安装前检查
需要在每台机器都执行

  1. 禁用swap分区
    1. swapoff -a
    2. sed -i '/swap/s/^/#/' /etc/fstab
    2 关闭selinux
    1. setenforce 0; sed -ri '/^SELINUX=/s/SELINUX=.+/SELINUX=disabled/' /etc/selinux/config
    3 启用br_netfilter模块
    1. modprobe br_netfilter
    4 配置内核参数
    1. echo -e 'net.bridge.bridge-nf-call-ip6tables = 1\nnet.bridge.bridge-nf-call-iptables = 1' > /etc/sysctl.d/k8s.conf
    2. sysctl --system
    5 启用ipvs模块

安装 kubeadm 和 Docker

安装docker-ce

  1. wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo --no-check-certificate
  2. yum install -y docker-ce
  4. # 修改镜像源
  5. mkdir -p /etc/docker
  6. sudo tee /etc/docker/daemon.json <<-'EOF'
  7. {
  8.   "registry-mirrors": ["https://dy5s4ua3.mirror.aliyuncs.com"]
  9. }
  10. EOF
  12. systemctl restart docker
  13. systemctl enable docker

安装kubeadm

  1. tee /etc/docker/daemon.json <<-'EOF'
  2. [kubernetes]
  3. name=Kubernetes
  4. baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
  5. enabled=1
  6. gpgcheck=1
  7. repo_gpgcheck=1
  8. gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
  9. EOF
  11. # 安装启动
  12. yum install -y kubeadm
  13. systemctl enable kubelet.service
  14. systemctl start kubelet

部署 Kubernetes 的 Master 节点
编写了一个给 kubeadm 用的 YAML 文件(名叫:kubeadm.yaml)

apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
controllerManager:
  extraArgs:
    horizontal-pod-autoscaler-use-rest-clients: "true"
    horizontal-pod-autoscaler-sync-period: "10s"
    node-monitor-grace-period: "10s"
apiServer:
  extraArgs:
    runtime-config: "api/all=true"
kubernetesVersion: v1.21.0
imageRepository: registry.aliyuncs.com/google_containers

# 查看默认配置
kubeadm config print init-defaults
# 创建master
kubeadm init --config kubeadm.yaml

镜像coredns:v1.8.0下载失败,手动下载

docker pull coredns/coredns:1.8.0

# 查看kubeadm需要镜像,并修改tag
kubeadm config images list --config kubeadm.yaml 

docker tag coredns/coredns:1.8.0 registry.aliyuncs.com/google_containers/coredns:v1.8.0

就可以完成 Kubernetes Master 的部署了,这个过程只需要几分钟。部署完成后,kubeadm 会生成一行指令:

kubeadm join 10.4.7.150:6443 --token 3mfp4m.0e5frcl15tceth7j \
        --discovery-token-ca-cert-hash sha256:4ba3177461b0f05a4d71a94ed8adf12423c7708b888a9205d828a94bbf3f126a

配置kubectl鉴权,node节点需要复制admin.conf文件

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

kubectl自动补全

yum install bash-completion
echo 'source <(kubectl completion bash)' >>~/.bashrc
kubectl completion bash >/etc/bash_completion.d/kubectl
# 重新加载shell生效

部署网络插件

curl -fsSLo weave-daemonset.yaml "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

kubectl apply -f  weave-daemonset.yaml

部署work
第一步,在所有 Worker 节点上执行“安装 kubeadm 和 Docker”一节的所有步骤。
第二步,执行部署 Master 节点时生成的 kubeadm join 指令:

kubeadm join 10.4.7.150:6443 --token 3mfp4m.0e5frcl15tceth7j \
        --discovery-token-ca-cert-hash sha256:4ba3177461b0f05a4d71a94ed8adf12423c7708b888a9205d828a94bbf3f126a

配置kubectl鉴权

scp /etc/kubernetes/admin.conf root@10.4.7.151:/root
mkdir /root/.kube
cp -i /root/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config