Kubernetes(K8s)入门到实践(三)----Kubernetes Centos7集群安装

目录

Kubernetes(K8s)入门到实践(一)----Kubernetes入门
Kubernetes(K8s)入门到实践(二)----Kubernetes的基本概念和术语
Kubernetes(K8s)入门到实践(三)----Kubernetes Centos7集群安装

系统初始化

安装Kubernetes对软件和硬件的系统要求：

1、安装 k8s 的节点必须是大于 1 核心的 CPU
2、 建议三台虚拟机内存都是2G及以上

修改主机名

hostnamectl set-hostname k8s-master01
hostnamectl set-hostname k8s-node01
hostnamectl set-hostname k8s-node02

修改主机映射

192.168.0.50 k8s-master01
192.168.0.51 k8s-node01
192.168.0.52 k8s-node02

安装依赖包

yum install -y conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget vim net-tools git

设置防火墙为 Iptables 并设置空规则

systemctl  stop firewalld  &&  systemctl  disable firewalld
yum -y install iptables-services  &&  systemctl  start iptables  &&  systemctl  enable iptables&&  iptables -F  &&  service iptables save

关闭 SELINUX

swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config

调整优化内核参数，对于 K8S

vim /etc/sysctl.d/kubernetes.conf

net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
net.ipv4.tcp_tw_recycle=0
vm.swappiness=0 # 禁止使用 swap 空间，只有当系统 OOM 时才允许使用它
vm.overcommit_memory=1 # 不检查物理内存是否够用
vm.panic_on_oom=0 # 开启 OOM
fs.inotify.max_user_instances=8192
fs.inotify.max_user_watches=1048576
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720

sysctl -p /etc/sysctl.d/kubernetes.conf

调整系统时区

systemctl restart rsyslog
systemctl restart crond

设置 rsyslogd 和 systemd journald

mkdir /var/log/journal
mkdir /etc/systemd/journald.conf.d
vim /etc/systemd/journald.conf.d/99-prophet.conf

[Journal]
# 持久化保存到磁盘
Storage=persistent
# 压缩历史日志Compress=yes
SyncIntervalSec=5mRateLimitInterval=30sRateLimitBurst=1000
# 最大占用空间 10GSystemMaxUse=10G
# 单日志文件最大 200MSystemMaxFileSize=200M

# 日志保存时间 2 周
MaxRetentionSec=2week

# 不将日志转发到 syslog
ForwardToSyslog=no

systemctl restart systemd-journald

关闭系统不需要服务

systemctl stop postfix && systemctl disable postfix

升级系统内核为 4.44

CentOS 7.x 系统自带的 3.10.x 内核存在一些 Bugs，导致运行的 Docker、Kubernetes 不稳定

rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
# 安装完成后检查 /boot/grub2/grub.cfg 中对应内核 menuentry 中是否包含 initrd16 配置，如果没有，再安装一次！
yum --enablerepo=elrepo-kernel install -y kernel-lt
# 设置开机从新内核启动
grub2-set-default 'CentOS Linux (4.4.189-1.el7.elrepo.x86_64) 7 (Core)'

重启检查内核:

[root@k8s-master01 ~]# uname -r
4.4.218-1.el7.elrepo.x86_64
[root@k8s-master01 ~]# 

Kubeadm

vim /etc/sysconfig/modules/ipvs.modules

#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4

chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules &&lsmod | grep -e ip_vs -e nf_conntrack_ipv4

Docker

yum install -y yum-utils device-mapper-persistent-data lvm2

yum-config-manager \
--add-repo \  
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

yum update -y && yum install -y docker-ce

# 这里安装完docker以后重启系统发现系统内核重新变回3.10,所以我们需要让内核变回4.4版本

重启选择

# 启动docker
systemctl start docker && systemctl enable docker 
## 创建 /etc/docker 目录
mkdir /etc/docker
# 配置 daemon.json
vim /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
	"max-size": "100m"
  }
}

mkdir -p /etc/systemd/system/docker.service.d
# 重启docker服务
systemctl daemon-reload && systemctl restart docker && systemctl enable docker

