文章目录
- 系统基础配置
- kubernetes 组件安装
- kubeadm 配置
- 拷贝 kubectl 配置
- TS
安装方式:kubeadm
版本:1.23.6
节点数量:2 (1 个 Master + Worker,1 个 Worker)
IP: node111:172.18.22.111,node112:172.18.22.112
系统基础配置
关闭防火墙
systemctl disable firewalld
systemctl stop firewalld
关闭 selinux
修改文件 /etc/selinux/config 中 SELINUX=disabled
setenforce 0
安装 ipvsadm
yum install ipvsadm -y
设置 ipforward
···
echo “net.ipv4.ip_forward=1” > /etc/sysctl.conf
sysctl -p
···
设置 net bridge
使流过网桥的流量也进入iptables/netfilter框架中
echo "net.bridge.bridge-nf-call-ip6tables = 1" > /etc/sysctl.d/k8s.conf
echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.d/k8s.conf
sysctl --system
设置 br_netfilter
modprobe br_netfilter
echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables
echo 1 > /proc/sys/net/ipv4/ip_forward
写 hosts
修改 /etc/hosts
echo "172.18.22.111 node111" >> /etc/hosts
echo "172.18.22.112 node112" >> /etc/hosts
kubernetes 组件安装
yum 源 添加
docker-ce 源
centos
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
fedora
wget https://mirrors.aliyun.com/docker-ce/linux/fedora/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
kubenetes 组件源
创建文件 /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
安装组件
安装 kubeadm,kubectl,kubelet 和 docker
yum install -y docker-ce kubeadm-1.23.6 kubectl-1.23.6 kubelet-1.23.6
关闭 docker 使用 containerd
systemctl disable docker
systemctl enable containerd
初始化 containerd 配置
containerd config default > /etc/containerd/config.toml
vi /etc/containerd/config.toml
修改 sandbox_image
registry.aliyuncs.com/google_containers/pause:3.6重启 containerd
systemctl restart containerd
kubeadm 配置
生成 kubeadm 配置文件
kubeadm config print init-defaults > kubeadm.conf
修改 kubeadm 配置文件
advertiseAddress: 172.18.22.111name: node111criSocket: /run/containerd/containerd.sockimageRepository: registry.aliyuncs.com/google_containerskubernetesVersion: 1.23.6networking:podSubnet: 10.244.0.0/16
kubeadm 安装
kubeadm init --config kubeadm.conf
其他节点加入
kubeadm join 172.18.22.111:6443 --token abcdef.0123456789abcdef \--discovery-token-ca-cert-hash sha256:acf1d88b5d175209f928d91feab3ee65beeb2710896c1c669be6138c5fd27c28
使用 ipvs
kubectl edit configmap kube-proxy -n kube-system
mode: ipvs
允许 master 调度 pod
kubectl taint nodes --all node-role.kubernetes.io/master-
拷贝 kubectl 配置
mkdir .kube
cp /etc/kubernetes/admin.conf .kube/config
验证
kubectl get nodes
TS
crictl ps 看到所以 pod failed
修改 containerd 配置 重启
SystemdCgroup: true
