kubernetes-1.23.1部署
- 软件、镜像清单
1.1 软件清单
| 软件 | 版本 |
|---|---|
| docker-ce.x86_64 | 20.10.12-3.el7 |
| kubeadm.x86_64 | 1.23.1-0 |
| kubectl.x86_64 | 1.23.1-0 |
| kubelet.x86_64 | 1.23.1-0 |
| kubernetes-cni.x86_64 | 0.8.7-0 |
1.2 镜像清单
#kubernetes镜像清单
k8s.gcr.io/kube-apiserver:v1.23.1
k8s.gcr.io/kube-controller-manager:v1.23.1
k8s.gcr.io/kube-scheduler:v1.23.1
k8s.gcr.io/kube-proxy:v1.23.1
k8s.gcr.io/pause:3.6
k8s.gcr.io/etcd:3.5.1-0
k8s.gcr.io/coredns/coredns:v1.8.6
# calico镜像清单
calico/cni:v3.21.4
calico/pod2daemon-flexvol:v3.21.4
calico/node:v3.21.4
- 主机信息
| hostname | 主机ip | 系统版本 |
|---|---|---|
| master | 192.168.1.94 | CentOS 7.9.2009 |
| Node1 | 192.168.1.114 | CentOS 7.9.2009 |
| Node2 | 192.168.1.115 | CentOS 7.9.2009 |
- 系统基本配置
3.1 关闭selinux,关闭防火墙,关闭交换分区
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
systemctl stop firewalld && systemctl disable firewalld
swapoff on
sed -i '/swap/s/\(.*\)/#\1/' /etc/fstab
3.2 修改hostname,配置/etc/hosts
hostnamectl set-hostname master
hostnamectl set-hostname node1
hostnamectl set-hostname node2
vim /etc/hosts
192.168.1.94 master
192.168.1.114 node1
192.168.1.115 node2
3.3 配置内核参数
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system
- 安装docker
#安装必要的一些系统工具
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
#添加软件源信息
sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sudo sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
#更新并安装Docker-CE
sudo yum makecache fast
sudo yum -y install docker-ce
#开启Docker服务
sudo systemctl start docker
#配置 Docker 守护程序,尤其是使用 systemd 来管理容器的 cgroup,配置阿里的镜像加速器
sudo mkdir /etc/docker
cat <<EOF | sudo tee /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"registry-mirrors": ["https://tbctmogl.mirror.aliyuncs.com"]
}
EOF
sudo systemctl enable docker
sudo systemctl daemon-reload
sudo systemctl restart docker
- 安装kubeadm,kubectl,kubelet
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet kubeadm kubectl
#yum install -y --nogpgcheck kubelet kubeadm kubectl 或者使用此命令安装,忽略gpg检查
systemctl enable kubelet && systemctl start kubelet
- kubeadm初始化
kubeadm init --apiserver-advertise-address=192.168.1.94 --kubernetes-version v1.23.1 --service-cidr=10.95.0.0/16 --pod-network-cidr=172.15.0.0/16
# 也可以使用kubeadm config print init-defaults > kubeadm-init.yaml 生成初始化文件,修改文件里对应配置,使用kubeadm init --config=kubeadm-init.yaml初始化。
#初始化时可以指定仓库--image-repository registry.cn-hangzhou.aliyuncs.com/google_containers,如果不指定镜像仓库,可以提前下载好镜像后重新tag成官方镜像名
- 根据初始化提示执行如下命令
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
- 安装calico网络组件
curl https://docs.projectcalico.org/manifests/calico.yaml -O
vim calico.yaml
#calico.yaml文件修改如下配置,和初始化时配置的pod网段一致
- name: CALICO_IPV4POOL_CIDR
value: "172.15.0.0/16"
- 加入node节点
#kubeadm初始化成功后会输出如下命令,到node节点执行即可
kubeadm join 192.168.1.94:6443 --token ivpjhh.qwggppgkbcxdeueg --discovery-token-ca-cert-hash sha256:c60147b6a60214f6c6a37e8a59f9b715e3c7d2d3d6824283aec163072e9b05e3
- 检查集群状态
[root@master ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
etcd-0 Healthy {
"health":"true","reason":""}
controller-manager Healthy ok
[root@master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
master Ready control-plane,master 10h v1.23.1
node1 Ready <none> 10h v1.23.1
node2 Ready <none> 10h v1.23.1