centos7.9搭建k8s集群

server/2024/11/26 20:17:40/

环境准备

centos7.9,8G4C

准备工作:

关闭防火墙firewalld、selinux

设置主机名

设置/etc/hosts  

[root@localhost ~]# hostnamectl set-hostname master
[root@localhost ~]# hostnamectl set-hostname worker1
[root@localhost ~]# hostnamectl set-hostname worker2
[root@master ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.101 master
192.168.1.103 worker1
192.168.1.105 worker2
[root@master ~]# systemctl stop firewalld&&systemctl disable firewalld&&setenforce 0
[root@master ~]#sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

关闭交换分区

[root@master ~]# swapoff -a
[root@master ~]# vim /etc/fstab
交换分区加上注释
#/dev/mapper/centos-swap swap                    swap    defaults        0 0

将桥接的ipv4流量传递到iptables链,打开端口转发

[root@master ~]# modprobe br_netfilter
[root@master ~]# cat >/etc/sysctl.d/k8s.conf<<EOF
> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> EOF
[root@master ~]# sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
kernel.kptr_restrict = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /usr/lib/sysctl.d/60-libvirtd.conf ...
fs.aio-max-nr = 1048576
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/k8s.conf ...
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
* Applying /etc/sysctl.conf ...
[root@master ~]# echo "net.ipv4.ip_forward = 1"  >> /etc/sysctl.conf
[root@master ~]# sysctl -p
net.ipv4.ip_forward = 1

时间同步

[root@worker2 ~]# yum install -y chrony &&systemctl start chronyd && systemctl enable chronyd

 配置containerd

[root@worker2 ~]# yum install -y yum-utils  &&sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@master ~]# yum install containerd.io -y &&systemctl enable containerd --now
[root@master ~]# containerd config default>/etc/containerd/config.toml
[root@master ~]# vim /etc/containerd/config.toml sandbox_image = "registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.10"SystemdCgroup = true
[root@master ~]# systemctl restart containerd

配置kubernetes仓库
 

cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v1.31/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v1.31/rpm/repodata/repomd.xml.key
exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
EOF
sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
sudo systemctl enable --now kubelet

配置crictl与containerd交互

[root@master ~]# crictl config --set runtime-endpoint=/run/containerd/containerd.sock
[root@master ~]# crictl images
IMAGE               TAG                 IMAGE ID            SIZE

k8s初始化

[root@master ~]# kubeadm config  print init-defaults>kubeadm-config.yaml
[root@master ~]# kubeadm init --config kubeadm-config.yaml 
主节点配置
[root@master ~]#  mkdir -p $HOME/.kube
[root@master ~]#   sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master ~]#   sudo chown $(id -u):$(id -g) $HOME/.kube/config
工作节点
[root@master ~]# scp /etc/kubernetes/admin.conf root@192.168.1.103:/root
[root@master ~]# scp /etc/kubernetes/admin.conf root@192.168.1.105:/root
[root@worker1 ~]# mkdir -p $HOME/.kube
[root@worker1 ~]# sudo cp -i admin.conf $HOME/.kube/config
[root@worker1 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
[root@worker1 ~]# kubectl get nodes
NAME     STATUS     ROLES           AGE   VERSION
master   NotReady   control-plane   16m   v1.31.2
[root@worker2 ~]# mkdir -p $HOME/.kube
[root@worker2 ~]# sudo cp -i admin.conf $HOME/.kube/config
[root@worker2 ~]# chown $(id -u):$(id -g) $HOME/.kube/config
[root@worker2 ~]# kubectl get nodes
NAME     STATUS     ROLES           AGE   VERSION
master   NotReady   control-plane   17m   v1.31.2

工作节点加入集群

[root@worker1 ~]# kubeadm join 192.168.1.101:6443 --token abcdef.0123456789abcdef \
> --discovery-token-ca-cert-hash sha256:54ff174d318f6dd6b7e357ba40f6364cfa4394c5bf1ed74a9d8fdab907fe1b19
[root@worker2 ~]# kubeadm join 192.168.1.101:6443 --token abcdef.0123456789abcdef \
> --discovery-token-ca-cert-hash sha256:54ff174d318f6dd6b7e357ba40f6364cfa4394c5bf1ed74a9d8fdab907fe1b19
[root@master ~]# kubectl get nodes
NAME      STATUS     ROLES           AGE   VERSION
master    NotReady   control-plane   19m   v1.31.2
worker1   NotReady   <none>          59s   v1.31.2
worker2   NotReady   <none>          52s   v1.31.2

这里发现状态都为NotReady,因为网络还没有通,现在安装calico网络插件

安装calico网络插件

 calico.yaml文件地址:
calico/manifests/calico.yaml at master · projectcalico/calicoicon-default.png?t=O83Ahttps://github.com/projectcalico/calico/blob/master/manifests/calico.yaml这里我是采用的离线安装,把calico需要的镜像提前下载到了本地,进行导入。通过xftp进行上传
 

