首页
k8s安装部署 (一) 基础环境

一、 环境准备

1.1 环境信息

系统及软件版本

系统发型版:CentOS-7.3.1611
内核版本:3.10.0-1160.83.1.el7
systemd版本:219-78.el7_9.7
k8s版本:1.24.8-0

1.2 关闭 selinux 和防火墙

关闭防火墙

systemctl stop firewalld
systemctl disable firewalld

禁用SELinux

setenforce 0
sed -i 's/^SELINUX=.*$/SELINUX=disabled/' /etc/selinux/config

1.3 设置yum源

配置 kubernetes源 vi /etc/yum.repos.d/kubernetes.repo

[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
       http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

配置docker-ce源 vi /etc/yum.repos.d/docker-ce.repo

[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/$releasever/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg


1.4 配置需要加载的内核模块

tee /etc/modules-load.d/k8s.conf  <<-EOF
overlay
br_netfilter
EOF

1.5 系统参数优化

/etc/sysctl.conf 中添加以下配置

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
net.ipv4.tcp_tw_recycle=0
vm.swappiness=0
vm.overcommit_memory=1
vm.panic_on_oom=0
fs.inotify.max_user_instances=8192
fs.inotify.max_user_watches=1048576
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720  
EOF

sysctl --system

cat > /etc/sysctl.conf << EOF
net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1
EOF

modprobe br_netfilter
sysctl -p

关闭交换分区

swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab

1.6 设置主机名

hostnamectl set-hostname k8s-50

cat >> /etc/hosts << EOF
192.168.113.50 k8s-50
EOF

1.7 重启节点使得所有配置都生效

reboot

二、安装K8S

2.1 更新systemd,安装kubeadm、kubectl、kubelet、containerd

yum clean all && yum makecache
yum -y install systemd
yum -y install containerd.io kubeadm-1.24.8-0 kubelet-1.24.8-0 kubectl-1.24.8-0
systemctl enable kubelet && systemctl start kubelet
systemctl enable containerd && systemctl start containerd

初始化containerd配置并设置开机自启

cp /etc/containerd/config.toml /etc/containerd/config.toml.bak
containerd config default > /etc/containerd/config.toml
sed -i "s#registry.k8s.io/pause#registry.aliyuncs.com/google_containers/pause#g" /etc/containerd/config.toml
systemctl restart containerd

2.2 初始化集群

2.2.1 初始化Master

选择一台机器执行如下命令

kubeadm init --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=v1.24.8 --apiserver-advertise-address=192.168.113.50 --pod-network-cidr=10.1.0.0/16

初始化完成之后会有如下提示,按照提示中的步骤将admin.conf拷贝到/.kube/config即可。

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.113.50:6443 --token o3vb1e.ggqndwhq2nr79b6a \
	--discovery-token-ca-cert-hash sha256:460462c9956839669c52a68571a7b9df6679e182a2786fcccf201c2fed20cadb

根据提示:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config
  export KUBECONFIG=/etc/kubernetes/admin.conf

2.2.2 加入Node节点

如果想部署但节点,可以忽略本步骤。

使用初始完成时输出的提示进行操作,在待添加节点上执行kubeadm join

kubeadm join 192.168.113.50:6443 --token o3vb1e.ggqndwhq2nr79b6a \
	--discovery-token-ca-cert-hash sha256:460462c9956839669c52a68571a7b9df6679e182a2786fcccf201c2fed20cadb
	
#为了让node节点也能执行kubectl命令
echo "export KUBECONFIG=/etc/kubernetes/kubelet.conf" >> /etc/profile
source /etc/profile

添加完成之后再次使用kubectl get nodes 查看所有节点是否Ready

三、安装网络插件

此时集群中coredns节点都还处于Pending状态

[root@k8s-50 ~]# kubectl get pod -A
NAMESPACE     NAME                             READY   STATUS    RESTARTS   AGE
kube-system   coredns-74586cf9b6-56mcm         0/1     Pending   0          25s
kube-system   coredns-74586cf9b6-rp4xr         0/1     Pending   0          25s
kube-system   etcd-k8s-50                      1/1     Running   0          38s
kube-system   kube-apiserver-k8s-50            1/1     Running   0          37s
kube-system   kube-controller-manager-k8s-50   1/1     Running   1          38s
kube-system   kube-proxy-zr9sg                 1/1     Running   0          25s
kube-system   kube-scheduler-k8s-50            1/1     Running   1          38s

网络插件安装方法见后续网络安装文档。