centos安装k8s集群
一、集群方式
机器配置:centos 4.4内核以上,cpu大于1核
1.主机配置
| 配置 |
规格 |
| 内存配置 |
2G |
| CPU配置 |
2核 |
| 系统版本 |
Centos7.7 |
| kubelet版本 |
1.5.1 |
| docker版本 |
18.06.3-ce |
2.节点安装:2master +2node 1个harbor镜像仓库
| IP |
Hostname |
Role |
| 10.10.1.1 |
k8smaster01 |
master |
| 10.10.1.2 |
k8smaster02 |
master |
| 10.10.1.3 |
k8snode01 |
slave |
| 10.10.1.4 |
K8snode02 |
slave |
安装方式:kuberdm方式安装
二、机器初始配置
1.安装依赖包
yum install -y conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget vim net-tools git
2.host名字设置
vim /etc/hosts
10.10.1.1 k8smaster01
10.10.1.2 k8smaster02
10.1.1.3 k8snode01
10.1.1.4 k8snode02
3.设置防火墙为Iptables并设置空规则
systemctl stop firewalld && systemctl disable firewalld
yum -y install iptables-services && systemctl start iptables && systemctl enable iptables && iptables -F && service iptables save
4.关闭SELINUX
swapoff -a && sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab //取消开机挂载swap
setenforce 0 && sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
5.对k8s调整内核参数
cat > kubernets.conf <
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
net.ipv4.tcp_tw_recycle=0
vm.swappiness=0
vm.overcommit_memory=1
fs.inotify.max_user_instances=8192
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720
EOF
cp kubernets.conf /etc/sysctl.d/kubernetes.conf
sysctl -p /etc/sysctl.d/kubernetes.conf
6.调整系统时区
#设置系统时区为 中国/上海
timedatectl set-timezone Asia/Shanghai
#将当前的UTC时间写入硬件时钟
timedatectl set-local-rtc 0
#重启依赖于系统时间的服务
systemctl restart rsyslog
systemctl restart crond
7.关闭系统不需要服务
systemctl stop postfix && systemctl disable postfix
三、安装相关软件
1.Kube-proxy开启ipvs的前置条件
cat > /etc/sysconfig/modules/ipvs.modules <
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
2.安装docker
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache fast
yum install docker-ce-18.06.3.ce-3.el7
#创建 /etc/docker目录
mkdir /etc/docker
#配置daemon
cat > /etc/docker/daemon.json<
{
"exec-opts":["native.cgroupdriver=systemd"],
"log-driver":"json-file",
"log-opts": {"max-size":"500m", "max-file":"3"}
}
EOF
mkdir -p /etc/systemd/system/docker.service.d
#重启docker服务
systemctl daemon-reload && systemctl restart docker && systemctl enable docker
#添加用户组
groupadd docker
usermod -aG docker ${USER}
systemctl restart docker
3.安装kubeadm
设置阿里源
cat <
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernets/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
安装
yum -y install kubeadm-1.15.1 kubectl-1.15.1 kubelet-1.15.1
systemctl enable kubelet.service
4.初始化主节点
kubeadm config print init-defaults > kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: v1.15.1
apiServer:
certSANs: #填写所有kube-apiserver节点的hostname、IP、VIP
- master01
- master02
- node01
- node02
- 10.10.1.1
- 10.10.1.2
- 10.10.1.3
- 10.10.1.4
controlPlaneEndpoint: "10.10.1.1:6443"
networking:
podSubnet: "172.244.0.0/16"
kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log
若部署失败执行如下指令恢复重新部署
kubeadm reset
ifconfig cnio down
ip link delete cnio
ifconfig flannel.1 down
ip link delete flannel.1
rm -rf /var/lib/cni
5.加入其余节点到主节点
master加入:根据log信息
work加入:根据log信息
6.部署网络
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kub-flannel.yml
四、安装dashboard
1.安装helm
tar -zxvf helm-v2.11.0-linux-amd64.tar.gz
mv linux-amd64/helm usr/local/bin/helm
2.安装helm服务端tiller
kubectl create -f rbac-config.yaml
helm init --service-account tiller --skip-refresh
3.安装dashboard
helm install stable/kubernetes-dashboard \
-n kubernetes-dashboard \
--namespace kube-system\
-f kubernetes-dashboard.yaml
设置外网访问端口模式:
kubectl edit service kubernetes-dasshboard --namespace=kube-system
type为NodePort
查看dashboard访问token,使用token登录
kubectl describe secret kubernetes-dashboard-token --namespace=kube-system