Book source: "CKA/CKAD Test Guide: From Docker to Kubernetes Complete Raiders"
Organize the reading notes while studying, and share them with everyone. If the copyright is violated, it will be deleted. Thank you for your support!
Attach a summary post: Kubernetes certification exam self-study series | Summary_COCOgsta's Blog-CSDN Blog
3.2.1 Experiment topology and environment
Figure 3-5 shows the topology and configuration.
3.2.2 Experimental preparation
Before installing kubernetes, you need to set up the yum source, close selinux and close swap, etc.
Step 1: It is recommended that all nodes use centos7.4 and synchronize /etc/hosts on all nodes.
[root@vmsX ~]# cat/etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.26.10 vms10.rhce.cc vms10
192.168.26.11 vms11.rhce.cc vms11
192.168.26.12 vms12.rhce.cc vms12
[root@vmsX ~]#
复制代码
Step 2: Configure firewall and close selinux on all nodes.
[root@vmsX ~]# firewall-cmd --get-default-zone
trusted
[root@vmsX ~]# getenforce
Disabled
[root@vmsX ~]#
复制代码
Step 3: Turn off swap on all nodes, and comment out the swap-related entries in /etc/fstab.
[root@vms10 ~]# swapon -s
文件名 类型 大小 已用 权限
/dev/sda2 partition 10485756 12 -1
[root@vmsX ~]# swapoff -a
[root@vmsX ~]# sed -i '/swap/s/UUID/#UUID/g' /etc/fstab
复制代码
Step 4: Configure yum sources on all nodes.
[root@vmsX ~]# rm -rf /etc/yum.repos.d/* ; wget -P /etc/yum.repos.d/ ftp://ftp.rhce.cc/k8s/*
[root@vmsX ~]#
...
[root@vmsX ~]#
复制代码
Step 5: Install and start docker on all nodes, and set docker to start automatically.
yum install docker-ce -y
systemctl enable docker --now
复制代码
Step 6: Set kernel parameters on all nodes.
[root@vmsX ~]# cat <<EOF> /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
[root@vmsX ~]#
复制代码
Let it take effect immediately.
[root@vmsX ~]# sysctl -p /etc/sysctl.d/k8s.conf
[root@vmsX ~]#
复制代码
Step 7: Install packages on all nodes
[root@vmsX ~]# yum install -y kubelet-1.21.1-0 kubeadm-1.21.1-0 kubectl-1.21.1-0 --disable excludes=kubernetes
已加载插件: fastestmirror
...
更新完毕:
yum.noarch 0:3.4.3-167.el7.centos
完毕!
[root@vmsX ~]#
复制代码
Step 8: Start kubelet on all nodes and set it to start automatically at boot.
[root@vmsX ~]# systemctl restart kubelet ; systemctl enable kubelet
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
[root@vmsX ~]#
注意: 此时kubelet的状态为activating
复制代码
3.2.3 install master
The following operations are performed on vms10, the purpose is to configure vms10 as the master.
Step 1: Perform initialization on the master.
[root@vms10 ~]# kubeadm init --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=v1.21.1 --pod-network-cidr=10.244.0.0/16
...输出...
Then you can join any number of worker nodes by running the following on each as root:
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBE CONFIG=/etc/ku bernet es/admin.conf
...输出...
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.26.10:6443 --token 524g6o.cpzywevx4ojems69 \
--discovery-token-ca-cert-hash sha256:6b19ba9d3371c0ac474e8e70569dfc8ac93c76fd841ac8df025a43d49d8cd860
[root@vms10 ~]#
复制代码
Step 2: Copy the kubeconfig file.
[root@vms10 ~]# mkdir -p $HOME/.kube
[root@vms10 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/confg
[root@vms10 ~]# sudo chown $(id-u):$(id-g) $HOME/.kube/config
[root@vms10 ~]#
复制代码
3.2.4 Configure workers to join the cluster
The following steps are to add vms11 and vms12 to the kubernetes cluster as workers.
Step 1: Execute the following commands on vms11 and vms12 respectively.
[root@vmsX ~]# kubeadm join 192.168.26.10:6443 --token w6v53s.16xt8ssokjuswlzx --discovery-token-ca-cert-hash sha256:6b19ba9d3371coac474e8e70569dfc8ac93c76fd841ac8df025a43d49d8cd860
[preflight] Running pre-flight checks
[WARNING Service-Kubelet]: kubelet service is not enabled, please run 'systemctl enable kubelet.service'
...输出...
Run 'kubectl get nodes' on the master to see this node join the cluster.
[root@vmsX ~]#
复制代码
Step 2: Switch to the master, and you can see that all nodes have joined the cluster.
[root@vms10 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
vms10.rhce.cc NotReady control-plane,master 2m27s v1.21.1
vms11.rhce.cc NotReady <none> 21s v1.21.1
vms12.rhce.cc NotReady <none> 19s v1.21.1
[root@vms10 ~]#
复制代码
From here you can see that the status of all nodes is NotReady, we need to install the calico network to make k8s work normally.
3.2.5 Install calico network
Because in the entire kubernetes cluster, pods are distributed on different hosts, in order to realize the cross-host communication of these pods, the CNI network plug-in must be installed, and the calico network is selected here.
Step 1: Download the yaml that configures the calico network on the master.
[root@vms10 ~]# wget https://docs.projectcalico.org/v3.19/manifests/calico.yaml
... 输出 ...
[root@vms10 ~]#
复制代码
Step 2: Modify the pod network segment in calico.yaml.
Change the network segment of the pod in calico.yaml to the network segment specified by the option --pod-network-cidr in kubeadm init, open this file with vim and search for "192", and modify it as follows.
# no effect. This should fall within '--cluster-cidr'.
# - name: CALICO_IPV4POOL_CIDR
# value: "192.168.0.0/16"
# Disable file logging so 'kubectl logs'works.
- name: CALICO_DISABLE_FILE_LOGGING
value: "true"
复制代码
Remove the spaces behind the two # and #, and change 192.168.0.0/16 to 10.244.0.0/16.
# no effect. This should fall within '--cluster-cidr'.
- name: CALICO_IPV4POOL_CIDR
value: "10.244.0.0/16"
# Disable file logging so 'kubectl logs' works.
- name: CALICO_DISABLE_FILELOGGING
value: "true"
复制代码
Step 3: Download the required images in advance.
See which mirrors are used for this file.
[root@vms10 ~]# grep image calico.yaml
image: calico/cni:v3.19.1
image: calico/cni:v3.19.1
image: calico/pod2daemon-flexvol:v3.19.1
image: calico/node:v3.19.1
image: calico/kube-controllers:v3.19.1
[root@vms10 ~]#
复制代码
Download these images on all nodes (including the master).
[root@vmsX ~]# for i in calico/cni:v3.19.1 calico/pod2daemon-flexvol:v3.19.1 calico/node:v3.19.1 calico/kube-controllers:v3.19.1 ; do docker pull $i ; done
...大量输出...
[root@vmsX ~]#
复制代码
Step 4: Install calico network.
Execute the following command on the master.
[root@vms10 ~]# kubectl apply -f calico.yaml
... 大量输出 ...
[root@vms10 ~]#
复制代码
Step 5: Verify the result.
Run the command kubectl get nodes on the master again to check the running results.
[root@vms10 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
vms10.rhce.cc Ready control-plane, master 13m v1.21.1
vms11.rhce.cc Ready <none> 11m v1.21.1
vms12.rhce.cc Ready <none> 11m v1.21.1
[root@vms10 ~]#
复制代码
You can see that the status of all nodes has changed to Ready.