服务器申请
最低配置 2核cpu (可以参考我申请的机器配置)
1.jpg
服务器配置和软件安装
# 1. 关闭防火墙及selinux
systemctl stop firewalld && systemctl disable firewalld
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config && setenforce 0
# 2. 关闭 swap 分区
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
# 3. 设置主机名及配置hosts
hostnamectl set-hostname k8s-master
cat >> /etc/hosts << EOF
`ifconfig -a|grep eth0 -A1|grep inet|awk '{print $2}'|tr -d "addr:"` k8s-master
EOF
# 4. 内核调整,将桥接的IPv4流量传递到iptables的链
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
# 5. 设置系统时区并同步时间服务器
yum install -y ntpdate && ntpdate time.windows.com
# 6. docker 安装&配置
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum list docker-ce --showduplicates | sort -r
yum -y install docker-ce-18.06.1.ce-3.el7
systemctl start docker && systemctl enable docker
# 7. 配置镜像加速器(阿里云/可选)添加kubernetes YUM软件源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
# 8. 安装kubeadm,kubelet和kubectl (版本可以自己根据需要选择)
yum install -y kubelet-1.19.3-0 kubeadm-1.19.3-0 kubectl-1.19.3-0
systemctl enable kubelet.service
# 9. 令容器运行时和kubelet使用systemd作为cgroup驱动
# 编辑 /etc/docker/daemon.json
# 将 "exec-opts": ["native.cgroupdriver=systemd"] 加入
# 如果daemon.json 以前为空,加入后变为
{"exec-opts": ["native.cgroupdriver=systemd"]}
systemctl daemon-reload
systemctl restart docker
k8s必备镜像安装
运行如下脚本
images=(
kube-apiserver:v1.19.3
kube-controller-manager:v1.19.3
kube-scheduler:v1.19.3
kube-proxy:v1.19.3
pause:3.2
etcd:3.4.13-0
coredns:1.7.0
)
for imageName in ${images[@]} ; do
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
done
说明 这些镜像的版本是根据 kubeadm 的版本决定的, 如果是安装的其他版本, 依赖的镜像版本也跟上面不同, 运行 kubeadm init 会报镜像找不到, 可以把找不到的镜像对应的版本 替换脚本中镜像的版本在阿里云镜像仓库去pull。
k8s初始化
sudo kubeadm init --pod-network-cidr=192.168.0.0/16 --kubernetes-version=v1.19.3
# 配置kubctl
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
# 安装 Calico网络插件
kubectl create -f https://docs.projectcalico.org/manifests/tigera-operator.yaml
kubectl create -f https://docs.projectcalico.org/manifests/custom-resources.yaml
# 查看相关pod状态直到所有 pod 的状态都为 Running
watch kubectl get pods -n calico-system
# Every 2.0s: kubectl get pods -n calico-system
# NAME READY STATUS RESTARTS AGE
# calico-kube-controllers-85ff5cb957-rdgqj 1/1 Running 0 31s
# calico-node-xmrff 1/1 Running 0 31s
# calico-typha-68c8f45bd6-qq64j 1/1 Running 0 31s
# 移除污点, 让 pods 能在master 节点运行
kubectl taint nodes --all node-role.kubernetes.io/master-
# 查看节点状态
kubectl get nodes -o wide
# NAME STATUS ROLES ......
# k8s-master Ready master ......
kubeadm reset 可将 k8s 环境重新置, 重新执行 init 操作生成干净的环境
参考:
https://www.cnblogs.com/dforward2017/p/13719792.html
https://blog.whsir.com/post-5312.html
https://docs.projectcalico.org/getting-started/kubernetes/quickstart
网友评论