当前位置:   article > 正文

kubeadm安装K8S_v1.28.x容器使用docker_kubeadm 1.28 docker

kubeadm 1.28 docker

一.环境部署

1.1 基础环境配置(只有1台服务器,作为masrer,也作为node使用)

[root@ecs-cf5e ~]# cat /etc/redhat-release CentOS Linux release
7.9.2009 (Core) [root@ecs-cf5e ~]# uname -a Linux ecs-cf5e 3.10.0-1160.92.1.el7.x86_64 #1 SMP Tue Jun 20 11:48:01 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux [root@ecs-cf5e ~]#

1.2 修改机器名称

#永久修改主机名
hostnamectl set-hostname  master    && bash   #在master上操作
  • 1
  • 2

1.3 服务器性能优化

#时间同步:
yum install epel-release  -y
yum install ntpdate -y
ntpdate time.windows.com

systemctl stop firewalld
systemctl disable firewalld
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 临时
swapoff -a # 临时
sed -i 's/.*swap.*/#&/' /etc/fstab # 永久

#修改内核参数
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

cat >>  /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

modprobe br_netfilter #加载br_netfilter模块
lsmod |grep br_netfilter #验证模块是否加载成功
sysctl -p /etc/sysctl.d/k8s.conf  #使刚才修改的内核参数生效
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27

1.4 集群添加hosts和免密登录

cat >> /etc/hosts << EOF
192.168.0.143    master
EOF

ssh-keygen -t rsa #一路回车,不输入密码
###把本地的ssh公钥文件安装到远程主机对应的账户
for i in master ; do ssh-copy-id -i .ssh/id_rsa.pub $i ;done
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7

1.5 配置ipvs功能

在kubernetes中Service有两种代理模型,一种是基于iptables的,一种是基于ipvs,两者对比ipvs的性能要高,如果想要使用ipvs模型,需要手动载入ipvs模块

yum -y install ipset ipvsadm
cat > /etc/sysconfig/modules/ipvs.modules << EOF
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4  
EOF
chmod +x /etc/sysconfig/modules/ipvs.modules # 执行脚本
/etc/sysconfig/modules/ipvs.modules
# 验证ipvs模块
lsmod | grep -e ip_vs -e nf_conntrack_ipv4
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14

二.安装Docker和安装并配置cri-dockerd插件安装

2.1 安装docker

yum -y install epel-release wget lrzsz
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
#yum list docker-ce --showduplicates | sort -r #查看yum仓库中可以安装的docker版本
#yum -y install docker-ce-18.06.1.ce-3.el7 #安装固定版本
yum -y install docker-ce  #安装docker最新版
systemctl enable docker && systemctl start docker 

cat > /etc/docker/daemon.json << EOF
{
 "registry-mirrors":["https://rsbud4vc.mirror.aliyuncs.com","https://registry.docker-cn.com","https://docker.mirrors.ustc.edu.cn","https://dockerhub.azk8s.cn","http://hub-mirror.c.163.com","http://qtid6917.mirror.aliyuncs.com", "https://rncxm540.mirror.aliyuncs.com"],
  "exec-opts": ["native.cgroupdriver=systemd"]
} 
EOF

systemctl daemon-reload && systemctl restart docker &&  systemctl status docker
docker --version
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16

2.2 cri-dockerd

#安装cri-dockerd插件
wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.1/cri-dockerd-0.3.1-3.el7.x86_64.rpm
#备份并更新cri-docker.service文件
rpm -ivh cri-dockerd-0.3.1-3.el7.x86_64.rpm
rpm -ivh cri-dockerd-0.3.1-3.el7.x86_64.rpm --nodeps --force #centos9

mv /usr/lib/systemd/system/cri-docker.service   /usr/lib/systemd/system/cri-docker.service.default

#空文件复制如下信息
cat > /usr/lib/systemd/system/cri-docker.service << EOF 
[Unit]
Description=CRI Interface for Docker Application Container Engine
Documentation=https://docs.mirantis.com
After=network-online.target firewalld.service docker.service
Wants=network-online.target
Requires=cri-docker.socket
[Service]
Type=notify
ExecStart=/usr/bin/cri-dockerd --network-plugin=cni --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.7
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
StartLimitBurst=3
StartLimitInterval=60s
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
EOF


#启动cir-dockerd
systemctl daemon-reload
systemctl start cri-docker.service 
systemctl enable cri-docker.service
systemctl status  cri-docker.service

cri-dockerd --version
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43

三.安装Docker/kubeadm/kubelet(所有节点)

##添加yum 源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11

yum clean all && yum makecache -y
#yum makecache fast
yum list kubectl --showduplicates | sort -r #列出kubectl可用的版本
  • 1
  • 2
  • 3
  • 4
##centos系统安装命令
yum -y install kubelet-1.28.2-0  kubeadm-1.28.2-0  kubectl-1.28.2-0 
systemctl enable kubelet
kubectl version
  • 1
  • 2
  • 3
  • 4
#ubuntu系统安装命令
sudo apt install kubelet=1.28.2-00  kubeadm=1.28.2-00 kubectl=1.28.2-00 -y 
  • 1
  • 2

