k8s安装记录
如无特别说明,则该步操作指在所有的机器上执行!!! 如无特别说明,则该步操作指在所有的机器上执行!!! 如无特别说明,则该步操作指在所有的机器上执行!!!目录
- k8s安装记录
- 零、版本说明
- 一、主机规划
- 二、系统安装
- 2.1.系统配置
- 2.2.docker安装
- 2.3.cri-dockerd安装
- 2.4.k8s安装
- 2.5.Master节点配置
- 2.6.Node节点配置
- 2.7.常用命令
- 3.附件
零、版本说明
- Oracle VM VirtualBox
6.1
- CentOS-7-x86_64-Minimal-2009
CentOS Linux release 7.9.2009 (Core)
- Docker
Client: Docker Engine - CommunityVersion: 26.0.1API version: 1.44 (downgraded from 1.45)Go version: go1.21.9Git commit: d260a54Built: Thu Apr 11 10:56:30 2024OS/Arch: linux/amd64Context: defaultServer: Docker Engine - CommunityEngine:Version: 25.0.0API version: 1.44 (minimum version 1.24)Go version: go1.21.6Git commit: 615dfdfBuilt: Thu Jan 18 17:12:10 2024OS/Arch: linux/amd64Experimental: falsecontainerd:Version: 1.6.31GitCommit: e377cd56a71523140ca6ae87e30244719194a521runc:Version: 1.1.12GitCommit: v1.1.12-0-g51d5e94docker-init:Version: 0.19.0GitCommit: de40ad0- K8S
Kubernetes v1.28.0
- 中间件版本
cri-dockerd-0.3.2-3
Calico
v3.26.1
一、主机规划
| 主机IP | 主机名 | 主机角色 |
|---|---|---|
| 192.168.1.60 | master1 | k8s master |
| 192.168.1.61 | node1 | k8s worder |
| 192.168.1.62 | node2 | k8s worder |
二、系统安装
2.1.系统配置
- crontab -e 里面添加一行然后保存退出: 0 */1 * * * ntpdate ntp4.aliyun.com
yum install -y ntpdatecrontab -eservice firewalld stopsystemctl disable firewalldsed -i "s/timeout=5/timeout=1/" /boot/grub2/grub.cfgsed -ri 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/configsetenforce 0swapoff -ased -i "s/\/dev\/mapper\/centos-swap/#\/dev\/mapper\/centos-swap/" /etc/fstabcat >> /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1
net.ipv4.ip_forward=1
vm.swappiness=0
EOFmodprobe br_netfiltersystemctl --systemcat >> /etc/hosts << EOF
192.168.1.60 master1
192.168.1.61 node1
192.168.1.62 node2
EOFssh-copy-id node1
ssh-copy-id node2
init 6
2.2.docker安装
yum install -y yum-utilsyum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repoyum install -y --setopt=obsoletes=0 docker-ce-24.0.0-1.el7systemctl enable dockercat >> /etc/docker/daemon.json << EOF
{"registry-mirrors": ["https://【这里换成自己的注册点】.mirror.aliyuncs.com"],"exec-opts": ["native.cgroupdriver=systemd"]
}
EOFservice docker start
2.3.cri-dockerd安装
curl -OL https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.2/cri-dockerd-0.3.2-3.el7.x86_64.rpmrpm -ivh cri-dockerd-0.3.2-3.el7.x86_64.rpm
修改 /usr/lib/systemd/system/cri-docker.service 文件的 ExecStart=/usr/bin/cri-dockerd 配置为如下:
ExecStart=/usr/bin/cri-dockerd --network-plugin=cni --container-runtime-endpoint fd:// --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9
执行命令启动服务
systemctl daemon-reload && systemctl enable cri-docker && systemctl start cri-docker
2.4.k8s安装
cat >> /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOFyum install -y --setopt=obsoletes=0 kubeadm-1.28.0 kubelet-1.1.28.0 kubectl-1.1.28.0systemctl enable kubeletsystemctl restart containerd.service
2.5.Master节点配置
MASTER节点上执行kubeadm init \
--apiserver-advertise-address=192.168.1.60 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version=v1.28.0 \
--pod-network-cidr=172.16.0.0/16 \
--cri-socket=unix:///var/run/cri-dockerd.sockmkdir -p $HOME/.kube/bin/cp -f /etc/kubernetes/admin.conf $HOME/.kube/configchown $(id -u):$(id -g) $HOME/.kube/config
- 安装calico
- tigera-operator.yaml和custom-resources.yaml就是calico的安装文件,github下载不了,我绑定到本文资源里了。
- 如果能访问,可以使用带网址的命令安装
kubectl create -f tigera-operator.yaml
或
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/tigera-operator.yaml
- 查看,确保tigera-operator命名空间安装成功
kubectl get ns
- 查看pod分配情况
kubectl get pods -n tigera-operator -o wide
- custom-resources.yaml里面的网段需要和kubeadm init时指定的–pod-network-cidr网段保持一致
- 下面命令里我把custom-resources.yaml里面的网段从192.168.0.0换成了172.16.0.0
sed -i "s/192.168/172.16/" custom-resources.yaml
- 安装
kubectl create -f custom-resources.yaml
或
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/custom-resources.yaml
2.6.Node节点配置
NODE节点上执行kubeadm join 192.168.1.60:6443 --token 【这里贴kubeadm init生成的】 \--discovery-token-ca-cert-hash 【这里贴kubeadm init生成的】 \--cri-socket=unix:///var/run/cri-dockerd.sock
2.7.常用命令
#常用命令
kubectl get node #看node
kubectl get pod -n kube-system #看pods
journalctl -f -u kubelet.service #看日志
kubeadm token create --print-join-command #令牌过期
kubeadm reset --cri-socket=unix:///var/run/cri-dockerd.sock #重置k8s
rm -rf /var/lib/calico/ && sudo rm -rf /etc/cni/net.d/10-calico.conflist && sudo rm -rf /etc/cni/net.d/calico-kubeconfig #node需要在reset后删除
3.附件
在文章开头,如图位置:
