K8S集群搭建1.28.x
1、Kubernetes集群规划
| 主机名 | IP地址 | 说明 |
| master | 192.168.33.201 | 主节点 |
| node1 | 192.168.33.202 | 从节点 |
| noide2 | 192.168.33.202 | 从节点 |
2、准备环境
1、关闭防火墙
systemctl stop firewalld
systemctl disable firewalld2、关闭selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config3、关闭swap分区
sed -ri 's/.*swap.*/#&/' /etc/fstab 4、规划主机名
master节点
hostnamectl set-hostname master
node1节点
hostnamectl set-hostname node1node2节点
hostnamectl set-hostname node2
5、添加hosts文件
在master节点添加
cat >> /etc/hosts << EOF
192.168.33.201 k8s-master
192.168.33.202 k8s-node1
192.168.33.205 k8s-node2
EOF将hosts文件复制到其他节点
scp /etc/hosts node1:/etc/hosts
scp /etc/hosts node2:/etc/hosts6、将桥接的IPv4流量传递到iptables的链
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system7、同步时间
yum install ntpdate -y
ntpdate time.windows.com2、安装Docker
1、安装docker
yum install wget
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum -y install docker-ce
2、设置docker开机自启
systemctl enable docker && systemctl start docker3、配置daemon.json
$ cat > /etc/docker/daemon.json << EOF
{
"registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"]
}
EOF重启docker
systemctl restart docker4、生成config.tom配置文件
containerd config default > /etc/containerd/config.toml5、配置systemd cgroup驱动
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml将sandbox_image下载地址改为阿里云地址
# 在/etc/containerd/config.toml中设置
[plugins."io.containerd.grpc.v1.cri"]
...
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"启动containerd 并设置开机自启动
systemctl restart containerd && systemctl enable containerd3、安装kubeadm,kublelet和kubectl
1、添加阿里云的yum软件源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF2、安装kubeadm,kublelet和kubectl
由于版本更新频繁,这里指定版本号部署:
yum install -y kubelet-1.28.2 kubeadm-1.28.2 kubectl-1.28.2
systemctl enable kubelet 4、集群搭建
1、初始化
在Master节点执行
kubeadm init \
--apiserver-advertise-address=192.168.33.201\
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.28.2 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16由于默认拉取镜像地址k8s.gcr.io国内无法访问,这里指定阿里云镜像仓库地址。
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.33.201:6443 --token esce21.q6hetwm8si29qxwn \
--discovery-token-ca-cert-hash sha256:00603a05805807501d7181c3d60b478788408cfe6cedefedb1f97569708be9c5如果出现以上字段,则说明初始化成功
创建集训没有成功,重现初始化时需要进行一下操作:
kubeadm reset # 环境及网络清理
rm -rf $HOME/.kube # 重新创建集群时,需要删除 $HOME/.kube目录使用kubectl工具
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config2、加入工作节点
在node1和node2执行
向集群添加新节点,执行在kubeadm init输出的kubeadm join命令:
kubeadm join 192.168.33.201:6443 --token esce21.q6hetwm8si29qxwn \
--discovery-token-ca-cert-hash sha256:00603a05805807501d7181c3d60b478788408cfe6cedefedb1f97569708be9c5默认token有效期为24小时,当过期之后,该token就不可用了。这时就需要重新创建token,操作如下:
kubeadm token create --print-join-command3、查看
[root@master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
master NotReady control-plane 118m v1.28.2
node1 NotReady 80m v1.28.2
node2 NotReady 80m v1.28.2 搭建成功之后这里德STATUS处于NotReady的状态,我们需要给其部署网络插件
5、部署网络插件calico
kubectl apply -f calico.yaml6、测试kubernetes集群
kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get pod,svc