[root@master ~]# mkdir calico
[root@master ~]# ls calico/
calico.yaml  cni.tar  controller.tar  node.tar
#三个节点都进行镜像导入
[root@master calico]# ctr -n=k8s.io images import cni.tar && ctr -n=k8s.io images import node.tar && ctr -n=k8s.io images import controller.tar
[root@master calico]# ctr images list
REF                                      TYPE                                       DIGEST                                                                  SIZE      PLATFORMS   LABELS 
docker.io/calico/cni:master              application/vnd.oci.image.manifest.v1+json sha256:857793c712dacf42f3d4b7c0223ba1b6497098ad8270029346d62adafb00bd5b 209.5 MiB linux/amd64 -      
docker.io/calico/kube-controllers:master application/vnd.oci.image.manifest.v1+json sha256:a01cd6d582c44775bb1b1053fe05501d44afd79be66bc770ac9218a1dfbf31ea 78.6 MiB  linux/amd64 -      
docker.io/calico/node:master             application/vnd.oci.image.manifest.v1+json sha256:5e3d9dddee857783469742393998a84ee2497bdba98dd44424e28699f58e40ad 325.5 MiB linux/amd64 -      
[root@master calico]# kubectl apply -f calico.yaml 
[root@master calico]# kubectl get pods -n kube-system
NAME                                       READY   STATUS    RESTARTS       AGE
calico-kube-controllers-7bcf789c97-9jx9j   1/1     Running   0              16m
calico-node-d6n68                          1/1     Running   0              16m
calico-node-dlnpr                          1/1     Running   0              16m
calico-node-t4kzf                          1/1     Running   0              16m
coredns-fcd6c9c4-fz4kz                     1/1     Running   0              55m
coredns-fcd6c9c4-r7qgx                     1/1     Running   0              55m
etcd-master                                1/1     Running   0              56m
kube-apiserver-master                      1/1     Running   0              55m
kube-controller-manager-master             1/1     Running   4 (109s ago)   55m
kube-proxy-2pgkw                           1/1     Running   0              37m
kube-proxy-px64d                           1/1     Running   0              37m
kube-proxy-tvxds                           1/1     Running   0              55m
kube-scheduler-master                      1/1     Running   3 (99s ago)    55m
[root@master calico]# kubectl get nodes
NAME      STATUS   ROLES           AGE   VERSION
master    Ready    control-plane   61m   v1.31.2
worker1   Ready    <none>          42m   v1.31.2
worker2   Ready    <none>          42m   v1.31.2

k8s命令补全
 

[root@master calico]# echo 'source /usr/share/bash-completion/bash_completion' >> ~/.bashrc
[root@master calico]# echo 'source  <(kubectl completion bash)' >> ~/.bashrc
[root@master calico]# source ~/.bashrc

以上操作就完成了K8s集群的搭建


http://www.ppmy.cn/server/145139.html

相关文章

MySQL通过binlog恢复数据

查看记录二进制日志详细信息 SHOW VARIABLES LIKE %log_bin% log_bin 为 ON说明这个参数是开启的&#xff0c;就是说系统是记录了bin log的 log_bin_basename 配置了bin log的文件路径及文件前缀名 log_bin_index 配置了bin log索引文件的路径 查看当前使用日志列表 show …

44.扫雷第二部分、放置随机的雷,扫雷,炸死或成功 C语言

按照教程打完了。好几个bug都是自己打出来的。比如统计周围8个格子时&#xff0c;有一个各自加号填成了减号。我还以为平移了&#xff0c;一会显示是0一会显示是2。结果单纯的打错了。debug的时候断点放在scanf后面会顺畅一些。中间多放一些变量名方便监视。以及mine要多显示&a…

《硬件架构的艺术》笔记(五):低功耗设计

介绍 能量以热量形式消耗&#xff0c;温度升高芯片失效率也会增加&#xff0c;增加散热片或风扇会增加整体重量和成本&#xff0c;在SoC级别对功耗进行控制就可以减少甚至可能消除掉这些开支&#xff0c;产品也更小更便宜更可靠。本章描述了减少动态功耗和静态功耗的各种技术。…

阿里云整理(一)

阿里云整理 1. 介绍规模 2. 专业名词2.1 专有网络VPC2.2 安全组SG2.3 云服务器ECS2.4 资源组2.5 部署集2.5 web测试 1. 介绍 ‌阿里云是一家提供云计算和人工智能服务的科技公司&#xff0c;成立于2009年&#xff0c;总部位于杭州。‌它为全球客户提供全方位的云服务&#xff…

前端数据可视化思路及实现案例

目录 一、前端数据可视化思路 &#xff08;一&#xff09;明确数据与目标 &#xff08;二&#xff09;选择合适的可视化图表类型 &#xff08;三&#xff09;数据与图表的绑定及交互设计 &#xff08;四&#xff09;页面布局与样式设计 二、具体案例&#xff1a;使用 Ech…

MySQL 中有哪几种锁?

表锁&#xff08;Table Locks&#xff09; 描述&#xff1a;表锁是锁定整个表&#xff0c;防止其他事务对表进行修改。类型&#xff1a; 共享锁&#xff08;Shared Locks&#xff09;&#xff1a;允许多个事务同时读取表中的数据&#xff0c;但不允许写操作。排他锁&#xff08…

html+js实现图片的放大缩小等比缩放翻转,自动播放切换,顺逆时针旋转

效果图&#xff1a; <!DOCTYPE html> <html lang"en"> <head><meta charset"UTF-8"><meta name"viewport" content"widthdevice-width, initial-scale1.0"><title>图片预览</title><sty…

Stable Diffusion入门教程

要入门Stable Diffusion&#xff0c;你可以按照以下步骤进行&#xff1a; 1. 安装Stable Diffusion 获取安装包&#xff1a;你可以从GitHub上的 Stable Diffusion Web UI开源地址获取安装包。 一键启动程序包&#xff1a;如果你是小白不会装&#xff0c;可以使用国内秋葉aaaki开…