赞
踩
角色 | IP地址 |
master | 192.168.140.128 |
node1 | 192.168.140.129 |
node2 | 192.168.140.131 |
软件 | 版本 |
操作系统 | CentOS 7 |
Docker | 26.0.1(CE) |
Kubernetes | 1.28 |
- ##安装ntp
- yum -y install chrony
- systemctl enable chronyd --now && chronyc sources
-
- ##设置主机名称解析
- tee -a /etc/hosts << EOF
- 192.168.140.128 master
- 192.168.140.129 node1
- 192.168.140.130 node2
- EOF
-
- ##关闭selinux
- sed -i 's/enforcing/disbaled/' /etc/selinux/config #永久
- setenforce 0 #临时
-
- ##关闭防火墙
- systemctl disable firewalld --now
-
- ##关闭Swap
- swapoff -a #临时
- sed -ri 's/.*swap.*/#&/' /etc/fstab #永久
-
- ##根据规划设置主机名
- hostnamectl set-hostname <hostname>
- bash #生效
-
- ##确保网络桥接的数据包经过Iptables处理,启用相关内核参数
- cat > /etc/sysctl.d/k8s.conf << EOF
- net.bridge.bridge-nf-call-ip6tables = 1
- net.bridge.bridge-nf-call-iptables = 1
- net.ipv4.ip_forward=1
- vm.swappiness=0
- EOF
-
- sysctl --system #生效
-
- ##加载br_betfilter模块
- cat <<EOF | tee /etc/modules-load.d/k8s.conf
- overlay
- br_netfilter
- nf_conntrack
- EOF
-
- ##加载ipvs网络转发模块
- yum -y install ipset ipvsadm
-
- cat <<EOF | tee /etc/modules-load.d/ipvs.conf
- ip_vs
- ip_vs_rr
- ip_vs_wrr
- ip_vs_sh
- EOF
-
- ##重启服务器,使配置生效
- reboot
- wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
-
- yum install -y docker-ce
- systemctl enable docker && systemctl start docker
-
- cat > /etc/docker/daemon.json << EOF
- {
- "registry-mirrors": ["https://https://8d6xmv42.mirror.aliyuncs.com"],
- "exec-opts": ["native.cgroupdriver=systemd"]
- }
- EOF
-
- systemctl restart docker
- docker --version
注意:镜像加速器地址链接每个人的不太,注意甄别。可登录容器镜像服务控制台,在左侧导航栏选择镜像工具 > 镜像加速器,在镜像加速器页面获取加速器地址。
- wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.12/cri-dockerd-0.3.12-3.el7.x86_64.rpm
- rpm -ivh cri-dockerd-0.3.12-3.el7.x86_64.rpm
- ##修改cri-docker.service
- ~]# vim /usr/lib/systemd/system/cri-docker.service
-
- ExecStart=/usr/bin/cri-dockerd --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9 --container-runtime-endpoint fd://
- systemctl daemon-reload
- systemctl enable cri-docker && systemctl start cri-docker
- cat <<EOF | tee /etc/yum.repos.d/kubernetes.repo
- [kubernetes]
- name=Kubernetes
- baseurl=https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.28/rpm/
- enabled=1
- gpgcheck=0
- gpgkey=https://mirrors.aliyun.com/kubernetesnew/core/stable/v1.28/rpm/repodata/repomd.xml.key
- EOF
- ## master节点
- yum install -y kubelet kubeadm kubectl
- ## node节点
- yum install -y kubelet kubeadm
- ## all
- systemctl enable kubelet
- cp /etc/sysconfig/kubelet{,.bak}
-
- cat > /etc/sysconfig/kubelet <<EOF
- KUBELET_EXTRA_ARGS="--cgroup-driver=systemd"
- EOF
-
- systemctl enable kubelet --now
- ##生成默认配置文件
- ~]# kubeadm config print init-defaults > k8s_init.yaml
- ~]# cat /root/k8s_init.yaml
- apiVersion: kubeadm.k8s.io/v1beta3
- bootstrapTokens:
- - groups:
- - system:bootstrappers:kubeadm:default-node-token
- token: abcdef.0123456789abcdef
- ttl: 24h0m0s
- usages:
- - signing
- - authentication
- kind: InitConfiguration
- localAPIEndpoint:
- advertiseAddress: 192.168.140.128 ##设置为master地址
- bindPort: 6443
- nodeRegistration:
- criSocket: unix:///var/run/cri-dockerd.sock
- imagePullPolicy: IfNotPresent
- name: master
- taints: null
- ---
- apiServer:
- timeoutForControlPlane: 4m0s
- apiVersion: kubeadm.k8s.io/v1beta3
- certificatesDir: /etc/kubernetes/pki
- clusterName: k8s
- controllerManager: {}
- dns: {}
- etcd:
- local:
- dataDir: /var/lib/etcd
- imageRepository: registry.aliyuncs.com/google_containers #使用国内镜像
- kind: ClusterConfiguration
- kubernetesVersion: 1.29.0
- networking:
- dnsDomain: k8s.local
- serviceSubnet: 10.96.0.0/12
- podSubnet: 10.244.0.0/16 #网络插件flannel
- scheduler: {}
kubeadm init --config k8s_init.yaml
初始化完成后,根据提示信息,拷贝kubectl工具认证文件到默认路径
- ~]# mkdir -p $HOME/.kube
- ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
- ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
如果需要重置
kubeadm reset --cri-socket unix:///var/run/cri-dockerd.sock
使用kubectl工具查看节点状态
~]# kubectl get nodes
因为网络插件还没有部署,所以节点处于“NotReady”状态
将node节点加入集群(需指定连接docker的中间程序的socket)
- ## node节点执行
- ~]# kubeadm join 192.168.140.128:6443 --token bagja3.vvjfveyyms1cywhn --discovery-token-ca-cert-hash sha256:1a93ded43dff7134dc05a3f327c2cd3a82d6102da066b1a28c167e0f7758daf3 --cri-socket=unix:///var/run/cri-dockerd.sock
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。