前置准备

系统 :Ubuntu 20.04

安装参考 https://www.yuque.com/xiamucc/io9h18/ngea4b

  1. root@master:~# uname -a
  2. Linux master 5.4.0-100-generic #113-Ubuntu SMP Thu Feb 3 18:43:29 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

容器运行时,使用Docker,安装参考 https://www.yuque.com/xiamucc/io9h18/ngea4b

关闭 swap,k8s不建议使用 swap

[root@master ~]# swapoff -a
[root@master ~]# echo "vm.swappiness=0" >> /etc/sysctl.conf
[root@master ~]# sysctl -p /etc/sysctl.conf 
vm.swappiness = 0
root@master:~# vim /etc/fstab  //把 swap 注释掉

更改docker cgroup驱动 为 systemd ,k8s cgroup 是 systemd 需要保持一致

root@master:~# cat /etc/docker/daemon.json 
{
  "registry-mirrors": ["https://di14o6b8.mirror.aliyuncs.com"],
  "exec-opts": ["native.cgroupdriver=systemd"]
}

允许 iptables 检查桥接流量

$ cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF

$ cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

$ sudo sysctl --system

更新 apt 包索引并安装使用 Kubernetes apt 仓库所需要的包:

$ sudo apt-get update
$ sudo apt-get install -y apt-transport-https ca-certificates curl

下载 aliyun 公开签名秘钥:

$ sudo curl -s https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -

添加 Kubernetes apt 仓库:

$ sudo tee /etc/apt/sources.list.d/kubernetes.list <<-'EOF'
deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main
EOF

更新 apt 包索引,安装 kubelet、kubeadm 和 kubectl,并锁定其版本:

$ sudo apt-get update
$ sudo apt-get install -y kubelet kubeadm kubectl
$ sudo apt-mark hold kubelet kubeadm kubectl

kubeadm init

$ echo "192.168.102.64 cncamp.com" >> /etc/hosts

$ kubeadm init \
 --image-repository registry.aliyuncs.com/google_containers \
 --kubernetes-version v1.23.4 \
 --pod-network-cidr=192.168.0.0/16 \
 --apiserver-advertise-address=192.168.102.64

Copy kubeconfig

$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config

kubeadm join 192.168.102.64:6443 --token evf1th.n8nlxl84dx69mkxi \
    --discovery-token-ca-cert-hash sha256:85c038f4f6911b4a2b7404f34b30cb93e523cbb52eca23017101513907afc63a

命令补全

请确保已安装 bash-autocompletion 并可以正常工作。

# Install bash-completion
apt-get install bash-completion

# Source the completion script in your ~/.bashrc file
echo 'source <(kubectl completion bash)' >>~/.bashrc

# Add the completion script to the /etc/bash_completion.d directory
kubectl completion bash >/etc/bash_completion.d/kubectl

在网络被配置好之前,DNS 组件会一直处于 Pending 状态。

image.png

Install calico cni plugin

https://docs.projectcalico.org/getting-started/kubernetes/quickstart

$ kubectl create -f https://docs.projectcalico.org/manifests/tigera-operator.yaml
$ kubectl create -f https://docs.projectcalico.org/manifests/custom-resources.yaml

image.png

如果要在启动期间启用Container,请在Kubeadm Init期间设置CRI-Socket参数

kubeadm init \
 --image-repository registry.aliyuncs.com/google_containers \
 --kubernetes-version v1.22.2 \
 --pod-network-cidr=192.168.0.0/16 \
 --cri-socket /run/containerd/containerd.sock \
 --apiserver-advertise-address=192.168.34.2

推荐阅读

官网 - 使用kubeadm 引导集群

https://kubernetes.io/zh/docs/setup/production-environment/tools/kubeadm/install-kubeadm/

极客时间 - 深入剖析 Kubernetes