热门标签
热门文章
- 1【Github学生认证】_请确保您的学术隶属关系文档包含您的名字,与 github 帐单信息中显示的姓名完全相
- 2小白必看的全功能的Python测试框架教程(2)_assert info.get('实际结果') == info.get('预期结果')
- 3Ubuntu 配置Samba
- 4C语言——预处理指令
- 5中文分词入门:使用IK分词器进行文本分词(附Java代码示例)_java分词器
- 6Github Desktop 下载、安装、汉化和卸载(新手入门使用教程)_github desktop汉化
- 7Linux之DMA驱动详解(2)-sun6i-dma.c 驱动为例
- 8安全知识普及:远程办公,员工必须遵守的5大守则_远程办公员工四要
- 9MySQL基础知识(一)-超详细Windows系统安装MySQL详细教程_windows mysql
- 10【OceanBase】备份恢复简介_oceanbase备份恢复
当前位置: article > 正文
ubuntu 22.04 用containerd安装kubernetes_ubuntu 22.04.3 containerd
作者:花生_TL007 | 2024-05-21 06:36:34
赞
踩
ubuntu 22.04.3 containerd
所用软件包
操作系统 ubuntu 22.04
cri containerd v1.6.10
runc 1.1.4
cni 1.1.1
kubernetes v1.24.3
系统基础相关操作
配置时间同步
apt install ntpdate
ntpdate ntp.aliyun.com
echo '*/10 * * * * ntpdate ntp.aliyun.com' >>/var/spool/cron/crontabs/root
- 1
- 2
- 3
禁用swap
swapoff -a
- 1
注意: 该命令只能临时禁用.如果要永久性需要手动修改/etc/fstab文件,将里面swap相关的注释掉(加#号即可),否则重启系统会导致kubelet启动失败!
不管安装系统的时候有没有分swap,此处都要执行关闭和注释两个操作。因为即便安装的时候没有分配swap,也会分一个空间为0的swap分区,这会导致kubelet的启动失败!
示例:
root@gao:~# cat /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
# / was on /dev/ubuntu-vg/lv-0 during curtin installation
/dev/disk/by-id/dm-uuid-LVM-B5q50FVxIGr7M3ERUN3slAHlOuP4XayZSR84Q1AovBatQEYKiUxL8WG9meCehppz / xfs defaults 0 1
# /boot was on /dev/sda2 during curtin installation
/dev/disk/by-uuid/0185130f-11fc-48f7-a535-139f9e370c55 /boot ext4 defaults 0 1
#/swap.img none swap sw 0 0
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
修改进程数量等限制
echo '* soft nofile 65536
* hard nofile 131072
* soft nproc 4096
* hard nproc 4096'>>/etc/security/limits.conf
echo 'vm.max_map_count=655360' >>/etc/sysctl.conf
sysctl -p
- 1
- 2
- 3
- 4
- 5
- 6
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -w net.ipv4.ip_forward=1
- 1
- 2
# 加载br_netfilter 模块
sudo modprobe br_netfilter
# 检查
lsmod | grep br_netfilter
# 设置iptables查看流量
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
ipvs模式相关配置修改
# load module <module_name>
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
# linux 内核4.19上面的命令会报错 使用如下命令
modprobe -- nf_conntrack
# to check loaded modules, use
lsmod | grep -e ip_vs -e nf_conntrack_ipv4
# or
cut -f1 -d " " /proc/modules | grep -e ip_vs -e nf_conntrack_ipv4
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
组件安装
参考文档:
Getting started with containerd
containerd
下载页面: https://github.com/containerd/containerd/releases
下载较慢可使用迅雷尝试
安装containerd
tar Cxzvf /usr/local containerd-1.6.10-linux-amd64.tar.gz
curl https://raw.githubusercontent.com/containerd/containerd/main/containerd.service >/usr/lib/systemd/system/containerd.service
systemctl daemon-reload
systemctl enable --now containerd
- 1
- 2
- 3
- 4
生成配置
mkdir /etc/containerd
containerd config default >/etc/containerd/config.toml
- 1
- 2
修改配置
sandbox_image = "registry.k8s.io/pause:3.6"
# 值修改为
registry.aliyuncs.com/google_containers/pause:3.8
- 1
- 2
- 3
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] 下此值false修改为true
SystemdCgroup = true
- 1
最后重启服务使其生效
systemctl restart containerd.service
- 1
runc
下载页面: https://github.com/opencontainers/runc/releases
安装
install -m 755 runc.amd64 /usr/local/sbin/runc
- 1
cni
下载页面: https://github.com/containernetworking/plugins/releases
安装
mkdir -p /opt/cni/bin
tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.1.1.tgz
- 1
- 2
kubernetes安装
apt-get update && apt-get install -y apt-transport-https
- 1
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update
apt install apt-file && apt-file update
