环境说明
[root@master-1 ~]# uname -a
Linux master-1 5.10.0-136.12.0.86.oe2203sp1.x86_64 #1 SMP Tue Dec 27 17:50:15 CST 2022 x86_64 x86_64 x86_64 GNU/Linux安装过程
1、安装 containerd
-
下载 tar 包
# 确保没有使用官方仓库的containerd [root@localhost ~]# yum remove containerd -y [root@localhost ~]# wget https://github.com/containerd/containerd/releases/download/v1.7.16/containerd-1.7.16-linux-amd64.tar.gz [root@localhost ~]# tar -zxvf containerd-1.7.16-linux-amd64.tar.gz [root@localhost ~]# mv bin/* /usr/local/bin/ -
编写 service 文件
[root@localhost ~]# vi /usr/lib/systemd/system/containerd.service[Unit] Description=containerd container runtime Documentation=https://containerd.io After=network.target local-fs.target[Service] ExecStartPre=-/sbin/modprobe overlay ExecStart=/usr/local/bin/containerdType=notify Delegate=yes KillMode=process Restart=always RestartSec=5# Having non-zero Limit*s causes performance problems due to accounting overhead # in the kernel. We recommend using cgroups to do container-local accounting. LimitNPROC=infinity LimitCORE=infinity# Comment TasksMax if your systemd version does not supports it. # Only systemd 226 and above support this version. TasksMax=infinity OOMScoreAdjust=-999[Install] WantedBy=multi-user.target -
修改配置文件
[root@localhost ~]# mkdir /etc/containerd/ [root@localhost ~]# containerd config default > /etc/containerd/config.toml # 将cgroup打开 [root@localhost ~]# vi /etc/containerd/config.toml # 找到这一行配置,将false改为true 139 SystemdCgroup = true # 修改sandbox镜像地址 67 sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9" -
启动服务
[root@localhost ~]# systemctl daemon-reload [root@localhost ~]# systemctl enable --now containerd
2、安装 cni 插件
[root@localhost ~]# wget https://github.com/containernetworking/plugins/releases/download/v1.4.1/cni-plugins-linux-amd64-v1.4.1.tgz
[root@localhost ~]# mkdir -p /opt/cni/bin
[root@localhost ~]# tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.4.1.tgz
3、主机配置
[root@localhost ~]# hostnamectl set-hostname master-1
[root@localhost ~]# echo "127.0.0.1 master-1" >> /etc/hosts
[root@localhost ~]# echo "::1 master-1" >>/etc/hosts[root@master-1 ~]# modprobe bridge
[root@master-1 ~]# modprobe br_netfilter
[root@master-1 ~]# vi /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
[root@master-1 ~]# sysctl -p[root@master-1 ~]# setenforce 0
[root@master-1 ~]# sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config
[root@master-1 ~]# systemctl disable --now firewalld[root@master-1 ~]# swapoff -a
4、搭建 K8s
-
配置 yum 源
[root@master-1 ~]# sed -i "s/openEuler-22.03-LTS-SP1/openEuler-23.03/g" /etc/yum.repos.d/openEuler.repo -
yum 安装
[root@master-1 ~]# yum install kubernet* cri-tools -y [root@master-1 ~]# systemctl enable kubelet -
cri 配置
[root@master-1 ~]# crictl config --set runtime-endpoint=unix:///run/containerd/containerd.sock --set image-endpoint=unix:///run/containerd/containerd.sock -
查看版本并初始化
[root@master-1 ~]# kubeadm version kubeadm version: &version.Info{Major:"1", Minor:"24", GitVersion:"v1.24.0", GitCommit:"4ce5a8954017644c5420bae81d72b09b735c21f0", GitTreeState:"archive", BuildDate:"2023-03-28T11:09:13Z", GoVersion:"go1.19.4", Compiler:"gc", Platform:"linux/amd64"}[root@master-1 ~]# kubeadm init --kubernetes-version=v1.24.0 --pod-network-cidr=10.244.0.0/16 --image-repository=registry.aliyuncs.com/google_containers -
按照提示信息操作
To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/configAlternatively, if you are the root user, you can run:export KUBECONFIG=/etc/kubernetes/admin.conf -
查看节点状态
[root@master-1 ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION master-1 NotReady control-plane 14m v1.24.0
5、网络插件安装
-
下载 flannel yml
[root@master-1 ~]# wget https://github.com/flannel-io/flannel/releases/download/v0.26.2/kube-flannel.yml -
通过离线下载网站获取镜像
https://pull.7ii.win/
-
导入 k8s.io 命名空间,需要通过 docker 进行转换
[root@master-1 ~]# docker load < flannel-flannel-v0.26.2-amd64.tar [root@master-1 ~]# docker load < flannel-flannel-cni-plugin-v1.6.0-flannel1-amd64.tar[root@master-1 ~]# docker save -o flannel-flannel-cni-plugin-v1.6.0-flannel1-amd64.tar flannel/flannel-cni-plugin:v1.6.0-flannel1 [root@master-1 ~]# docker save -o flannel-flannel-v0.26.2-amd64.tar flannel/flannel:v0.26.2[root@master-1 ~]# ctr -n k8s.io images import flannel-flannel-v0.26.2-amd64.tar [root@master-1 ~]# ctr -n k8s.io images import flannel-flannel-cni-plugin-v1.6.0-flannel1-amd64.tar -
