热门标签
热门文章
- 1【开题报告】springboot基于JavaWeb的健身房管理系统102j4计算机毕设_java健身房管理系统开题报告
- 2nvm安装步骤及使用方法_nvm使用教程
- 32024年第十七届 认证杯 网络挑战赛 (C题)| 云中的海盐 | 辐射传输方程 Stefan-Boltzmann分析 |数学建模完整代码+建模过程全解全析
- 4AD936x+ZYNQ搭建OpenWIFI
- 5uniapp开发小程序,通过二维码进入_app通过二维码进入微信小程序
- 6小米6报价参数_华为畅享20Pro、小米红米Note9Pro参数报价对比
- 7面试Spring框架
- 8mysql存储中文字符乱码_mysql 支持中文存储有什么风险
- 9利用AI+大数据的方式分析恶意样本(四十三)_恶意样本发现
- 10kimi开放API使用了,来看如何使用_kimi api
当前位置: article > 正文
kubeadm安装K8S_v1.28.x容器使用docker_kubeadm 1.28 docker
作者:IT小白 | 2024-04-24 04:44:25
赞
踩
kubeadm 1.28 docker
一.环境部署
1.1 基础环境配置(只有1台服务器,作为masrer,也作为node使用)
[root@ecs-cf5e ~]# cat /etc/redhat-release CentOS Linux release
7.9.2009 (Core) [root@ecs-cf5e ~]# uname -a Linux ecs-cf5e 3.10.0-1160.92.1.el7.x86_64 #1 SMP Tue Jun 20 11:48:01 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux [root@ecs-cf5e ~]#
1.2 修改机器名称
#永久修改主机名
hostnamectl set-hostname master && bash #在master上操作
- 1
- 2
1.3 服务器性能优化
#时间同步: yum install epel-release -y yum install ntpdate -y ntpdate time.windows.com systemctl stop firewalld systemctl disable firewalld sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久 setenforce 0 # 临时 swapoff -a # 临时 sed -i 's/.*swap.*/#&/' /etc/fstab # 永久 #修改内核参数 cat > /etc/sysctl.d/k8s.conf <<EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 EOF cat >> /etc/sysctl.d/k8s.conf << EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF modprobe br_netfilter #加载br_netfilter模块 lsmod |grep br_netfilter #验证模块是否加载成功 sysctl -p /etc/sysctl.d/k8s.conf #使刚才修改的内核参数生效
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
1.4 集群添加hosts和免密登录
cat >> /etc/hosts << EOF
192.168.0.143 master
EOF
ssh-keygen -t rsa #一路回车,不输入密码
###把本地的ssh公钥文件安装到远程主机对应的账户
for i in master ; do ssh-copy-id -i .ssh/id_rsa.pub $i ;done
- 1
- 2
- 3
- 4
- 5
- 6
- 7
1.5 配置ipvs功能
在kubernetes中Service有两种代理模型,一种是基于iptables的,一种是基于ipvs,两者对比ipvs的性能要高,如果想要使用ipvs模型,需要手动载入ipvs模块
yum -y install ipset ipvsadm
cat > /etc/sysconfig/modules/ipvs.modules << EOF
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
chmod +x /etc/sysconfig/modules/ipvs.modules # 执行脚本
/etc/sysconfig/modules/ipvs.modules
# 验证ipvs模块
lsmod | grep -e ip_vs -e nf_conntrack_ipv4
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
二.安装Docker和安装并配置cri-dockerd插件安装
2.1 安装docker
yum -y install epel-release wget lrzsz wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo #yum list docker-ce --showduplicates | sort -r #查看yum仓库中可以安装的docker版本 #yum -y install docker-ce-18.06.1.ce-3.el7 #安装固定版本 yum -y install docker-ce #安装docker最新版 systemctl enable docker && systemctl start docker cat > /etc/docker/daemon.json << EOF { "registry-mirrors":["https://rsbud4vc.mirror.aliyuncs.com","https://registry.docker-cn.com","https://docker.mirrors.ustc.edu.cn","https://dockerhub.azk8s.cn","http://hub-mirror.c.163.com","http://qtid6917.mirror.aliyuncs.com", "https://rncxm540.mirror.aliyuncs.com"], "exec-opts": ["native.cgroupdriver=systemd"] } EOF systemctl daemon-reload && systemctl restart docker && systemctl status docker docker --version
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
2.2 cri-dockerd
#安装cri-dockerd插件 wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.1/cri-dockerd-0.3.1-3.el7.x86_64.rpm #备份并更新cri-docker.service文件 rpm -ivh cri-dockerd-0.3.1-3.el7.x86_64.rpm rpm -ivh cri-dockerd-0.3.1-3.el7.x86_64.rpm --nodeps --force #centos9 mv /usr/lib/systemd/system/cri-docker.service /usr/lib/systemd/system/cri-docker.service.default #空文件复制如下信息 cat > /usr/lib/systemd/system/cri-docker.service << EOF [Unit] Description=CRI Interface for Docker Application Container Engine Documentation=https://docs.mirantis.com After=network-online.target firewalld.service docker.service Wants=network-online.target Requires=cri-docker.socket [Service] Type=notify ExecStart=/usr/bin/cri-dockerd --network-plugin=cni --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.7 ExecReload=/bin/kill -s HUP $MAINPID TimeoutSec=0 RestartSec=2 Restart=always StartLimitBurst=3 StartLimitInterval=60s LimitNOFILE=infinity LimitNPROC=infinity LimitCORE=infinity TasksMax=infinity Delegate=yes KillMode=process [Install] WantedBy=multi-user.target EOF #启动cir-dockerd systemctl daemon-reload systemctl start cri-docker.service systemctl enable cri-docker.service systemctl status cri-docker.service cri-dockerd --version
