概述

官方源码网站 https://github.com/kubernetes/kubeadm

基础环境配置

在开始之前,部署Kubernetes集群机器需要满足以下几个条件:

  • 硬件配置:至少2GBRAM,至少2个CPU。
  • 集群中所有机器之间网络互通
  • 可以访问外网,需要拉取镜像
  • 禁止swap分区

修改主机名称

  1.  # hostnamectl set-hostname k8s-master
  2.  # hostname
  3.  # hostnamectl status
  4.  # echo "127.0.0.1   $(hostname)" >> /etc/hosts

关闭防火墙

关闭防火墙

  1. systemctl stop firewalld && systemctl disable firewalld

关闭swap

临时关闭swap

  1. swapoff -a

永久关闭swap

  1. sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

查看现在虚拟内存情况

  1. # free
  2.               total        used        free      shared  buff/cache   available
  3. Mem:        2041220       67804     1034192        2712      939224     1798148
  4. Swap:             0           0           0

关闭selinux

临时关闭

  1. setenforce 0

永久关闭

  1. sed -i 's/enforcing/disabled/' /etc/selinux/config

bridge

桥接的IPv4流量传递到iptables的链

  1. cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
  2. net.bridge.bridge-nf-call-ip6tables = 1
  3. net.bridge.bridge-nf-call-iptables = 1
  4. EOF
  5. sudo sysctl --system

生效

  1.     modprobe br_netfilter
  2.     sysctl -p /etc/sysctl.d/k8s.conf

Docker 安装

一键安装docker脚本(推荐)

  1. curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
  2. sudo systemctl start docker
  3. sudo systemctl enable docker.service

docker加速

  1. sudo mkdir -p /etc/docker
  2. sudo tee /etc/docker/daemon.json <<-'EOF'
  3. {
  4.  "exec-opts": ["native.cgroupdriver=systemd"],
  5.   "registry-mirrors": [
  6.     "https://registry.aliyuncs.com",
  7.     "https://registry.docker-cn.com",
  8.     "https://docker.mirrors.ustc.edu.cn"
  9.     ]
  10. }
  11. EOF
  12. sudo systemctl daemon-reload
  13. sudo systemctl restart docker

查看docker 

  1. sudo docker info

安装kubeadm

kubeadm: 部署集群用的命令

  1. kubeadm init 启动一个 Kubernetes 主节点
  2. kubeadm join 启动一个 Kubernetes 工作节点并且将其加入到集群
  3. kubeadm upgrade 更新一个 Kubernetes 集群到新版本
  4. kubeadm config 如果你使用 kubeadm v1.7.x 或者更低版本,你需要对你的集群做一些配置以便使用 kubeadm upgrade 命令
  5. kubeadm token 使用 kubeadm join 来管理令牌
  6. kubeadm reset 还原之前使用 kubeadm init 或者 kubeadm join 对节点产生的改变
  7. kubeadm version 打印出 kubeadm 版本
  8. kubeadm alpha 预览一组可用的新功能以便从社区搜集反馈

国内镜像 https://developer.aliyun.com/mirror/kubernetes?spm=a2c6h.13651102.0.0.6ac41b11Bcq58S

Ubuntu/Debian

  1. $ sudo apt-get update && apt-get install -y apt-transport-https
  2. $ curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
  4. $ cat <<EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list
  5. deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
  6. EOF
  8. $ apt-get update
  9. $ apt-get install -y kubelet kubeadm kubectl

CentOS/Fedora

设置国内阿里云镜像

  1. $ cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
  2. [kubernetes]
  3. name=Kubernetes
  4. baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
  5. enabled=1
  6. gpgcheck=1
  7. repo_gpgcheck=1
  8. gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
  9. EOF
  11. $ sudo yum install -y kubelet kubeadm kubectl

安装具体版本

  1. yum install -y kubelet-1.18.9 kubeadm-1.18.9 kubectl-1.18.9

查看安装版本

  1. rpm -qa | grep kubelet
  2. rpm -qa | grep kubeadm
  3. rpm -qa | grep kubectl

kubelet

kubelet: 在集群中每台机器上都要运行的组件,负责管理pod、容器的生命周期

  1. systemctl enable kubelet && systemctl start kubelet

配置 kubelet
修改 kubelet.service

  1. # 启用 ipvs 相关内核模块
  2. [Service]
  3. ExecStartPre=-/sbin/modprobe ip_vs
  4. ExecStartPre=-/sbin/modprobe ip_vs_rr
  5. ExecStartPre=-/sbin/modprobe ip_vs_wrr
  6. ExecStartPre=-/sbin/modprobe ip_vs_sh

执行以下命令应用配置。

  1. $ sudo systemctl daemon-reload

kubectl

kubectl: 集群管理工具(可选,只要在控制集群的节点上安装即可)

