注: 由于限制不能谷歌云绑定银联卡了,直接拿两台腾讯云服务器做课程实例
线上跑的是自建的集群搭建方式详见:https://duiniwukenaihe.github.io/2020/07/22/tencent-slb-kubeadm-ha/(跑了两个集群,其实还是跑的1.16版本,只进行了小版本升级现为1.16.15版本)
关于安全组配置就不详细说明了,由于是个人测试这里也没有做安全组策略,直接开放了ALL,ssh端口也没有做更改,当然了密码设置还是符合个人的安全策略的。由于测试环境不做各种系统优化,复杂配置了。直接就按照课程的操作来了。
10.0.2.6 cks-master
10.0.2.17 cks-work
更改主机名 hostnamectl set-hostname cks-xxx
配置如下:
image.png
(由于kill的课程是在国外的,apt仓库都是直接用的国外的,镜像仓库直接用的google的,切github仓库进行了版本更新故,修改了脚本):

1. 10.0.2.6 cks-master 节点操作步骤:

1. master节点初始化

sh install_master.sh

  1. #!/bin/sh
  2. # Source: http://kubernetes.io/docs/getting-started-guides/kubeadm/
  3. ### setup terminal
  4. apt-get install -y bash-completion binutils
  5. echo 'colorscheme ron' >> ~/.vimrc
  6. echo 'set tabstop=2' >> ~/.vimrc
  7. echo 'set shiftwidth=2' >> ~/.vimrc
  8. echo 'set expandtab' >> ~/.vimrc
  9. echo 'source <(kubectl completion bash)' >> ~/.bashrc
  10. echo 'alias k=kubectl' >> ~/.bashrc
  11. echo 'alias c=clear' >> ~/.bashrc
  12. echo 'complete -F __start_kubectl k' >> ~/.bashrc
  13. sed -i '1s/^/force_color_prompt=yes\n/' ~/.bashrc
  14. ### install k8s and docker
  15. apt-get remove -y docker.io kubelet kubeadm kubectl kubernetes-cni
  16. apt-get autoremove -y
  17. apt-get install -y etcd-client vim build-essential
  18. systemctl daemon-reload
  19. curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
  20. cat <<EOF > /etc/apt/sources.list.d/kubernetes.list
  21. deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
  22. EOF
  23. KUBE_VERSION=1.19.3
  24. apt-get update
  25. apt-get install -y docker.io kubelet=${KUBE_VERSION}-00 kubeadm=${KUBE_VERSION}-00 kubectl=${KUBE_VERSION}-00 kubernetes-cni=0.8.7-00
  26. cat > /etc/docker/daemon.json <<EOF
  27. {
  28.   "exec-opts": ["native.cgroupdriver=systemd"],
  29.   "log-driver": "json-file",
  30.   "storage-driver": "overlay2"
  31. }
  32. EOF
  33. mkdir -p /etc/systemd/system/docker.service.d
  34. # Restart docker.
  35. systemctl daemon-reload
  36. systemctl restart docker
  37. # start docker on reboot
  38. systemctl enable docker
  39. docker info | grep -i "storage"
  40. docker info | grep -i "cgroup"
  41. systemctl enable kubelet && systemctl start kubelet
  42. ### init k8s
  43. rm /root/.kube/config
  44. kubeadm reset -f
  45. kubeadm init --kubernetes-version=${KUBE_VERSION} --ignore-preflight-errors=NumCPU --skip-token-print
  46. mkdir -p ~/.kube
  47. sudo cp -i /etc/kubernetes/admin.conf ~/.kube/config
  48. kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
  49. echo
  50. echo "### COMMAND TO ADD A WORKER NODE ###"
  51. kubeadm token create --print-join-command --ttl 0

image.png

2. 下载所需要镜像

kubeadm config images list —kubernetes-version 1.19.3 确定1.19.3版本所需要的镜像版本,在阿里云镜像仓库下载并且修改镜像标签为k8s.gcr.io镜像仓库标签,当然了也可以采用创建kubeadm初始化文件的方式修改镜像仓库为阿里云或者其他国内镜像仓库。至于不同版本之间都是大同小异。
image.png

sh images.sh

  1. #!/bin/bash
  2. images=(
  3.     kube-apiserver:v1.19.3
  4.     kube-controller-manager:v1.19.3
  5.     kube-scheduler:v1.19.3
  6.     kube-proxy:v1.19.3
  7.     pause:3.2
  8.     etcd:3.4.13-0
  9.     coredns:1.7.0
  10. )
  12. for imageName in ${images[@]};do
  13.   docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
  14.   docker tag  registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
  15.   docker rmi  registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
  16. done

image.png
注:碰到的好玩的注意的:

  1. copy有格式的内容到linux如何保持原有的格式? vim :set parste

  2. ubuntu执行bash 显示:images.sh: 2: images.sh: Syntax error: “(“ unexpected why? 详见:https://blog.csdn.net/u014470581/article/details/51493150/

    1.    sudo dpkg-reconfigure dash<br />![image.png](https://cdn.nlark.com/yuque/0/2021/png/2505271/1612150290652-8f4165fc-445d-45c1-8830-f61379d6fa94.png#align=left&display=inline&height=648&margin=%5Bobject%20Object%5D&name=image.png&originHeight=648&originWidth=1286&size=32265&status=done&style=none&width=1286)<br />           选择no 保存 就ok了。

