安装kubelet、kubeadm、kubectl

在3台服务器上安装

#配置kubernetes源
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
   http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF

#安装kubernetes
sudo yum install -y kubelet-1.23.5 kubeadm-1.23.5 kubectl-1.23.5 --disableexcludes=kubernetes --nogpgcheck

#设置开机启动
sudo systemctl enable --now kubelet

下载k8s需要使用到的镜像

sudo tee ./images.sh <<-'EOF'
#!/bin/bash
images=(
kube-apiserver:v1.23.5
kube-proxy:v1.23.5
kube-controller-manager:v1.23.5
kube-scheduler:v1.23.5
coredns:v1.8.6
etcd:3.5.1-0
pause:3.6
)
for imageName in ${images[@]} ; do
docker pull registry.aliyuncs.com/google_containers/$imageName
done
EOF

#开始下载
chmod +x ./images.sh && ./images.sh


#所有机器添加master域名映射,以下需要修改为自己master节点的ip
echo "192.168.99.200  cluster-endpoint" >> /etc/hosts

主节点初始化master(只在k8s-node1上执行)

kubeadm init \
--apiserver-advertise-address=192.168.99.200 \
--control-plane-endpoint=cluster-endpoint \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.23.5 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=172.31.0.0/16 \
--ignore-preflight-errors=all


#service-cidr是service层的ip范围,pod-network-cidr是pod层的ip范围,注意所有网络范围不重叠
#由于master节点的ip是192.168.99.200,pod-network-cidr的ip地址范围不能与master节点的地址重叠,修改成172.31.0.0

执行成功后,会显示以下内容

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of control-plane nodes by copying certificate authorities
and service account keys on each node and then running the following as root:

  kubeadm join cluster-endpoint:6443 --token innnad.cuew0pzpwa39k4xz \
    --discovery-token-ca-cert-hash sha256:c16136023c964d93c69cbad06a6f29b98d25a05b4f98c477f9c6ba8f014d15df \
    --control-plane 

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join cluster-endpoint:6443 --token innnad.cuew0pzpwa39k4xz \
    --discovery-token-ca-cert-hash sha256:c16136023c964d93c69cbad06a6f29b98d25a05b4f98c477f9c6ba8f014d15df

在主节点中执行:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

在主节点中查询节点状态

#节点状态为NotReady,还需要在主节点中安装网络配置
kubectl get nodes

#运行中的应用在docker里面叫容器,在k8s里面叫Pod。等待除coredns之外的pod状态变更成Running
kubectl get pods -A

安装网络组件(在master执行)

curl https://docs.projectcalico.org/manifests/calico.yaml -O

#注意:pod-network-cidr中的ip需要与calico.yaml中的ip一致,查找到192.168.0.0修改成172.31.0.0
#特别注意:在windows中使用notepad编写yaml再导入到centos中,执行时可能会出现一些问题
cat calico.yaml |grep 192.168
vi calico.yaml
            - name: CALICO_IPV4POOL_CIDR
              value: "172.31.0.0/16"


kubectl apply -f calico.yaml

#再次查询主节点的状态,等待pod都处于Running状态
kubectl get nodes
kubectl get pods -A

加入子节点

在k8s-node2、k8s-node3中执行命令,把2个节点加入到集群中(使用kubeadm init中产生的token,token有效期24小时)

kubeadm join cluster-endpoint:6443 --token innnad.cuew0pzpwa39k4xz \
    --discovery-token-ca-cert-hash sha256:c16136023c964d93c69cbad06a6f29b98d25a05b4f98c477f9c6ba8f014d15df

在master查看所有节点信息,等待所有节点处于Ready状态,pod都处于Running状态

kubectl get nodes
kubectl get pods -A

3台服务器重启,看下是否能正常自动启动

reboot
kubectl get nodes
kubectl get pods -A

重新生成k8s token

kubeadm init生成的token在24小时内有效,如果过期了,生成新令牌
kubeadm token create --print-join-command

掉电后kubernetes无法启动异常

kubectl get nodes -o wide
#The connection to the server cluster-endpoint:6443 was refused - did you specify the right host or port?

#尝试在主节点重启kubelet
systemctl restart kubelet
kubectl get nodes -o wide

docker ps -a | grep api
docker logs -f b93e39360cd1
#ransport: Error while dialing dial tcp 127.0.0.1:2379: connect: connection refused". Reconnecting...
#etcd连接不上

docker ps -a | grep etcd
docker logs -f 84ed32a41a6c
#recovering backend from snapshot error: failed to find database snapshot file (snap: snapshot file doesn't exist)
#掉电导致etcd文件损坏,etcd需要定期备份数据

参考:
掉电后kubernetes无法启动异常

卸载k8s

#删除k8s组件
kubectl delete node --all
kubeadm reset -f

#卸载kubelet,kubectl 
yum remove kubelet kubectl kubeadm -y

#删除相关的配置文件
rm -rf $HOME/.kube/
rm -rf /etc/kubernetes/
rm -rf /etc/cni
rm -rf /var/lib/etcd

#删除其它容器和所有镜像
docker kill $(docker ps -a -q)
docker rm $(docker ps -a -q)
docker rmi -f $(docker images -q)

#docker重启
systemctl daemon-reload
systemctl restart docker
# kubernetes # kubelet # docker
Logo
K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 |  韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号​前言台湾作家林清玄在接受记者采访的时候,如此评价自己 30 多年写作生涯:“第一个十年我才华横溢,‘贼光闪现’,令周边黯然失色;第二个十年,我终于‘宝光现形’,不再去抢风头,反而与身边的美丽相得益彰;进入第三个十年,繁华落尽见真醇,我进入了‘醇光初现’的阶段,真正体味到了境界之美”。​长夜有穷,真水无香。领略过了 K8s“身在江

avatar K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台?

作者 | 孙健波(天元)导读:当前云原生 DevOps 体系现状如何?面临哪些挑战?如何通过 OAM 解决云原生 DevOps 场景下的诸多问题?云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答,并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps?为什么基于 Kub

avatar K8S/Kubernetes

k8s 火了!

2020,上云之年,产品云端化成为一种趋势。在一线城市,很多公司都已经构建了自己的私有云环境,比如阿里云、网易云、华为云等。而Kubernetes 作为基于容器编排领域的王者,具备扩展...

avatar K8S/Kubernetes