最大的教训是:遇到问题先看一下视频,是不是跟自己操作的不一样,如果没发现问题,再去网上查询。
1、对master节点:系统初始化,包括修改主机名,配置yum源,安装依赖包,设置防火墙,关闭selinux,调整内核参数,升级内核等。
2、对master节点:部署K8s,包括配置kube-proxy,安装docker,配置docker镜像源,安装kubeadm,配置各个虚拟机的静态ip,
3、把master节点拷贝为node1和node2
初始化主节点,加入主节点以及其余节点,部署网络
其中遇到的问题是:初始化kubeadm
kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log
1、kubeadm在k8s.gcr.io网站中,但是网络长城拦截无法访问。
2、因此配置docker的代理,因为docker实际是demon进程在拉取,所以要配置docker的全局代理,之后再重启docker
#!/bin/bash cat >> /etc/systemd/system/docker.service.d/http-proxy.conf <<EOF [Service] Environment="HTTP_PROXY=http://192.168.1.8:1082" Environment="HTTPS_PROXY=http://192.168.1.8:1082" EOF systemctl daemon-reload systemctl restart docker
3、最后,即使代理配置成功了,但是网速太慢,还是从其他地方拷贝的镜像,再load进docker里面
参考 https://github.com/cookcodeblog/k8s-deploy/blob/master/kubeadm/04_pull_kubernetes_images_from_aliyun.sh
我的代码如下:
#!/bin/bash cd /root/kubeadm-basic.images for i in $( ls /root/kubeadm-basic.images ) do docker load -i $i done
4、初始化错误
此时需要删除镜像,参考:https://blog.csdn.net/lansye/article/details/79984077
#重置kubeadm
kubeadm reset
# 停止相关服务
systemctl stop docker kubelet etcd
#删除所有容器
docker rm -f $(sudo docker ps -qa)
5、初始化错误解决:查看日志
[root@k8s-master01 ~]# journalctl -xeu kubelet 6月 26 10:47:00 k8s-master01 kubelet[29773]: E0626 10:47:00.237357 29773 kubelet.go:2169] Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:d 6月 26 10:47:02 k8s-master01 kubelet[29773]: W0626 10:47:02.862214 29773 cni.go:213] Unable to update cni config: No networks found in /etc/cni/net.d
根据google搜索,是flannel没配置好。
参考:https://github.com/kubernetes/kubeadm/issues/292
https://blog.csdn.net/qq_34857250/article/details/82562514
根据网上的解决方案,没有解决,遇到问题如下:
[root@k8s-master01 ~]# kubectl apply -f kube-flannel.yaml unable to recognize "kube-flannel.yaml": Get http://localhost:8080/api?timeout=32s: dial tcp 127.0.0.1:8080: connect: connection refused unable to recognize "kube-flannel.yaml": Get http://localhost:8080/api?timeout=32s: dial tcp 127.0.0.1:8080: connect: connection refused
继续查找到这个帖子https://github.com/kubernetes/kubeadm/issues/1031
https://github.com/kubernetes/website/pull/16575/files
没法现问题。
最后升级为1.18.4,翻不过去,无法安装,降级会1.15.1时,发现了 kubernetes-cni-0.8.6这个依赖。
感觉这个依赖的版本可能有问题,查找原视频,发现视频里当时依赖的是kubernetes-cni-0.7.5,于是改为如下:
yum -y install kubeadm-1.15.1 kubectl-1.15.1 kubelet-1.15.1 kubernetes-cni-0.7.5
启动成功,打印如下:
Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.1.10:6443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:494d4e8d714a490d2dd160686b023fed4766b44289e30f1c5b2b20dde21a85bb
按照提示执行命令如下:
[root@k8s-master01 ~]# mkdir -p $HOME/.kube
[root@k8s-master01 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master01 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
[root@k8s-master01 ~]# export KUBECONFIG=$HOME/.kube/config
添加网络遇到错误:
[root@k8s-master01 ~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml The connection to the server raw.githubusercontent.com was refused - did you specify the right host or port?
解决如下:
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl create -f kube-flannel.yml
验证如下:
[root@k8s-master01 ~]# kubectl create -f kube-flannel.yml podsecuritypolicy.policy/psp.flannel.unprivileged created clusterrole.rbac.authorization.k8s.io/flannel created clusterrolebinding.rbac.authorization.k8s.io/flannel created serviceaccount/flannel created configmap/kube-flannel-cfg created daemonset.apps/kube-flannel-ds-amd64 created daemonset.apps/kube-flannel-ds-arm64 created daemonset.apps/kube-flannel-ds-arm created daemonset.apps/kube-flannel-ds-ppc64le created daemonset.apps/kube-flannel-ds-s390x created [root@k8s-master01 ~]# kubectl get pod -n kube-system NAME READY STATUS RESTARTS AGE coredns-5c98db65d4-czm6h 1/1 Running 0 5h19m coredns-5c98db65d4-wnwx5 1/1 Running 0 5h19m etcd-k8s-master01 1/1 Running 0 5h18m kube-apiserver-k8s-master01 1/1 Running 0 5h18m kube-controller-manager-k8s-master01 1/1 Running 0 5h18m kube-flannel-ds-amd64-b5xmn 1/1 Running 0 9m26s kube-proxy-xg8ch 1/1 Running 0 5h19m kube-scheduler-k8s-master01 1/1 Running 0 5h18m [root@k8s-master01 ~]# kubectl get node NAME STATUS ROLES AGE VERSION k8s-master01 Ready master 5h20m v1.15.1
在两个node节点分别执行
kubeadm join 192.168.1.10:6443 --token abcdef.0123456789abcdef \ --discovery-token-ca-cert-hash sha256:494d4e8d714a490d2dd160686b023fed4766b44289e30f1c5b2b20dde21a85bb
[root@k8s-node01 ~]# kubeadm join 192.168.1.10:6443 --token abcdef.0123456789abcdef \ > --discovery-token-ca-cert-hash sha256:494d4e8d714a490d2dd160686b023fed4766b44289e30f1c5b2b20dde21a85bb [preflight] Running pre-flight checks [WARNING SystemVerification]: this Docker version is not on the list of validated versions: 19.03.12. Latest validated version: 18.09 [preflight] Reading configuration from the cluster... [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml' [kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.15" ConfigMap in the kube-system namespace [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" [kubelet-start] Activating the kubelet service [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap... This node has joined the cluster: * Certificate signing request was sent to apiserver and a response was received. * The Kubelet was informed of the new secure connection details. Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
[root@k8s-master01 ~]# kubectl get node NAME STATUS ROLES AGE VERSION k8s-master01 Ready master 8h v1.15.1 k8s-node01 Ready120m v1.15.1 k8s-node02 Ready 120m v1.15.1