配置阿里云apt源
sudo cat << EOF >/etc/apt/sources.list
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
EOF
安装docker
# step 1: 安装必要的一些系统工具
sudo apt-get update
sudo apt-get -y install apt-transport-https ca-certificates curl software-properties-common
# step 2: 安装GPG证书
curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
# Step 3: 写入软件源信息
sudo add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
# Step 4: 更新并安装 Docker-CE
sudo apt-get -y update
# 安装指定版本的Docker-CE:
# 查找Docker-CE的版本:
apt-cache madison docker-ce
# 安装指定版本的Docker-CE: (VERSION 例如上面的 18.06.1~ce~3-0~ubuntu)
# sudo apt-get -y install docker-ce=[VERSION]
sudo apt-get -y install docker-ce=18.06.1~ce~3-0~ubuntu
# 锁定版本,以免apt upgrade时自动升级,出现版本不兼容的情况:
sudo echo "docker-ce hold" | sudo dpkg --set-selections
配置kubernetes系统环境
#关闭磁盘交换
sudo swapoff -a
#清除防火墙设置
sudo iptables -F
#设置域名
sudo hostnamectl set-hostname xxxxxx
cat <<EOF >/etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-arptables = 1
vm.swappiness = 0
EOF
sysctl -p /etc/sysctl.d/k8s.conf
安装kubrenetes
首先,安装Kubeadm、Kubectl、Kubelet基础工具和服务。
使用阿里的源
apt-get update && apt-get install -y apt-transport-https
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update
查找kubeadm的版本
apt-cache madison kubeadm
安装Kubernetes 1.19.2-00:
sudo apt install kubeadm=1.19.2-00 kubectl=1.19.2-00 kubelet=1.19.2-00
锁定版本到Kubernetes 1.19.2-00,以免apt upgrade时自动升级,出现版本不兼容的情况:
sudo echo "kubeadm hold" | sudo dpkg --set-selections
sudo echo "kubectl hold" | sudo dpkg --set-selections
sudo echo "kubelet hold" | sudo dpkg --set-selections
使用kubeadm安装kubernetes依赖gcr.io的镜像,由于网络原因,需要提前准备好,可以使用下面的脚本在线拉取,也可以提前下载导入镜像。
查看该版本的容器镜像版本:
kubeadm config images list
k8s.gcr.io/kube-apiserver:v1.19.2
k8s.gcr.io/kube-controller-manager:v1.19.2
k8s.gcr.io/kube-scheduler:v1.19.2
k8s.gcr.io/kube-proxy:v1.19.2
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.13-0
k8s.gcr.io/coredns:1.7.0
#/bin/bash
MY_REGISTRY=registry.cn-hangzhou.aliyuncs.com/google_containers
## 拉取镜像
docker pull ${MY_REGISTRY}/kube-apiserver:v1.19.2
docker pull ${MY_REGISTRY}/kube-controller-manager:v1.19.2
docker pull ${MY_REGISTRY}/kube-scheduler:v1.19.2
docker pull ${MY_REGISTRY}/kube-proxy:v1.19.2
docker pull ${MY_REGISTRY}/etcd:3.4.13-0
docker pull ${MY_REGISTRY}/pause:3.2
docker pull ${MY_REGISTRY}/coredns:1.7.0
## 添加Tag
docker tag ${MY_REGISTRY}/kube-apiserver:v1.19.2 k8s.gcr.io/kube-apiserver:v1.19.2
docker tag ${MY_REGISTRY}/kube-scheduler:v1.19.2 k8s.gcr.io/kube-scheduler:v1.19.2
docker tag ${MY_REGISTRY}/kube-controller-manager:v1.19.2 k8s.gcr.io/kube-controller-manager:v1.19.2
docker tag ${MY_REGISTRY}/kube-proxy:v1.19.2 k8s.gcr.io/kube-proxy:v1.19.2
docker tag ${MY_REGISTRY}/etcd:3.4.13-0 k8s.gcr.io/etcd:3.4.13-0
docker tag ${MY_REGISTRY}/pause:3.2 k8s.gcr.io/pause:3.2
docker tag ${MY_REGISTRY}/coredns:1.7.0 k8s.gcr.io/coredns:1.7.0
#初始化环境,注意这个版本号一定要指定(否则会挂起)。
#指定IP地址,v1.19.2版本:
sudo kubeadm init --kubernetes-version=v1.19.2 --apiserver-advertise-address=172.16.244.65 --pod-network-cidr=10.244.0.0/16
#输出下面信息,表示初始化成功。
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each node
as root:
kubeadm join 172.16.244.65:6443 --token 21hga5.yop56y0u65heem2c \
--discovery-token-ca-cert-hash sha256:88820481f5fa71cde2b2b4fa870aa22ee4733cf47634db7a082b94b6dad0d9c2
#创建用户配置文件
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
#安装网络
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
#启用主控机同时作为工作节点
kubectl taint nodes --all node-role.kubernetes.io/master-
#查看结果
kubectl get pods --all-namespaces
#添加 kubectl 命令自动补全
~/.bashrc添加下面内容
source <(kubectl completion bash)
#查看join命令
kubeadm token create --print-join-command
其他命令
以下命令可用于生成certificate-key:
kubeadm alpha certs certificate-key
以下命令可用于返回discovery-token-ca-cert-hash:
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
网友评论