# 查看所有包
apt list kubeadm -a
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
安装指定版本k8s
apt install kubeadm=1.24.3-00 kubectl=1.24.3-00 kubelet=1.24.3-00
- 1
kubelet加入开机自启动
systemctl enable kubelet --now
- 1
初始化集群
导出配置
# 主节点声明变量
export KUBE_PROXY_MODE=ipvs
# 导出配置
kubeadm config print init-defaults >Kubernetes-cluster.yaml
- 1
- 2
- 3
- 4
打开
vim Kubernetes-cluster.yaml
- 1
apiVersion: kubeadm.k8s.io/v1beta3 bootstrapTokens: - groups: - system:bootstrappers:kubeadm:default-node-token token: abcdef.0123456789abcdef ttl: 24h0m0s usages: - signing - authentication kind: InitConfiguration localAPIEndpoint: # 将此处IP地址替换为主节点IP ETCD容器会试图通过此地址绑定端口 如果主机不存在则会失败 advertiseAddress: 10.0.0.11 bindPort: 6443 nodeRegistration: criSocket: /var/run/dockershim.sock imagePullPolicy: IfNotPresent name: node taints: null --- apiServer: timeoutForControlPlane: 4m0s apiVersion: kubeadm.k8s.io/v1beta3 certificatesDir: /etc/kubernetes/pki clusterName: kubernetes controllerManager: {} dns: {} etcd: local: dataDir: /var/lib/etcd # 修改镜像下载地址 imageRepository: registry.aliyuncs.com/google_containers kind: ClusterConfiguration kubernetesVersion: 1.23.0 networking: dnsDomain: cluster.local # 增加配置 指定pod网段 podSubnet: "10.244.0.0/16" serviceSubnet: 10.96.0.0/12 scheduler: {} # 增加 pod-network-cidr: '10.244.0.0/16' --- apiVersion: kubeproxy.config.k8s.io/v1alpha1 kind: KubeProxyConfiguration mode: ipvs --- kind: KubeletConfiguration apiVersion: kubelet.config.k8s.io/v1beta1 cgroupDriver: systemd
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
kubeadm init --config Kubernetes-cluster.yaml
- 1
添加命令补全
apt install bash-completion -y
echo "source <(kubectl completion bash)" >> ~/.bashrc
source .bashrc
- 1
- 2
- 3
导入网络
kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
- 1
其他注意点
containerd中镜像,容器这些都是区分名称空间的.如k8s会创建一个k8s.io的名称空间,所有的镜像和容器都是在这个名称空间下的,而命令访问默认的名称空间是查询不到任何东西的.
# 查看所有名称空间 root@gao:~# ctr ns ls NAME LABELS k8s.io # 指定名称空间查看所有容器 root@gao:~# ctr -n k8s.io c list c为指定操作对象类型为容器 可以写为c container containers CONTAINER IMAGE RUNTIME 03162d102a233ab1abc5c806f2c1373bacf5576195739af0e9d3a01e1ef5d696 docker.io/rancher/mirrored-flannelcni-flannel:v0.20.2 io.containerd.runc.v2 13bc61f93a4b1d10952f6c24f78d43879327b3b4c66cb000fbc19231d495f1aa registry.aliyuncs.com/google_containers/etcd:3.5.3-0 io.containerd.runc.v2 ...... # 指定名称空间查看所有镜像 i为指定操作对象类型为镜像 可以写为i image images root@gao:~# ctr -n k8s.io i list REF TYPE DIGEST SIZE PLATFORMS LABELS docker.io/rancher/mirrored-flannelcni-flannel-cni-plugin:v1.1.0 application/vnd.docker.distribution.manifest.list.v2+json sha256:28d3a6be9f450282bf42e4dad143d41da23e3d91f66f19c01ee7fd21fd17cb2b 3.6 MiB linux/amd64,linux/arm/v6,linux/arm64/v8,linux/s390x io.cri-containerd.image=managed docker.io/rancher/mirrored-flannelcni-flannel-cni-plugin@sha256:28d3a6be9f450282bf42e4dad143d41da23e3d91f66f19c01ee7fd21fd17cb2b application/vnd.docker.distribution.manifest.list.v2+json sha256:28d3a6be9f450282bf42e4dad143d41da23e3d91f66f19c01ee7fd21fd17cb2b 3.6 MiB linux/amd64,linux/arm/v6,linux/arm64/v8,linux/s390x io.cri-containerd.image=managed docker.io/rancher/mirrored-flannelcni-flannel:v0.20.2 application/vnd.docker.distribution.manifest.list.v2+json sha256:ec0f0b7430c8370c9f33fe76eb0392c1ad2ddf4ccaf2b9f43995cca6c94d3832 19.9 MiB linux/amd64,linux/arm/v6,linux/arm64/v8,linux/s390x io.cri-containerd.image=managed ......
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/花生_TL007/article/detail/601264
推荐阅读
相关标签
