kubeadm部署v1.26.1

kubeadm部署v1.26.1

文章目录

  • kubeadm部署v1.26.1
  • 部署介绍
  • 环境准备
  • 安装部署
    • 基础环境搭建
      • 时钟同步
      • 主机名解析
      • 禁用swap设备
      • 关闭防火墙
      • 安装docker
      • 安装cri-dockerd
      • 安装kubelet、kubeadm、kubectl
      • 整合kubelet与cri-dockerd
      • 配置代理(选作)
    • 初始化第一个节点
    • 添加flannel插件
    • 添加其他master节点
    • 添加所有node节点
    • 重置集群(危险)

部署介绍

kubelet与CNI需要手动部署,但是其他组件全部可以通过容器部署。

kubeadm部署v1.26.1_第1张图片

环境准备

OS: Ubuntu22.04

Docker: 23.0.1
CGroup Driver: systemd

Kubernetes: v1.26.1
CRI: cri-dockerd 0.3.1.3
CNI: flannel

网络环境:
  vip: 10.0.0.6(nginx+keepalive或haproxy+keepalive)
  节点网络:10.0.0.0/24
   Pod网络:10.244.0.0/16
   Service:10.96.0.0/12

安装部署

基础环境搭建

时钟同步

apt install chrony -y
systemctl enable --now chrony.service
timedatectl set-timezone Asia/Shanghai
date

主机名解析

10.0.0.6  kubeapi.ldy.com
10.0.0.21 k8s-master01.ldy.com k8s-master01
10.0.0.22 k8s-master02.ldy.com k8s-master02
10.0.0.23 k8s-master03.ldy.com k8s-master03
10.0.0.41 k8s-node01.ldy.com k8s-node01
10.0.0.42 k8s-node02.ldy.com k8s-node02
10.0.0.43 k8s-node03.ldy.com k8s-node03

禁用swap设备

swapoff -a

//编辑配置文件
vim /etc/fstab

//列出是否还有swap设备
systemctl --type swap

//如果还有swap,禁用
systemctl mask SWAP_DEV

关闭防火墙

ufw disable
ufw status

安装docker

sudo apt-get -y install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
apt-get -y update
apt install docker-ce=5:23.0.1-1~ubuntu.22.04~jammy

优化

{
  "registry-mirrors": ["https://g27ti0mw.mirror.aliyuncs.com"],
  "insecure-registries": ["harbor.ldy.com"],
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-opts": {
     "max-size": "300m",
     "max-file": "2"
   },
  "live-restore": true,
  "storage-driver": "overlay2"
}
systemctl restart docker

安装cri-dockerd

curl -LO https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.1/cri-dockerd_0.3.1.3-0.ubuntu-jammy_amd64.deb

apt install ./cri-dockerd_0.3.1.3-0.ubuntu-jammy_amd64.deb

systemctl status cri-docker.service

安装kubelet、kubeadm、kubectl

apt update && apt install -y apt-transport-https
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -

cat </etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF

apt update
apt install -y kubelet=1.26.1-00 kubeadm=1.26.1-00 kubectl=1.26.1-00

systemctl enable kubelet

整合kubelet与cri-dockerd

配置cri-dockerd

vim /usr/lib/systemd/system/cri-docker.service
ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --network-plugin=cni --cni-bin-dir=/opt/cni/bin --cni-cache-dir=/var/lib/cni/cache --cni-conf-dir=/etc/cni/net.d

systemctl daemon-reload && systemctl restart cri-docker.service

配置kubelet配置kubelet,为其指定cri-dockerd在本地打开的Unix Sock文件的路径,该路径一般默认为“/run/cri-dockerd.sock“

root@k8s-master01:~# mkdir /etc/sysconfig
root@k8s-master01:~# vim /etc/sysconfig/kubelet
KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint=/run/cri-dockerd.sock"

需要说明的是,该配置也可不进行,而是直接在后面的各kubeadm命令上使用“–cri-socket unix:///run/cri-dockerd.sock”选项。

配置代理(选作)

初始化第一个节点

//查看需要哪些images
kubeadm config images list
kubeadm config images list --image-repository=registry.aliyuncs.com/google_containers

//拉去所需镜像(可能拉去不了)
kubeadm config images pull --cri-socket unix:///run/cri-dockerd.sock

docker pull registry.aliyuncs.com/google_containers/kube-apiserver:v1.26.2
docker pull registry.aliyuncs.com/google_containers/kube-controller-manager:v1.26.2
docker pull registry.aliyuncs.com/google_containers/kube-scheduler:v1.26.2
docker pull registry.aliyuncs.com/google_containers/kube-proxy:v1.26.2
docker pull registry.aliyuncs.com/google_containers/pause:3.9
docker pull registry.aliyuncs.com/google_containers/etcd:3.5.6-0
docker pull registry.aliyuncs.com/google_containers/coredns:v1.9.3

//通过其他方法将pause3.6放入主机
docker load -i pause-3.6.tar
kubeadm init \
--control-plane-endpoint="kubeapi.ldy.com" \
--kubernetes-version=v1.26.2 \
--pod-network-cidr=10.244.0.0/16 \
--service-cidr=10.96.0.0/12 \
--token-ttl=0 \
--cri-socket unix:///run/cri-dockerd.sock \
--upload-certs \
--image-repository=registry.aliyuncs.com/google_containers
  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

添加flannel插件

官方链接:https://github.com/coreos/flannel-cni

kubectl apply -f kube-flannel.yml

添加其他master节点

docker pull registry.aliyuncs.com/google_containers/kube-apiserver:v1.26.2
docker pull registry.aliyuncs.com/google_containers/kube-controller-manager:v1.26.2
docker pull registry.aliyuncs.com/google_containers/kube-scheduler:v1.26.2
docker pull registry.aliyuncs.com/google_containers/kube-proxy:v1.26.2
docker pull registry.aliyuncs.com/google_containers/pause:3.9
docker pull registry.aliyuncs.com/google_containers/etcd:3.5.6-0
docker pull registry.aliyuncs.com/google_containers/coredns:v1.9.3

//通过其他方法将pause3.6放入主机
docker load -i pause-3.6.tar
--cri-socket unix:///run/cri-dockerd.sock

添加所有node节点

//通过其他方法将pause3.6放入主机
docker load -i pause-3.6.tar

--cri-socket unix:///run/cri-dockerd.sock

重置集群(危险)

kubeadm reset --cri-socket unix:///run/cri-dockerd.sock

//危险及其危险。尤其是rm生产千万不能执行
//现在worker节点执行,再去master节点执行
kubeadm reset --cri-socket unix:///run/cri-dockerd.sock && \
            rm -rf /etc/kubernetes/ /var/lib/kubelet /var/lib/dockershim /var/run/kubernetes /var/lib/cni /etc/cni/net.d /var/lib/etcd

你可能感兴趣的:(#,K8s基础篇,kubernetes)