centos 安装k8s
centos 安装k8s
第一步:(每台机子都做)
关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
第二步: (每台机子都做)
永久关闭selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config
第三步:(每台机子都做) #关闭swap 分区
sed -ri 's/.*swap.*/#&/' /etc/fstab
第四步: #设置主机名:(每台机子都做)
cat >> /etc/hosts <<EOF
192.168.235.134 k8s-master
192.168.235.131 k8s-node-1
192.168.235.132 k8s-node-2
192.168.235.133 k8s-node-3
EOF
第五步: #ssh 相互免密登录 (每台机子都做,copy id的命令本机不需要)
ssh-keygen -t rsa
ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.235.131
ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.235.132
ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.235.133
ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.235.134
第六步: 安装docker(可以封装成一个sh脚本直接执行)
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum -y install docker-ce
systemctl enable docker && systemctl start docker
cat > /etc/docker/daemon.json << EOF
{
"registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"]
}
EOF
systemctl daemon-reload
systemctl restart docker
查看是否安装好:systemctl status docker
第七步: 添加阿里云yum源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
第八步:(封装成脚本)
#!/bin/bash
# 关闭防火墙
systemctl disable firewalld
systemctl stop firewalld
# 关闭selinux
# 临时禁用selinux
setenforce 0
# 永久关闭 修改/etc/sysconfig/selinux文件设置
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
# 禁用交换分区
swapoff -a
# 永久禁用,打开/etc/fstab注释掉swap那一行。
sed -i 's/.*swap.*/#&/' /etc/fstab
# 修改内核参数
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
# 开启br_netfilter
modprobe br_netfilter
sysctl -p /etc/sysctl.d/k8s.conf
# 设置kubernetes.repo
tee /etc/yum.repos.d/kubernetes.repo <<-'EOF'
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
# 安装kubernetes-1.18.2(必须指定k8s版本号)
yum install kubectl-1.18.2 kubelet-1.18.2 kubeadm-1.18.2 -y
systemctl enable kubelet && systemctl start kubelet
第九步:集群初始化
kubeadm init \
--apiserver-advertise-address=192.168.235.134\
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.18.2 \
--service-cidr=10.1.0.0/16 \
--pod-network-cidr=10.244.0.0/16
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
第十步: 安装网络插件calico
curl https://docs.projectcalico.org/v3.10/manifests/calico.yaml -O
kubectl apply -f calico.yaml
第十一步:添加节点
kubeadm token create --print-join-command #永久的,关机也不会丢失
得到的命令之后依次去从节点执行
kubeadm join 192.168.235.134:6443 --token v64ga0.0yz6c7r6ypy7kxgy --discovery-token-ca-cert-hash sha256:5f7eb20f906c2506a5c0ea881a396b842aaa31c2ae06253087e9312bd2b9b7c9
添加完成后:
W0609 01:27:09.582159 36928 join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will be ignored when control-plane flag is not set.
[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected “cgroupfs” as the Docker cgroup driver. The recommended driver is “systemd”. Please follow the guide at https://kubernetes.io/docs/setup/cri/
[WARNING SystemVerification]: this Docker version is not on the list of validated versions: 20.10.17. Latest validated version: 19.03
[WARNING Hostname]: hostname “k8s-node1” could not be reached
[WARNING Hostname]: hostname “k8s-node1”: lookup k8s-node1 on 192.168.235.2:53: no such host
[preflight] Reading configuration from the cluster…
[preflight] FYI: You can look at this config file with ‘kubectl -n kube-system get cm kubeadm-config -oyaml’
[kubelet-start] Downloading configuration for the kubelet from the “kubelet-config-1.18” ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file “/var/lib/kubelet/config.yaml”
[kubelet-start] Writing kubelet environment file with flags to file “/var/lib/kubelet/kubeadm-flags.env”
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap…
This node has joined the cluster:
- Certificate signing request was sent to apiserver and a response was received.
- The Kubelet was informed of the new secure connection details.
Run ‘kubectl get nodes’ on the control-plane to see this node join the cluster.
可以去主节点看一下添加的节点:
kubectl get nodes
第十二步:安装dashboard
dashaboard 比较难下载,这里提供下载方式https://mp.csdn.net/mp_download/manage/download/UpDetailed
first:
修改yaml文件,默认的dashboard是没有配置NodePort的映射的。
在第42行下方添加2行
nodePort: 30000
type: NodePort
[root@k8s-master ~]# vim recommended.yaml
...
40 ports:
41 - port: 443
42 targetPort: 8443
43 nodePort: 30000
44 type: NodePort
45 selector:
46 k8s-app: kubernetes-dashboard
...
second:
添加dashboard管理员用户凭证。
[root@k8s-master ~]# cat >> recommended.yaml << EOF
---
# ------------------- dashboard-admin ------------------- #
apiVersion: v1
kind: ServiceAccount
metadata:
name: dashboard-admin
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: dashboard-admin
subjects:
- kind: ServiceAccount
name: dashboard-admin
namespace: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
EOF
third:
kubectl apply -f recommended.yaml
four:token 值获取
kubectl describe secrets -n kubernetes-dashboard dashboard-admin
**five:访问**
```bash
https://192.168.12.30:30000
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
1
0- 0
已为社区贡献3条内容
所有评论(0)