Kubernetes 1.25.0 基于containerd的部署(rockylinux8.6)

1、环境说明(安装时配置IP及主机名)

序号 主机IP 主机名 系统 备注
1 192.168.3.114 master rockylinux8.6最小化安装 控制节点
2 192.168.3.115 node1 rockylinux8.6最小化安装 工作节点
3 192.168.3.116 node2 rockylinux8.6最小化安装 工作节点

2、关闭selinux,firewalld及swap分区(在三台设备上执行)

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
systemctl disable firewalld
swapoff -a
reboot

注:swapoff -a 为临时关闭swap分区。永久关闭swap分区,vi /etc/fstab  注释swap分区一行

3、修改/etc/hosts文件,增加如下三行(三台设备)

192.168.3.114  master
192.168.3.115  node1
192.168.3.116  node2

4、更改yum源为阿里云(三台设备执行)

sed -e 's|^mirrorlist=|#mirrorlist=|g' \
    -e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://mirrors.aliyun.com/rockylinux|g' \
    -i.bak \
    /etc/yum.repos.d/Rocky-*.repo

dnf makecache

5、配置命令补全及vim工具(三台设备执行)

dnf install -y wget bash-completion vim

6、配置免密登录(master上执行,可省)

ssh-keygen


ssh-copy-id node1
yes
ssh-copy-id node2
yes

7、配置时间同步(三台设备执行)

dnf install -y chrony

更改  /etc/chrony.conf  配置文件

将pool 2.pool.ntp.org iburst

改为

server ntp1.aliyun.com iburst
server ntp2.aliyun.com iburst
server ntp1.tencent.com iburst
server ntp2.tencent.com iburst

systemctl enable --now chronyd
chronyc sources
date

Kubernetes 1.25.0 基于containerd的部署(rockylinux8.6)_第1张图片

8、修改内核参数(三台设备上执行)

modprobe br_netfilter
lsmod | grep br_netfilter

cat > /etc/sysctl.d/k8s.conf <

 9、安装依整包及配置docker源、k8s源(三台设备执行)

dnf install -y yum-utils device-mapper-persistent-data lvm2 ipvsadm net-tools
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo

cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

dnf makecache

10、安装containerd(三台设备执行)

dnf install -y containerd

containerd config default > /etc/containerd/config.toml

更改配置文件

sed -i 's#SystemdCgroup = false#SystemdCgroup = true#g' /etc/containerd/config.toml
sed -i "s#k8s.gcr.io/pause#registry.cn-hangzhou.aliyuncs.com/google_containers/pause#g"  /etc/containerd/config.toml

配置镜像加速

sed -i '/registry.mirrors]/a\ \ \ \ \ \ \ \ [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]' /etc/containerd/config.toml
sed -i '/registry.mirrors."docker.io"]/a\ \ \ \ \ \ \ \ \ \ endpoint = ["https://0x3urqgf.mirror.aliyuncs.com"]' /etc/containerd/config.toml

启动containerd

systemctl enable --now containerd.service
systemctl status containerd.service

11、安装kubelet kubeadm kubectl

    在master设备上执行

dnf install  -y kubelet-1.25.0 kubeadm-1.25.0 kubectl-1.25.0
systemctl enable kubelet

    在node1及node2上执行

dnf install  -y kubelet-1.25.0 kubeadm-1.25.0
systemctl enable kubelet

12、初始化k8s集群(master节点上执行)

kubeadm config print init-defaults >  init-defaults.yaml

vim 修改文件    init-defaults.yaml

    12行
    advertiseAddress: 192.168.3.114

17行
    name: master

24行

   clusterName: mycluster

30行
    imageRepository: registry.aliyuncs.com/google_containers

增加及修改35行

  podSubnet: 10.1.0.0/16
  serviceSubnet: 10.10.0.0/16

文件最后加入
 ---
 kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
cgroupDriver: systemd

修改后的文件如下:

apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
  - system:bootstrappers:kubeadm:default-node-token
  token: abcdef.0123456789abcdef
  ttl: 24h0m0s
  usages:
  - signing
  - authentication
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: 192.168.3.114
  bindPort: 6443
nodeRegistration:
  criSocket: unix:///var/run/containerd/containerd.sock
  imagePullPolicy: IfNotPresent
  name: master
  taints: null
---
apiServer:
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: mycluster
controllerManager: {}
dns: {}
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: 1.25.0
networking:
  dnsDomain: cluster.local
  podSubnet: 10.1.0.0/16
  serviceSubnet: 10.10.0.0/16
scheduler: {}
---
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
cgroupDriver: systemd

初始化集群

kubeadm init --config init-defaults.yaml

Kubernetes 1.25.0 基于containerd的部署(rockylinux8.6)_第2张图片

 执行命令

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

k8s命令自动补全

source <(kubeadm completion bash)
echo "source <(kubeadm completion bash)" >> ~/.bashrc
source ~/.bashrc 

 13、工作节点加入集群

master节点上执行

kubeadm token create --print-join-command

              两台node节点上执行

kubeadm join 192.168.3.114:6443 --token os6ate.0vwis78qdzpnxj4g --discovery-token-ca-cert-hash sha256:869b4865adfd47368c4fe19ce7bf443bed4bef498beb4ddef71fecfdab2c8dc1 

 master节点上查看

kubectl get nodes

14、安装网络组件

kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

监控pod状态,待所有pod状态为running

kubectl get pods -n kube-system -w

 15、验证

kubectl get nodes
kubectl get componentstatuses
kubectl cluster-info
kubectl -n kube-system get pod

Kubernetes 1.25.0 基于containerd的部署(rockylinux8.6)_第3张图片

 16、测试

测试网络

kubectl run busybox --image busybox:1.28 --restart=Never --rm -it busybox -- sh

Kubernetes 1.25.0 基于containerd的部署(rockylinux8.6)_第4张图片

 测试Pod

vim  mypod.yaml

apiVersion: v1
kind: Pod
metadata:
  name: nginx
spec:
  containers:
  - name: nginx
    image: nginx:1.14.2
    ports:
    - containerPort: 80
kubectl get pods -o wide

curl 10.1.104.1

Kubernetes 1.25.0 基于containerd的部署(rockylinux8.6)_第5张图片

 

 

你可能感兴趣的:(kubernetes,运维,云计算)