS 7安装k8s 和 docker-ce 到指定版本
1.检查是否关闭了 SELinux 和 iptables#检查 selinuxgetenforce#永久修改 selinuxsed 's/SELINUX=enforcing/SELINUX=disabled/' -i /etc/selinux/config#立即修改 selinuxsetenforce 0#关闭防火墙, 禁止防火墙自启动systemctl stop f...
·
1.检查是否关闭了 SELinux 和 iptables
#检查 selinux
getenforce
#永久修改 selinux
sed 's/SELINUX=enforcing/SELINUX=disabled/' -i /etc/selinux/config
#立即修改 selinux
setenforce 0
#关闭防火墙, 禁止防火墙自启动
systemctl stop firewalld; systemctl disable firewalld
2.关闭 swap ,目前 Kubernetes 和 Docker 尚不支持内存 swap 空间的隔离机制
#临时关闭,立即生效
swapoff -a
#永久关闭
sed -i '/swap/ s/^/#/' /etc/fstab
#检查是否生效
free -m
3.安装docker
#step 1: 安装GPG证书
rpm --import http://mirrors.aliyun.com/docker-ce/linux/centos/gpg
#step 2:安装需要的软件包
yum install -y yum-utils device-mapper-persistent-data lvm2
#step 3:下载yum源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#step 4:查看可安装的docker-ce
yum list docker-ce.x86_64 --showduplicates | sort -r
#step 5:安装指定的docker-ce版本
yum -y install docker-ce-18.09.9
systemctl start docker
systemctl enable docker
4.安装k8s
#step 1: GPG证书
rpm --import https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
#step 2:导入镜像源
cat /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
#step 3:安装指定版本kubeadm,kubelet,kubectl
yum install kubeadm-1.15.5-0 kubelet-1.15.5-0 kubectl-1.15.5-0
step 4:初始化master
cat >init.yml<<-EOF
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
clusterName: kubernetes
imageRepository: registry.aliyuncs.com/google_containers
# curl https://storage.googleapis.com/kubernetes-release/release/stable-1.txt 查看当前最新版本.
# 必须小于等于 kubeadm 版本, 如想要升级需要先升级 kubeadm
kubernetesVersion: v1.15.5
apiServer:
extraArgs:
service-node-port-range: 80-32767
cloud-provider: external
extraVolumes:
- hostPath: /etc/localtime
mountPath: /etc/localtime
name: localtime
- hostPath: /etc/kubernetes
mountPath: /etc/kubernetes
name: etc-kubernetes-fs
controllerManager:
extraArgs:
cloud-provider: external
extraVolumes:
- hostPath: /etc/localtime
mountPath: /etc/localtime
name: localtime
scheduler:
extraVolumes:
- hostPath: /etc/localtime
mountPath: /etc/localtime
name: localtime
networking:
dnsDomain: cluster.local
podSubnet: 10.233.0.0/16
EOF
#初始化
kubeadm init --config init.yml
5.配置kubectl
mkdir -p $HOME/.kube
sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
# 移除 master 节点的污点
kubectl taint nodes k8s-master node-role.kubernetes.io/master:NoSchedule-
# kubectl 自动补全
echo 'source <(kubectl completion bash)' >> ~/.bashrc
# 重启 shell
exec $SHELL -l
5.安装calico网络
#下载 Calico 配置文件
curl https://docs.projectcalico.org/v3.9/manifests/calico-etcd.yaml -O
#step 1:修改etcd配置
# 修改网络配置
POD_CIDR=`grep 'cluster-cidr' /etc/kubernetes/manifests/kube-controller-manager.yaml | awk -F= '{print $2}'`
sed -i -e "s?192.168.0.0/16?$POD_CIDR?g" calico-etcd.yaml
# 修改证书
sed -i 's/# \(etcd-.*\)/\1/' calico-etcd.yaml
etcd_key=$(cat /etc/kubernetes/pki/etcd/peer.key | base64 -w 0)
etcd_crt=$(cat /etc/kubernetes/pki/etcd/peer.crt | base64 -w 0)
etcd_ca=$(cat /etc/kubernetes/pki/etcd/ca.crt | base64 -w 0)
sed -i -e 's/\(etcd-key: \).*/\1'$etcd_key'/' \
-e 's/\(etcd-cert: \).*/\1'$etcd_crt'/' \
-e 's/\(etcd-ca: \).*/\1'$etcd_ca'/' calico-etcd.yaml
# 修改 etcd 地址
ETCD=$(grep 'advertise-client-urls' /etc/kubernetes/manifests/etcd.yaml | awk -F= '{print $2}')
sed -i -e 's@\(etcd_endpoints: \).*@\1"'$ETCD'"@' \
-e 's/\(etcd_.*:\).*#/\1/' \
-e 's/replicas: 1/replicas: 2/' calico-etcd.yaml
# 指定探测网卡
sed '/autodetect/a\ - name: IP_AUTODETECTION_METHOD\n value: "interface=eth0"' -i calico-etcd.yaml
step 2:开始创建calico
kubectl apply -f calico-etcd.yaml
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献4条内容
所有评论(0)