安装 Kubeadm （主从配置）

加入主节点以及其余工作节点

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
        http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

yum -y  install  kubeadm-1.15.1 kubectl-1.15.1 kubelet-1.15.1
systemctl enable kubelet.service

由于镜像在谷歌云中，需要科学上网才可以下载，这里直接使用离线镜像导入

tar -zxvf kubeadm-basic.images.tar.gz

vim load-images.sh
#!/bin/bash

ls /root/kubeadm-basic.images > /tmp/image-list.txt

cd /root/kubeadm-basic.images

for i in $( cat /tmp/image-list.txt)
do
        docker load -i $i
done

rm -rf /tmp/image-list.txt

chmod a+x load-images.sh
./load-images.sh

其他两个结点也要这样操作

kubeadm config print init-defaults > kubeadm-config.yaml

localAPIEndpoint:
        advertiseAddress: 192.168.66.10
kubernetesVersion: v1.15.1
networking:      
        podSubnet: "10.244.0.0/16"      
        serviceSubnet: 10.96.0.0/12
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1    
kind: KubeProxyConfiguration    
featureGates:      
	SupportIPVSProxyMode: true    
mode: ipvs

kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log

部署网络

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

目前master处于NotReady状态

[root@k8s-master01 ~]# kubectl get node
NAME           STATUS     ROLES    AGE   VERSION
k8s-master01   NotReady   master   19m   v1.15.1

将核心文件移入新建文件夹install-k8s中, 方便管理

扫描二维码关注公众号，回复： 10494290 查看本文章

[root@k8s-master01 ~]# mkdir install-k8s
[root@k8s-master01 ~]# mv kubeadm-
kubeadm-basic.images/        kubeadm-config.yaml          
kubeadm-basic.images.tar.gz  kubeadm-init.log             
[root@k8s-master01 ~]# mv kubeadm-config.yaml kubeadm-init.log install-k8s/
[root@k8s-master01 ~]# cd install-k8s/
[root@k8s-master01 install-k8s]# mkdir core
[root@k8s-master01 install-k8s]# mv * core/
mv: 无法将目录"core" 移动至自身的子目录"core/core" 下
[root@k8s-master01 install-k8s]# ls
core
[root@k8s-master01 install-k8s]# mkdir plugin
[root@k8s-master01 install-k8s]# cd plugin/
[root@k8s-master01 plugin]# mkdir flannel
[root@k8s-master01 plugin]# cd flannel

[root@k8s-master01 flannel]# wget --no-check-certificate  https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
[root@k8s-master01 flannel]# ls
kube-flannel.yml
[root@k8s-master01 flannel]# 

根据flannel的资源清单，创建网络

如果flannal报错Init:ImagePullBackOff
查看我这篇文章:https://blog.csdn.net/qq_43442524/article/details/105298366

运行
kubectl create -f kube-flannel.yml

[root@k8s-master01 flannel]# kubectl get pod -n kube-system
NAME                                   READY   STATUS    RESTARTS   AGE
coredns-5c98db65d4-f9rb7               0/1     Pending   0          36m
coredns-5c98db65d4-xcd9s               0/1     Pending   0          36m
etcd-k8s-master01                      1/1     Running   0          3h15m
kube-apiserver-k8s-master01            1/1     Running   0          3h15m
kube-controller-manager-k8s-master01   1/1     Running   0          3h15m
kube-flannel-ds-amd64-bnvtd            1/1     Running   0          91m
kube-proxy-t47n9                       1/1     Running   0          3h16m
kube-scheduler-k8s-master01            1/1     Running   0          3h15m
[root@k8s-master01 flannel]# kubectl get node
NAME           STATUS   ROLES    AGE     VERSION
k8s-master01   Ready    master   3h22m   v1.15.1
[root@k8s-master01 flannel]# 

现在就是Ready状态了

添加node节点

查看刚才移到/root/install-k8s/core的kubeadm-init.log最后一行:

复制到其他两个节点运行, 查看

[root@k8s-master01 core]# kubectl get node
NAME           STATUS   ROLES    AGE     VERSION
k8s-master01   Ready    master   3h26m   v1.15.1
k8s-node01     Ready    <none>   32s     v1.15.1
k8s-node02     Ready    <none>   29s     v1.15.1
[root@k8s-master01 core]#

成功!