Kubeadm部署k8s单点master
1、环境准备:
| 主机名 | IP | 说明 | 宿主机系统 |
|---|---|---|---|
| master | 10.0.0.17 | Kubernetes集群的master节点 | CentOS 7.9 |
| node1 | 10.0.0.27 | Kubernetes集群的node节点 | CentOS 7.9 |
# 所有master和node节点执行: # 关闭防火墙、iptables和selinux systemctl stop firewalld && systemctl disable firewalld setenforce 0 sed -i 's/enforcing/disabled/' /etc/selinux/config # 禁用swap vim /etc/fstab swapoff -a # 主机名互相解析 hostnamectl set-hostname master vim /etc/hosts 10.0.0.27 node 10.0.0.17 master # 时间同步 yum install -y chrony systemctl enable --now chronyd # 添加网桥过滤和地址转发功能 yum install -y bridge-utils modprobe br_netfilter cat > /etc/sysctl.d/kubernetes.conf <<EOF net.bridge.bridge-nf-call-arptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 user.max_user_namespaces=28633 EOF sysctl -p /etc/sysctl.d/kubernetes.conf
2、安装docker
# 所有节点执行:
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install docker-ce
# 配置镜像加速器、使用 systemd 来管理容器的 cgroup
mkdir -p /etc/docker
cat <<EOF > /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"experimental": false,
"debug": false,
"max-concurrent-downloads": 10,
"registry-mirrors": ["https://pgavrk5n.mirror.aliyuncs.com"]
}
EOF
systemctl enable docker && systemctl start docker && systemctl status docker3、切换k8s国内源
# 所有节点执行: cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF yum install -y kubelet-1.23.0 kubeadm-1.23.0 kubectl-1.23.0
4、安装指定版本kubeadm、kubelet、kubectl
# 所有节点执行: # 建议不要安装最新版本,因为最新版本很多组件不兼容,造成安装报错。 yum install -y kubelet-1.23.0 kubeadm-1.23.0 kubectl-1.23.0 # 设置kubelet开机启动 systemctl enable kubelet
5、初始化K8S
# master节点: kubeadm init --apiserver-advertise-address=10.0.0.17 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.23.0 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=all # 说明: –apiserver-advertise-address #集群通告地址(master机器IP) –image-repository #由于默认拉取镜像地址k8s.gcr.io国内无法访问,这里指定阿里云镜像仓库地址 –kubernetes-version #K8s版本,与上面安装的一致 –service-cidr #集群内部虚拟网络,Pod统一访问入口 –pod-network-cidr #Pod网络,与下面部署的CNI网络组件yaml中保持一致
# master节点执行: # 创建必要文件 mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
6、node节点加入集群
# 所有node节点执行: # 执行初始化生成的join 命令: kubeadm join 10.0.0.17:6443 --token fnpbrc.e5s4jqrx8na4cpo9 \ --discovery-token-ca-cert-hash sha256:5ecaba93c59504941137c963584e81643c6b50ecda6c2c1f4a4f60ca8cd9a7a0 # 提示"kubectl get nodes",表示加入集群成功,可在master节点使用此命令查看node信息 # 如果忘记或者token过期(默认有效期24小时)需要执行以下命令: kubeadm token create --print-join-command
7、部署网络
# master节点执行: # 下载calico YAML文件 wget https://docs.projectcalico.org/manifests/calico.yaml #修改Pod网络(CALICO_IPV4POOL_CIDR),与前面kubeadm init的–pod-network-cidr指定的一样(大概4551行左右) vim calico.yaml ...... # no effect. This should fall within `--cluster-cidr`. - name: CALICO_IPV4POOL_CIDR #取消注释 value: "10.244.0.0/16" #取消注释,修改为初始化–pod-network-cidr指定的地址 # Disable file logging so `kubectl logs` works. ...... kubectl apply -f calico.yaml # 稍等片刻,查看节点状态: [root@master ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION master Ready control-plane,master 49m v1.23.0 node Ready <none> 14m v1.23.0 # 查看通信状态 kubectl get pods -n kube-system
8、部署nginx测试
#创建一个yaml文件 [root@master ~]# vim nginx.yml apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment labels: app: nginx rel: stable spec: replicas: 3 selector: matchLabels: app: nginx rel: stable template: metadata: labels: app: nginx rel: stable spec: containers: - name: nginx image: nginx [root@master ~]# kubectl apply -f nginx.yml
#再创建一个yaml文件: [root@master ~]# vim nginx-service.yml apiVersion: v1 kind: Service metadata: name: nginx-service spec: selector: app: nginx type: NodePort ports: - protocol: TCP port: 80 targetPort: 80 [root@master ~]# kubectl apply -f nginx-service.yml
#查看服务 (Running说明启动成功) [root@master ~]# kubectl get pod,svc NAME READY STATUS RESTARTS AGE pod/nginx-deployment-749d94b5db-64lm7 1/1 Running 0 8m20s pod/nginx-deployment-749d94b5db-j522z 1/1 Running 0 8m20s pod/nginx-deployment-749d94b5db-jjwjr 1/1 Running 0 8m20s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 63m service/nginx-service NodePort 10.98.54.199 <none> 80:32378/TCP 4m35s
# 浏览器打开10.0.0.17:32378就可以看到nginx页面了(端口32378是上边命令查询出来的)
标签:
留言评论