架构运维练手篇之-阿里云环境使用kubeadm安装K8S集群
1.1规划节点环境安装服务Ip 域名Centos7.6Docker,kubectl,kubeadm,kubelet,nfs-client,ansible172.31.201.10 k8s-masterCentos7.6...
1.1规划节点
环境 | 安装服务 | Ip 域名 |
Centos7.6 | Docker,kubectl,kubeadm,kubelet,nfs-client,ansible | 172.31.201.10 k8s-master
|
Centos7.6 | Docker,kubelet,nfs-client | 172.31.201.11 k8s-node01
|
Centos7.6 | Docker,kubelet,nfs-server | 172.31.201.12 k8s-node0 |
1.2 安装步骤
yum install epel-release -y
yum install ansible -y
[root@k8s-master ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.31.201.10 iZm5ehz8ds4xjbmdyu99b5Z iZm5ehz8ds4xjbmdyu99b5Z
172.31.201.10 k8s-master
172.31.201.11 k8s-node01
172.31.201.12 k8s-node0
[root@k8s-master ~]# cat /etc/ansible/hosts
[k8scluster]
k8s-master
k8s-node01
k8s-node02
[node]
k8s-node01
k8s-node02
hostname k8s-master
[root@k8s-master ~]# cat /etc/sysconfig/network
# Created by anaconda
HOSTNAME=k8s-master
###配置完退出
exit
###退出再次登录则可以看到效果(同样操作其他节点)
ssh root@172.31.201.11
ssh root@172.31.201.12
ssh-keygen -t dsa -P "" -f ~/.ssh/id_dsa
ssh-copy-id -i .ssh/id_dsa.pub root@k8s-node01
ssh-copy-id -i .ssh/id_dsa.pub root@k8s-node02
####批量设置
ansible all -m command -a 'setenforce 0 '
###给本机添加账号授权
cat .ssh/id_dsa.pub
vim .ssh/authorized_keys
ssh k8s-master
ansible all -m command -a 'setenforce 0 '
ansible all -m command -a 'sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux'
cat /etc/sysconfig/selinux
systemctl stop firewalld
systemctl disable firewalld
ansible all -m command -a 'systemctl stop firewalld'
ansible all -m command -a 'systemctl disable firewalld'
ansible all -m command -a 'swapoff -a'
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
ansible node -m copy -a 'src=/etc/sysctl.d/k8s.conf dest=/etc/sysctl.d/k8s.conf'
ansible node -m command -a 'sysctl --system /etc/sysctl.d/k8s.conf '
###同步系统时间
yum install -y ntpdate
ntpdate ntp1.aliyun.com
ansible node -m command -a 'yum install -y ntpdate '
ansible node -m command -a 'ntpdate time.windows.com'
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache fast
yum -y install docker-ce
systemctl start docker
###批量操作
ansible node -m command -a 'yum install -y yum-utils device-mapper-persistent-data lvm2'
ansible node -m command -a 'yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo'
ansible node -m command -a 'yum makecache fast'
ansible node -m command -a 'yum -y install docker-ce'
ansible node -m command -a 'systemctl start docker'
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
###批量拷贝
ansible node -m copy -a 'src=/etc/yum.repos.d/kubernetes.repo dest=/etc/yum.repos.d/kubernetes.repo'
###master安装
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet
###节点安装
ansible node -m command -a 'yum install -y kubelet kubeadm kubectl'
ansible node -m command -a 'systemctl enable kubelet && systemctl start kubelet'
kubeadm init --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.14.1 --pod-network-cidr=10.244.0.0/16
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get node
kubectl get cs
docker images
kubectl get pod
ls
tail -f /var/log/messages
wget https://raw.githubusercontent.com/coreos/flannel/a70459be0084506e4ec919aa1c114638878db11b/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
### 继续查看节点状态
kubectl get node
##查看是否启动了cni0,flannel.1网卡
ifconfig
###继续查看组件状态
kubectl get cs
kubectl get node
kubectl get pod --all-namespaces
###查看flannel是否生效
(coredns的IP与上面init时的网段10.244.0.0/16一致即可)
kubectl get pod --all-namespaces -o wide节点安装
- 将master节点调节成可分配节点
kubectl taint nodes --all node-role.kubernetes.io/master-
###拷贝配置
ansible node -m copy -a 'src=/root/.kube/config dest=/root/.kube/'
###获取主节点加入方式
###查看集群所需token信息
kubeadm token create $token --print-join-command --ttl=0
[root@k8s-master ~]# kubeadm token create $token --print-join-command --ttl=0
kubeadm join 172.31.201.10:6443 --token n1hqse.zprv5gkoj4lf07gd --discovery-token-ca-cert-hash sha256:4868590cf9a834ace4710563f69d28c2a7702d685ff0ff3e008d905bdb45b40f
###批量加入
ansible node -m command -a 'kubeadm join 172.31.201.10:6443 --token n1hqse.zprv5gkoj4lf07gd --discovery-token-ca-cert-hash sha256:4868590cf9a834ace4710563f69d28c2a7702d685ff0ff3e008d905bdb45b40f
###在master的join命令里加入 --experimental-control-plane 参数,这个就是master集群的加入,不是普通node节点的加入.
kubeadm join 172.31.201.10:6443 --token n1hqse.zprv5gkoj4lf07gd --discovery-token-ca-cert-hash sha256:4868590cf9a834ace4710563f69d28c2a7702d685ff0ff3e008d905bdb45b40f
--experimental-control-plane
参考文档: https://kubernetes.io/zh/docs/reference/setup-tools/kubeadm/kubeadm-init/
更多推荐
所有评论(0)