1.  禁用防火墙

systemctl stop firewalld
systemctl disable firewalld

2. 禁用SELINUX

执行如下命令：
    vim /etc/sysconfig/selinux
修改文件中的SELINUX为： 
    SELINUX=disabled

3. 关闭swap内存

 swapoff -a

4. 安装docker

yum install docker

5. 启动docker

systemctl enable docker;systemctl start docker 

6. 编辑生成kubernetes的yum源

vim  /etc/yum.repos.d/kubernetes.repo

  添加如下内容： 

[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0

7. 安装kubelet,kubectl,kubenetes-cni,kubeadm

yum install kubectl kubelet kubernetes-cni kubeadm

sysctl net.bridge.bridge-nf-call-iptables=1

8. 启动kubelet

systemctl enable kubelet
systemctl start kubelet

查看状态和日志:

systemctl status kubelet
journalctl -xefu kubelet

可能会出现异常【kubelet cgroup driver：cgroupfs跟docker cgroup driver：systemd不一致】

查看 docker cgroupfs:

docker info |grep Cgroup 

kubelet文件驱动默认cgroupfs, 而我们安装的docker使用的文件驱动是systemd, 造成不一致, 导致镜像无法启动。
现在有两种方式, 一种是修改docker, 另一种是修改kubelet。
我这里采用修改docker的方式:

# 修改docker.service 
vim /lib/systemd/system/docker.service

找到 --exec-opt native.cgroupdriver=systemd \ 修改为： --exec-opt native.cgroupdriver=cgroupfs \

# 重启docker
 systemctl daemon-reload;systemctl restart docker

或者

vim /etc/docker/daemon.json 

加入如下内容：

{
 "exec-opts":["native.cgroupdriver=systemd"]
}

重启docker ：systemctl daemon-reload;systemctl restart docker 

9. Master初始化

（1）创建kubeadm配置文件

vim  ~/kubeadm-config.yaml 

添加如下内容： 

apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
kubernetesVersion: v1.13.1
networking:
  serviceSubnet: 10.96.0.0/12
  podSubnet: 10.244.0.0/16

（2）初始化

kubeadm init --config kubeadm-config.yaml  --ignore-preflight-errors=NumCPU

安装完成

配置kubectl，执行命令：

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

node节点操作：

 kubeadm join 192.168.1.121:6443 --token s2t05d.x5r9j9hisfjx63jp --discovery-token-ca-cert-hash sha256:b39e6a2675d00fe3e7bf6e5b0007b241680094b2e4d994645cd22c0bf01beb40 --ignore-preflight-errors=all

（3）安装pod网络：

wget https://raw.githubusercontent.com/coreos/flannel/v0.9.1/Documentation/kube-flannel.yml

执行：

kubectl create -f kube-flannel.yml

10.异常处理

（1）[ERROR KubeletVersion]: the kubelet version is higher than the control plane version. This is not a supported version skew and may lead to a malfunctional cluster
 解决：kubelet和kubeadm的版本不一致造成。

             yum remove -y kubelet kubeadm kubectl
             yum install -y kubelet-1.15.0 kubeadm-1.15.0 kubectl-1.15.0
             systemctl daemon-reload

      kubeadm init --apiserver-advertise-address=192.168.132.64 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.15.0 --service-cidr=10.1.0.0/16 --pod-network-cidr=10.244.0.0/16

  (2) Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized Unable to update cni config: No networks found in /etc/cni/net.d Failed to get system container stats for “/system.slice/kubelet.service”: failed to get cgroup stats for “/system.slice/kubelet.service”: failed to get container info for “/system.slice/kubelet.service”: unknown container “/system.slice/kubelet.service”
解决：docker pull quay.io/coreos/flannel:v0.10.0-amd64 
mkdir -p /etc/cni/net.d/
cat <<EOF> /etc/cni/net.d/10-flannel.conf
{"name":"cbr0","type":"flannel","delegate": {"isDefaultGateway": true}}
EOF
mkdir /usr/share/oci-umount/oci-umount.d -p
mkdir /run/flannel/
cat <<EOF> /run/flannel/subnet.env
FLANNEL_NETWORK=172.100.0.0/16
FLANNEL_SUBNET=172.100.1.0/24
FLANNEL_MTU=1450
FLANNEL_IPMASQ=true
EOF
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.9.1/Documentation/kube-flannel.yml