IP地址主机名角色
192.168.200.16mastermaster
192.168.200.17k8s-node1worker
192.168.200.18k8s-node2worker

基础环境准备

tips:以下操作三个节点都要完成

修改host文件&&关闭防火墙&&配置时间与时区&&关闭 Swap&&开启IPv4转发(三个节点)

root@cfc:~# systemctl stop ufw
root@cfc:~# systemctl disable --now  ufw
Synchronizing state of ufw.service with SysV service script with /                                                                      lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable ufw
Removed /etc/systemd/system/multi-user.target.wants/ufw.service.
#修改hosts文件
root@master:~# cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 cfc
# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.200.16 master
192.168.200.17 k8s-node1
192.168.200.18 k8s-node2
#时间同步
root@cfc:~# timedatectl set-timezone Asia/Shanghai
root@cfc:~# apt install ntp -y
root@cfc:~# systemctl enable --now ntp
#修改主机名
root@cfc:~# hostnamectl set-hostname master
root@cfc:~# bas
root@master:~# date
Fri May 24 08:05:02 PM CST 2024
# 关闭swap内存
root@master:~# swapoff -a
root@master:~# sed -i '/swap/s/^/#/' /etc/fstab
#打开ipv4转发
root@master:~# cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
EOF
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
#不用重启,直接生效
root@master:~# sysctl --system
sudo nano /etc/sysctl.conf
在文件的末尾添加以下两行配置
net.bridge.bridge-nf-call-iptables = 1 
net.ipv4.ip_forward = 1
sudo sysctl -p
# 載入Kernel Modules
root@k8s-node2:~# cat /etc/modules-load.d/k8s.conf
overlay
br_netfilter
root@master:~# sudo modprobe overlay
root@master:~# sudo modprobe br_netfilter
sudo modprobe br_netfilter
echo '1' | sudo tee /proc/sys/net/bridge/bridge-nf-call-iptables

安装docker:

tips:三个节点都要完成

阿里云 Docker 镜像源安装 Docker 的步骤:

更新包管理器:

sudo apt update

安装 Docker 的依赖包:

sudo apt install apt-transport-https ca-certificates curl gnupg lsb-release

添加阿里云 Docker 镜像源 GPG 密钥:

curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

添加阿里云 Docker 镜像源:

echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

注意:如果你使用的是非 Ubuntu 系统,比如 Debian 或 CentOS,可以参考阿里云 Docker 官方文档提供的相应命令。

更新 apt 缓存:

sudo apt update

安装 Docker:

sudo apt install docker-ce docker-ce-cli containerd.io

启动 Docker 服务:

sudo systemctl start docker

配置cgroupdriver&&containerd为systemd && 安装containerd&&配置crictl

# 配置cgroupdriver&&containerd为systemd 
root@master:~# cat > /etc/docker/daemon.json << EOF
{
    "exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
root@master:~# systemctl daemon-reload
root@master:~# systemctl restart docker
#安装containerd和配置crictl
containerd config default > /etc/containerd/config.toml
#导出默认配置
containerd config default > /etc/containerd/config.toml

#修改containerd使用SystemdCgroup
SystemdCgroup = true

#配置containerd使用国内mirror站点上的pause镜像及指定版本
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"
systemctl enable containerd
systemctl restart containerd

root@k8s-node2:~# cat /etc/crictl.yaml
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 10
debug: true

 安装k8s

tips:三个节点都要做

apt-get update && apt-get install -y apt-transport-https
curl -fsSL https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.28/deb/Release.key |
    gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.28/deb/ /" |
    tee /etc/apt/sources.list.d/kubernetes.list
apt-get update
apt-get install -y kubelet kubeadm kubectl

初始化master节点

tips:此步骤只需要master节点进行即可

root@master:~# kubeadm init --kubernetes-version=1.28.2 --apiserver-advertise-address=192.168.200.16 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap --cri-socket=unix:///var/run/containerd/containerd.sock --image-repository registry.aliyuncs.com/google_containers
...
Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.200.16:6443 --token ui01dn.8e7fr73patshrh4h \
        --discovery-token-ca-cert-hash sha256:93e98d6e34be023e68c1446f6b181526eb06d686717ca656a4977936434bce85

