利用vmware linux虚拟机搭建k8s集群

1.假若两台linux hostname同名，必须先修改Hostname才能正常运行k8s。

master节点输入命令 hostnamectl --static set-hostname k8s-master

node节点输入 hostnamectl --static set-hostname k8s-node1

然后重启服务器reboot或直接运行命令hostname $hostname使其生效

2.master和node节点都安装docker。yum install -y yum-utils device-mapper-persistent-data lvm2

yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

yum install -y docker-ce-18.09.9-3.el7

设置开机启动并立即启动。systemctl enable docker && systemctl start docker

3.所有机器均关闭防火墙 systemctl disable firewalld && systemctl stop firewalld

关闭selinux vi /etc/selinux/config，将enforcing改成disabled。

swappoff -a

4.修改内核参数

cat < /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF

5.配置k8s镜源 cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

6.安装k8s。yum install -y kubectl-1.23.6-0 kubeadm-1.23.6-0 kubelet-1.23.6-0

systemctl enable kubelet && systemctl start kubelet

7.初始化k8s。kubeadm init --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.23.6 --apiserver-advertise-address 192.168.66.51 --pod-network-cidr=10.244.0.0/16 --token-ttl 0

若k8s后续需要重装，可以运行命令kubeadm reset再从这一步开始重新初始化

8.安装flannel 。wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

下载镜像 docker pull quay.io/coreos/flannel:v0.14.0-rc1

创建网络插件kubectl apply -f kube-flannel.yml

9.运行kubectl get nodes，这时所有节点均为ready状态。

10.查看需拉取镜像kubeadm config images list

11.拉取k8s依赖镜像 image.sh 

#!/bin/bash
url=registry.cn-hangzhou.aliyuncs.com/google_containers
version=v1.23.6
images=(`kubeadm config images list --kubernetes-version=$version|awk -F '/' '{print $2}'`)
for imagename in ${images[@]} ; do
  docker pull $url/$imagename
  docker tag $url/$imagename k8s.gcr.io/$imagename
  docker rmi -f $url/$imagename
done
12.安装dashboard。下载配置文件wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-rc3/aio/deploy/recommended.yaml

vi recommended.yaml在service 下添加type: NodePort，port中增加nodePort: 30021。（冒号后面必须空格，大小写不能更改）。

执行安装kubectl create -f recommended.yaml

附：谷歌浏览器无法打开dashboard的话先用命令删除默认的secret

kubectl delete secret kubernetes-dashboard-certs -n kubernetes-dashboard

重新创建kubectl create secret generic kubernetes-dashboard-certs \
--from-file=/etc/kubernetes/pki/apiserver.key --from-file=/etc/kubernetes/pki/apiserver.crt -n kubernetes-dashboard

vi remmended.yaml 在args的# PLATFORM-SPECIFIC ARGS HERE
        - --auto-generate-certificates后面加
        - --tls-key-file=apiserver.key
        - --tls-cert-file=apiserver.crt

保存退出运行 kubecte apply -f remmended.yaml

登录k8s报错如namespaces is forbidden: User "system:serviceaccount:kubernetes-dashboard:ku...按以下步骤解决

kubectl create serviceaccount dashboard -n default

绑定规则到仪表板用户kubectl create clusterrolebinding dashboard-admin -n default  --clusterrole=cluster-admin  --serviceaccount=default:dashboard

获取token。kubectl get secret $(kubectl get serviceaccount dashboard -o jsonpath="{.secrets[0].name}") -o jsonpath="{.data.token}" | base64 --decode

查看有问题pods详细情况 kubectl describe pods kubernetes-dashboard-7c54d59f66-z2fkm -n kube-system。故障一般是由于网络原因拉取国外镜像缓慢导致的。
删除pod 。kubectl delete pod 要删除的pod名称 --namespace kube-system