CentOS8 搭建Kubernetes

主机名

IP

组件

k8s-master

192.168.40.128/24

kubeadm、kubelet、kubectl、docker-ce

k8s-node1

192.168.40.129/24

kubeadm、kubelet、kubectl、docker-ce

k8s-node2

192.168.40.130/24

kubeadm、kubelet、kubectl、docker-ce

系统:CentOS8

配置:master:8核,4G  node1:8核  2G  node1:8核  2G

网络环境:IPv6、IPv4、VPN

网络环境有VPN下文部分资源使用了官方源

1.更新软件包

[root@localhost ~]# dnf update

2.三台机器安装Docker

[root@localhost ~]# vim /etc/hosts

[root@localhost ~]# cat /etc/hosts

127.0.0.1  localhost localhost.localdomain localhost4 localhost4.localdomain4

::1        localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.40.128       k8s-master master

192.168.40.129       k8s-node1 node1

192.168.40.130       k8s-node2 node2

[root@localhost ~]# dnf install yum-utilsdevice-mapper-persistent-data lvm2

[root@localhost ~]# dnf remove docker \

                 docker-client \

                  docker-client-latest\

                 docker-common \

                 docker-latest \

                 docker-latest-logrotate \

                 docker-logrotate \

                 docker-engine

[root@localhost ~]# cd /etc/yum.repos.d/

[root@localhost~]# wget https://download.docker.com/linux/centos/docker-ce.repo

[root@localhost~]# dnf update

[root@localhost~]# dnf install docker-ce –nobest
 

3.开机自启docker并启动

[root@localhost~]# systemctl enable docker

[root@localhost~]# systemctl start docker

[root@localhost~]# systemctl status docker

●docker.service - Docker Application Container Engine

   Loaded: loaded(/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)

   Active: active (running) since Wed2019-12-18 10:25:46 EST; 6s ago

     Docs: https://docs.docker.com

 Main PID: 73169 (dockerd)

    Tasks: 32 (limit: 5935)

   Memory: 105.9M

   CGroup: /system.slice/docker.service

           ├─73169 /usr/bin/dockerd

           └─73180 docker-containerd --config/var/run/docker/containerd/containerd.toml

4.配置内核参数

[root@localhost~]# vim /etc/sysctl.d/k8s.conf

[root@localhost~]# cat /etc/sysctl.d/k8s.conf

net.bridge.bridge-nf-call-ip6tables= 1

net.bridge.bridge-nf-call-iptables= 1

net.ipv4.ip_nonlocal_bind= 1

net.ipv4.ip_forward= 1

vm.swappiness=0

[root@localhost~]# sysctl –system

5.添加必要内核模块

[root@localhost~]# vim /etc/sysconfig/modules/ipvs.modules

[root@localhost~]# cat /etc/sysconfig/modules/ipvs.modules

#!/bin/bash

modprobe-- ip_vs

modprobe-- ip_vs_rr

modprobe-- ip_vs_wrr

modprobe-- ip_vs_sh

modprobe-- nf_conntrack_ipv4

[root@localhost~]# chmod +x /etc/sysconfig/modules/ipvs.modules

[root@localhost~]# ./etc/sysconfig/modules/ipvs.modules

-bash:./etc/sysconfig/modules/ipvs.modules: 没有那个文件或目录

[root@localhost~]# /etc/sysconfig/modules/ipvs.modules

6添加kubeadm的yum源

[root@localhost~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo

>[kubernetes]

>name=Kubernetes

>baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64

>enabled=1

>gpgcheck=1

>repo_gpgcheck=1

>gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpghttps://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

>exclude=kube*

> EOF

7.配置master节点

[root@localhost~]# cd /etc/yum.repos.d/

[root@localhost~]# mv docker-ce.repo{,.back}

[root@localhost~]# dnf update –nobest

[root@localhost~]# dnf install ipvsadm

[root@localhost~]# yum install -y kubelet kubeadm kubectl --disableexcludes=Kubernetes

[root@localhost~]# systemctl enable kubelet && systemctl start kubelet

[root@localhost~]# kubeadm config print init-defaults > kubeadm-init.yaml
[root@localhost~]# vim kubeadm-init.yaml

[root@localhost~]# cat kubeadm-init.yaml

apiVersion:kubeadm.k8s.io/v1beta2

bootstrapTokens:

-groups:

  -system:bootstrappers:kubeadm:default-node-token

  token: abcdef.0123456789abcdef

  ttl: 24h0m0s

  usages:

