centos7基于containerd部署搭建k8s集群完整步骤保姆级文档

基础环境

Centos7

Containerd

10.0.0.20    Master1

10.0.0.21    Node01

10.0.0.22    Ndoe02

10.0.0.23    Node03

下面开始在所有主机上进行操作

#下面开始在所有主机上进行操作
[root@k8s-master01~]#vim /etc/hosts               设置主机名解析
10.0.0.20 master
10.0.0.21 node01
10.0.0.22 node02
10.0.0.23 node03

不会使用vim的可以这种方式

cat > /etc/hosts << EOF
10.0.0.20 master
10.0.0.21 node01
10.0.0.22 node02
10.0.0.23 node03
EOF	

关闭防火墙

systemctl stop firewalld && systemctl disable firewalld && systemctl status firewalld              

 

时间同步

[root@k8s-master01~]#yum -y install ntp            
[root@k8s-master01~]#systemctl enable chronyd
[root@k8s-master01~]#systemctl start chronyd
[root@k8s-master01~]#chronyc sources

禁用swap分区

swapoff -a && sed -ri 's/.*swap.*/#&/' /etc/fstab

关闭selinux

sed -i 's/enforcing/disabled/' /etc/selinux/config && setenforce 0

安装常用工具包,也可以后面有需要时候在安装

[root@k8s-master01~]#yum install -y yum-utils zlib zlib-devel openssl openssl-devel net-tools vim wget lsof unzip zip bind-utils lrzsz telnet ipset ipvsadm

创建ipvs文件，节点重启后能自动加载所需模块

cat > /etc/sysconfig/modules/ipvs.modules <  #!/bin/bash
> modprobe -- ip_vs
> modprobe -- ip_vs_rr
> modprobe -- ip_vs_wrr
> modprobe -- ip_vs_sh
> modprobe -- nf_conntrack_ipv4
> EOF

查看是否已经正确加载所需的内核模块。

[root@k8s-master01~]#chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4

为了让 Linux 节点上的 iptables 能够正确地查看桥接流量，需要确保在你的 sysctl 配置中将 net.bridge.bridge-nf-call-iptables   设置为 1

cat <

cat <

[root@k8s-master01~]#modprobe br_netfilter
[root@k8s-master01~]#lsmod | grep netfilter
[root@k8s-master01~]#sysctl -p /etc/sysctl.d/k8s.conf
[root@k8s-master01~]#sysctl --system

 

 

安装containerd

[root@k8s-master01~]#yum install -y yum-utils device-mapper-persistent-data lvm2

[root@k8s-master01~]#yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

[root@k8s-master01~]#yum list containerd.io --showduplicates

[root@k8s-master01~]#yum install -y containerd.io

[root@k8s-master01~]#mkdir -p /etc/containerd       
[root@k8s-master01~]#containerd config default | tee /etc/containerd/config.toml

cat <

替换配置文件

sed -i 's#SystemdCgroup = false#SystemdCgroup = true#' /etc/containerd/config.toml
sed -i 's#sandbox_image = "k8s.gcr.io/pause:3.5"#sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.6"#' /etc/containerd/config.toml

 重新启动

systemctl daemon-reload && systemctl daemon-reload && systemctl restart containerd

添加kubernetes  yum源

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

安装kubeadm,kubelet和kubectl

[root@k8s-master01~]#yum install -y kubelet-1.23.6 kubeadm-1.23.6 kubectl-1.23.6
[root@k8s-master01~]#systemctl daemon-reload
[root@k8s-master01~]#systemctl enable --now kubelet

 这步可做可不做

cat < /etc/sysconfig/kubelet          
KUBELET_KUBEADM_ARGS="--container-runtime=remote --runtime-request-timeout=15m --container-runtime-endpoint=unix:///run/containerd/containerd.sock"
EOF

以上环境初始化内容在所有节点都要执行

以上环境初始化内容在所有节点都要执行

以上环境初始化内容在所有节点都要执行

Mater上面去操作

查看所需镜像

[root@k8s-master01~]#kubeadm config images list --image-repository registry.aliyuncs.com

导出默认配置文件到当前目录

[root@k8s-master01~]#kubeadm config print init-defaults > kubeadm-config.yaml 

修改配置文件有四个地方修改

[root@k8s-master01~]#vim kubeadm-config.yaml      
apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
  - system:bootstrappers:kubeadm:default-node-token
  token: qjbkjd.zp1ta327pwur2k8g
  ttl: 24h0m0s
  usages:
  - signing
  - authentication
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: 10.0.0.20  #改成自己节点内网IP
  bindPort: 6443
nodeRegistration:
  criSocket: /run/containerd/containerd.sock   #修改为containerd
  name: master
  taints:
  - effect: NoSchedule
    key: node-role.kubernetes.io/master
---
apiServer:
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers  #修改这个
kind: ClusterConfiguration
kubernetesVersion: v1.23.6   #版本要改自己的
networking:
  dnsDomain: cluster.local
  podSubnet: 10.244.0.0/16
  serviceSubnet: 10.96.0.0/12
scheduler: {}
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
mode: ipvs
---
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
cgroupDriver: systemd

拉取镜像

[root@k8s-master01~]#kubeadm config images pull --config kubeadm-config.yaml

集群初始化

[root@k8s-master01~]#kubeadm init --config kubeadm-config.yaml  

 到这里你就可以看到初始化成功提示

根据上面成功的提示完成配置，按照你的上面提示复制即可

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

为Kubernetes集群部署一个网络插件，具体选用的插件则取决于管理员

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

Node 上面操作

在各node节点上执行上面成功初始化的token

回到Mater上面操作

到现在为止你的集群就搭建完成了，中间的坑我已经采完了，完全按照文档你就可以顺利搭建成功。