kubeadm join 192.168.1.101:6443 --token tkajci.hrpqvfer1jsbkm78 \
    --discovery-token-ca-cert-hash sha256:3186a65a44a9132d0bc70272749df32240273e3af6b12d16aeaa7dc81b9c0018

已成功 明天整理命令:

关闭防火墙:

ufw disable

关闭swap:

swapoff -a

sed -i 's/.*swap.*/#&/' /etc/fstab

配置apt源:

vi /etc/apt/sources.list

deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
k8s软件源

执行apt-get update

如果出现报错:

GPG 错误:https://mirrors.aliyun.com kubernetes-xenial InRelease: 由于没有公钥,无法验证下列签名: NO_PUBKEY 6A030B21BA07F4FB

apt-get update
Get:1 https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial InRelease [9,383 B]
Err:1 https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial InRelease               
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6A030B21BA07F4FB NO_PUBKEY 8B57C5C2836F4BEB
Hit:2 http://cn.archive.ubuntu.com/ubuntu bionic InRelease                        
Hit:3 http://cn.archive.ubuntu.com/ubuntu bionic-updates InRelease
Hit:4 http://cn.archive.ubuntu.com/ubuntu bionic-backports InRelease
Hit:5 http://cn.archive.ubuntu.com/ubuntu bionic-security InRelease
Reading package lists... Done
W: GPG error: https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 6A030B21BA07F4FB NO_PUBKEY 8B57C5C2836F4BEB
E: The repository 'https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
 

 

则执行以下语句:把上面的公钥拷出来

root@lijian2:~# gpg --keyserver keyserver.ubuntu.com --recv 6A030B21BA07F4FB
gpg: directory '/root/.gnupg' created
gpg: keybox '/root/.gnupg/pubring.kbx' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 6A030B21BA07F4FB: public key "Google Cloud Packages Automatic Signing Key <gc-team@google.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
root@lijian2:~# gpg --export --armor 6A030B21BA07F4FB | sudo apt-key add -
OK

然后再执行:apt-get update

配置时间同步:

apt-get install -y ntpdate

timedatectl set-timezone Asia/Shanghai

安装k8s组件:

apt-get install -y kubelet=1.18.8-00 kubeadm=1.18.8-00 kubectl=1.18.8-00

安装docker

apt-get remove docker docker-engine docker.io containerd runc

add-apt-repository    "deb [arch=amd64] https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/ \
$(lsb_release -cs) \
stable"
apt-get update
 apt-get install docker-ce docker-ce-cli containerd.io
查看
  kubeadm config images list --kubernetes-version v1.18.8 需要的镜像:

准备镜像:

docker pull registry.aliyuncs.com/google_containers/kube-apiserver:v1.18.8
docker pull registry.aliyuncs.com/google_containers/kube-controller-manager:v1.18.8
docker pull registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.8
docker pull registry.aliyuncs.com/google_containers/kube-proxy:v1.18.8
docker pull registry.aliyuncs.com/google_containers/pause:3.2
docker pull registry.aliyuncs.com/google_containers/etcd:3.4.3-0
docker pull registry.aliyuncs.com/google_containers/coredns:1.6.7
docker tag registry.aliyuncs.com/google_containers/kube-apiserver:v1.18.8 k8s.gcr.io/kube-apiserver:v1.18.8
 docker tag registry.aliyuncs.com/google_containers/kube-controller-manager:v1.18.8 k8s.gcr.io/kube-controller-manager:v1.18.8
 docker tag registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.8 k8s.gcr.io/kube-scheduler:v1.18.8
 docker tag registry.aliyuncs.com/google_containers/kube-proxy:v1.18.8 k8s.gcr.io/kube-proxy:v1.18.8
docker tag registry.aliyuncs.com/google_containers/etcd:3.4.3-0 k8s.gcr.io/etcd:3.4.3-0
 docker tag registry.aliyuncs.com/google_containers/pause:3.2  k8s.gcr.io/pause:3.2
docker tag registry.aliyuncs.com/google_containers/coredns:1.6.7 k8s.gcr.io/coredns:1.6.7
docker rmi registry.aliyuncs.com/google_containers/kube-apiserver:v1.18.8
docker rmi registry.aliyuncs.com/google_containers/kube-controller-manager:v1.18.8
docker rmi registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.8
docker rmi registry.aliyuncs.com/google_containers/kube-proxy:v1.18.8
docker rmi registry.aliyuncs.com/google_containers/etcd:3.4.3-0
docker rmi registry.aliyuncs.com/google_containers/pause:3.2
docker rmi registry.aliyuncs.com/google_containers/coredns:1.6.7

