Kubernetes集群部署，基于kubeadm的快速搭建k8s集群模式。

目录

前言

一，kubeadm简介

二，节点组件介绍

1，控制节点组件

2，工作节点组件

三，部署拓扑

四，开虚拟化支持，改主机名，配IP，配域名解析，配置免密登录

1，三台节点编辑此虚拟机设置—cpu—三个复选框全勾上

 2，改主机名

3，配IP地址

 4，配域名解析

5，配置免密登录

二，关交换分区，修改内核参数，关闭防火墙，关闭selinux，配置yum源

1，关交换分区

2，修改内核参数，开启数据包转发

3，关闭防火墙和禁止开机自启动

 4，关闭selinux，重启机器

5，配置阿里云yum源

 三，安装基础软件包，安装iptables

1，安装基础软件包

2，安装iptables，禁止开机自启动

 四，安装配置docker，配置docker加速，安装k8s软件包

1，安装docker

2，配置docker镜像加速

3，安装初始化k8s软件包

 五，初始化k8s集群

1，导入镜像包

2，使用kubeadm初始化k8s集群

3，添加工作节点

4，安装网络插件calico

---

前言

注意事项：这个博客所有搭建步骤基本都可以直接复制的，如果你IP和我的一样的话，不过还是不建议直接复制粘贴，毕竟是学习嘛，还有在部署时一定要注意节点不要搞错了，否则后边有些步骤是很难逆的。

一，kubeadm简介

kubeadm是官方提供部署k8s集群的工具，为开源项目，源码在github上，源码可以看到，可以再二次开发，快速搭建集群的一种方式，官方推荐，主要通过kubectl init 和kubectl join两个命令快速搭建k8s集群，并可以实现k8s集群的扩容。

kubeadm初始化时，所有组件都是通过pod的形式运行的，可通过监控任务实现故障自恢复功能

kubeadm是一种自动化搭建的工具，通过脚本的方式帮我们搭建集群，属于自动部署，简单易学，屏蔽了很多细节，虽快，但是组件自动安装，调用对每个模块感知较少，遇到问题很难排查。

适用于经常部署，或者对自动化要求较高的情况下使用。

二，节点组件介绍

1，控制节点组件

apiserver controller-manager scheduler kubelet etcd docker kube-proxy keepalived nginx calico

2，工作节点组件

kubelet kube-proxy docker calico coredns

三，部署拓扑

三个节点，单控制，双工作

使用centos 7.6版本

node1           192.168.100.30

master           192.168.100.40

Node2          192.168.100.50

四，开虚拟化支持，改主机名，配IP，配域名解析，配置免密登录

1，三台节点编辑此虚拟机设置—cpu—三个复选框全勾上

 2，改主机名

master:

hostnamectl set-hostname master && bash

node1:

hostnamectl set-hostname node1 && bash

node2:

hostnamectl set-hostname node2 && bash

3，配IP地址

master:

vim /etc/sysconfig/network-scripts/ifcfg-ens33

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=9b050f16-c845-4870-bdd5-f2b26e65ea65
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.40
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
DNS1=114.114.114.114

systemctl restart network
ip a
ping www.baidu.com

node1:

vim /etc/sysconfig/network-scripts/ifcfg-ens33

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=9b050f16-c845-4870-bdd5-f2b26e65ea65
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.30
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
DNS1=114.114.114.114

systemctl restart network
ip a
ping www.baidu.com

 node2:

vim /etc/sysconfig/network-scripts/ifcfg-ens33

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=9b050f16-c845-4870-bdd5-f2b26e65ea65
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.50
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
DNS1=114.114.114.114

systemctl restart network
ip a
ping www.baidu.com

 4，配域名解析

master:

vim /etc/hosts

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1        localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.30 node1
192.168.100.40 master
192.168.100.50 node2

scp /etc/hosts [email protected]:/etc/hosts
scp /etc/hosts [email protected]:/etc/hosts
ping node1

5，配置免密登录

master:

ssh-keygen

ssh-copy-id master
ssh-copy-id node1
ssh-copy-id node2

node1:

ssh-keygen

ssh-copy-id master
ssh-copy-id node1
ssh-copy-id node2

node2:

ssh-keygen

ssh-copy-id master
ssh-copy-id node1
ssh-copy-id node2

二，关交换分区，修改内核参数，关闭防火墙，关闭selinux，配置yum源

1，关交换分区

master:

vim /etc/fstab

#
# /etc/fstab
# Created by anaconda on Wed Jan  5 19:24:01 2022
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=2ee72c81-de7c-40bb-a058-0c08a718c73c /boot                   xfs     defaults        0 0
/dev/mapper/centos-home /home                   xfs     defaults        0 0
#/dev/mapper/centos-swap swap                    swap    defaults        0 0

scp /etc/fstab [email protected]:/etc/fstab
scp /etc/fstab [email protected]:/etc/fstab

2，修改内核参数，开启数据包转发

master:

modprobe br_netfilter
lsmod | grep br_netfilter

vim /etc/sysctl.d/k8s.conf

net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1

sysctl -p /etc/sysctl.d/k8s.conf
scp /etc/sysctl.d/k8s.conf [email protected]:/etc/sysctl.d/k8s.conf
scp /etc/sysctl.d/k8s.conf [email protected]:/etc/sysctl.d/k8s.conf

node1:

sysctl -p /etc/sysctl.d/k8s.conf

node2:

sysctl -p /etc/sysctl.d/k8s.conf

3，关闭防火墙和禁止开机自启动

master:

systemctl stop firewalld && systemctl disable firewalld
systemctl status firewalld

node1:

systemctl stop firewalld && systemctl disable firewalld
systemctl status firewalld

node2:

systemctl stop firewalld && systemctl disable firewalld
systemctl status firewalld

