美文网首页
使用kubeadm工具快速安装Kubernetes集群

使用kubeadm工具快速安装Kubernetes集群

作者: 阿汤哥_8d27 | 来源:发表于2021-06-25 10:58 被阅读0次

初始化系统

所有机器都需要初始化 docker 和 kubelet。(master+node)

#配置kubernetes阿里源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
#kubernetes官方源(会有访问不通情况)
[kubernetes]
name=Kubernetes
baseurl=http://yum.kubernetes.io/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
#设置SELINUX
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
#安装docker、kubelet、 kubeadm 、kubectl
yum install -y docker
systemctl enable docker && systemctl start docker
yum install -y kubelet kubeadm
systemctl enable kubelet && systemctl start kubelet

master节点配置docker镜像加速

image.png 
#针对Docker客户端版本大于 1.10.0 的用户
#您可以通过修改daemon配置文件/etc/docker/daemon.json来使用加速器
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://7kqtjl19.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

master节点镜像准备

#查看当前配置中需求的镜像
[root@master ~]# kubeadm config images list
k8s.gcr.io/kube-apiserver:v1.22.0
k8s.gcr.io/kube-controller-manager:v1.22.0
k8s.gcr.io/kube-scheduler:v1.22.0
k8s.gcr.io/kube-proxy:v1.22.0
k8s.gcr.io/pause:3.5
k8s.gcr.io/etcd:3.5.0-0
k8s.gcr.io/coredns/coredns:v1.8.4
#使用阿里镜像仓库下载对应镜像
docker image pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.22.0
docker image pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.22.0
docker image pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.22.0
docker image pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.22.0
docker image pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.5
docker image pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.0-0
docker image pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.8.4
#参看已经下载的镜像
docker image ls
#镜像打标签
docker image tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.22.0 k8s.gcr.io/kube-apiserver:v1.22.0
docker image tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.22.0 k8s.gcr.io/kube-controller-manager:v1.22.0
docker image tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.22.0 k8s.gcr.io/kube-scheduler:v1.22.0
docker image tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.22.0 k8s.gcr.io/kube-proxy:v1.22.0
docker image tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.5 k8s.gcr.io/pause:3.5
docker image tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.0-0 k8s.gcr.io/etcd:3.5.0-0
docker image tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.8.4 k8s.gcr.io/coredns/coredns:v1.8.4

安装 master

#master节点安装客户端命令行工具kubectl
yum install -y kubectl
#运行kubeadm init安装master
# --api-advertise-addresses <ip-address>
# for flannel, setup --pod-network-cidr 10.244.0.0/16
kubeadm init --kubernetes-version=1.22.0
#按提示操作
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

#允许调度pod到master节点
kubectl taint nodes --all node-role.kubernetes.io/master-
#不允许调度pod到master节点
kubectl taint nodes --all node-role.kubernetes.io/master:NoSchedule-

配置 Network plugin

CNI bridge

mkdir -p /etc/cni/net.d
cat >/etc/cni/net.d/10-mynet.conf <<-EOF
{
    "cniVersion": "0.3.0",
    "name": "mynet",
    "type": "bridge",
    "bridge": "cni0",
    "isGateway": true,
    "ipMasq": true,
    "ipam": {
        "type": "host-local",
        "subnet": "10.244.0.0/16",
        "routes": [
            {"dst": "0.0.0.0/0"}
        ]
    }
}
EOF
cat >/etc/cni/net.d/99-loopback.conf <<-EOF
{
    "cniVersion": "0.3.0",
    "type": "loopback"
}
EOF

flannel

注意:需要 kubeadm init 时设置 --pod-network-cidr=10.244.0.0/16
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml

weave(本案例采用weave)

sysctl net.bridge.bridge-nf-call-iptables=1
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

calico

注意:需要 kubeadm init 时设置 --pod-network-cidr=192.168.0.0/16
kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml
kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml

添加 Node

#kubeadm join --token <token> <master-ip>:<master-port> --discovery-token-ca-cert-hash sha256:<hash>
kubeadm join 172.17.0.12:6443 --token 5syak1.e0h5it174c91l632 --discovery-token-ca-cert-hash sha256:9569a84dff070a23b33eb86e74adef2c219da187f779639052ce2d45d7752b47

验证

kubectl get nodes
kubectl get pods --all-namespaces
kubectl describe nodes node1

kubeadm config

kubeadm提供了配置文件功能用于复杂定制。将配置文件以ConfigMap的形式保存到集群之中,便于后续的查询和升级工作.

kubeadm config子命令提供了对这一组功能的支持:

kubeadm config upload from-file:由配置文件上传到集群中生成ConfigMap。
kubeadm config upload from-flags:由配置参数生成ConfigMap。
◎ kubeadm config view:查看当前集群中的配置值。
◎ kubeadm config print init-defaults:输出kubeadm init默认参数文件的内容。
◎ kubeadm config print join-defaults:输出kubeadm join默认参数文件的内容。
◎ kubeadm config migrate:在新旧版本之间进行配置转换。
◎ kubeadm config images list:列出所需的镜像列表。
◎ kubeadm config images pull:拉取镜像到本地。

取得kubeadm init默认的初始化参数文件:

kubeadm config print init-defaults >init-defaults.yaml

[root@master ~]# cat init-default.yaml 
apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
  - system:bootstrappers:kubeadm:default-node-token
  token: abcdef.0123456789abcdef
  ttl: 24h0m0s
  usages:
  - signing
  - authentication
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: 1.2.3.4
  bindPort: 6443
nodeRegistration:
  criSocket: /var/run/dockershim.sock
  imagePullPolicy: IfNotPresent
  name: node
  taints: null
---
apiServer:
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: k8s.gcr.io
kind: ClusterConfiguration
kubernetesVersion: 1.22.0
networking:
  dnsDomain: cluster.local
  serviceSubnet: 10.96.0.0/12
scheduler: {}

取得kubeadm join默认的初始化参数文件:

kubeadm config print join-defaults >join-defaults.yaml

[root@master ~]# cat join-defaults.yaml 
apiVersion: kubeadm.k8s.io/v1beta3
caCertPath: /etc/kubernetes/pki/ca.crt
discovery:
  bootstrapToken:
    apiServerEndpoint: kube-apiserver:6443
    token: abcdef.0123456789abcdef
    unsafeSkipCAVerification: true
  timeout: 5m0s
  tlsBootstrapToken: abcdef.0123456789abcdef
kind: JoinConfiguration
nodeRegistration:
  criSocket: /var/run/dockershim.sock
  imagePullPolicy: IfNotPresent
  name: master
  taints: nul

定制配置文件后(修改镜像地址、pod的地址范围),根据配置文件初始化安装

kubeadm init --config=init-config.yaml
kubeadm join--config=join-config.yaml

参考文档

相关文章

网友评论

      本文标题:使用kubeadm工具快速安装Kubernetes集群

      本文链接:https://www.haomeiwen.com/subject/hbinyltx.html

      延伸阅读

      深度阅读

      • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

      栏目导航

      热点阅读

      关于我们|服务条款|联系我们|使用kubeadm工具快速安装Kubernetes集群|投稿指南|网站地图|RSS订阅|排版工具|手机版

      提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

      Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

      备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

      本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

      所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!