一、环境说明
| 主机名 | IP地址 | 角色 | 系统 |
| k8s-node-1 | 192.170.38.80 | k8s-master | Centos7.6 |
| k8s-node-2 | 192.170.38.81 | k8s-node | Centos7.6 |
| k8s-node-3 | 192.170.38.82 | k8s-node | Centos7.6 |
注意:官方建议每台机器至少双核2G内存,同时需确保MAC和product_uuid唯一(参考下面的命令查看)
ip link
cat /sys/class/dmi/id/product_uuid
另外建议为主机配置国内yum源,加快部署速度。
二、环境配置
以下命令在三台主机上均需运行
1、关闭防火墙
systemctl stop firewalld && systemctl disable firewalld
setenforce 0
vi /etc/selinux/config
修改:SELINUX=disabled
2、设置内核参数
cat << EOF | tee /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 vm.swappiness = 0 EOF modprobe br_netfilter swapoff -a && sysctl -p /etc/sysctl.d/k8s.conf vi /etc/fstab 注释掉行:/dev/mapper/centos-swap swap swap defaults 0 0
3、开启ipvs
cat > /etc/sysconfig/modules/ipvs.modules <<EOF #!/bin/bash modprobe -- ip_vs modprobe -- ip_vs_rr modprobe -- ip_vs_wrr modprobe -- ip_vs_sh modprobe -- nf_conntrack_ipv4 modprobe -- br_netfilter EOF chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules
4、安装Docker
参考:https://www.cnblogs.com/hackyo/p/9280042.html
Docker建议配置阿里云镜像加速
安装完成后运行:
iptables -P FORWARD ACCEPT
5、安装kubeadm和kubelet
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF yum clean all && yum makecache yum install -y kubelet kubeadm kubectl systemctl enable kubelet
6、拉取所需镜像
先拉取所需的镜像,不然会从谷歌拉取,导致拉取失败。
在k8s-node-1上执行:
docker pull mirrorgooglecontainers/kube-apiserver:v1.13.3 docker tag mirrorgooglecontainers/kube-apiserver:v1.13.3 k8s.gcr.io/kube-apiserver:v1.13.3 docker pull mirrorgooglecontainers/kube-controller-manager:v1.13.3 docker tag mirrorgooglecontainers/kube-controller-manager:v1.13.3 k8s.gcr.io/kube-controller-manager:v1.13.3 docker pull mirrorgooglecontainers/kube-scheduler:v1.13.3 docker tag mirrorgooglecontainers/kube-scheduler:v1.13.3 k8s.gcr.io/kube-scheduler:v1.13.3 docker pull mirrorgooglecontainers/kube-proxy:v1.13.3 docker tag mirrorgooglecontainers/kube-proxy:v1.13.3 k8s.gcr.io/kube-proxy:v1.13.3 docker pull mirrorgooglecontainers/pause:3.1 docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1 docker pull mirrorgooglecontainers/etcd:3.2.24 docker tag mirrorgooglecontainers/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24 docker pull coredns/coredns:1.2.6 docker tag coredns/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
在k8s-node-2和k8s-node-3上执行:
docker pull mirrorgooglecontainers/pause:3.1 docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1 docker pull mirrorgooglecontainers/kube-proxy:v1.13.3 docker tag mirrorgooglecontainers/kube-proxy:v1.13.3 k8s.gcr.io/kube-proxy:v1.13.3
至此环境配置完成,建议重启系统。
三、初始化集群
以下命令如无特殊说明,均在k8s-node-1上执行
1、使用kubeadm init初始化集群
kubeadm init \ --kubernetes-version=v1.13.3 \ --pod-network-cidr=10.244.0.0/16 \ --apiserver-advertise-address=192.170.38.80
初始化成功后会输出下面的加入命令,暂时无需运行,先记录。
kubeadm join 192.170.38.80:6443 --token duz8m8.njvafly3p2jrshfx --discovery-token-ca-cert-hash sha256:60e15ba0f562a9f29124914a1540bd284e021a37ebdbcea128f4e257e25002db
2、配置常规用户使用kubectl访问集群
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
检查集群状态
kubectl get cs
3、安装Pod Network
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
使用下面的命令确保所有的Pod都处于Running状态。
kubectl get pod --all-namespaces -o wide
4、向Kubernetes集群中添加Node节点
在k8s-node-2和k8s-node-3上运行之前在k8s-node-1输出的命令
kubeadm join 192.170.38.80:6443 --token duz8m8.njvafly3p2jrshfx --discovery-token-ca-cert-hash sha256:60e15ba0f562a9f29124914a1540bd284e021a37ebdbcea128f4e257e25002db
查看集群中的节点状态
kubectl get nodes
5、kube-proxy开启ipvs
kubectl edit cm kube-proxy -n kube-system 修改mode: "ipvs"
重启kube-proxy pod
kubectl get pod -n kube-system | grep kube-proxy | awk '{system("kubectl delete pod "$1" -n kube-system")}'
完工!