1.关掉swap分区,注释掉
swapoff -a
vim /etc/fstab
#/dev/mapper/rhel-swap swap swap defaults 0 0
2.准备好安装包,复制到需要搭建服务的三个虚拟机
[root@foundation1 k8s-v1.15.0]# ls
cri-tools-1.13.0-0.x86_64.rpm kubelet-1.15.0-0.x86_64.rpm
kubeadm-1.15.0-0.x86_64.rpm kubernetes-cni-0.7.5-0.x86_64.rpm
kubectl-1.15.0-0.x86_64.rpm
在三个虚拟机安装软件包
[root@server1 k8s-v1.15.0]# ls
cri-tools-1.13.0-0.x86_64.rpm kubelet-1.15.0-0.x86_64.rpm
kubeadm-1.15.0-0.x86_64.rpm kubernetes-cni-0.7.5-0.x86_64.rpm
kubectl-1.15.0-0.x86_64.rpm
[root@server1 k8s-v1.15.0]# yum install *
3.在三台虚拟机导入镜像
[root@server1 k8s.tar]# ls
coredns.tar kube-apiserver.tar kube-proxy.tar pause.tar
etcd.tar kube-controller-manager.tar kube-scheduler.tar
[root@server1 k8s.tar]# for i in *.tar; do docker load -i $i ; done
4.在三个虚拟机修改火墙
[root@server1 ~]# vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
[root@server1 ~]# sysctl --system
[root@server1 sysctl.d]# scp k8s.conf server2:/etc/sysctl.d/
[root@server2 k8s.tar]# sysctl --system
[root@server1 sysctl.d]# scp k8s.conf server3:/etc/sysctl.d/
[root@server3 k8s.tar]# sysctl --system
4.开启kubelet,初始化
[root@server1 sysctl.d]# systemctl enable kubelet
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
[root@server1 sysctl.d]# systemctl start kubelet
初始化
[root@server1 sysctl.d]# kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=172.25.1.1
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown ( i d − u ) : (id -u): (id−u):(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run “kubectl apply -f [podnetwork].yaml” with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 172.25.1.1:6443 --token 7yaytr.jw57rie5ojqnlbgd
–discovery-token-ca-cert-hash sha256:3e588f04774cc035eee4bc6b118ca9b20b64a3049953594fd68b8bfc19790895
5.把server2和server3加入集群
[root@server3 k8s.tar]# kubeadm join 172.25.1.1:6443 --token 7yaytr.jw57rie5ojqnlbgd \
> --discovery-token-ca-cert-hash sha256:3e588f04774cc035eee4bc6b118ca9b20b64a3049953594fd68b8bfc19790895
[root@server2 k8s.tar]# kubeadm join 172.25.1.1:6443 --token 7yaytr.jw57rie5ojqnlbgd \
> --discovery-token-ca-cert-hash sha256:3e588f04774cc035eee4bc6b118ca9b20b64a3049953594fd68b8bfc19790895
6.修改
[root@server1 docker]# vim /etc/sudoers
90 ## Allow root to run any commands anywhere
91 root ALL=(ALL) ALL
92
93 kubeadm ALL=(ALL) NOPASSWD:ALL
7.建立一个用户
[root@server1 docker]# useradd kubeadm
[root@server1 ~]# su - kubeadm
[kubeadm@server1 ~]$ mkdir -p $HOME/.kube
[kubeadm@server1 ~]$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[kubeadm@server1 ~]$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
退出,重启,然后查看
[kubeadm@server1 ~]$ logout
[root@server1 ~]# systemctl restart kubelet
[root@server1 ~]# su - kubeadm
Last login: Fri Aug 9 11:42:19 CST 2019 on pts/1
[kubeadm@server1 ~]$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
server1 NotReady master 18m v1.15.0
server2 NotReady 9m5s v1.15.0
server3 NotReady 8m20s v1.15.0
下载需要的网络有关的包复制到server1 server2 server3
三台虚拟机导入这个包
[root@foundation1 ~]# scp flannel.tar kube-flannel.yml server1:
[root@foundation1 ~]# scp flannel.tar server2:
[root@foundation1 ~]# scp flannel.tar server3:
[root@server2 ~]# docker load -i flannel.tar
cd7100a72410: Loading layer 4.403MB/4.403MB
3b6c03b8ad66: Loading layer 4.385MB/4.385MB
93b0fa7f0802: Loading layer 158.2kB/158.2kB
4165b2148f36: Loading layer 36.33MB/36.33MB
b883fd48bb96: Loading layer 5.12kB/5.12kB
Loaded image: quay.io/coreos/flannel:v0.10.0-amd64
[root@server3 ~]# docker load -i flannel.tar
cd7100a72410: Loading layer 4.403MB/4.403MB
3b6c03b8ad66: Loading layer 4.385MB/4.385MB
93b0fa7f0802: Loading layer 158.2kB/158.2kB
4165b2148f36: Loading layer 36.33MB/36.33MB
b883fd48bb96: Loading layer 5.12kB/5.12kB
Loaded image: quay.io/coreos/flannel:v0.10.0-amd64
[root@server1 ~]# docker load -i flannel.tar
cd7100a72410: Loading layer 4.403MB/4.403MB
3b6c03b8ad66: Loading layer 4.385MB/4.385MB
93b0fa7f0802: Loading layer 158.2kB/158.2kB
4165b2148f36: Loading layer 36.33MB/36.33MB
b883fd48bb96: Loading layer 5.12kB/5.12kB
Loaded image: quay.io/coreos/flannel:v0.10.0-amd64
[root@server1 ~]# cp kube-flannel.yml /home/kubeadm/
[root@server1 ~]# su - kubeadm
[kubeadm@server1 ~]$ kubectl apply -f kube-flannel.yml
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.extensions/kube-flannel-ds-amd64 created
daemonset.extensions/kube-flannel-ds-arm64 created
daemonset.extensions/kube-flannel-ds-arm created
daemonset.extensions/kube-flannel-ds-ppc64le created
daemonset.extensions/kube-flannel-ds-s390x created
[kubeadm@server1 ~]$ echo “source < (kubectl completion bash)” >> .bashrc
[kubeadm@server1 ~]$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
server1 Ready master 161m v1.15.0
server2 Ready 151m v1.15.0
server3 Ready 151m v1.15.0
所有节点导入镜像
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk ‘{print $1}’)