部署

  1. rm -f ./kubeadm-config.yaml
  2. cat <<EOF > ./kubeadm-config.yaml
  3. apiVersion: kubeadm.k8s.io/v1beta2
  4. kind: ClusterConfiguration
  5. kubernetesVersion: v1.18.9
  6. imageRepository: registry.aliyuncs.com/k8sxio
  7. controlPlaneEndpoint: "104.67.96.29:6443"
  8. networking:
  9.   serviceSubnet: "10.96.0.0/16"
  10.   podSubnet: "10.100.0.1/16"
  11.   dnsDomain: "cluster.local"
  12. EOF

master

  1. $ sudo kubeadm init --image-repository registry.cn-hangzhou.aliyuncs.com/google_containers \
  2.       --pod-network-cidr 10.244.0.0/16 \
  3.       --v 5 \
  4.       --ignore-preflight-errors=all

初始化主节点

  1. kubeadm init \
  2. --apiserver-advertise-address=192.168.116.129 \
  3. --image-repository registry.aliyuncs.com/google_containers \
  4. --kubernetes-version stable \
  5. --service-cidr=10.1.0.0/16 \
  6. --pod-network-cidr=10.244.0.0/16

或者

  1. kubeadm init --config=kubeadm.yml | tee kubeadm-init.log
  1. Your Kubernetes control-plane has initialized successfully!
  3. To start using your cluster, you need to run the following as a regular user:
  5.   mkdir -p $HOME/.kube
  6.   sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  7.   sudo chown $(id -u):$(id -g) $HOME/.kube/config
  9. You should now deploy a pod network to the cluster.
  10. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  11.   https://kubernetes.io/docs/concepts/cluster-administration/addons/
  13. Then you can join any number of worker nodes by running the following on each as root:
  15. kubeadm join 192.168.237.129:6443 --token abcdef.0123456789abcdef \
  16.     --discovery-token-ca-cert-hash sha256:6487845dbd51ddd8874dda2257ecf6157a0a6d7487317355ddc8a081c8525cc1

配置 kubectl

  1.   mkdir -p $HOME/.kube
  2.   sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  3.   sudo chown $(id -u):$(id -g) $HOME/.kube/config

查看节点信息

  1. # kubectl get node
  2. NAME                STATUS     ROLES    AGE     VERSION
  3. kubernetes-master   NotReady   master   9m17s   v1.15.0

查看节点所有namespaces

  1. # kubectl get pods --all-namespaces
  2. NAMESPACE     NAME                                        READY   STATUS    RESTARTS   AGE
  3. kube-system   coredns-bccdc95cf-njhpw                     0/1     Pending   0          12m
  4. kube-system   coredns-bccdc95cf-z4br9                     0/1     Pending   0          12m
  5. kube-system   etcd-kubernetes-master                      1/1     Running   0          11m
  6. kube-system   kube-apiserver-kubernetes-master            1/1     Running   0          12m
  7. kube-system   kube-controller-manager-kubernetes-master   1/1     Running   0          12m
  8. kube-system   kube-proxy-qw6bn                            1/1     Running   0          12m
  9. kube-system   kube-scheduler-kubernetes-master            1/1     Running   0          12m

节点加入命令

  1. kubeadm join 192.168.237.129:6443 --token abcdef.0123456789abcdef \
  2.     --discovery-token-ca-cert-hash sha256:6487845dbd51ddd8874dda2257ecf6157a0a6d7487317355ddc8a081c8525cc1

网络插件 Calico

https://www.projectcalico.org/#getstarted
https://docs.projectcalico.org/v3.8/getting-started/kubernetes/

  1. kubectl apply -f https://docs.projectcalico.org/v3.8/manifests/calico.yaml

或者是

  1. kubectl apply -f https://kuboard.cn/install-script/calico/calico-3.13.1.yaml

master 节点默认不能运行 pod

如果用 kubeadm 部署一个单节点集群,默认情况下无法使用,请执行以下命令解除限制

  1. $ kubectl taint nodes --all node-role.kubernetes.io/master-

恢复默认值

  1. $ kubectl taint nodes NODE_NAME node-role.kubernetes.io/master=true:NoSchedule

验证

  1. # kubectl create deployment nginx --image=nginx
  2. deployment.apps/nginx created
  3. # kubectl expose deployment nginx --port=80 --type=NodePort 
  4. service/nginx exposed
  5. # kubectl get pods,svc 
  6. NAME                         READY   STATUS             RESTARTS   AGE
  7. pod/nginx-554b9c67f9-9bb2t   1/1     Running            0          24h
  8. NAME                 TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE
  9. service/kubernetes   ClusterIP   10.1.0.1               443/TCP          24h
  10. service/nginx        NodePort    10.1.80.89             80:32393/TCP     24h

参考文章

https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
https://blog.csdn.net/qijian2003122/article/details/83021091
https://blog.csdn.net/heian_99/article/details/103888459
https://zhuanlan.zhihu.com/p/142497091
https://kubernetes.io/zh/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#check-required-ports
https://chinalhr.github.io/post/kubeadm-install-kubernetes/
https://www.cnblogs.com/life-of-coding/p/11879067.html