调整 yml 镜像拉取策略,在 image 下增加 imagePullPolicy: Never
-
应用 yml
[root@master-1 ~]# kubectl apply -f kube-flannel.yml -
yml 参考
apiVersion: v1 kind: Namespace metadata:labels:k8s-app: flannelpod-security.kubernetes.io/enforce: privilegedname: kube-flannel --- apiVersion: v1 kind: ServiceAccount metadata:labels:k8s-app: flannelname: flannelnamespace: kube-flannel --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata:labels:k8s-app: flannelname: flannel rules: - apiGroups:- ""resources:- podsverbs:- get - apiGroups:- ""resources:- nodesverbs:- get- list- watch - apiGroups:- ""resources:- nodes/statusverbs:- patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata:labels:k8s-app: flannelname: flannel roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: flannel subjects: - kind: ServiceAccountname: flannelnamespace: kube-flannel --- apiVersion: v1 data:cni-conf.json: |{"name": "cbr0","cniVersion": "0.3.1","plugins": [{"type": "flannel","delegate": {"hairpinMode": true,"isDefaultGateway": true}},{"type": "portmap","capabilities": {"portMappings": true}}]}net-conf.json: |{"Network": "10.244.0.0/16","EnableNFTables": false,"Backend": {"Type": "vxlan"}} kind: ConfigMap metadata:labels:app: flannelk8s-app: flanneltier: nodename: kube-flannel-cfgnamespace: kube-flannel --- apiVersion: apps/v1 kind: DaemonSet metadata:labels:app: flannelk8s-app: flanneltier: nodename: kube-flannel-dsnamespace: kube-flannel spec:selector:matchLabels:app: flannelk8s-app: flanneltemplate:metadata:labels:app: flannelk8s-app: flanneltier: nodespec:affinity:nodeAffinity:requiredDuringSchedulingIgnoredDuringExecution:nodeSelectorTerms:- matchExpressions:- key: kubernetes.io/osoperator: Invalues:- linuxcontainers:- args:- --ip-masq- --kube-subnet-mgrcommand:- /opt/bin/flanneldenv:- name: POD_NAMEvalueFrom:fieldRef:fieldPath: metadata.name- name: POD_NAMESPACEvalueFrom:fieldRef:fieldPath: metadata.namespace- name: EVENT_QUEUE_DEPTHvalue: "5000"image: docker.io/flannel/flannel:v0.26.2imagePullPolicy: Nevername: kube-flannelresources:requests:cpu: 100mmemory: 50MisecurityContext:capabilities:add:- NET_ADMIN- NET_RAWprivileged: falsevolumeMounts:- mountPath: /run/flannelname: run- mountPath: /etc/kube-flannel/name: flannel-cfg- mountPath: /run/xtables.lockname: xtables-lockhostNetwork: trueinitContainers:- args:- -f- /flannel- /opt/cni/bin/flannelcommand:- cpimage: docker.io/flannel/flannel-cni-plugin:v1.6.0-flannel1imagePullPolicy: Nevername: install-cni-pluginvolumeMounts:- mountPath: /opt/cni/binname: cni-plugin- args:- -f- /etc/kube-flannel/cni-conf.json- /etc/cni/net.d/10-flannel.conflistcommand:- cpimage: docker.io/flannel/flannel:v0.26.2imagePullPolicy: Nevername: install-cnivolumeMounts:- mountPath: /etc/cni/net.dname: cni- mountPath: /etc/kube-flannel/name: flannel-cfgpriorityClassName: system-node-criticalserviceAccountName: flanneltolerations:- effect: NoScheduleoperator: Existsvolumes:- hostPath:path: /run/flannelname: run- hostPath:path: /opt/cni/binname: cni-plugin- hostPath:path: /etc/cni/net.dname: cni- configMap:name: kube-flannel-cfgname: flannel-cfg- hostPath:path: /run/xtables.locktype: FileOrCreatename: xtables-lock
6、安装结果
[root@master-1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master-1 Ready control-plane 7m38s v1.24.0
[root@master-1 ~]#
[root@master-1 ~]#
[root@master-1 ~]# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-flannel kube-flannel-ds-rtwp4 1/1 Running 0 98s
kube-system coredns-74586cf9b6-cdr5n 1/1 Running 0 7m22s
kube-system coredns-74586cf9b6-hhn72 1/1 Running 0 7m22s
kube-system etcd-master-1 1/1 Running 0 7m36s
kube-system kube-apiserver-master-1 1/1 Running 0 7m36s
kube-system kube-controller-manager-master-1 1/1 Running 0 7m36s
kube-system kube-proxy-27tnv 1/1 Running 0 7m22s
kube-system kube-scheduler-master-1 1/1 Running 0 7m36s
参考
解决无法拉取flannel镜像:https://blog.csdn.net/qq_46274911/article/details/138486623
