双12弄了两台腾讯云和百度云机器,组建k8s集群时需要服务器间组成内网环境;
在服务器组成内网后就可以安装kubernets集群了
因只是自己实验需要,所以服务器使用openxxx跨云组建的内网,各位在安装的时候建议还是使用同一内网环境,并使用2v4G以上服务器推介配置
大家的系统环境及各种安装包尽量使用同一个版本
1,服务器环境:
软件版本 Kubernetes v1.17.0 Docker version 19.03.5
master:
腾讯云1V2g,CentOS Linux release 7.5.1804 (Core)
公网IP:x.x.x.x
内网IP:172.16.10.9
局域网IP:100.100.100.1
hostname:shiji.com
node1:
百度云1v2g,CentOS Linux release 7.6.1810 (Core)
公网IP:x.x.x.x
内网IP:172.16.0.4
局域网IP:100.100.100.3
hostname:node1
2,每个master和node节点上执行下列操作
配置系统环境
# 关闭 防火墙
systemctl stop firewalld
systemctl disable firewalld
# 关闭 SeLinux
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
# 关闭 swap
swapoff -a
# 修改 /etc/sysctl.conf
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf ####开启路由转发 echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
# 生效sysctl -p
安装工具
必须先安装 nfs-utils 才能挂载 nfs 网络存储 #yum install -y nfs-utils #yum install -y wget
配置阿里docker源
# step 1: 安装必要的一些系统工具 yum install -y yum-utils device-mapper-persistent-data lvm2 # Step 2: 添加软件源信息 yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo # Step 3: 更新 yum makecache fast
安装docker-ce,docker-ce-cli
#yum install -y docker-cedocker-ce-cl #systemctl enable docker #systemctl start docker
查看docker版本#docker --version Docker version 19.03.5, build 633a0ea
配置阿里k8s源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
安装组件
# yum install -y kubelet kubeadm kubectl # systemctl enable kubelet && systemctl start kubelet 备注:此时kubelet启动失败 必须完成后面初始化操作后才可以启动
配置镜像加速
#vim /etc/docker/daemon.json { "registry-mirrors": ["https://xxxxxx.mirror.aliyuncs.com"] } 这里是去阿里云申请的镜像加速地址
修改docker服务管理方式为systemd
sed -i "s#^ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd#g" /usr/lib/systemd/system/docker.service这步可以不做,如果没有修改,集群在初始化和worker节点加入的时候会爆出警告信息
把master的内网ip,设置个本地解析添加到hosts文件,并设置个节点hostname解析
echo "100.100.100.1 apiserver.shiji" >> /etc/hosts ####注意这里不要用hostname
3,master初始化,仅在master节点操作
设置初始化配置文件
cat <<EOF > ./kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: v1.17.0
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
controlPlaneEndpoint: "apiserver.shiji:6443"
networking:
serviceSubnet: "10.20.0.0/16"
podSubnet: "10.10.0.1/16"
dnsDomain: "cluster.local"
EOF
注意对应参数,查看完整配置选项 https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta2
kubernetesVersion 集群版本, 使用 kubelet --version查看
controlPlaneEndpoint
serviceSubnet service网段
podSubnet pod网段
初始化集群,这里因为我的服务器cpu只有1核 所以忽略掉了cpu数量检测
kubeadm init --config=kubeadm-config.yaml --upload-certs --ignore-preflight-errors=NumCPU
初始化成功后会有相关后续信息及相关操作
To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ You can now join any number of the control-plane node running the following command on each as root: kubeadm join apiserver.shiji:6443 --token pcubw3.uirtjhun4jau2hep --discovery-token-ca-cert-hash sha256:4d40d0c79a56f0dc89a53547ecd1f320d903890046cd08c7c378fdaa9328c20f --control-plane --certificate-key fbc40ce4548734ced1fcac892ef2ec70719816813783f#################### Please note that the certificate-key gives access to cluster sensitive data, keep it secret! As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use "kubeadm init phase upload-certs --upload-certs" to reload certs afterward. Then you can join any number of worker nodes by running the following on each as root: kubeadm join apiserver.shiji:6443 --token pcubw3.uirtjhun4jau2hep --discovery-token-ca-cert-hash sha256:4d40d0c79a56f0dc89a53547ecd1f320d903890046#################
完成master节点后续操作
# 配置 kubectl mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config #安装calico网络插件 wget https://docs.projectcalico.org/v3.9/manifests/calico.yaml sed -i "s#192\.168\.0\.0/16#${POD_SUBNET}#" calico-3.9.2.yaml kubectl apply -f calico.yaml calico官方文档https://docs.projectcalico.org/v3.9/getting-started/kubernetes/关于几种网络插件的区别http://dockone.io/article/8722
# 执行如下命令,等待 3-10 分钟,直到所有的容器组处于 Running 状态
watch kubectl get pod -n kube-system -o wide
4,worker节点加入集群
kubeadm join apiserver.shiji:6443 --token pcubw3.uirtjhun4jau2hep --discovery-token-ca-cert-hash sha256:4d40d0c79a56f0dc89a53547ecd1f320d903890046#################
5,master上查看各节点状态
kubectl get nodes -o wide
原文地址:https://www.cnblogs.com/shiji888/p/12126264.html