k8s 集群部署，单节点master

镜像配置

sudo mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak \
&& sudo wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo \
&& sudo wget -O /etc/yum.repos.d/docker-ce.repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo \
&& sudo yum makecache 

docker 安装, 数据放在数据盘

sudo yum install -y docker-ce \
&& sudo sed -i '18a ExecStartPost=/usr/sbin/iptables -P FORWARD ACCEPT' /usr/lib/systemd/system/docker.service \
&& sudo mkdir -p /etc/docker \
&& sudo sh -c 'echo {\"registry-mirrors\": [\"https://dockerhub.azk8s.cn\",\"https://docker.mirrors.ustc.edu.cn\",\"https://registry.docker-cn.com\"],\"data-root\": \"/data/docker\"} > /etc/docker/daemon.json' \
&& sudo systemctl enable docker \
&& sudo systemctl start docker \
&& sudo sudo groupadd -f docker \
&& sudo sudo gpasswd -a $USER docker \
&& newgrp docker

时钟同步服务

sudo yum install chrony -y \
&& sudo systemctl start chronyd.service \
&& sudo systemctl enable chronyd.service

关闭防火墙

sudo systemctl stop firewalld  \
&& sudo systemctl disable firewalld

关闭swap

sudo swapoff -a

ipvs路由, 关闭iptables防火墙

sudo systemctl stop iptables  \
&& sudo systemctl disable iptables \
&& sudo modprobe -- ip_vs \
&& sudo modprobe -- ip_vs_rr \
&& sudo modprobe -- ip_vs_wrr \
&& sudo modprobe -- ip_vs_sh \
&& sudo modprobe -- nf_conntrack_ipv4 \
&& sudo yum install -y ipvsadm

系统配置

sudo sh -c "echo net.bridge.bridge-nf-call-ip6tables=1 >> /etc/sysctl.conf" \
&& sudo sh -c "echo net.bridge.bridge-nf-call-iptables=1 >> /etc/sysctl.conf" \
&& sudo sh -c "echo net.bridge.bridge-nf-call-arptables=1 >> /etc/sysctl.conf" \
&& sudo sysctl -p  

准备kubenetes镜像源

sudo sh -c  'cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF' \
&& sudo yum makecache \
&& sudo yum install -y kubelet kubeadm kubectl

镜像拉取脚本

MIRROR=registry.cn-hangzhou.aliyuncs.com/google_containers;
for originName in `kubeadm config images list 2>/dev/null`; \
do \
mirrorName=`echo $originName | sed  s#k8s.gcr.io#${MIRROR}#g`; \
docker pull $mirrorName && docker tag $mirrorName $originName && docker rmi $mirrorName; \
done \
&& sudo sh -c 'echo KUBELET_EXTRA_ARGS=\"--fail-swap-on=false\" > /etc/sysconfig/kubelet'

# master 初始化
sudo kubeadm init --kubernetes-version=v1.15.3 --pod-network-cidr=10.244.0.0/16

master 配置可以使用kubectl访问

sudo sh -c 'echo export KUBECONFIG=/etc/kubernetes/admin.conf >> /etc/profile' \
&& sudo sh -c 'chmod +r /etc/kubernetes/admin.conf' \
&& sudo sh -c 'source'

master 下载 flannel 网络配置

wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml \
&& sed s#quay.io#quay.mirrors.ustc.edu.cn#g kube-flannel.yml \
&& kubectl apply -f kube-flannel.yml

master 等待节点ready

kubectl get node 

子节点加入master

sudo kubeadm join 172.20.20.141:6443 --token gb3rij.67hba2gfbja0e9du \
    --discovery-token-ca-cert-hash sha256:073bfeec10d0ce43419934e3c5f98460cbc552ef679ef13e248cb3200d532474