k8s 1.28.3 使用containerd
文章目录
- 环境说明
- 最终结果
- 环境配置
-
-
- 时钟同步
- 主机名称配置
- 主机名解析
- 关闭swap
- 安装ipvs
-
- 安装containerd
-
- 安装containerd
- 生成配置
- 修改配置
- 开启containerd服务
- 安装runc
- 安装k8s
-
- 安装kubelet kubeadm kubectl
-
-
- 获取kubernetes 1.28组件容器镜像
-
- 拉取镜像
- 初始化集群
-
- 方法一(不太会 ipvs模式)
- 方法二(iptables模式)
- 安装cilium
- iptable改ipvs
环境说明
| 主机名称 | 操作系统(mac宿主机) | ip地址 | cpu | 内存 | k8s | containerd | runc | cilium | kubectl | kubelet | kubeadm |
|---|---|---|---|---|---|---|---|---|---|---|---|
| k8s-master01 | Ubuntu 22.04.3 LTS | 192.168.195.20/24 | 2 | 2 | 1.28 | 1.7.3 | 1.1.8 | 1.14.3 | v1.28.2 | 1.28.2 | 1.28.2 |
| k8s-worker01 | Ubuntu 22.04.3 LTS | 192.168.195.29/24 | 2 | 4 | 1.28 | 1.7.3 | 1.1.8 | 1.14.3 | v1.28.2 | 1.28.2 | 1.28.2 |
| k8s-worker02 | Ubuntu 22.04.3 LTS | 192.168.195.30/24 | 2 | 4 | 1.28 | 1.7.3 | 1.1.8 | 1.14.3 | v1.28.2 | 1.28.2 | 1.28.2 |
最终结果
环境配置
时钟同步
apt install chrony -y
systemctl enable --now chrony.service
timedatectl set-timezone Asia/Shanghai
date
主机名称配置
#master
hostnamectl set-hostname k8s-master01
#work1
hostnamectl set-hostname k8s-worker01
#work2
hostnamectl set-hostname k8s-worker02
主机名解析
# vim /etc/hosts
192.168.195.20 k8s-master01
192.168.195.29 k8s-worker01
192.168.195.30 k8s-worker02
关闭swap
swapoff -a
sed -i '/\sswap\s/s/^/#/' /etc/fstab
安装ipvs
apt install ipset ipvsadm
cat > /etc/modules-load.d/ipvs.conf << EOF
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack
br_netfilter
EOF
modprobe --all ip_vs ip_vs_rr ip_vs_wrr ip_vs_sh nf_conntrack br_netfilter
lsmod|grep -e ip_vs -e nf_conntrack
# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
sysctl -p
安装containerd
https://github.com/containerd/containerd/releases/tag/v1.7.3
安装containerd
wget https://github.com/containerd/containerd/releases/download/v1.7.3/cri-containerd-1.7.3-linux-arm64.tar.gz
tar xf cri-containerd-1.7.3-linux-arm64.tar.gz -C /
生成配置
mkdir /etc/containerd
containerd config default > /etc/containerd/config.toml
修改配置
# vim /etc/containerd/config.toml
SystemdCgroup = true #配置systemdcgroup驱动程序
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9" #因为k8s需要pause:3.9镜像,共用
开启containerd服务
ctr image pull registry.aliyuncs.com/google_containers/pause:3.9
systemctl enable --now containerd
containerd --version
安装runc
(可忽略,因为containerd自带)
https://github.com/opencontainers/runc/releases/tag/v1.1.5
安装k8s
安装kubelet kubeadm kubectl
https://developer.aliyun.com/mirror/kubernetes?spm=a2c6h.13651102.0.0.73281b11ZWDJ2s
apt-get update && apt-get install -y apt-transport-https
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat </etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubelet kubeadm kubectl
获取kubernetes 1.28组件容器镜像
root@k8s-master01:/etc# kubeadm config images list --image-repository=registry.aliyuncs.com/google_containers
ctr image pull registry.aliyuncs.com/google_containers/kube-apiserver:v1.28.3
ctr image pull registry.aliyuncs.com/google_containers/kube-controller-manager:v1.28.3
ctr image pull registry.aliyuncs.com/google_containers/kube-scheduler:v1.28.3
ctr image pull registry.aliyuncs.com/google_containers/kube-proxy:v1.28.3
ctr image pull registry.aliyuncs.com/google_containers/pause:3.9
ctr image pull registry.aliyuncs.com/google_containers/etcd:3.5.9-0
ctr image pull registry.aliyuncs.com/google_containers/coredns:v1.10.1
拉取镜像
kubeadm config images pull --image-repository=registry.aliyuncs.com/google_containers
初始化集群
方法一(不太会 ipvs模式)
#打印初始化配置
kubeadm config print init-defaults --component-configs KubeletConfiguration
advertiseAddress: 192.168.195.20
criSocket: unix:///var/run/containerd/containerd.sock
imageRepository: registry.aliyuncs.com/google_containers
kubernetesVersion: 1.28.3
serviceSubnet: 192.168.10.0/24
方法二(iptables模式)
kubeadm init \
--apiserver-advertise-address=192.168.195.20 \
--kubernetes-version=v1.28.3 \
--pod-network-cidr=192.168.20.0/24 \
--service-cidr=192.168.10.0/24 \
--token-ttl=0 \
--cri-socket unix:///var/run/containerd/containerd.sock \
--upload-certs \
--image-repository=registry.aliyuncs.com/google_containers
安装cilium
官网链接:https://docs.cilium.io/en/stable/gettingstarted/k8s-install-default/
# 下载cilium-cli
CILIUM_CLI_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/cilium-cli/main/stable.txt)
CLI_ARCH=amd64
if [ "$(uname -m)" = "aarch64" ]; then CLI_ARCH=arm64; fi
curl -L --fail --remote-name-all https://github.com/cilium/cilium-cli/releases/download/${CILIUM_CLI_VERSION}/cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}
sha256sum --check cilium-linux-${CLI_ARCH}.tar.gz.sha256sum
sudo tar xzvfC cilium-linux-${CLI_ARCH}.tar.gz /usr/local/bin
rm cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}
#安装,等待一会
cilium install --version 1.14.3
cilium install \
--agent-image=registry.cn-hangzhou.aliyuncs.com/cilium/cilium:v1.14.3 \
--operator-image=registry.cn-hangzhou.aliyuncs.com/cilium/operator-generic:v1.14.3
iptable改ipvs
https://www.yuque.com/yuqueyonghudwdyw7/vhna62/fh4rdicy5ilfnsu1#%E3%80%8AKubernetes%E7%90%86%E8%AE%BA%E7%9F%A5%E8%AF%86%E3%80%8B