1 集群规划

Hostname	IP	角色
centos702	192.168.131.102	master
centos704	192.168.131.104	node
centos705	192.168.131.105	node

2 安装步骤

初始操作和安装基础软件每个节点都要执行。

2.1 初始操作

2.1.1 关闭防火墙

systemctl stop firewalld
systemctl disable firewalld

2.1.2 关闭 SELinux

# 永久关闭
sed -i 's/enforcing/disabled/' /etc/selinux/config
# 临时
setenforce 0

2.1.3 关闭 swap

# 临时
swapoff -a
# 永久
sed -ri 's/.*swap.*/#&/' /etc/fstab

关闭swap后需要重启

2.1.4 设置主机名

hostnamectl set-hostname <hostname>

2.1.5 添加 hosts

cat >> /etc/hosts << EOF
192.168.131.102 centos702
192.168.131.104 centos704
192.168.131.105 centos705
EOF

2.1.6 将桥接的 IPv4 流量传递到 iptables 的链

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF# 使配置生效
sysctl --system

2.1.7 时间同步

yum install ntpdate -y
ntpdate time.windows.com

2.2 安装基础软件

2.2.1 Docker

https://blog.csdn.net/weixin_43724577/article/details/139773553

修改Docker配置文件

vim /etc/docker/daemon.json

增加一个新的配置，关闭cgroup

{"exec-opts":["native.cgroupdriver=systemd"]
}

重启Docker kubelet

systemctl daemon-reload
systemctl restart docker

2.2.2 添加阿里云 K8s yum 源

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

2.2.3 安装 kubelet kubeadm kubectl

yum install -y kubelet-1.23.6 kubeadm-1.23.6 kubectl-1.23.6
systemctl enable kubelet

查看kubelet状态

systemctl status kubelet

报错

● kubelet.service - kubelet: The Kubernetes Node AgentLoaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor preset: disabled)Drop-In: /usr/lib/systemd/system/kubelet.service.d└─10-kubeadm.confActive: activating (auto-restart) (Result: exit-code) since Thu 2024-08-08 14:53:04 CST; 1s agoDocs: https://kubernetes.io/docs/Process: 2245 ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS (code=exited, status=1/FAILURE)Main PID: 2245 (code=exited, status=1/FAILURE)Aug 08 14:53:04 centos702 systemd[1]: Unit kubelet.service entered failed state.
Aug 08 14:53:04 centos702 systemd[1]: kubelet.service failed.

查看日志

journalctl -xefu kubelet

Aug 08 14:55:27 centos702 kubelet[2347]: E0808 14:55:27.692085    2347 server.go:205] "Failed to load kubelet config file" err="failed to load Kubelet config file /var/lib/kubelet/config.yaml, error failed to read kubelet config file \"/var/lib/kubelet/config.yaml\", error: open /var/lib/kubelet/config.yaml: no such file or directory" path="/var/lib/kubelet/config.yaml"

这个是因为没初始化，所以没有这个文件/var/lib/kubelet/config.yaml 执行后面的初始化就好了。

在执行初始化之后，再次查看kubelet日志

Aug 08 15:44:36 centos702 kubelet[5549]: E0808 15:44:36.264239    5549 server.go:302] "Failed to run kubelet" err="failed to run Kubelet: misconfiguration: kubelet cgroup driver: \"systemd\" is different from docker cgroup driver: \"cgroupfs\""

查看Docker的Cgroup Driver

docker info | grep "Cgroup Driver"

修改Docker配置文件

vim /etc/docker/daemon.json

增加一个新的配置

{"exec-opts":["native.cgroupdriver=systemd"]
}

重启Docker kubelet

systemctl daemon-reload
systemctl restart docker
systemctl restart kubelet

重置kubeadm

kubeadm reset

2.3 部署 Master

在Master节点执行

kubeadm init \
--apiserver-advertise-address=192.168.131.102 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.23.6 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.233.0.0/16

如下信息提示初始化成功，仔细看，里面说了如何配置config，如何加入node。

Your Kubernetes control-plane has initialized successfully!To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/configAlternatively, if you are the root user, you can run:export KUBECONFIG=/etc/kubernetes/admin.confYou should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:https://kubernetes.io/docs/concepts/cluster-administration/addons/Then you can join any number of worker nodes by running the following on each as root:kubeadm join 192.168.131.102:6443 --token 1xuyt0.tdrx369a2vtjwq4o \--discovery-token-ca-cert-hash sha256:0fe1a9ed96e0c28c7b8e4fa84ca9883d6e5d5c5f5a519df1e988831a4361ac7a