  - signing

  - authentication

kind:InitConfiguration

localAPIEndpoint:

  advertiseAddress: 1.2.3.4

  bindPort: 6443

nodeRegistration:

  criSocket: /var/run/dockershim.sock

  name: localhost.localdomain

  taints:

  - effect: NoSchedule

    key: node-role.kubernetes.io/master

---

apiServer:

  timeoutForControlPlane: 4m0s

apiVersion:kubeadm.k8s.io/v1beta2

certificatesDir:/etc/kubernetes/pki

clusterName:kubernetes

controllerManager:{}

dns:

  type: CoreDNS

etcd:

  local:

    dataDir: /var/lib/etcd

imageRepository:k8s.gcr.io

kind:ClusterConfiguration

kubernetesVersion:v1.17.0

networking:

  dnsDomain: cluster.local

  serviceSubnet: 10.96.0.0/12

scheduler:{}

[root@localhost~]# vim kubeadm-init.yaml

[root@localhost~]# cat kubeadm-init.yaml

apiVersion:kubeadm.k8s.io/v1beta2

bootstrapTokens:

-groups:

  -system:bootstrappers:kubeadm:default-node-token

  token: abcdef.0123456789abcdef

  ttl: 24h0m0s

  usages:

  - signing

  - authentication

kind:InitConfiguration

localAPIEndpoint:

  advertiseAddress: 192.168.40.128

  bindPort: 6443

nodeRegistration:

  criSocket: /var/run/dockershim.sock

  name: localhost.localdomain

  taints:

  - effect: NoSchedule

    key: node-role.kubernetes.io/master

---

apiServer:

  timeoutForControlPlane: 4m0s

apiVersion:kubeadm.k8s.io/v1beta2

certificatesDir:/etc/kubernetes/pki

clusterName:kubernetes

controllerManager:{}

dns:

  type: CoreDNS

etcd:

  local:

    dataDir: /var/lib/etcd

imageRepository:k8s.gcr.io

kind:ClusterConfiguration

kubernetesVersion:v1.17.0

networking:

  dnsDomain: cluster.local

  serviceSubnet: 10.96.0.0/12

scheduler:{}

---

apiVersion:kubeproxy.config.k8s.io/v1alpha1

kind:KubeProxyConfiguration

mode:"ipvs"

8.拉取镜像

[root@localhost~]# kubeadm config images pull --config kubeadm-init.yaml

W121810:48:44.641505   75319 validation.go:28]Cannot validate kube-proxy config - no validator is available

W121810:48:44.641691   75319 validation.go:28]Cannot validate kubelet config - no validator is available

[config/images]Pulled k8s.gcr.io/kube-apiserver:v1.17.0

[config/images]Pulled k8s.gcr.io/kube-controller-manager:v1.17.0

[config/images]Pulled k8s.gcr.io/kube-scheduler:v1.17.0

[config/images]Pulled k8s.gcr.io/kube-proxy:v1.17.0

[config/images]Pulled k8s.gcr.io/pause:3.1

[config/images]Pulled k8s.gcr.io/etcd:3.4.3-0

[config/images]Pulled k8s.gcr.io/coredns:1.6.5
 
[root@localhost~]# docker image ls

REPOSITORY                           TAG                 IMAGE ID            CREATED             SIZE

k8s.gcr.io/kube-proxy                v1.17.0             7d54289267dc        10 days ago         116MB

k8s.gcr.io/kube-apiserver            v1.17.0             0cae8d5cc64c        10 days ago         171MB

k8s.gcr.io/kube-controller-manager   v1.17.0             5eb3b7486872        10 days ago         161MB

k8s.gcr.io/kube-scheduler            v1.17.0             78c190f736b1        10 days ago         94.4MB

k8s.gcr.io/coredns                   1.6.5               70f311871ae1        6 weeks ago         41.6MB

k8s.gcr.io/etcd                      3.4.3-0             303ce5db0e90        7 weeks ago         288MB

k8s.gcr.io/pause                    3.1                 da86e6ba6ca1        24 months ago       742kB

9.添加开机自启并启动kublet

[root@localhost~]# systemctl enable kubelet

[root@localhost~]# systemctl start kubelet

# Kubelet无法启动可能是您的交换分区没有关闭

[root@localhost~]# swapoff -a

10.初始化master节点

[root@localhost~]# kubeadm init --pod-network-cidr=10.244.0.0/16

YourKubernetes control-plane has initialized successfully!

To startusing your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube

  sudo cp -i /etc/kubernetes/admin.conf$HOME/.kube/config

  sudo chown $(id -u):$(id -g)$HOME/.kube/config

Youshould now deploy a pod network to the cluster.

