CentOS7部署K8s集群 一次成功
K8s+Istio+Golang = 微服务+服务网格+云原生
0x0. 环境准备
- OS version: CentOS 7+
- CPU Architecture: x86_64/amd64 arm64/aarch64
- K8s version: v1.20.15
- Docker version: 19.03.15
0x1. 安装依赖
yum install -y \
curl \
wget \
systemd \
bash-completion \
lrzsz
0x2. 安装前准备
- 安装防火墙
systemctl disable firewalld.service && systemctl stop firewalld.service
- 关闭selinux
setenforce 0 && sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
- 关闭swap分区
swapoff -a && sed -ri 's/.*swap.*/#&/' /etc/fstab
- 将桥接的IPV4流量传递到iptables 的链
cat >/etc/modules-load.d/k8s.conf <<EOF
br_netfilter
EOF
cat >/etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
- 同步时间
timedatectl set-timezone Asia/Shanghai && timedatectl set-local-rtc 0
systemctl restart rsyslog
systemctl restart crond
- 修改主机名
hostnamectl set-hostname k8s-master
- 修改hosts
cat >/etc/hosts <<EOF
xxx.xxx.xxx.xxx k8s-master
xxx.xxx.xxx.xxx k8s-node01
xxx.xxx.xxx.xxx k8s-node02
EOF
0x3. 安装Docker
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
yum install -y yum-utils
mkdir -p /etc/docker
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
cat >/etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"registry-mirrors":["https://hub-mirror.c.163.com","https://docker.mirrors.ustc.edu.cn","https://registry.docker-cn.com"]
}
EOF
yum makecache fast
yum install -y docker-ce-19.03.15 docker-ce-cli-19.03.15 containerd.io
systemctl daemon-reload && systemctl enable docker && systemctl restart docker
# 安装容器运行时
containerd config default >/etc/containerd/config.toml
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
systemctl enable containerd && systemctl restart containerd
0x4. 安装k8s
cat >/etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y --nogpgcheck kubelet-1.20.15 kubeadm-1.20.15 kubectl-1.20.15
systemctl enable kubelet && systemctl start kubelet
0x5. 运行k8s
mkdir -p /k8sdata/log/
kubeadm init \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.20.15 \
--pod-network-cidr=10.244.0.0/16 \
--service-cidr=10.96.0.0/12 \
--token-ttl 0 | tee /k8sdata/log/kubeadm-init.log
mkdir -p "$HOME"/.kube
cp -i /etc/kubernetes/admin.conf "$HOME"/.kube/config
chown "$(id -u)":"$(id -g)" "$HOME"/.kube/config
注意:如果是搭建的服务器是主节点,则服务器至少2核2G,如果没有达到该配置但是仍想安装,则可以在kubeadm init命令行中使用–ignore-preflight-errors=CpuNum即可忽略报错。
0x6. 安装网络系统
- flannel
mkdir -p /k8sdata/network/
wget --no-check-certificate -O /k8sdata/network/flannelkube-flannel.yml https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl create -f /k8sdata/network/flannelkube-flannel.yml
- calico
mkdir -p /k8sdata/network/
wget --no-check-certificate -O /k8sdata/network/flannelkube-flannel.yml https://docs.projectcalico.org/manifests/calico.yaml
kubectl create -f /k8sdata/network/flannelkube-flannel.yml
0x7. k8s命令行补全
! grep -q kubectl "$HOME/.bashrc" && echo "source <(kubectl completion bash)" >>"$HOME/.bashrc"
! grep -q kubeadm "$HOME/.bashrc" && echo "source <(kubeadm completion bash)" >>"$HOME/.bashrc"
source "$HOME/.bashrc"
0x8. 总结
按照本教程可以部署一个可以正常运行的k8s,但本文仍存在一些待优化的地方,如在部署或者使用过程中遇到问题会在本文进行补充。