环境准备：

vm 17 pro 有些功能必须pro版本才会提供（https://download.csdn.net/download/weixin_40663313/89677277?spm=1001.2014.3001.5501）夸克下载链接

centos 7.9 

docker：1.26 

k8s：1.21.14

1. 创建虚拟机

参考：VM部署CentOS并且设置网络_vmware安装contos设置主机名和网卡信息-CSDN博客

vm 17 pro 注册码 4A4RR-813DK-M81A9-4U35H-06KND

1.1. 创建自定义虚拟机

选择自定义配置

我这里安装的是vm17 直接选择最新的

选择centos系统

设置虚拟机名称和路径

分配cpu

分配内存

选择nat 网络配置后续在修改

选择默认即可

创建新的磁盘 大小按需选择

1.2. 选择镜像

刚创建的时候并未选择镜像 可以在设置中设置镜像位置

1.3. 克隆

vm提供了快速创建相同虚拟机的操作

2. 安装centos

选择iso镜像后 安装centos

选择语言

时间

设置密码（中间会有一些其他设置包括 存储位置 网络等 建议默认就行）有些出现三角形感叹号的是需要我们进去配置并点击完成 可以进去选择默认即可

2.1. 网络设置（DHCP）

cd /etc/sysconfig/network-scripts/

2.2. 手动获取

固定ip 方便远程连接

3. 部署前置准备

vi /etc/hosts

192.168.157.129 master

192.168.157.130 node1

192.168.157.131 node2

3.1. 时间同步

kubernetes要求集群中的节点时间必须精确一致, 这里直接使用chronyd服务从网络同步时间。

# 启动chronyd服务systemctl start chronyd#设置chronyd服务开机自启systemctl enable chronyd# chronyd服务启动稍等几秒钟，就可以使用date命令验证时间了date

3.2. 关闭相关服务

# 1关闭firewalld服务systemctl stop firewalldsystemctl disable firewalld# 2关闭iptables服务systemctl stop iptablessystemctl disable iptables# a. 临时关闭swap，防止 执行 kubeadm 命令爆错。swapoff -a# b. 临时关闭 selinux，减少不必要的配置。setenforce 0

设置网桥信息

cat << EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

3.3. 更换yum源

装的时候遇到了奇葩问题 不发解析host的问题curl#6 - "Could not resolve host: mirrorlist.centos.org; 未知的错误"

尝试修改vim /etc/resolv.conf文件 为解决问题

更换yum源

vi /etc/yum.repos.d/CentOS-Base.repo

将这个地方的baseurl注释去掉 链接换成mirrors.aliyun.com

同时把下面的mirrorlist注释掉

更换后执行

yum clean allyum makecache

3.4. 配置ipvs功能

# 1安装ipset和ipvsadmyum install ipset ipvsadmin -y# 2添加需要加载的模块写入脚本文件cat <<EOF > /etc/sysconfig/modules/ipvs.modules#! /bin/bashmodprobe -- ip_vsmodprobe -- ip_vs_rrmodprobe -- ip_vs_wrrmodprobe -- ip_vs_shmodprobe -- nf_conntrack_ipv4EOF# 3为脚本文件添加执行权限chmod +x /etc/sysconfig/modules/ipvs.modules# 4执行脚本文件/bin/bash /etc/sysconfig/modules/ipvs.modules# 5查看对应的模块是否加载成功lsmod | grep -e ip_vs -e nf_conntrack_ipv4

3.5. 重启

4. 安装docker

yum install -y yum-utils device-mapper-persistent-data lvm2yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo# 2查看当前镜像源中支持的docker版本yum list docker-ce --showduplicates# 3安装特定版本的docker-ce# 必须指定--setopt=obsoletes=0,否则yum会自动安装更高版本yum install --setopt=obsoletes=0 docker-ce-20.10.24-3.el7 -y# 4添加一个配置文件# Docker在默认情况下使用的Cgroup Driver为cgroupfs, 而kubernetes推荐使用systemd来代替cgroupfsmkdir /etc/dockercat <<EOF > /etc/docker/daemon.json{"exec-opts": ["native.cgroupdriver=systemd"],"registry-mirrors": ["https://o36meer8.mirror.aliyuncs.com"]}EOF# 5启动dockersystemctl restart dockersystemctl enable docker# 6检查docker状态和版本docker version

5. 安装k8s

​
cat <<EOF > /etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=kubernetes-yum-repos-kubernetes-el7-x86_64安装包下载_开源镜像站-阿里云enabled=1gpgcheck=1repo_gpgcheck=1gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOFyum install -y --nogpgcheck kubelet-1.21.14 kubeadm-1.21.14 kubectl-1.21.14​

# 在安装kubernetes集群之前，必须要提前准备好集群需要的镜像，所需镜像可以通过下面命令查看

kubeadm config images list

# 下载镜像 有些镜像需要翻墙 也可以尝试下面方案

部分镜像已导出

镜像https://pan.quark.cn/s/4c63051ec9ed

# 此镜像在kubernetes的仓库中,由于网络原因,无法连接，下面提供了一种替代方案images=(kube-apiserver:v1.21.14kube-controller-manager:v1.21.14kube-scheduler:v1.21.14kube-proxy:v1.21.14pause:3.4.1etcd:3.4.13-0coredns:1.8.0)for imageName in ${images[@]} ; dodocker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageNamedocker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageNamedocker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/$imageNamedone