Run"kubectl apply -f [podnetwork].yaml" with one of the options listedat:

 https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then youcan join any number of worker nodes by running the following on each as root:

kubeadmjoin 192.168.40.128:6443 --token eitxr6.l7que99ui33phdts \

--discovery-token-ca-cert-hashsha256:2b65bf29e32c1906391b66796f3cd5cf79bce239b43ff82fefb73ace984ac294

11.根据提示准备kubeconfig配置文件

[root@localhost ~]# mkdir -p $HOME/.kube

[root@localhost ~]# sudo cp -i /etc/kubernetes/admin.conf$HOME/.kube/config

[root@localhost ~]#  sudochown $(id -u):$(id -g) $HOME/.kube/config

12.查看master的组件是否正常

[root@localhost ~]# kubectl get cs

NAME                STATUS    MESSAGE             ERROR

scheduler           Healthy   ok

controller-manager  Healthy   ok

etcd-0               Healthy   {"health":"true"}

[root@localhost ~]# kubectl get pods -A

NAMESPACE     NAME                                           READY   STATUS    RESTARTS  AGE

kube-system  coredns-6955765f44-q42ch                        1/1     Running  0          3m11s

kube-system  coredns-6955765f44-xld2q                        1/1     Running  0          3m11s

kube-system  etcd-localhost.localdomain                      1/1     Running  0          3m27s

kube-system  kube-apiserver-localhost.localdomain           1/1     Running  0          3m27s

kube-system  kube-controller-manager-localhost.localdomain   1/1    Running   0          3m27s

kube-system  kube-proxy-zb4dq                                1/1     Running  0          3m11s

kube-system   kube-scheduler-localhost.localdomain            1/1     Running  0          3m26s

[root@localhost ~]# kubectl get nodes

NAME                   STATUS   ROLES    AGE    VERSION

localhost.localdomain  Ready    master   4m38s  v1.17.0

13.配置俩台node节点

这行是在master节点初始化完成后提示的

[root@localhost ~]# kubeadm join 192.168.40.128:6443 --tokeneitxr6.l7que99ui33phdts \

>    --discovery-token-ca-cert-hashsha256:2b65bf29e32c1906391b66796f3cd5cf79bce239b43ff82fefb73ace984ac294
W1218 23:48:20.344418    4134join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will beignored when control-plane flag is not set.

[preflight] Running pre-flight checks

       [WARNINGIsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroupdriver. The recommended driver is "systemd". Please follow the guideat https://kubernetes.io/docs/setup/cri/

       [WARNINGService-Kubelet]: kubelet service is not enabled, please run 'systemctl enablekubelet.service'

[preflight] Reading configuration from the cluster...

[preflight] FYI: You can look at this config file with 'kubectl -nkube-system get cm kubeadm-config -oyaml'

[kubelet-start] Downloading configuration for the kubelet from the"kubelet-config-1.17" ConfigMap in the kube-system namespace

[kubelet-start] Writing kubelet configuration to file"/var/lib/kubelet/config.yaml"

[kubelet-start] Writing kubelet environment file with flags to file"/var/lib/kubelet/kubeadm-flags.env"

[kubelet-start] Starting the kubelet

[kubelet-start] Waiting for the kubelet to perform the TLSBootstrap...

This node has joined the cluster:

* Certificate signing request was sent to apiserver and a responsewas received.

* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node jointhe cluster.

在master节点插看是否有子节点的信息

[root@localhost ~]# kubectl get nodes

微信扫一扫
关注该公众号

CentOS8 搭建Kubernetes的更多相关文章

  1. Kubeadm搭建kubernetes集群

    Kubeadm搭建kubernetes集群 环境说明 | 角色 | ip | 操作系统 |组件 | | – | – | – | | master | 192.168.203.100 |centos8 ...

  2. 使用Kubeadm(1.13+)快速搭建Kubernetes集群

    Kubeadm是管理集群生命周期的重要工具,从创建到配置再到升级,Kubeadm处理现有硬件上的生产集群的引导,并以最佳实践方式配置核心Kubernetes组件,以便为新节点提供安全而简单的连接流程并 ...

  3. 15分钟在笔记本上搭建 Kubernetes + Istio开发环境

    11月13~15日,KubeCon 上海大会召开,云原生是这个秋天最火热的技术.很多同学来问如何上手 Kubernetes和Istio 服务网格开发.本文将帮助你利用Docker CE桌面版,15分钟 ...

  4. 使用Kubeadm搭建Kubernetes(1.12.2)集群

    Kubeadm是Kubernetes官方提供的用于快速安装Kubernetes集群的工具,伴随Kubernetes每个版本的发布都会同步更新,在2018年将进入GA状态,说明离生产环境中使用的距离越来 ...