 4，关闭selinux，重启机器

master：

vim /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted 

scp /etc/selinux/config [email protected]:/etc/selinux/config
scp /etc/selinux/config [email protected]:/etc/selinux/config
init 6

node1:

init 6

node2:

init 6

5，配置阿里云yum源

master：

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup

wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum makecache
yum makecache fast
service docker start

cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet-1.20.6 kubeadm-1.20.6 kubectl-1.20.6
systemctl enable kubelet && systemctl start kubelet

yum -y install ntpdate
ntpdate cn.pool.ntp.org

node1：

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup

wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum makecache
yum makecache fast
service docker start

cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet-1.20.6 kubeadm-1.20.6 kubectl-1.20.6
systemctl enable kubelet && systemctl start kubelet

yum -y install ntpdate
ntpdate cn.pool.ntp.org

node2：

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup

wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum makecache
yum makecache fast
service docker start

cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

yum -y install ntpdate
ntpdate cn.pool.ntp.org

 三，安装基础软件包，安装iptables

1，安装基础软件包

maser：

yum install -y yum-utils device-mapper-persistent-data lvm2 wget net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release openssh-server socat ipvsadm conntrack ntpdate telnet ipvsadm

node1：

yum install -y yum-utils device-mapper-persistent-data lvm2 wget net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release openssh-server socat ipvsadm conntrack ntpdate telnet ipvsadm

node2：

yum install -y yum-utils device-mapper-persistent-data lvm2 wget net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release openssh-server socat ipvsadm conntrack ntpdate telnet ipvsadm

2，安装iptables，禁止开机自启动

master：

yum -y install iptables-services
systemctl stop iptables && ststemctl disable iptables

node1：

yum -y install iptables-services
systemctl stop iptables && ststemctl disable iptables

node2：

yum -y install iptables-services
systemctl stop iptables && ststemctl disable iptables

 四，安装配置docker，配置docker加速，安装k8s软件包

1，安装docker

master：

yum -y install docker-ce docker-ce-cli containerd.io
systemctl restart docker && systemctl enable docker && systemctl status docker

node1：

yum -y install docker-ce docker-ce-cli containerd.io
systemctl restart docker && systemctl enable docker && systemctl status docker

node2:

yum -y install docker-ce docker-ce-cli containerd.io
systemctl restart docker && systemctl enable docker && systemctl status docker

2，配置docker镜像加速

master：

vim /etc/docker/daemon.json

{
		 “registry-mirrors”:[“https://rsbud4vc.mirror.aliyuncs.com”],
		 “exec-opts”: [“native.cgroupdriver=systemd”]
}

systemctl daemon-reload && systemctl restart docker
scp /etc/docker/daemon.json [email protected]:/etc/docker/daemon.json
scp /etc/docker/daemon.json [email protected]:/etc/docker/daemon.json

node1:

systemctl daemon-reload && systemctl restart docker

node2:

systemctl daemon-reload && systemctl restart docker

3，安装初始化k8s软件包

master：

yum install -y kubelet-1.20.6 kubeadm-1.20.6 kubectl-1.20.6
systemctl enable kubelet && systemctl start kubelet

node1：

yum install -y kubelet-1.20.6 kubeadm-1.20.6 kubectl-1.20.6
systemctl enable kubelet && systemctl start kubelet

node2：

yum install -y kubelet-1.20.6 kubeadm-1.20.6 kubectl-1.20.6
systemctl enable kubelet && systemctl start kubelet

 五，初始化k8s集群

1，导入镜像包

链接：https://pan.baidu.com/s/1RiXNhjWrq41VoqA60ARM4A?pwd=wqdj

提取码：wqdj

将k8simage.tar.gz上传到三个节点

master：

docker load -I k8simage.tar.gz

node1：

docker load -I k8simage.tar.gz

node2：

docker load -I k8simage.tar.gz

2，使用kubeadm初始化k8s集群

master：

kubeadm init --kubernetes-version=1.20.6 --apiserveradvertise-address=192.168.100.40 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.220.0.0/16 --ignore-preflight-errors=SystemVerification
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config.
kubeadm token create --print-join-command

3，添加工作节点

node1：

复制join命令，执行

node2：

复制join命令，执行

master：

看到如下情况为正确
[root@master manifests]# kubectl get nodes
NAME     STATUS     ROLES                  AGE   VERSION
master   NotReady   control-plane,master   25m   v1.20.6
node1    NotReady                    20s   v1.20.6
node2    NotReady                    14s   v1.20.6

4，安装网络插件calico

链接：https://pan.baidu.com/s/1RiXNhjWrq41VoqA60ARM4A?pwd=wqdj

提取码：wqdj

导入calico.yaml

master：

kubectl apply -f calico.yaml

看到如下为成功
[root@master manifests]# kubectl get nodes
NAME     STATUS     ROLES                  AGE   VERSION
master   Ready   control-plane,master   25m   v1.20.6
node1    Ready                    20s   v1.20.6
node2    Ready                    14s   v1.20.6

至此，基于kubeadm的快速部署k8s集群完成。感谢大家阅读，欢迎学习，转发，评论。