5.1. 初始化集群

查看安装结果

kubelet --version
kubectl version
kubeadm version

启动 kubelet 服务

systemctl daemon-reload
systemctl start kubelet

下面操作在master节点上进行

# 创建集群

kubeadm init --kubernetes-version=v1.21.5 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --apiserver-advertise-address=192.168.157.129 --image-repository registry.aliyuncs.com/google_containers

（还可以以配置的方式执行）参考云服务器安装k8s和kubesphere踩坑_kubekey拉取镜像失败-CSDN博客

初始化成功注意这两个地方 一个创建必要文件 一个为了后续node加入master

# 创建必要文件mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/config

kubeadm join 192.168.157.129:6443 --token 16mn6b.cfcaejq8zyq0j6zt \--discovery-token-ca-cert-hash sha256:d82b289f4f3d4c6342e1b2c012c186ba83dbfc062eadc2982a8519a2b24fcb9b# 如果忘记 kubeadm token create --print-join-command

同时在node1 node2执行join操作

发现已经有node 接下来安装网络插件

5.2. 安装网络插件

​
# 获取fanne1的配置文件wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml如果下载不了 可以用网上找的# 使用配置文件启动fannelkubectl apply -f kube-flannel.yml# 稍等片刻，再次查看集群节点的状态kubectl get nodes​

 如果下载失败 可以使用下面的文件

---
kind: Namespace
apiVersion: v1
metadata:name: kube-flannellabels:pod-security.kubernetes.io/enforce: privileged
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: flannel
rules:- apiGroups:- ""resources:- podsverbs:- get- apiGroups:- ""resources:- nodesverbs:- list- watch- apiGroups:- ""resources:- nodes/statusverbs:- patch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: flannel
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: flannel
subjects:- kind: ServiceAccountname: flannelnamespace: kube-flannel
---
apiVersion: v1
kind: ServiceAccount
metadata:name: flannelnamespace: kube-flannel
---
kind: ConfigMap
apiVersion: v1
metadata:name: kube-flannel-cfgnamespace: kube-flannellabels:tier: nodeapp: flannel
data:cni-conf.json: |{"name": "cbr0","cniVersion": "0.3.1","plugins": [{"type": "flannel","delegate": {"hairpinMode": true,"isDefaultGateway": true}},{"type": "portmap","capabilities": {"portMappings": true}}]}net-conf.json: |{"Network": "10.244.0.0/16","Backend": {"Type": "vxlan"}}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:name: kube-flannel-dsnamespace: kube-flannellabels:tier: nodeapp: flannel
spec:selector:matchLabels:app: flanneltemplate:metadata:labels:tier: nodeapp: flannelspec:affinity:nodeAffinity:requiredDuringSchedulingIgnoredDuringExecution:nodeSelectorTerms:- matchExpressions:- key: kubernetes.io/osoperator: Invalues:- linuxhostNetwork: truepriorityClassName: system-node-criticaltolerations:- operator: Existseffect: NoScheduleserviceAccountName: flannelinitContainers:- name: install-cni-plugin#image: flannelcni/flannel-cni-plugin:v1.1.0 for ppc64le and mips64le (dockerhub limitations may apply)image: docker.io/rancher/mirrored-flannelcni-flannel-cni-plugin:v1.1.0command:- cpargs:- -f- /flannel- /opt/cni/bin/flannelvolumeMounts:- name: cni-pluginmountPath: /opt/cni/bin- name: install-cni#image: flannelcni/flannel:v0.20.0 for ppc64le and mips64le (dockerhub limitations may apply)image: docker.io/rancher/mirrored-flannelcni-flannel:v0.20.0command:- cpargs:- -f- /etc/kube-flannel/cni-conf.json- /etc/cni/net.d/10-flannel.conflistvolumeMounts:- name: cnimountPath: /etc/cni/net.d- name: flannel-cfgmountPath: /etc/kube-flannel/containers:- name: kube-flannel#image: flannelcni/flannel:v0.20.0 for ppc64le and mips64le (dockerhub limitations may apply)image: docker.io/rancher/mirrored-flannelcni-flannel:v0.20.0command:- /opt/bin/flanneldargs:- --ip-masq- --kube-subnet-mgrresources:requests:cpu: "100m"memory: "50Mi"limits:cpu: "100m"memory: "50Mi"securityContext:privileged: falsecapabilities:add: ["NET_ADMIN", "NET_RAW"]env:- name: POD_NAMEvalueFrom:fieldRef:fieldPath: metadata.name- name: POD_NAMESPACEvalueFrom:fieldRef:fieldPath: metadata.namespace- name: EVENT_QUEUE_DEPTHvalue: "5000"volumeMounts:- name: runmountPath: /run/flannel- name: flannel-cfgmountPath: /etc/kube-flannel/- name: xtables-lockmountPath: /run/xtables.lockvolumes:- name: runhostPath:path: /run/flannel- name: cni-pluginhostPath:path: /opt/cni/bin- name: cnihostPath:path: /etc/cni/net.d- name: flannel-cfgconfigMap:name: kube-flannel-cfg- name: xtables-lockhostPath:path: /run/xtables.locktype: FileOrCreate