  5. 二进制搭建kubernetes多master集群【四、配置k8s node】

    上一篇我们部署了kubernetes的master集群,参考:二进制搭建kubernetes多master集群[三.配置k8s master及高可用] 本文在以下主机上操作部署k8s node k8s ...

  6. 二进制搭建kubernetes多master集群【三、配置k8s master及高可用】

    前面两篇文章已经配置好了etcd和flannel的网络,现在开始配置k8s master集群. etcd集群配置参考:二进制搭建kubernetes多master集群[一.使用TLS证书搭建etcd集 ...

  7. 二进制搭建kubernetes多master集群【二、配置flannel网络】

    上一篇我们已经搭建etcd高可用集群,参考:二进制搭建kubernetes多master集群[一.使用TLS证书搭建etcd集群] 此文将搭建flannel网络,目的使跨主机的docker能够互相通信 ...

  8. 二进制搭建kubernetes多master集群【一、使用TLS证书搭建etcd集群】

    上一篇我们介绍了kubernetes集群架构以及系统参数配置,参考:二进制搭建kubernetes多master集群[开篇.集群环境和功能介绍] 下面本文etcd集群才用三台centos7.5搭建完成 ...

  9. 二进制搭建kubernetes多master集群【开篇、集群环境和功能介绍】

    本文主要说明kubernetes集群使用组建的版本和功能介绍.. 一.组件版本 Kubernetes 1.12.3 Docker 18.06.1-ce Etcd 3.3.10 Flanneld 0.1 ...

  10. kubeadm搭建kubernetes集群之三:加入node节点

    在上一章<kubeadm搭建kubernetes集群之二:创建master节点>的实战中,我们把kubernetes的master节点搭建好了,本章我们将加入node节点,使得整个环境可以 ...

随机推荐

  1. Debug --> 攻击方式

    1.CSRF攻击概述: CSRF(Cross Site Request Forgery, 跨站域请求伪造)是一种网络的攻击方式,它在 2007 年曾被列为互联网 20 大安全隐患之一. CSRF攻击原 ...

  2. Tomcat启动—本地文件夹

    打开tomcat文件夹 打开bin目录 在路径这里输入cmd 就可以直接跳转到当前页面下 接下来我们在cmd命令中启动startup.bat (记得设置java环境变量) 这里我没设置utf-8 我无 ...

  3. RSA模数N因式分解

    模数N: 76190944763750744276324637081713604133996627079343036558766297773626553110133339218840357338899 ...

  4. 前端实现文件上传——angular版本+ant design

    html代码 <nz-upload *ngIf="uploadParams.parserTypeId==3 || uploadParams.parserTypeId==4" ...

  5. NOIP2013普及组

    T1]记数问题 试计算在区间1 到n 的所有整数中,数字x(0 ≤ x ≤ 9)共出现了多少次?例如,在1到11 中,即在1.2.3.4.5.6.7.8.9.10.11中,数字1 出现了4 次. 其实 ...

  6. vite+vue3使用unplugin-auto-import 无需手动引入api!

    近期了解到unplugin-auto-import这个插件 用途是无需每个组件内重复的引入vue vue-router等内置方法 下面举个例子 <script setup> import ...

  7. logstash从MySQL导入数据到ES

    下载安装 一定要对应ES版本(5.x,6.x,7.x) win下不用安装解压即用 , 解压目录不能带有空格和中文 , 否则会有奇奇怪怪的报错无法运行 win下要给logstash文件夹赋予管理员权限 ...

  8. 转发 关于Windows安装解压版MySQL出现服务正在启动-服务无法启动的问题

    部分转自 :https://blog.csdn.net/u013901768/article/details/80707307 我是从服务器上复制了mysql的整个目录,到本地,然后怎么也不好用,看了 ...

  9. 静态类型和动态类型VS强类型和弱类型

    强类型语言和静态类型语言有什么区别? 静态类型的语言具有类型系统,该类型系统在实现时由实现(编译器或解释器)检查.类型检查拒绝某些程序,并且通过检查的程序通常带有一些保证.例如,编译器保证不对浮点数使 ...

  10. 5G如何加速无人快递?5G智能网关新应用

    网上购物已经是现代生活的主流消费方式之一,伴随网购的繁荣,物流快递行业也进入到一个最火热的时期.而在这之中,有限的快递配送能力和日益增长的配送需求的矛盾持续凸显,因此无人快递车一类的创新应用也应运而生 ...