部署K8S
部署目标
- 在所有节点上安装Docker和kubeadm
- 部署Kubernetes Master
- 部署容器网络插件
部署架构
| ip | 域名 | 备注 | 安装软件 |
|---|---|---|---|
| 192.168.31.101 | master | 主节点 | Docker Kubeadm kubelet kubectl flannel |
| 192.168.31.102 | node1 | 从节点 1 | Docker Kubeadm kubelet kubectl |
| 192.168.31.103 | node2 | 从节点 2 | Docker Kubeadm kubelet kubectl |
环境准备
- 3台虚拟机CentOS7.x-86_x64
- 硬件配置:2GB或更多RAM,2个CPU或更多CPU,硬盘30GB或更多
- 集群中所有机器之间网络互通
- 可以访问外网,需要拉取镜像
- 禁止swap分区
域名解析
[root@master ~]# vi /etc/hosts
192.168.31.101 master
192.168.31.102 node1
192.168.31.103 node2
设置域名解析服务器
[root@master ~]# vim /etc/resolv.conf
nameserver 114.114.114.114
更换CentOS YUM源为阿里云yum源
# 安装wget(有则不必安装)
yum install wget -y
# 备份
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
# 获取阿里云yum源
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
# 获取阿里云epel源
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
# 清理缓存并创建新的缓存
yum clean all && yum makecache
# 系统更新
yum update -y
时间同步
ntpdate ntp1.aliyun.com
关闭防火墙
[root@master ~]# systemctl stop firewalld
[root@master ~]# systemctl disable firewalld
关闭selinux
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
关闭swap分区
swapoff -a
vi /etc/fstab
设置主机名
hostnamectl set-hostname master
hostnamectl set-hostname node1
hostnamectl set-hostname node2
安装docker
# 安装 Docker CE
# 设置仓库
# 安装所需包
yum install -y yum-utils \
device-mapper-persistent-data \
lvm2
# 新增 Docker 仓库,速度慢的可以换阿里云的源。
yum-config-manager \
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
https://download.docker.com/linux/centos/docker-ce.repo
# 阿里云源地址
# http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 安装 Docker CE.
yum install -y containerd.io-1.2.10 \
docker-ce-19.03.4 \
docker-ce-cli-19.03.4
# 启动 Docker 并添加开机启动
systemctl start docker
systemctl enable docker
配置docker镜像加速
mkdir /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["https://registry.cn-hangzhou.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
mkdir -p /etc/systemd/system/docker.service.d
# Restart docker.
systemctl daemon-reload
systemctl restart docker
配置Docker, K8S的阿里云yum源
[root@master ~]# cat >>/etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
[root@master ~]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
[root@master ~]# yum clean all
[root@master ~]# yum repolist
Master节点安装kubeadm
#安装
yum install -y kubeadm-1.19.2 kubectl-1.19.2 kubelet-1.19.2
# 启动
systemctl enable kubelet && systemctl start kubelet
初始化主节点
kubeadm init --kubernetes-version=1.19.2 \
--apiserver-advertise-address=192.168.31.101 \
--image-repository registry.aliyuncs.com/google_containers \
--service-cidr=10.1.0.0/16 \
--pod-network-cidr=10.244.0.0/16
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubeadm join 192.168.31.101:6443 --token z11pq3.jw48bvg0z7hui7um \
--discovery-token-ca-cert-hash sha256:3b5430a1b458663ec88c0e59f5b3c16d3683809994a7c3f9c2ffd353cc145054
配置环境变量
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
安装flannel网络插件
[root@master software]# kubectl apply -f flannel.yaml
[root@master software]# kubectl get po -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-6d56c8448f-7bvbp 1/1 Running 0 10m
coredns-6d56c8448f-jwkb4 1/1 Running 0 10m
etcd-master 1/1 Running 0 11m
kube-apiserver-master 1/1 Running 0 11m
kube-controller-manager-master 1/1 Running 0 11m
kube-flannel-ds-kqgwb 1/1 Running 0 30s
kube-proxy-nwtsm 1/1 Running 0 10m
kube-scheduler-master 1/1 Running 0 11m
[root@master software]# kubectl get node
NAME STATUS ROLES AGE VERSION
master Ready master 12m v1.19.2
安装Node节点
#安装
yum install -y kubeadm-1.19.2 kubectl-1.19.2 kubelet-1.19.2
# 启动
systemctl enable kubelet && systemctl start kubelet
# 主节点生成token
[root@master software]# kubeadm token create --print-join-command
kubeadm join 192.168.31.101:6443 --token bfg2ea.e0oapuae71wuzsbi --discovery-token-ca-cert-hash sha256:3b5430a1b458663ec88c0e59f5b3c16d3683809994a7c3f9c2ffd353cc145054
# 从节点加入
kubeadm join 192.168.31.101:6443 --token bfg2ea.e0oapuae71wuzsbi --discovery-token-ca-cert-hash sha256:3b5430a1b458663ec88c0e59f5b3c16d3683809994a7c3f9c2ffd353cc145054
# 将 master 节点的 admin.conf 拷贝到 node1
scp /etc/kubernetes/admin.conf root@node1:/etc/kubernetes/
# 配置 Kubeconfig 环境变量
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
source ~/.bash_profile
# 安装 flannel 网络插件
kubectl apply -f flannel.yaml
# 查看集群状态在master节点上
kubectl get nodes