系统要求

至少2 CPU , 4G RAM

cat /proc/cpuinfo |grep 'processor' |wc -l 确认cpu个数

关闭防火墙

systemctl stop firewalld
systemctl disable firewalld

关闭selinux

sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
# 将 SELinux 设置为 permissive 模式(相当于将其禁用)
setenforce 0

关闭swap

swapoff -a

修改 /etc/fstab 文件,注释掉 SWAP 的自动挂载,使用free -m确认swap已经关闭。

将桥接的ipv4的流量传递到iptables的链
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
#执行命令使修改生效。
modprobe br_netfilter
sysctl -p /etc/sysctl.d/k8s.conf 或者 sysctl --system

安装docker

yum install yum-utils device-mapper-persistent-data lvm2
yum-config-manager  --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum update && yum install containerd.io-1.2.10 docker-ce-19.03.4 docker-ce-cli-19.03.4
mkdir /etc/docker

cat > /etc/docker/daemon.json <<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ]
}
EOF

mkdir -p /etc/systemd/system/docker.service.d
systemctl daemon-reload
systemctl restart docker
systemctl enable docker.service
systemctl enable docker
service docker start

安装kubeadm , kubectl , kubelet

kebeadm国内镜像

http://blog.19910813.cn//archives/kubeadm-mirrors


yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

systemctl enable --now kubelet

获取启动k8s所需的镜像:

kubeadm config images list

k8s.gcr.io/kube-apiserver:v1.18.2
k8s.gcr.io/kube-controller-manager:v1.18.2
k8s.gcr.io/kube-scheduler:v1.18.2
k8s.gcr.io/kube-proxy:v1.18.2
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.3-0
k8s.gcr.io/coredns:1.6.7

拉取k8s所需的镜像:
docker pull registry.cn-hangzhou.aliyuncs.com/fushiyong/kube-apiserver:v1.18.2
docker pull registry.cn-hangzhou.aliyuncs.com/fushiyong/kube-controller-manager:v1.18.2
docker pull registry.cn-hangzhou.aliyuncs.com/fushiyong/kube-scheduler:v1.18.2
docker pull registry.cn-hangzhou.aliyuncs.com/fushiyong/kube-proxy:v1.18.2
docker pull registry.cn-hangzhou.aliyuncs.com/fushiyong/pause:3.2
docker pull registry.cn-hangzhou.aliyuncs.com/fushiyong/etcd:3.4.3-0
docker pull registry.cn-hangzhou.aliyuncs.com/fushiyong/coredns:1.6.7

docker tag registry.cn-hangzhou.aliyuncs.com/fushiyong/kube-apiserver:v1.18.2 k8s.gcr.io/kube-apiserver:v1.18.2
docker tag registry.cn-hangzhou.aliyuncs.com/fushiyong/kube-controller-manager:v1.18.2 k8s.gcr.io/kube-controller-manager:v1.18.2
docker tag registry.cn-hangzhou.aliyuncs.com/fushiyong/kube-scheduler:v1.18.2 k8s.gcr.io/kube-scheduler:v1.18.2
docker tag registry.cn-hangzhou.aliyuncs.com/fushiyong/kube-proxy:v1.18.2 k8s.gcr.io/kube-proxy:v1.18.2
docker tag registry.cn-hangzhou.aliyuncs.com/fushiyong/pause:3.2 k8s.gcr.io/pause:3.2
docker tag registry.cn-hangzhou.aliyuncs.com/fushiyong/etcd:3.4.3-0 k8s.gcr.io/etcd:3.4.3-0
docker tag registry.cn-hangzhou.aliyuncs.com/fushiyong/coredns:1.6.7 k8s.gcr.io/coredns:1.6.7

更改kubelet的参数

vi /etc/sysconfig/kubelet

改为如下参数
KUBELET_EXTRA_ARGS=--cgroup-driver=systemd

需要重新启动 kubelet:

systemctl daemon-reload
systemctl restart kubelet

启动kubernetes
kubeadm init --pod-network-cidr=10.244.0.0/16

安装网络插件

kubectl apply -f https://docs.projectcalico.org/v3.8/manifests/calico.yaml

设置Master节点Kubelet客户端连接配置文件
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

验证Master节点是否Ready

kubectl get nodes

验证Pod是否全部Running

kubectl get pods

控制台返回以下类似,即代表安装成功.
token失效时候,再次生成token命令.
kubeadm token create --print-join-command

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.0.56:6443 --token 206f5v.ia2p04vuvxt9851a \
    --discovery-token-ca-cert-hash sha256:9bab0e23049aecb8861deb5cc7411979a2f3861963efb4ae5ed8a362bae4d08f

Node节点加入

kubeadm join 192.168.0.56:6443 --token 206f5v.ia2p04vuvxt9851a --discovery-token-ca-cert-hash sha256:9bab0e23049aecb8861deb5cc7411979a2f3861963efb4ae5ed8a362bae4d08f

Node节点客户端连接配置文件,否则无法执行kubectl

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/kubelet.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

Congratulations~~~大功告成
# java # maven # docker
Logo
K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 |  韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号​前言台湾作家林清玄在接受记者采访的时候,如此评价自己 30 多年写作生涯:“第一个十年我才华横溢,‘贼光闪现’,令周边黯然失色;第二个十年,我终于‘宝光现形’,不再去抢风头,反而与身边的美丽相得益彰;进入第三个十年,繁华落尽见真醇,我进入了‘醇光初现’的阶段,真正体味到了境界之美”。​长夜有穷,真水无香。领略过了 K8s“身在江

avatar K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台?

作者 | 孙健波(天元)导读:当前云原生 DevOps 体系现状如何?面临哪些挑战?如何通过 OAM 解决云原生 DevOps 场景下的诸多问题?云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答,并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps?为什么基于 Kub

avatar K8S/Kubernetes

k8s 火了!

2020,上云之年,产品云端化成为一种趋势。在一线城市,很多公司都已经构建了自己的私有云环境,比如阿里云、网易云、华为云等。而Kubernetes 作为基于容器编排领域的王者,具备扩展...

avatar K8S/Kubernetes