一、设置主机名并在 hosts 文件中添加条目
1、登录节点使用 hostnamectl 命令设置 hostname
#在master中: 172.18.10.11
$ sudo hostnamectl set-hostname "k8s-master"
#在work1节点中: 172.18.10.12
$ sudo hostnamectl set-hostname "k8s-worker1"
#在work2节点中: 172.18.10.13
$ sudo hostnamectl set-hostname "k8s-worker2"
$ exec bash
2、在每个节点上的 /etc/hosts 文件中添加以下内容
sudo vi /etc/hosts
172.18.10.11 k8s-master
172.18.10.12 k8s-worker1
172.18.10.13 k8s-worker2
二、 禁用 swap & 添加内核设置
1、在所有节点上,执行下面的 swapoff 和sed命令禁用交换功能
$ sudo vi /etc/fstab
#关闭后记得重启虚拟机
2、在所有节点上加载以下内核模块
$ sudo tee /etc/modules-load.d/containerd.conf < overlay br_netfilter EOF $ sudo modprobe overlay $ sudo modprobe br_netfilter 3、为 Kubernetes 设置以下内核参数,运行如下的tee命令 $ sudo tee /etc/sysctl.d/kubernetes.conf < net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 EOF #重新加载上述更改,运行 $ sudo sysctl --system 三、所有节点安装 containerd 容器运行时 1、安装容器运行时依赖项 $ sudo apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates 启用 docker 存储库 $ sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/docker.gpg $ sudo add-apt-repository "deb [arch=amd64] Index of linux/ubuntu/ $(lsb_release -cs) stable" 3、安装 containerd $ sudo apt update $ sudo apt install -y containerd.io 4、配置 containerd 使它使用 systemd 作为 cgroup $ containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1 $ sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml 5、将镜像地址换为阿里云地址,否者在初始化时无法拉取到镜像 $ sudo sed -i "s#registry.k8s.io/pause#registry.aliyuncs.com/google_containers/pause#g" /etc/containerd/config.toml 6、重启并启用 containerd 服务 $ sudo systemctl daemon-reload $ sudo systemctl restart containerd $ sudo systemctl enable containerd 1、下载 Google Cloud 公开签名秘钥 $ sudo curl -fsSLo /etc/apt/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg 此操作需要看脸,若脸黑出现以下报错 curl: (28) Failed to connect to packages.cloud.google.com port 443 after 129625 ms: 连接超时 需手动下载https://packages.cloud.google.com/apt/doc/apt-key.gpg,将下载后的apt-key.gpg复制到/usr/share/keyrings/kubernetes-archive-keyring.gpg文件下: $ sudo cp /home/lin/apt-key.gpg /usr/share/keyrings/kubernetes-archive-keyring.gpg 2、添加 Kubernetes apt仓库 $ echo "deb [signed-by=/etc/apt/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list 1、更新索引 $ sudo apt-get update $ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys xxxxxx(缺少的公钥) #公钥位置如上图标红,则命令应为 $ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys B53DC80D13EDEF05 继续sudo apt-get update更新索引报一样错误 原因是该镜像官网地址是国外的,国内访问不了,需要换源 $ sudo echo "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list 继续sudo apt-get update更新索引 2、在所有节点上安装 kubectl,kubelet,Kubeadm并锁定其版本 $ sudo apt-get install -y kubelet kubeadm kubectl $ sudo apt-mark hold kubelet kubeadm kubectl worker节点报错 $ sudo echo "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list $ sudo apt-get update报错 $ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys B53DC80D13EDEF05 $ sudo apt-get install -y kubelet kubeadm kubectl $ sudo apt-mark hold kubelet kubeadm kubectl 六、初始化 Kubernetes 集群 $ sudo vi /etc/containerd/config.toml $ sudo systemctl daemon-reload $ sudo systemctl restart containerd $ sudo systemctl enable containerd 1、在主节点上运行以下命令初始化 #–apiserver-advertise-address=172.18.10.11 为Master的IP #–image-repository registry.aliyuncs.com/google_containers 指定镜像仓库,如果不指定默认是k8s.gcr.io $ sudo kubeadm init \ --image-repository registry.aliyuncs.com/google_containers \ --apiserver-advertise-address=172.18.10.11 \ --kubernetes-version v1.27.1 \ --pod-network-cidr=10.244.0.0/16 \ --v=5 输出以下内容表示初始化成功,同时还得到了一组与集群交互的命令,以及工作节点加入集群的命令 Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: #集群交互命令 mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config Alternatively, if you are the root user, you can run: export KUBECONFIG=/etc/kubernetes/admin.conf You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: Installing Addons | Kubernetes Then you can join any number of worker nodes by running the following on each as root: #工作节点加入集群的命令 kubeadm join k8s-master:6443 --token 04bkvu.6yc4clf05z009t1b --discovery-token-ca-cert-hash sha256:088e804bb2658add7bfd6f6620beb0f6df5307c3371a7d623f8563b5ac30347d 注意:若在此之前对集群进行过初始化或加入节点操作,应通过kubeadm reset命令还原通过 ‘kubeadm init’ 或者 ‘kubeadm join’ 操作对主机所作的更改再重新进行初始化 kubeadm reset --cert-dir string #--cert-dir string 存储证书的目录路径。如果已指定,则需要清空此目录。默认值:"/etc/kubernetes/pki";初始化集群过应加此参数 参数 作用 –cert-dir string 清空存储证书的目录路径 –cleanup-tmp-dir 清理 “/etc/kubernetes/tmp” 目录 –cri-socket string 要连接的 CRI 套接字的路径 –dry-run 不做任何更改 -f, --force 在不提示确认的情况下重置节点 –kubeconfig string 与集群通信时使用的 kubeconfig ,文件默认值:"/etc/kubernetes/admin.conf" 2、在主节点输入集群交互命令$ mkdir -p $HOME/.kube $ mkdir -p $HOME/.kube $ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config $ sudo chown $(id -u):$(id -g) $HOME/.kube/config 3、工作节点加入集群 在工作节点输入加入集群命令,在初始化成功输出内容中寻找 $ sudo kubeadm join k8s-master:6443 --token 04bkvu.6yc4clf05z009t1b \ --discovery-token-ca-cert-hash sha256:088e804bb2658add7bfd6f6620beb0f6df5307c3371a7d623f8563b5ac30347d 添加节点2成功加入输出以下内容 在主节点查看节点状态 $ kubectl get nodes 4、在主节点安装flannel网络插件(CNI) $ curl -O https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml $ kubectl apply -f kube-flannel.yml 部署好网络插件之后此时再次查看节点可以看到状态变成了ready $ kubectl get pod -A四、添加 Kubernetes apt 存储库
五、安装Kubectl, kubeadm 和 kubelet