Construction of k8s cluster based on Ubantu system
Article Directory
3. Modify the initialization file and configure initialization
Fourth, install the Calio network plug-in
foreword
There are still relatively few articles on the high-version k8s on the Internet, so I will post an article after a long time of digging, hoping to help everyone.
1. What is Kubernetes?
Kubernetes was originally designed and developed by engineers at Google. Google, one of the early contributors to Linux container technology, gave a public talk on how Google runs everything in containers (the technology behind Google's cloud services). Google deploys more than 2 billion containers a week, all powered by its internal platform, Borg. Borg is the predecessor of Kubernetes, and the lessons learned from developing Borg over the years have become a major factor influencing many technologies in Kubernetes.
2. Environmental preparation
-
It is required to be able to access the Internet. For offline installation, resources such as mirror images and dependent packages need to be prepared in advance.
The ip address plan is as follows:
| node name | Internal IP address | internal gateway address |
| k8s-master-1 | 192.168.1.1/24 | 192.168.1.254 |
| k8s-node-1 | 192.168.1.2/24 | 192.168.1.254 |
| k8s-node-2 | 19.168.1.3/24 | 192.168.1.254 |
Dependency added:
Since I built it in a test environment, I use the root user to operate, and I will mark what steps each node needs to perform.
Three-node operation
- basic configuration
#临时关闭swap
swapoff -a
#配置内核参数,开启路由转发功能
cat <<EOF | tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
#生效内核配置
sysctl -p
- Configure apt dependencies, install docker and cri-docker plugins
There is a big hole here! ! ! That is, when your k8s cluster version is higher than the version supported by cri-docker, a response timeout will occur when initializing the k8s cluster. When confirming that the parameters configured in the service file are correct, please ensure that cri-docker supports
Support the k8s cluster you want to deploy!
#配置apt依赖环境
apt-get update
apt-get install -y ca-certificates curl gnupg lsb-release net-tools
#添加gpg密钥
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker.gpg
#设置docker源密钥
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list
#安装docker
apt-get update
apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
#获取新版cri-docker包
wget https://ghproxy.com/https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.2/cri-dockerd_0.3.2.3-0.ubuntu-jammy_amd64.deb
#安装cri-docker
dpkg -i cri-dockerd_0.2.5.3-0.ubuntu-jammy_amd64.deb
#添加cri-docker启动参数
sed -i -e 's#ExecStart=.*#ExecStart=/usr/bin/cri-dockerd --network-plugin=cni --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.8#g' /usr/lib/systemd/system/cri-docker.service
#重新加载服务的配置文件并且启动服务
systemctl daemon-reload
sysetmctl start cri-docker
systemctl enable cri-docker- Configure the kubernetes source, and use the Ali source in China to accelerate the image pull
#更新apt源
apt-get update
apt-get install -y apt-transport-https curl
#配置阿里k8s源密钥
curl -s https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
tee /etc/apt/sources.list.d/kubernetes.list <<-'EOF'
deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main
EOF
#三节点安装kubeadm、kubectl、kubelet
apt-get update
apt-get install -y kubelet=1.25.10-00 kubeadm=1.25.10-00 kubectl=1.25.10-003. Modify the initialization file and configure initialization
Master node:
You can pull the image in advance and package it into a docker image package to speed up the construction of the cluster.
[root@k8s-master-1~]# kubeadm config print init-defaults > kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168.1.1 #修改
bindPort: 6443
nodeRegistration:
criSocket: unix:///var/run/cri-dockerd.sock #修改
imagePullPolicy: IfNotPresent
name: k8s-master-1 #修改
taints: null
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers #修改
kind: ClusterConfiguration
kubernetesVersion: 1.25.10 #修改
networking:
dnsDomain: cluster.local
podSubnet: 10.244.0.0/16 #改
scheduler: {}
#master进行初始化,等待镜像拉取,如果提示cri报错,请检查是否是版本问题或者是cri-docker.service中的启动参数配置错误
[root@k8s-master-1~]# kubeadm init --config=kubeadm-config.yam
#进行基本配置
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
export KUBECONFIG=/etc/kubernetes/admin.confNode node:
The node node needs to add the –cri-socket /var/run/cri-dockerd.sock parameter to specify the startup method when joining the cluster!
kubeadm join 192.168.1.1:6443 --cri-socket /var/run/cri-dockerd.sock --token 7dn4wz.v7uhvkf55b2vvi2h \
--discovery-token-ca-cert-hash sha256:3ebd007a152158a603af63aa6f8fd28247a015f4c183504037d003fb7fc9ecfb
Fourth, install the Calio network plug-in
Master node:
The k8s network plug-in can choose flunnel, calio, etc. After installation, use kubectl get po -A to view the created pod. Because the image is being pulled, it will take a long time to be in the pending state. You need to wait patiently until all pods are running. It can be seen that the nodes are all in the Ready state
#获取yaml文件
wget https://raw.githubusercontent.com/projectcalico/calico/v3.26.0/manifests/tigera-operator.yaml
wget https://raw.githubusercontent.com/projectcalico/calico/v3.26.0/manifests/custom-resources.yaml
#安装calio
kubectl create -f tigera-operator.yaml
kubectl create -f custom-resources.yamlSummarize
It took an afternoon to install a small cluster, I hope it can provide you with some ideas for reference! Exchange q 1257455837