使用kubeadm安装Kubernetes

一、环境信息

1、操作系统：CentOS 7.6
2、master节点：172.26.167.138
3、worker节点：172.27.192.168，172.26.167.139
4、docker版本：18.06.3
5、kubelet版本：1.15.0
6、kubeadm版本：1.15.0
7、kubectl版本：1.15.0

二、所有节点（master和worker）

1、检查操作系统

1）cat /etc/redhat-release 
CentOS Linux release 7.6.1810 (Core)

2、升级系统

1）yum -y update

3、配置Host

1）vi /etc/hosts
设置：
172.27.192.168 hao1
172.26.167.138 hao2
172.26.167.139 hao3

4、关闭防火墙

1）systemctl stop firewalld
2）systemctl disable firewalld

5、禁用SELINUX

1）setenforce 0
2）sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g‘ /etc/selinux/config

3）vi /etc/selinux/config
设置：SELINUX=disabled

6、设置桥接网络

1）vi /etc/sysctl.d/k8s.conf
设置：
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1

2）modprobe br_netfilter
3）sysctl -p /etc/sysctl.d/k8s.conf

7、ipvs内核模块

1）cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF

2）chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4

3）yum -y install ipset
4）yum -y install ipvsadm

8、安装Docker

1）yum install -y yum-utils device-mapper-persistent-data lvm2
2）yum-config-manager     --add-repo     https://download.docker.com/linux/centos/docker-ce.repo
3）yum list docker-ce.x86_64  --showduplicates |sort -r
4）yum makecache fast
5）yum install -y --setopt=obsoletes=0 docker-ce-18.06.3.ce-3.el7
6）systemctl start docker
7）systemctl enable docker

9、修改Docker cgroup driver

1）vi /etc/docker/daemon.json
设置：
{
  "exec-opts": ["native.cgroupdriver=systemd"]
}

2）systemctl daemon-reload
3）systemctl restart docker
4）docker info | grep Cgroup

10、安装kubelet、kubectl、kubeadm

1）cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

2）yum -y makecache fast
3）yum install -y kubelet-1.15.0 kubeadm-1.15.0 kubectl-1.15.0

11、关闭虚拟内存

1）swapoff -a
2）vi /etc/sysctl.d/k8s.conf
设置：vm.swappiness=0
3）sysctl -p /etc/sysctl.d/k8s.conf

12、开机自启动kubelet

1）systemctl enable kubelet.service

三、Master节点

1、kuberadm init

1）cd /home
2）mkdir k8s && cd k8s
3）kubeadm config print init-defaults ClusterConfiguration > kubeadm.yaml
修改配置文件：advertiseAddress、taints.effect、imageRepository、kubernetesVersion、podSubnet

apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
  - system:bootstrappers:kubeadm:default-node-token
  token: abcdef.0123456789abcdef
  ttl: 24h0m0s
  usages:
  - signing
  - authentication
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: 172.26.167.138
  bindPort: 6443
nodeRegistration:
  criSocket: /var/run/dockershim.sock
  name: hao2
  taints:
  - effect: PreferNoSchedule
    key: node-role.kubernetes.io/master
---
apiServer:
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns:
  type: CoreDNS
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: v1.15.0
networking:
  dnsDomain: cluster.local
  podSubnet: 10.244.0.0/16
  serviceSubnet: 10.96.0.0/12
scheduler: {}

4）kubeadm init --config kubeadm.yaml --ignore-preflight-errors=Swap

tips：注意保存join命令
kubeadm join 172.26.167.138:6443 --token abcdef.0123456789abcdef
–discovery-token-ca-cert-hash sha256:eb736252950ac449e609a315c324219cce7e116d8f528cf6fdb5ad32862a099f

5）mkdir -p $HOME/.kube
6）sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
7）sudo chown $(id -u):$(id -g) $HOME/.kube/config

2、安装Pod Network

1）mkdir -p ~/k8s/
2）cd ~/k8s
3）curl -O https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
4）kubectl apply -f  kube-flannel.yml

3、check

1）kubectl get cs
NAME                 STATUS    MESSAGE             ERROR
controller-manager   Healthy   ok                  
scheduler            Healthy   ok                  
etcd-0               Healthy   {"health":"true"}

2）kubectl get pod -n kube-system
NAME                            READY   STATUS    RESTARTS   AGE
coredns-5c98db65d4-dr8lf        1/1     Running   0          52m
coredns-5c98db65d4-lp8dg        1/1     Running   0          52m
etcd-node1                      1/1     Running   0          51m
kube-apiserver-node1            1/1     Running   0          51m
kube-controller-manager-node1   1/1     Running   0          51m
kube-flannel-ds-amd64-mm296     1/1     Running   0          44s
kube-proxy-kchkf                1/1     Running   0          52m
kube-scheduler-node1            1/1     Running   0          51m

3）kubectl run curl --image=radial/busyboxplus:curl -it
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
If you don‘t see a command prompt, try pressing enter.
[ root@curl-5cc7b478b6-r997p:/ ]$

四、Worker节点

1、加入到集群

1）kubeadm join 172.26.167.138:6443 --token abcdef.0123456789abcdef \
    --discovery-token-ca-cert-hash sha256:eb736252950ac449e609a315c12c019cce7e116d8f528cf6fdb5ad32862a099f 

2、matser节点上check

1）kubectl get node
NAME    STATUS   ROLES    AGE   VERSION
node1   Ready    master   57m   v1.15.0
node2   Ready    <none>   11s   v1.15.0

3、Worker节点支持kubectl命令

1）scp [email protected]:/etc/kubernetes/admin.conf /etc/kubernetes/admin.conf
2）echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
3）source ~/.bash_profile

五、其他

1、kubeadm安装失败，需要重置后在重新安装

1）kubeadm reset
2）ifconfig cni0 down
3）ip link delete cni0
4）ifconfig flannel.1 down
5）ip link delete flannel.1
6）rm -rf /var/lib/cni/