Article directory
-
- 1. Cluster architecture planning information
- 2. System initialization preparation (synchronous operation of all nodes)
- 3. Install kubeadm (synchronous operation of all nodes)
- 4. Initialize the K8S cluster (master node operation)
- 5. Add Node nodes to the K8S cluster
- 6. Install the Calico network plug-in
- 7. Test the availability of CoreDNS
1. Cluster architecture planning information
- Pod network segment: 10.244.0.0/16
- service network segment: 10.10.0.0/16
- Note: The pod and service network segments cannot conflict. If there is a conflict, the K8S cluster installation will fail.
server information:
| CPU name | IP address | operating system |
|---|---|---|
| k8s-master-1 | 16.32.15.123 | 20.04.1-Ubuntu |
| k8s-node-1 | 16.32.15.124 | 20.04.1-Ubuntu |
2. System initialization preparation (synchronous operation of all nodes)
1. To switch rootusers, the following operations rootare performed by users
sudo -i
2. Configure the domestic warehouse source and install the required dependencies
. Note: The following is Ubuntu20.04an example of the system warehouse source. If the system version is different, you can find the corresponding version in the Ali mirror warehouse! !
cd /etc/apt
cp sources.list sources.list_default
> sources.list
cat >> sources.list << EOF
deb https://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse
# deb https://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse
# deb-src https://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse
deb https://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse
deb-src https://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse
EOF
apt-get update
apt-get upgrade
Install required dependencies
apt-get install -y apt-transport-https ca-certificates curl software-properties-common gnupg2
3. Add local domain name resolution
cat >> /etc/hosts << EOF
16.32.15.123 k8s-master-1
16.32.15.124 k8s-node-1
EOF
Modify the host name, please copy to the corresponding server to execute
hostnamectl set-hostname k8s-master-1 && bash
hostnamectl set-hostname k8s-node-1 && bash
4. Install ntpdateto keep the server time consistent
apt install ntpdate
ntpdate ntp1.aliyun.com
Configure timed tasks to automatically synchronize the time at 1:00 a.m. every day
crontab -e
0 1 * * * ntpdate ntp1.aliyun.com
Ctrl+c Ctrl+x Y EnterSave and exit
Verify that the scheduled task is configured successfully
crontab -l
5. Close the swap partition
swapoff --all
Prohibit booting from the boot swap swap partition
sed -i -r '/swap/ s/^/#/' /etc/fstab
6. Install Docker
to add Key to the local trusted database
curl -fsSL https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
Add Docker repository
sudo add-apt-repository \
"deb [arch=amd64] https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/ \
$(lsb_release -cs) \
stable"
Install Docker
sudo apt-get install docker-ce docker-ce-cli containerd.io -y
Configure the Docker driver
cat <<EOF | tee /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": ["https://aoewjvel.mirror.aliyuncs.com"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
Start Docker && join boot self-start
mkdir -p /etc/systemd/system/docker.service.d
systemctl daemon-reload
systemctl restart docker
systemctl enable --now docker
systemctl status docker
3. Install kubeadm (synchronous operation of all nodes)
1. Configure the domestic yum source, and the installation prerequisite depends on
apt-get update && apt-get install -y apt-transport-https curl
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main
EOF
Install dependencies
apt-get update && apt-get install -y apt-transport-https curl
Error reported during execution:
Solution:
Note: The KEY here is not unique, I circled it in red in the picture above, copy your KEY and execute again
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com B53DC80D13EDEF05
apt-get update && apt-get install -y apt-transport-https curl
2. Install kubeadm, kubelet, kubectl
apt-get install -y kubelet=1.23.1-00 kubeadm=1.23.1-00 kubectl=1.23.1-00
Add self-start
systemctl enable kubelet
Mark the specified package as held back, preventing automatic software updates
apt-mark hold kubelet kubeadm kubectl
4. Initialize the K8S cluster (master node operation)
kubeadm init \
--apiserver-advertise-address 16.32.15.123 \
--image-repository registry.cn-hangzhou.aliyuncs.com/google_containers \
--pod-network-cidr=10.244.0.0/16 \
--service-cidr=10.96.0.0/12 \
--ignore-preflight-errors=SystemVerification
Explanation of initialization parameter information:
-
image-repository: Specify the image source of Alibaba Cloud in China
-
pod-network-cidr: pod network segment
-
service-cidr: service network segment
-
apiserver-advertise-address: apiserver地址
-
ignore-preflight-errors: ignore some errors checked
Since kubernetes uses the CA certificate by default, it is necessary to configure the certificate for kubectl to access the Master
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Test kubectlwhether the command can be used
kubectl get node
5. Add Node nodes to the K8S cluster
1. The kubeadm command obtains the ones that join the cluster token(executed by the master node)
kubeadm token create --print-join-command
kubeadm join 16.32.15.123:6443 --token kczwmr.x2ekr2pjq5iuhquh --discovery-token-ca-cert-hash sha256:2c8b60dfb13094634cd1476c902dd08e23042a1fb0d23f998c361d30655071f1
2. Copy the acquired to join the cluster token to the Node node! (node node execution)
kubeadm join 16.32.15.123:6443 --token kczwmr.x2ekr2pjq5iuhquh --discovery-token-ca-cert-hash sha256:2c8b60dfb13094634cd1476c902dd08e23042a1fb0d23f998c361d30655071f1
3. View cluster node information (executed by master node)
kubectl get node
OK, as you can see from the figure above, the node has successfully joined the K8S cluster.
6. Install the Calico network plug-in
Since the calico official is abroad, the download is relatively slow, after all, there is a wall. I calico.yamldownloaded the file and put it giteeon the domestic one. Next, I will use the domestic address to download calico.yamlthe file, please know!
The master node executes:
wget -O /root/calico.yaml https://gitee.com/qinziteng/K8S/raw/master/YMAL/calico.yaml
kubectl apply -f calico.yaml
View cluster Pod status:
kubectl get pods -n kube-system
Check the cluster Node node status:
kubectl get node
As above, it is correct, if it is still not ready, you need to wait for a while~
7. Test the availability of CoreDNS
1. Create a test container
kubectl run busybox --image busybox:1.28 --restart=Never --rm -it busybox -- sh
2. Test whether it can be parsed normally
nslookup kubernetes.default.svc.cluster.local
As shown in the figure above, it can be parsed normally. So far, the K8S1.23 version cluster based on the Ubuntu20.04 operating system has been successfully deployed and is correct!