美文网首页
[K8S系列三]基于Kubeadm的K8S集群搭建

[K8S系列三]基于Kubeadm的K8S集群搭建

作者: 925781609 | 来源:发表于2022-03-24 16:11 被阅读0次

Kubeadm 提供了 kubeadm init 和 kubeadm join 这两个工具, 作为快速创建 Kubernetes 集群的最佳实践。
本文的K8S集群是在Centos集群上搭建的,前期准备工作可以参考:
[K8S系列一]基于VirtualBox和Vagrant的Linux集群搭建
[K8S系列二]Centos安装docker

1 Centos系统配置

# 01 关闭防火墙
systemctl stop firewalld && systemctl disable firewalld

# 02 关闭selinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

# 03 关闭swap
swapoff -a
sed -i '/swap/s/^\(.*\)$/#\1/g' /etc/fstab

# 04 配置iptables的ACCEPT规则
iptables -F && iptables -X && iptables \
    -F -t nat && iptables -X -t nat && iptables -P FORWARD ACCEPT

# 05 设置系统参数
cat <<EOF >  /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

# 06 手动加载所有的配置文件
sysctl --system

2 安装 kubeadm, kubelet 和 kubectl

# 01 配置yum源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
       http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

# 02 安装kubeadm、kubelet、kubectl
    yum install -y kubeadm kubelet kubectl

# 03 docker和k8s设置同一个cgroup
# 3.1 修改etc/docker/daemon.json, 文件不存在就新建;有的话,就加上这一句。注意Json格式

{
    "exec-opts": ["native.cgroupdriver=systemd"]
}

# 3.2 重启docker,一定要执行
    systemctl restart docker 

# 3.3 找不到内容没有关系
    sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf

# 3.4 重启kubelet,一定要执行
    systemctl enable kubelet && systemctl start kubelet 

3 初始化集群

3.1 因为GFW的原因,有些镜像通过默认的镜像源下载不下来,需要指定国内的镜像源,或者通过国内的镜像源提前下载下来。

这里对coredns特殊处理一下

docker pull coredns/coredns:1.8.6
docker tag coredns/coredns:1.8.6 registry.aliyuncs.com/google_containers/coredns:v1.8.6
3.2 初始化主节点
  1. 执行如下命令,初始化主节点,192.168.0.51 是主节点IP地址,image-repository指定阿里巴巴镜像源
kubeadm init --kubernetes-version=1.23.5 \
    --image-repository  registry.cn-hangzhou.aliyuncs.com/google_containers \
    --apiserver-advertise-address=192.168.0.51 \
    --pod-network-cidr=10.244.0.0/16

执行后返回如下提示:

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.0.51:6443 --token 439uik.r1m3zwpgalub0563 \
        --discovery-token-ca-cert-hash sha256:1fea5bbde95cb0d5bf00002019d225845e80ac3c657e1cae46ed9d32e691001e
  1. 按照提示在主节点上执行:
  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config
  1. 在主节点上执行 kubectl get nodes,可以发现当前只有master节点
NAME     STATUS   ROLES                  AGE     VERSION
master   Ready    control-plane,master   12m     v1.23.5
  1. kubectl get pods -n kube-system可以发现coredns pod都是pending的
NAMESPACE     NAME                             READY   STATUS    RESTARTS   AGE
kube-system   coredns-65c54cc984-8cdgr         0/1     Pending   0          20s
kube-system   coredns-65c54cc984-fvzp9         0/1     Pending   0          20s
kube-system   etcd-master                      1/1     Running   0          34s
kube-system   kube-apiserver-master            1/1     Running   0          34s
kube-system   kube-controller-manager-master   1/1     Running   0          34s
kube-system   kube-proxy-7fkw2                 1/1     Running   0          20s
kube-system   kube-scheduler-master            1/1     Running   0          33s

这是因为没有安装网络插件,可以参考之前提示 You should now deploy a pod network to the cluster,这里选择Calico

3.2 Calico 安装
curl -O https://docs.projectcalico.org/manifests/calico.yaml
kubectl apply -f calico.yaml

一定要注意calico.yaml 的版本与calico版本匹配,否则会提示如下信息,然后启动各种报错:

unable to recognize "calico.yaml": no matches for kind "CustomResourceDefinition" in version "apiextensions.k8s.io/v1beta1"

安装之后再执行kubectl get pods -n kube-system,这回所有的pods都是running状态。

NAMESPACE     NAME                                       READY   STATUS    RESTARTS   AGE
kube-system   calico-kube-controllers-56fcbf9d6b-4dr86   1/1     Running   0          3m
kube-system   calico-node-9sgm6                          1/1     Running   0          3m
kube-system   coredns-6d8c4cb4d-dfq9g                    1/1     Running   0          24m
kube-system   coredns-6d8c4cb4d-lhffl                    1/1     Running   0          24m
kube-system   etcd-master                                1/1     Running   4          24m
kube-system   kube-apiserver-master                      1/1     Running   4          24m
kube-system   kube-controller-manager-master             1/1     Running   4          24m
kube-system   kube-proxy-rmwzt                           1/1     Running   0          24m
kube-system   kube-scheduler-master                      1/1     Running   4          24m

3.3 子节点加入集群
在w1、w2子节点上分别执行:

kubeadm join 192.168.0.51:6443 --token 439uik.r1m3zwpgalub0563 \
        --discovery-token-ca-cert-hash sha256:1fea5bbde95cb0d5bf00002019d225845e80ac3c657e1cae46ed9d32e691001e
[root@master ~]# kubectl get nodes
NAME     STATUS   ROLES                  AGE     VERSION
master   Ready    control-plane,master   12m     v1.23.5
w1       Ready    <none>                 5m37s   v1.23.5
w2       Ready    <none>                 5m37s   v1.23.5

4. 简单示例

使用K8S创建Nginx pod

# 01 创建工作目录
mkdir pod_nginx_rs

# 02 切换到工作目录下
cd pod_nginx_rs

# 03 创建yaml文件
cat > pod_nginx_rs.yaml <<EOF
apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: nginx
  labels:
    tier: frontend
spec:
  replicas: 3
  selector:
    matchLabels:
      tier: frontend
  template:
    metadata:
      name: nginx
      labels:
        tier: frontend
    spec:
      containers:
      - name: nginx
        image: nginx
        ports:
        - containerPort: 80
EOF

# 04 根据文件创建pod`
    kubectl apply -f pod_nginx_rs.yaml

# 05 查看pod
    kubectl get pods
    kubectl get pods -o wide
    kubectl describe pod nginx

# 06 感受通过RS将pod扩容
    kubectl scale rs nginx --replicas=4
    kubectl get pods -o wide

# 07 删除pod
    kubectl delete -f pod_nginx_rs.yaml

5 一些常用的命令

#  Show details of a specific resource or group of resources
kubectl describe pods  calico-node-mcznh -n kube-system

# Print the logs for a container in a pod
kubectl logs calico-node-mcznh  -n kube-system

#  删除节点mynode节点
kubectl drain mynode
kubectl delete node mynode
# 在mynode节点上执行
kubeadm reset

# 忘记kubeadm init生成的kubeadm join命令
kubeadm token generate
kubeadm token create <generated-token> --print-join-command --ttl=0 

相关文章

网友评论

      本文标题:[K8S系列三]基于Kubeadm的K8S集群搭建

      本文链接:https://www.haomeiwen.com/subject/atfndrtx.html