前置环境:
准备三台虚拟机
192.168.1.104(用来做k8s的mater节点)
192.168.1.105(节点node2)
192.168.1.109(节点node3)
关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
安装docker
https://blog.csdn.net/weixin_41645232/article/details/104578306
修改/etc/docker/daemon.json
关闭 docker cgroup
配置镜像加速器 “registry-mirrors”: [“https://xxxx.mirror.aliyuncs.com”]
{"exec-opts": ["native.cgroupdriver=systemd"],"registry-mirrors": ["https://3mqrr214.mirror.aliyuncs.com"]
}
执行 systemctl daemon-reload && systemctl restart docker
永久禁用SELinux
sed -i 's/enforcing/disabled/' /etc/selinux/config
关闭系统Swap
sed -i 's/.*swap.*/#&/' /etc/fstab
将桥接的ipv4流量传递到iptables的链
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1
EOF
生效 sysctl --system
6)添加主机名与ip对应关系
vi /etc/hosts
cat > /etc/hosts << EOF
192.168.1.104 k8s-master
192.168.1.105 k8s-node2
192.168.1.109 k8s-node3
EOF
指定新的主机名:
hostnamectl set-hostname k8s-master
7)同步最新时间
date 查看时间(可选)
yum install -y ntpdate
ntpdate time.windows.com
开始安装
添加k8s阿里云yum源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
检查是否有yum源
yum list | grep kube
安装
yum install -y kubelet-1.28.2 kubeadm-1.28.2 kubectl-1.28.2
配置kubelet开机自启
systemctl enable kubelet
systemctl start kubelet
开启CRI,vim /etc/containerd/config.toml
把 disabled_plugins = [“cri”] 改成disabled_plugins = []
systemctl restart containerd
初始化master节点(选用192.168.1.104作为master节点执行下面命令)
初始化master
kubeadm init \
--apiserver-advertise-address=192.168.1.104 \
--image-repository registry.cn-hangzhou.aliyuncs.com/google_containers \
--kubernetes-version v1.28.2 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=10.244.0.0/16
注:
以下两个ip无需更改
–service-cidr
–pod-network-cidr
下面的ip指定的主节点ip
–apiserver-advertise-address
初始化看到以下信息则证明成功,下面提示信息非常有用,创建完之前一定要先保留
[addons] Applied essential addon: kube-proxyYour Kubernetes control-plane has initialized successfully!To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/configAlternatively, if you are the root user, you can run:export KUBECONFIG=/etc/kubernetes/admin.confYou should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:https://kubernetes.io/docs/concepts/cluster-administration/addons/Then you can join any number of worker nodes by running the following on each as root:kubeadm join 192.168.1.104:6443 --token codrrk.522goq99cigjqf5j \--discovery-token-ca-cert-hash sha256:3404f14cfcf42a6f4e17baf34aa4db0ae9cee187a6e95ca4f89e832a88f6ed61
按照上面提示,使用集群需要配置
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
按照提示需要给集群部署一个pod网络插件,参考地址为:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
这里我们选用安装flannel插件
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
按提示,其他节点安装后不需要初始化,直接执行下面命令加入主节点完成集群搭建,下面这句话直接复制初始化完成时的提示即可,在node2和node3上执行
kubeadm join 192.168.1.104:6443 --token codrrk.522goq99cigjqf5j \--discovery-token-ca-cert-hash sha256:3404f14cfcf42a6f4e17baf34aa4db0ae9cee187a6e95ca4f89e832a88f6ed61
在主节点查看节点信息
[root@k8s-master k8s]# kubectl get nodes
node节点配置证书,支持kubectl操作api
主节点复制证书
scp /etc/kubernetes/admin.conf root@192.168.1.105:/etc/kubernetes
node节点
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
source ~/.bash_profile
问题:
1.查看po发现coreDns pod启动失败
kubectl edit cm coredns -n kube-system // 删除 loop 保存并退出
kubectl delete pod coredns-xxx-xxxx -n kube-system // 删除coredns的两个pod会自动重新创建