  3. 关于下载镜像。下载镜像是dokcer去下载的自己把控执行下载镜像脚本的时间了,当install_master.sh脚本安装完docker的过程中就可以下载镜像了。当然了 也可以安装自己的节奏来了,不一定用他教程上面的了,按照他的步骤就是纯属为了加深下课程的理解。

  4. 当然了还有你想自己修改的,比如网络插件,集群节点的网络规划网段,都可以安装自己想的修改了。

2. 10.0.2.17 cks-work 节点操作步骤:

2.1. work节点执行初始化脚本

注: 与master脚本修改大同小异
sh install_work.sh


# Source: http://kubernetes.io/docs/getting-started-guides/kubeadm/

### setup terminal
apt-get install -y bash-completion binutils
echo 'colorscheme ron' >> ~/.vimrc
echo 'set tabstop=2' >> ~/.vimrc
echo 'set shiftwidth=2' >> ~/.vimrc
echo 'set expandtab' >> ~/.vimrc
echo 'source <(kubectl completion bash)' >> ~/.bashrc
echo 'alias k=kubectl' >> ~/.bashrc
echo 'alias c=clear' >> ~/.bashrc
echo 'complete -F __start_kubectl k' >> ~/.bashrc
sed -i '1s/^/force_color_prompt=yes\n/' ~/.bashrc


### install k8s and docker
apt-get remove -y docker.io kubelet kubeadm kubectl kubernetes-cni
apt-get autoremove -y
apt-get install -y etcd-client vim build-essential

systemctl daemon-reload
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF > /etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
KUBE_VERSION=1.19.3
apt-get update
apt-get install -y docker.io kubelet=${KUBE_VERSION}-00 kubeadm=${KUBE_VERSION}-00 kubectl=${KUBE_VERSION}-00 kubernetes-cni=0.8.7-00

cat > /etc/docker/daemon.json <<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "storage-driver": "overlay2"
}
EOF
mkdir -p /etc/systemd/system/docker.service.d

# Restart docker.
systemctl daemon-reload
systemctl restart docker

# start docker on reboot
systemctl enable docker

docker info | grep -i "storage"
docker info | grep -i "cgroup"

systemctl enable kubelet && systemctl start kubelet


### init k8s
kubeadm reset -f
systemctl daemon-reload
service kubelet start

echo
echo "EXECUTE ON MASTER: kubeadm token create --print-join-command --ttl 0"
echo "THEN RUN THE OUTPUT AS COMMAND HERE TO ADD AS WORKER"
echo

2.2. 下载镜像

sh images.sh

#!/bin/bash
images=(
    kube-apiserver:v1.19.3
    kube-controller-manager:v1.19.3
    kube-scheduler:v1.19.3
    kube-proxy:v1.19.3
    pause:3.2
    etcd:3.4.13-0
    coredns:1.7.0
)

for imageName in ${images[@]};do
  docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
  docker tag  registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
  docker rmi  registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
done

2.3. work节点加入集群


root@VM-2-17-ubuntu:~# kubeadm join 10.0.2.6:6443 --token ux1gld.q5bzt4aq6p87fnuv     --discovery-token-ca-cert-hash sha256:b9638833e81b1e8042ea10ec2a958d08196ffd31f0f6a5b81f40e526f7d12944

image.png

3. 验证集群安装

over 然后master节点

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

root@cks-master:~# kubectl get nodes
NAME             STATUS     ROLES    AGE   VERSION
cks-master       Ready      master   14m   v1.19.3
vm-2-17-ubuntu   NotReady   <none>   43s   v1.19.3
root@cks-master:~# kubectl get nodes
NAME             STATUS   ROLES    AGE   VERSION
cks-master       Ready    master   14m   v1.19.3
vm-2-17-ubuntu   Ready    <none>   51s   v1.19.3
root@cks-master:~# kubectl get pods -n kube-system
NAME                                 READY   STATUS            RESTARTS   AGE
coredns-f9fd979d6-qj2jt              1/1     Running           0          14m
coredns-f9fd979d6-xwl4k              1/1     Running           0          14m
etcd-cks-master                      1/1     Running           0          14m
kube-apiserver-cks-master            1/1     Running           0          14m
kube-controller-manager-cks-master   1/1     Running           0          14m
kube-proxy-9x4pr                     1/1     Running           0          68s
kube-proxy-kf7ns                     1/1     Running           0          14m
kube-scheduler-cks-master            1/1     Running           0          14m
weave-net-2b29f                      0/2     PodInitializing   0          68s
weave-net-j78m4                      2/2     Running           1          14m


嗯?强迫症犯了 突然发现work节点忘记了修改主机名……。操作步骤应该是:

  1. cks-master节点 驱逐删除vm-2-17-ubuntu节点(kubectl delete node cks-work,由于是新的节点就不跑驱逐和设置不可调度了)
  2. vm-2-17-ubuntu节点操作 ```bash
  3. 更改主机名 hostnamectl set-hostname cks-work
  4. 初始化kubeadm kubeadm reset
  5. 重新加入master节点 kubeadm join 10.0.2.6:6443 —token ux1gld.q5bzt4aq6p87fnuv —discovery-token-ca-cert-hash sha256:b9638833e81b1e8042ea10ec2a958d08196ffd31f0f6a5b81f40e526f7d12944 ``` image.png
    image.png
    ok最终cks-master节点操作kubectl get node如下 :
    image.png