之后复制配置文件

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get nodes

2.4 加入 Node

在node节点执行之前初始化master成功后的提示信息

kubeadm join 192.168.131.102:6443 --token 1xuyt0.tdrx369a2vtjwq4o \--discovery-token-ca-cert-hash sha256:0fe1a9ed96e0c28c7b8e4fa84ca9883d6e5d5c5f5a519df1e988831a4361ac7a

# 如果token不小心清空了，可通过如下命令获取
kubeadm token create --print-join-command

去master查看nodes

kubectl get nodes

kubectl get componentstatus

kubectl get pods -n kube-system

2.5 部署 CNI 网络插件

在master节点上执行

# 下载 calico 配置文件，可能会超时
mkdir /opt/k8s
cd /opt/k8scurl https://calico-v3-25.netlify.app/archive/v3.25/manifests/calico.yaml -O# 修改 calico.yaml 文件中的 CALICO_IPV4POOL_CIDR 配置，修改为与master初始化cidr相同 2.3中的 --pod-network-cidr=10.233.0.0/16# 找到 calico.yaml 所有的镜像
grep image calico.yaml
sed -i 's#docker.io/##g' calico.yaml# 构建
kubectl apply -f calico.yamlkubectl get po -n kube-systemkubectl describe po calico-kube-controllers-cd8566cf-hjjzm -n kube-systemkubectl get nodes

2.6 测试 kubernetes 集群

# 创建部署
kubectl create deployment nginx --image=nginx# 暴露端口
kubectl expose deployment nginx --port=80 --type=NodePort# 查看 pod 以及服务信息
kubectl get pod,svc

[root@centos702 ~]# kubectl get pod,svc
NAME                         READY   STATUS      RESTARTS   AGE
pod/nginx-85b98978db-rq5gm   0/1     Completed   0          45hNAME                 TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
service/kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP        5d22h
service/nginx        NodePort    10.107.196.178   <none>        80:30435/TCP   45h

# 测试
curl 192.168.131.102 30435

浏览器打开http://192.168.131.102:30435/ 和 http://192.168.131.104:30435/

2.7 在任意节点使用 kubectl

在 master 拷贝 conf 文件

scp /etc/kubernetes/admin.conf root@192.168.131.104:/etc/kubernetes/

在 node 配置环境变量

echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
source ~/.bash_profile

3 kubectl 命令

官方文档：

https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands

–help

3.1 资源操作

创建对象

kubectl create -f manifest.yaml
kubectl create -f ./dir
kubectl create -f https://git.io/vPieo
kubectl run nginx --image=nginx

scale 资源

kubectl scale --replicas=3 rs/foo
kubectl scale --replicas=3 -f foo.yaml
kubectl scale --curent-replicas=2 --replicas=3 deployment/
kubectl scale --replicas=5 rc/foo rc/bar rc/baz

[root@centos702 .kube]# kubectl get pod
NAME                     READY   STATUS    RESTARTS   AGE
nginx-85b98978db-lgdgn   1/1     Running   0          84m
[root@centos702 .kube]# kubectl get deploy
NAME    READY   UP-TO-DATE   AVAILABLE   AGE
nginx   1/1     1            1           46h
[root@centos702 .kube]# kubectl scale deploy --replicas=2 nginx
deployment.apps/nginx scaled
[root@centos702 .kube]# kubectl get deploy
NAME    READY   UP-TO-DATE   AVAILABLE   AGE
nginx   2/2     2            2           46h
[root@centos702 .kube]# kubectl get po -o wide
NAME                     READY   STATUS    RESTARTS   AGE   IP              NODE        NOMINATED NODE   READINESS GATES
nginx-85b98978db-25b8q   1/1     Running   0          59s   10.233.215.16   centos704   <none>           <none>
nginx-85b98978db-lgdgn   1/1     Running   0          87m   10.233.215.15   centos704   <none>           <none>

命名空间

kubectl get ns

deployment

kubectl get deploy

3.2 资源类型的别名

pods po

deployments deploy

services svc

namespace ns

nodes no

3.3 格式化输出

# 获取deployment的信息，输出为yaml文件
kubectl get deploy nginx -o yaml

4 API

官方文档：

https://kubernetes.io/zh-cn/docs/reference/using-api/

4.1 类型

Alpha Beta Stable

4.2 废弃 API 说明

https://kubernetes.io/docs/reference/using-api/deprecation-guide/