启动k8s组件:

kubeadm init --kubernetes-version=v1.18.8 --pod-network-cidr=10.10.0.0/16 --apiserver-advertise-address=192.168.1.101

得到文章开头的init命令

mkdir -p /root/.kube
cp -i /etc/kubernetes/admin.conf /root/.kube/config
chown root:root /root/.kube/config

安装flannel网络
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

至此master节点已安装完毕:

kubectl get node
NAME     STATUS   ROLES    AGE   VERSION
lijian   Ready    master   39h   v1.18.8

在主节点上查看组件状态:

root@lijian:~/k8s# kubectl get cs
NAME                 STATUS      MESSAGE                                                                                     ERROR
scheduler            Unhealthy   Get http://127.0.0.1:10251/healthz: dial tcp 127.0.0.1:10251: connect: connection refused   
controller-manager   Unhealthy   Get http://127.0.0.1:10252/healthz: dial tcp 127.0.0.1:10252: connect: connection refused   
etcd-0               Healthy     {"health":"true"}                                                                           
root@lijian:~/k8s# vi /etc/kubernetes/
admin.conf               controller-manager.conf  kubelet.conf             manifests/               pki/                     scheduler.conf           
root@lijian:~/k8s# vi /etc/kubernetes/
admin.conf               controller-manager.conf  kubelet.conf             manifests/               pki/                     scheduler.conf           
root@lijian:~/k8s# vi /etc/kubernetes/manifests/kube-controller-manager.yaml 
root@lijian:~/k8s# vi /etc/kubernetes/manifests/kube-scheduler.yaml 

将上面两个文件里面的port=0去掉即可 然后重启
root@lijian:~/k8s# systemctl restart kubelet

 

搭建节点192.168.1.2/3

出现以下情况:

root@lijian2:/etc/kubernetes# export KUBECONFIG=/etc/kubernetes/kubelet.conf 
root@lijian2:/etc/kubernetes# source /etc/profile
root@lijian2:/etc/kubernetes# kubectl get cs
Error from server (Forbidden): componentstatuses is forbidden: User "system:node:lijian2" cannot list resource "componentstatuses" in API group "" at t

解决办法:

在master192.168.1.1上执行以下权限授予命令:

root@lijian:/etc/kubernetes# kubectl create clusterrolebinding system:node:lijian2 --clusterrole=cluster-admin --user=system:node:lijian2
clusterrolebinding.rbac.authorization.k8s.io/system:node:lijian2 created

再来查看即可:
root@lijian2:/etc/kubernetes# kubectl get cs
NAME                 STATUS    MESSAGE             ERROR
controller-manager   Healthy   ok                  
scheduler            Healthy   ok                  
etcd-0               Healthy   {"health":"true"}   

# kubernetes
Logo
K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 |  韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号​前言台湾作家林清玄在接受记者采访的时候,如此评价自己 30 多年写作生涯:“第一个十年我才华横溢,‘贼光闪现’,令周边黯然失色;第二个十年,我终于‘宝光现形’,不再去抢风头,反而与身边的美丽相得益彰;进入第三个十年,繁华落尽见真醇,我进入了‘醇光初现’的阶段,真正体味到了境界之美”。​长夜有穷,真水无香。领略过了 K8s“身在江

avatar K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台?

作者 | 孙健波(天元)导读:当前云原生 DevOps 体系现状如何?面临哪些挑战?如何通过 OAM 解决云原生 DevOps 场景下的诸多问题?云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答,并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps?为什么基于 Kub

avatar K8S/Kubernetes

k8s 火了!

2020,上云之年,产品云端化成为一种趋势。在一线城市,很多公司都已经构建了自己的私有云环境,比如阿里云、网易云、华为云等。而Kubernetes 作为基于容器编排领域的王者,具备扩展...

avatar K8S/Kubernetes