1 基础环境配置
systemctl stop firewalld # 关闭防火墙
systemctl disable firewalld # 开机禁用防火墙
sed -i 's/enforcing/disabled/' /etc/selinux/config # 关闭selinux
setenforce 0 # 临时关闭selinux
swapoff -a # 临时关闭swap(k8s禁止虚拟内存以提高性能)
sed -ri 's/.*swap.*/#&/' /etc/fstab # 永久关闭swap
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo # 更新yum资源
yum install ntpdate -y ntpdate time.windows.com
2 master添加hosts
查看本机ip
ip a
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 52:54:00:2b:83:f6 brd ff:ff:ff:ff:ff:ff
inet 10.0.4.13/22 brd 10.0.7.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe2b:83f6/64 scope link
编辑hosts
cat >> /etc/hosts << EOF
10.0.4.13 k8smater
EOF
3 设置网桥参数
每个机器都加,将桥接的IPV4流量传递到iptables的链
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
设置系统生效
sysctl --system
5 安装docker
curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
修改配置
vim /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-file": "3",
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"registry-mirrors": ["https://www.docker-cn.com"]
}
systemctl start docker.service # 启动 docker
systemctl status docker.service # 查看启动状态
systemctl enable docker.service # 开机设置启动
6 安装 keubeadm kebelet 和 keubctl
添加yum
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
安装
yum install -y kubelet-1.23.1 kubeadm-1.23.1 kubectl-1.23.1
systemctl enable kubelet.service # 开启启动
7 部署服务
kubeadm reset # 重置节点
kubeadm init \
--apiserver-advertise-address=10.0.4.13 \ # 内网地址
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.23.1 \
--service-cidr=10.1.0.0/16 \
--pod-network-cidr=10.244.0.0/16
启动次成功输出
正常输出:
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.0.4.13:6443 --token on4xnv.d7hsx0q1kcs3xkjc \
--discovery-token-ca-cert-hash sha256:f098e61728a0064e213ef10a22b4463a452d1491795295335f6b7e09cf1cd3f0
若异常,使用命令查看状态及详细异常信息
systemctl status kubelet # 运行状态
journalctl -xefu kubelet # 异常详细信息
配置 kube
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
允许master部署节点
kubectl taint nodes vm-4-3-centos node-role.kubernetes.io/master-
node节点配置
向集群添加新节点,执行 kubeadmin init 之后执行kuneadmin join 命令
kubeadm join 10.0.4.3:6443 --token 4j4bqj.0dt7upnzst88gc6p \
--discovery-token-ca-cert-hash sha256:d44a020baa88fa5430c2f2828613a17009fc891a0b573eb0ae0180bfa10595ec
8 部署nginx
创建 nginx deployment
kubectl create deployment nginx --image=nginx
创建 nginx service
target-port:内部端口 容器服务访问
port:外部端口 服务器内部访问
kubectl expose deployment nginx --port=80 --target-port=80 --type=NodePort
输出
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx NodePort 10.1.226.251 <none> 80:30860/TCP 64s
10.1.226.251:80 容器地址 内部访问
127.0.0.1:30860 服务器地址 外部访问
网友评论