四.初始化集群

#kubeadm config images list #查看集群安装需要的命令

kubeadm init --kubernetes-version v1.28.2 --apiserver-advertise-address=192.168.0.143  --service-cidr=10.96.0.0/12  --pod-network-cidr=10.244.0.0/16 --image-repository registry.aliyuncs.com/google_containers   --cri-socket unix:///var/run/cri-dockerd.sock  --ignore-preflight-errors=all
  • 1
  • 2
  • 3
#kubeadm reset --cri-socket unix:///var/run/cri-dockerd.sock #这句是集群初始化失败后需要执行的
kubeadm token create --print-join-command #重新生成token
  • 1
  • 2
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
  • 1
  • 2
  • 3

五.命令补全

####Centos系统
rpm -aq |grep completion  
yum -y install bash-completion  #安装补全命令的包
kubectl completion bash
source /usr/share/bash-completion/bash_completion
kubectl completion bash >/etc/profile.d/kubectl.sh
source /etc/profile.d/kubectl.sh
cat >> /root/.bashrc <<EOF
source /etc/profile.d/kubectl.sh
EOF
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10

六.安装网络插件

#去除污点,允许master节点部署pod
kubectl taint nodes --all node-role.kubernetes.io/control-plane- #执行这句就行,就是取消污点
kubectl taint nodes --all node-role.kubernetes.io/master-  #执行这句就行,就是取消污点
  • 1
  • 2
  • 3
kubectl apply -f calico.yaml  #从这里下载对应版 https://docs.projectcalico.org/archive/v3.20/manifests/calico.yaml
  • 1
[root@master ~]# kubectl get nodes
NAME     STATUS   ROLES           AGE     VERSION
master   Ready    control-plane   6m29s   v1.28.2
[root@master ~]# kubectl get pods -A
NAMESPACE     NAME                                      READY   STATUS    RESTARTS   AGE
kube-system   calico-kube-controllers-bdf96dff9-fdgj5   1/1     Running   0          2m19s
kube-system   calico-node-cz7nh                         1/1     Running   0          2m19s
kube-system   coredns-66f779496c-fm7wd                  1/1     Running   0          6m28s
kube-system   coredns-66f779496c-nhcpz                  1/1     Running   0          6m28s
kube-system   etcd-master                               1/1     Running   0          6m41s
kube-system   kube-apiserver-master                     1/1     Running   0          6m41s
kube-system   kube-controller-manager-master            1/1     Running   0          6m41s
kube-system   kube-proxy-nq95m                          1/1     Running   0          6m28s
kube-system   kube-scheduler-master                     1/1     Running   0          6m41s
[root@master ~]# 
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15

七. 在kubernetes群集中创建Nginx

kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get pods,svc  #查看暴露端口
  • 1
  • 2
  • 3

浏览器访问: 集群任何IP:端口 正常访问就OK
在这里插入图片描述

八. 部署Dashboard

kubectl apply -f recommended.yaml 
  • 1
[root@master ~]# kubectl get pods,svc -n kubernetes-dashboard
NAME                                             READY   STATUS    RESTARTS   AGE
pod/dashboard-metrics-scraper-5657497c4c-jwd8h   1/1     Running   0          3m50s
pod/kubernetes-dashboard-78f87ddfc-vs7hc         1/1     Running   0          3m50s

NAME                                TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE
service/dashboard-metrics-scraper   ClusterIP   10.107.39.99     <none>        8000/TCP        3m50s
service/kubernetes-dashboard        NodePort    10.107.196.130   <none>        443:30001/TCP   3m50s
[root@master ~]# 
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
#创建service  account并绑定默认cluster-admin管理员群集角色
kubectl create serviceaccount dashboard-admin -n kube-system  #创建用户
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin #用户授权
kubectl -n kube-system get serviceaccounts |grep dashboard #查看sa是否创建成功
kubectl -n kube-system create token dashboard-admin  --duration=518400s #创建用户Token
#一年365*24*60*60=31536000s 第一次token登录后有报错,请再次执行一次token就好了 
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6

浏览器打开ip:30001 由于我这是华为云服务器用的是公网IP https://114.115.160.33:30001/
在这里插入图片描述在这里插入图片描述在这里插入图片描述

九. 部署metrics服务

kubectl apply -f metrics-server.yaml 
  • 1
kubectl top nodes 
kubectl top pods
  • 1
  • 2
[root@master ~]# kubectl top nodes 
NAME     CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%   
master   170m         4%     2622Mi          33%       
[root@master ~]# kubectl top pods
NAME                     CPU(cores)   MEMORY(bytes)   
nginx-7854ff8877-gzw6r   0m           3Mi             
[root@master ~]# 
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7

到这里就安装完成了,可以去使用了

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/IT小白/article/detail/477654
推荐阅读
相关标签
  

闽ICP备14008679号