k8s学习(二)k8s集群安装
目录前言一、环境准备二、安装步骤前言在Centos7下安装k8s集群,安装的版本是 1.20.2一、环境准备1、集群节点准备两台机器iphostname节点172.16.10.158k8s-mastermaster节点172.16.10.159k8s-node01node01节点2、设置hostnamemaster节点上执行hostnamectl set-hostname k8s-masterno
前言
在Centos7下安装k8s集群,安装的版本是 1.20.2
一、环境准备
1、集群节点
准备两台机器
ip | hostname | 节点 |
---|---|---|
172.16.10.158 | k8s-master | master节点 |
172.16.10.159 | k8s-node01 | node01节点 |
2、设置hostname
master节点上执行
hostnamectl set-hostname k8s-master
node节点上执行
hostnamectl set-hostname k8s-node01
然后把所有主机加入/etc/hosts文件,所有机器都执行
echo "172.16.10.158 k8s-master" >> /etc/hosts
echo "172.16.10.159 k8s-node01" >> /etc/hosts
3、关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
4、关闭selinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
5、关闭swap
swapoff -a
永久关闭,打开/etc/fstab,注释掉
#/dev/mapper/centos-swap swap swap defaults 0 0
6、配置系统内核参数
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
vm.swappiness = 0
EOF
执行命令使得配置生效
sysctl -p /etc/sysctl.d/k8s.conf
7、设置FORWARD规则为ACCEPT
iptables -P FORWARD ACCEPT
开机自启
cat > /usr/lib/systemd/system/forward-accept.service <<EOF
[Unit]
Description=set forward accept
After=docker.service
[Service]
ExecStart=/usr/sbin/iptables -P FORWARD ACCEPT
[Install]
WantedBy=multi-user.target
EOF
systemctl enable forward-accept && systemctl start forward-accept
二、安装步骤
1、安装docker
2、安装k8s组件
安装组件 kubelet、kubeadm、kubectl
(1)配置yum源
cat > /etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
(2)安装
yum install -y kubelet-1.20.2-0.x86_64 kubeadm-1.20.2-0.x86_64 kubectl-1.20.2-0.x86_64
(3)开机自启
systemctl enable kubelet
systemctl start kubelet
3、配置daemon.json
配置镜像拉取地址
cat << EOF > /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver= cgroupfs"],
"insecure-registries":["172.16.10.158:80", "quay.io", "k8s.gcr.io", "gcr.io"]
}
EOF
重启docker
systemctl daemon-reload
systemctl restart docker
4、安装master节点
(1)设置cgroup-driver=cgroupfs
各机器都执行
sed -i 's!Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"!Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --cgroup-driver=cgroupfs"!g' /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf
(2)在master节点上初始化master
如果下载镜像较慢,则可以将镜像提前打包到本地镜像仓库中。
kubeadm init --kubernetes-version=v1.20.2 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --apiserver-advertise-address=172.16.10.158 --ignore-preflight-errors=Swap --ignore-preflight-errors=NumCPU
执行成功,会输出
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 172.16.10.158:6443 --token nw86ui.sbqzw77nflspgfb2 \
--discovery-token-ca-cert-hash sha256:598b7f5d72443cbef9fedac57c2b4ef59f06dc719f9f634b23e662270830438c
(3)让用户使用kubelet
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
5、安装node
执行安装master时打印的token
[root@k8s-node01 scripts]#kubeadm join 172.16.10.158:6443 --token nw86ui.sbqzw77nflspgfb2 \
--discovery-token-ca-cert-hash sha256:598b7f5d72443cbef9fedac57c2b4ef59f06dc719f9f634b23e662270830438c
[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
查看集群
[root@k8s-master k8s]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master NotReady control-plane,master 5m26s v1.20.2
k8s-node01 NotReady <none> 106s v1.20.2
6、安装网络组件calio
下载calico.yaml,在该文件目录执行
kubectl apply -f calico.yaml
7、安装完后,等待pod都执行成功
[root@k8s-master calico]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-7fcc594497-9mzrr 1/1 Running 0 45s
calico-node-92sl4 1/1 Running 0 45s
calico-node-nhvkp 1/1 Running 0 45s
coredns-74ff55c5b-85vhs 1/1 Running 0 9m22s
coredns-74ff55c5b-gw9sp 1/1 Running 0 9m22s
etcd-k8s-master 1/1 Running 0 9m27s
kube-apiserver-k8s-master 1/1 Running 0 9m27s
kube-controller-manager-k8s-master 1/1 Running 0 9m27s
kube-proxy-cm9j4 1/1 Running 0 5m59s
kube-proxy-t9z7p 1/1 Running 0 9m22s
kube-scheduler-k8s-master 1/1 Running 0 9m27s
[root@k8s-master calico]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane,master 9m42s v1.20.2
k8s-node01 Ready <none> 6m2s v1.20.2
可以看出,节点都处于Ready状态。
更多推荐
所有评论(0)