VmWare采用工具kubeadm 快速k8s集群部署

1. 安装Docker 环境

# 安装下载工具
yum -y install wget
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
# 安装这个版本的docker-ce
yum -y install docker-ce-18.06.1.ce-3.el7
# 启动docker
systemctl enable docker && systemctl start docker
# 配置docker 阿里云yum软件源
cat > /etc/docker/daemon.json << EOF
{
  "registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"]
}
EOF

2. 安装kubeadm，kubelet和kubectl

# 安装
yum install -y kubelet-1.17.5 kubeadm-1.17.5 kubectl-1.17.5
# 增加配置信息 如果不配置kubelet，可能会导致K8S集群无法启动。为实现docker使用的cgroupdriver与 
# kubelet 使用的cgroup的一致性。
vi /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--cgroup-driver=systemd"
# 设置开机启动
systemctl enable kubelet

3. 部署Kubernetes Master

kubeadm init \
  --apiserver-advertise-address=192.168.17.4 \
  --image-repository registry.aliyuncs.com/google_containers \
  --kubernetes-version v1.17.5 \
  --service-cidr=10.96.0.0/12 \
  --pod-network-cidr=10.244.0.0/16

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
$ kubectl get nodes

此时需注意Kubelet 和 Kubeadm 版本不一样的，这里指定的版本是 kubernetes-version v1.17.5，不一致会出现错误：

[ERROR KubeletVersion]: the kubelet version is higher than the control plane version. This is not a supported version skew and may lead to a malfunctional clusterhttps://www.cnblogs.com/wangzy-Zj/p/13274095.html

4. 加入Kubernetes Node 

分别在node节点服务器上执行初始化日志中的代码加入集群

kubeadm join 192.168.17.4:6443 --token ux02vm.wmb11j15of538nzp     --discovery-token-ca-cert-hash sha256:e97661bf45e0554820175cb5d7236dcc5b287b0a61050655f590ea5d8901f055

执行过程中可能会出现错误：

 [ERROR FileContent—proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables contents are not set to 1
[preflight] If you know what you are doing, you can make a check non-fatal with --ignore-preflight-errors=…
To see the stack trace of this error execute with —v=5 or higher

 可以执行如下命令

echo "1" >/proc/sys/net/bridge/bridge-nf-call-iptables

默认token有效期为24小时，当过期之后，该token就不可用了。这时就需要重新创建token，操作如下：

kubeadm token create --print-join-command

如果在加入的时候出错了，而且端口号又被占用了例如：

[preflight] Running pre-flight checks.
    [WARNING SystemVerification]: docker version is greater than the most recently validated version. Docker version: 17.12.1-ce. Max validated version: 17.03
    [WARNING FileExisting-crictl]: crictl not found in system path
[preflight] Some fatal errors occurred:
    [ERROR Port-10250]: Port 10250 is in use
    [ERROR FileAvailable--etc-kubernetes-pki-ca.crt]: /etc/kubernetes/pki/ca.crt already exists
    [ERROR FileAvailable--etc-kubernetes-kubelet.conf]: /etc/kubernetes/kubelet.conf already exists

可以执行重新初始化节点配置：

kubeadm reset

再次执行加入主节点：

kubeadm join 192.168.17.4:6443 --token ux02vm.wmb11j15of538nzp     --discovery-token-ca-cert-hash sha256:e97661bf45e0554820175cb5d7236dcc5b287b0a61050655f590ea5d8901f055

还有在运行过程中的一些问题：一起汇总到这里

The connection to the server localhost:8080 was refused - did you specify the right host or port?

node节点运行kubeadm join后master节点运行kubectl get node不显示node节点

k8s集群部分常见问题处理