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
三.安装Docker/kubeadm/kubelet(所有节点)
##添加yum 源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
yum clean all && yum makecache -y
#yum makecache fast
yum list kubectl --showduplicates | sort -r #列出kubectl可用的版本
- 1
- 2
- 3
- 4
##centos系统安装命令
yum -y install kubelet-1.28.2-0 kubeadm-1.28.2-0 kubectl-1.28.2-0
systemctl enable kubelet
kubectl version
- 1
- 2
- 3
- 4
#ubuntu系统安装命令
sudo apt install kubelet=1.28.2-00 kubeadm=1.28.2-00 kubectl=1.28.2-00 -y
- 1
- 2
四.初始化集群
#kubeadm config images list #查看集群安装需要的命令
kubeadm init --kubernetes-version v1.28.2 --apiserver-advertise-address=192.168.0.143 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16 --image-repository registry.aliyuncs.com/google_containers --cri-socket unix:///var/run/cri-dockerd.sock --ignore-preflight-errors=all
- 1
- 2
- 3
#kubeadm reset --cri-socket unix:///var/run/cri-dockerd.sock #这句是集群初始化失败后需要执行的
kubeadm token create --print-join-command #重新生成token
- 1
- 2
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
- 1
- 2
- 3
五.命令补全
####Centos系统
rpm -aq |grep completion
yum -y install bash-completion #安装补全命令的包
kubectl completion bash
source /usr/share/bash-completion/bash_completion
kubectl completion bash >/etc/profile.d/kubectl.sh
source /etc/profile.d/kubectl.sh
cat >> /root/.bashrc <<EOF
source /etc/profile.d/kubectl.sh
EOF
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
六.安装网络插件
#去除污点,允许master节点部署pod
kubectl taint nodes --all node-role.kubernetes.io/control-plane- #执行这句就行,就是取消污点
kubectl taint nodes --all node-role.kubernetes.io/master- #执行这句就行,就是取消污点
- 1
- 2
- 3
kubectl apply -f calico.yaml #从这里下载对应版 https://docs.projectcalico.org/archive/v3.20/manifests/calico.yaml
- 1
[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready control-plane 6m29s v1.28.2
[root@master ~]# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-bdf96dff9-fdgj5 1/1 Running 0 2m19s
kube-system calico-node-cz7nh 1/1 Running 0 2m19s
kube-system coredns-66f779496c-fm7wd 1/1 Running 0 6m28s
kube-system coredns-66f779496c-nhcpz 1/1 Running 0 6m28s
kube-system etcd-master 1/1 Running 0 6m41s
kube-system kube-apiserver-master 1/1 Running 0 6m41s
kube-system kube-controller-manager-master 1/1 Running 0 6m41s
kube-system kube-proxy-nq95m 1/1 Running 0 6m28s
kube-system kube-scheduler-master 1/1 Running 0 6m41s
[root@master ~]#
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
七. 在kubernetes群集中创建Nginx
kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get pods,svc #查看暴露端口
- 1
- 2
- 3
浏览器访问: 集群任何IP:端口 正常访问就OK
八. 部署Dashboard
kubectl apply -f recommended.yaml
- 1
[root@master ~]# kubectl get pods,svc -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
pod/dashboard-metrics-scraper-5657497c4c-jwd8h 1/1 Running 0 3m50s
pod/kubernetes-dashboard-78f87ddfc-vs7hc 1/1 Running 0 3m50s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/dashboard-metrics-scraper ClusterIP 10.107.39.99 <none> 8000/TCP 3m50s
service/kubernetes-dashboard NodePort 10.107.196.130 <none> 443:30001/TCP 3m50s
[root@master ~]#
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
#创建service account并绑定默认cluster-admin管理员群集角色
kubectl create serviceaccount dashboard-admin -n kube-system #创建用户
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin #用户授权
kubectl -n kube-system get serviceaccounts |grep dashboard #查看sa是否创建成功
kubectl -n kube-system create token dashboard-admin --duration=518400s #创建用户Token
#一年365*24*60*60=31536000s 第一次token登录后有报错,请再次执行一次token就好了
- 1
- 2
- 3
- 4
- 5
- 6
浏览器打开ip:30001 由于我这是华为云服务器用的是公网IP https://114.115.160.33:30001/
九. 部署metrics服务
kubectl apply -f metrics-server.yaml
- 1
kubectl top nodes
kubectl top pods
- 1
- 2
[root@master ~]# kubectl top nodes
NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
master 170m 4% 2622Mi 33%
[root@master ~]# kubectl top pods
NAME CPU(cores) MEMORY(bytes)
nginx-7854ff8877-gzw6r 0m 3Mi
[root@master ~]#
- 1
- 2
- 3
- 4
- 5
- 6
- 7
到这里就安装完成了,可以去使用了
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/IT小白/article/detail/477654
推荐阅读
相关标签
