使用kubeadm搭建Kubernetes高可用集群
一、环境配置1、关闭swapswapoff -avi /etc/fstabremove the line with swap keyword2、配置系统参数cat <<EOF | sudo tee /etc/modules-load.d/k8s.confbr_netfilterEOFcat <<EOF | sudo tee /etc/sysctl.d/k8s.confnet
·
一、环境配置
1、关闭swap
swapoff -a
vi /etc/fstab
remove the line with swap keyword
2、配置系统参数
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
#更新apt包索引并安装使用Kubernetes apt库所需的包
sudo sysctl --system
sudo apt-get install -y apt-transport-https ca-certificates curl
二、安装docker
1、安装
apt install docker.io
2、配置docker cgroupdriver为systemd
vi /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
systemctl daemon-reload
systemctl restart docker
三、安装k8s高可用集群
1、安装kubeadm
#三节点都操作
sudo curl -s https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add --
2、添加kubernetes镜像仓库
#三节点都操作
sudo tee /etc/apt/sources.list.d/kubernetes.list <<-'EOF'
deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main
EOF
3、安装kubelet, kubeadm and kubectl
#三节点都操作
sudo apt-get update
sudo apt-get install -y kubectl kubeadm kubelet
sudo apt-mark hold kubectl kubeadm kubelet
4、配置hosts(三台节点都配置)
#三节点都操作
vi /etc/hosts
192.168.0.61 ops-master-1
192.168.0.62 ops-node-1
192.168.0.63 ops-node-2
192.168.0.61 master.xing.io
5、编辑配置文件
#master-1
cat kubeadm-ha.yaml
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
clusterName: "kubernetes"
kubernetesVersion: "v1.23.4"
controlPlaneEndpoint: "master.xing.io"
certificatesDir: "/etc/kubernetes/pki"
imageRepository: "registry.aliyuncs.com/google_containers"
etcd:
# one of local or external
local:
dataDir: "/var/lib/etcd"
serverCertSANs:
- "127.0.0.1"
- "192.168.0.61"
- "192.168.0.62"
- "192.168.0.63"
- "localhost"
- "master.xing.io"
peerCertSANs:
- "127.0.0.1"
- "192.168.0.61"
- "192.168.0.62"
- "192.168.0.63"
- "localhost"
- "master.xing.io"
networking:
podSubnet: "10.10.0.0/16"
dnsDomain: "cluster.local"
apiServer:
extraArgs:
authorization-mode: "Node,RBAC"
certSANs:
- "127.0.0.1"
- "192.168.0.61"
- "192.168.0.62"
- "192.168.0.63"
- "localhost"
- "ops-master-1"
- "ops-node-1"
- "ops-node-2"
- "master.xing.io"
timeoutForControlPlane: 4m0s
---
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
# kubelet specific options here
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
# kube-proxy specific options here
---
apiVersion: kubeadm.k8s.io/v1beta2
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: "192.168.0.61"
bindPort: 6443
6、集群初始化
kubeadm init --config kubeadm-ha.yaml --upload-certs=true
7、配置kubeconfig
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
8、配置master污点
kubectl taint nodes --all node-role.kubernetes.io/master-
9、安装网络组件calico
kubectl create -f https://docs.projectcalico.org/manifests/tigera-operator.yaml
wget https://docs.projectcalico.org/manifests/custom-resources.yaml
vim custom-resources.yaml
#改为初始化的地址
安装完成
10、加入集群,组成高可用
kubeadm join master.xing.io:6443 --token 4p7awq.89ovg113kwaagf64 \
--discovery-token-ca-cert-hash sha256:f17c08733d77f417470bf3540d93394c8d7715ae90741489c670549a3a77d76f \
--control-plane --certificate-key d53d1efc9bf30592c8a2f3edd23496c4f0363ab28f559e2ec34789e6bef62401
11、查看集群状态
我这里部署的是三节点的集群,可以通过公有云slb或者haproxy+keeplived的方法来配置apiserver的负载均衡。
12、切换容器引擎为containerd
更多推荐
已为社区贡献7条内容
所有评论(0)