出现successful。。。即可

部署网络插件,本次实验使用的是flannel

wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
root@master:~# kubectl apply -f kube-flannel.yml
namespace/kube-flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created
root@master:~# kubectl get pod -A -n kube-flannel
NAMESPACE      NAME                             READY   STATUS    RESTARTS   AGE
kube-flannel   kube-flannel-ds-zfssw            1/1     Running   0          77s
kube-system    coredns-66f779496c-2hmkq         1/1     Running   0          4m3s
kube-system    coredns-66f779496c-vptqs         1/1     Running   0          4m3s
kube-system    etcd-master                      1/1     Running   0          4m16s
kube-system    kube-apiserver-master            1/1     Running   0          4m16s
kube-system    kube-controller-manager-master   1/1     Running   0          4m16s
kube-system    kube-proxy-sjf6g                 1/1     Running   0          4m3s
kube-system    kube-scheduler-master            1/1     Running   0          4m16s

把worker节点加入集群

root@k8s-node1:~# kubeadm join 192.168.200.16:6443 --token ui01dn.8e7fr73patshrh4h \
        --discovery-token-ca-cert-hash sha256:93e98d6e34be023e68c1446f6b181526eb06d686717ca656a4977936434bce85
[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
运行上文给出的提示

效果在master节点即可查看

root@master:~# kubectl get pod -A
NAMESPACE      NAME                             READY   STATUS    RESTARTS   AGE
kube-flannel   kube-flannel-ds-kknf7            1/1     Running   0          97s
kube-flannel   kube-flannel-ds-n4qpr            1/1     Running   0          2m15s
kube-flannel   kube-flannel-ds-zfssw            1/1     Running   0          4m8s
kube-system    coredns-66f779496c-2hmkq         1/1     Running   0          6m54s
kube-system    coredns-66f779496c-vptqs         1/1     Running   0          6m54s
kube-system    etcd-master                      1/1     Running   0          7m7s
kube-system    kube-apiserver-master            1/1     Running   0          7m7s
kube-system    kube-controller-manager-master   1/1     Running   0          7m7s
kube-system    kube-proxy-5d2h9                 1/1     Running   0          97s
kube-system    kube-proxy-kdctn                 1/1     Running   0          2m15s
kube-system    kube-proxy-sjf6g                 1/1     Running   0          6m54s
kube-system    kube-scheduler-master            1/1     Running   0          7m7s
root@master:~# kubectl get nodes
NAME        STATUS   ROLES           AGE     VERSION
k8s-node1   Ready    <none>          2m29s   v1.28.10
k8s-node2   Ready    <none>          111s    v1.28.10
master      Ready    control-plane   7m25s   v1.28.10
root@master:~# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME                 STATUS    MESSAGE   ERROR
controller-manager   Healthy   ok
scheduler            Healthy   ok
etcd-0               Healthy   ok

本文章参考:

安装 Kubernetes 1.28.2,使用 Ubuntu20.04_ubuntu kubeadm 1.28-CSDN博客

基于Ubuntu-22.04安装K8s-v1.28.2实验(一)部署K8s - shiningrise - 博客园 (cnblogs.com)

ubuntu22.04安装Docker两种方式_docker 安装ubuntu22.04-CSDN博客

# kubernetes # linux # 容器 # ubuntu # 云计算
Logo
K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 |  韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号​前言台湾作家林清玄在接受记者采访的时候,如此评价自己 30 多年写作生涯:“第一个十年我才华横溢,‘贼光闪现’,令周边黯然失色;第二个十年,我终于‘宝光现形’,不再去抢风头,反而与身边的美丽相得益彰;进入第三个十年,繁华落尽见真醇,我进入了‘醇光初现’的阶段,真正体味到了境界之美”。​长夜有穷,真水无香。领略过了 K8s“身在江

avatar K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台?

作者 | 孙健波(天元)导读:当前云原生 DevOps 体系现状如何?面临哪些挑战?如何通过 OAM 解决云原生 DevOps 场景下的诸多问题?云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答,并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps?为什么基于 Kub

avatar K8S/Kubernetes

k8s 火了!

2020,上云之年,产品云端化成为一种趋势。在一线城市,很多公司都已经构建了自己的私有云环境,比如阿里云、网易云、华为云等。而Kubernetes 作为基于容器编排领域的王者,具备扩展...

avatar K8S/Kubernetes