部署环境准备
ubuntu22.04虚拟机3台
环境修改
修改hostname(各修改各的)
1
2
3
| hostnamectl set-hostname k8s-master // master节点
hostnamectl set-hostname k8s-node1 // node1节点
hostnamectl set-hostname k8s-node2 // node2节点
|
重启虚拟机,可以看到hostname已经生效了
修改hosts文件(master 和所有node )
修改/etc/hosts文件,添加下面内容
1
2
3
4
5
| cat >> /etc/hosts << EOF
192.168.1.100 k8s-master
192.168.1.101 k8s-node1
192.168.1.102 k8s-node2
EOF
|
禁用swap(master 和所有node)
执行 free -m 命令检测: 如果Swap这一行不是0,则说明虚拟内存swap被开启了,需要关闭。
1
2
3
| sudo swapoff -a
sudo sed -i '/swap/ s/^\(.*\)$/#\1/g' /etc/fstab
|
修改内核参数(master 和所有node )
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
sudo tee /etc/modules-load.d/containerd.conf <<EOF
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
sudo tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --system
|
安装 containerd
1
2
3
4
5
6
7
8
|
sudo apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/docker.gpg
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
|
1
2
3
4
5
6
7
8
9
10
11
|
sudo apt update
sudo apt install -y containerd.io
containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1
sudo sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml
sudo systemctl restart containerd
sudo systemctl enable containerd
|
可以看到containerd已经成功启动~
1
2
3
4
5
6
7
|
cat > /etc/crictl.yaml << EOF
runtime-endpoint: unix:///var/run/containerd/containerd.sock
image-endpoint: unix:///var/run/containerd/containerd.sock
timeout: 10
debug: false
EOF
|
安装k8s
安装组件(master 和所有node )
1
2
3
4
5
|
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
sudo apt-add-repository "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"
apt-get update
|
1
2
3
4
|
apt-cache madison kubeadm|head
apt install -y kubelet=1.24.4-00 kubeadm=1.24.4-00 kubectl=1.24.4-00
|
下载镜像(master 和所有node )
1
2
3
4
5
6
7
8
9
10
11
12
13
|
kubeadm config images list \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version=v1.24.4
kubeadm config images pull \
--kubernetes-version=v1.24.4 \
--image-repository registry.aliyuncs.com/google_containers
crictl images
|
集群配置(master)
1
| kubeadm config print init-defaults > kubeadm.yaml
|
修改集群配置如下:
左边为导出的原始文件,右边为修改后的文件
1
2
3
4
5
|
kubeadm init \
--config /root/kubeadm.yaml \
--ignore-preflight-errors=SystemVerification \
--upload-certs
|
1
| journalctl -xefu kubelet
|
集群配置2
集群配置3
集群配置4
journalctl -xefu kubelet 的报错信息如下:
1
| 11月 28 23:24:10 k8s-master kubelet[24909]: E1128 23:24:10.831329 24909 remote_runtime.go:201] "RunPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to get sandbox image \"registry.k8s.io/pause:3.6\": failed to pull image \"registry.k8s.io/pause:3.6\": failed to pull and unpack image \"registry.k8s.io/pause:3.6\": failed to resolve reference \"registry.k8s.io/pause:3.6\": failed to do request: Head \"https://asia-east1-docker.pkg.dev/v2/k8s-artifacts-prod/images/pause/manifests/3.6\": dial tcp 108.177.125.82:443: connect: connection refused"
|
1
2
3
4
5
6
7
| cat /etc/containerd/config.toml |grep image
sed -i "s#registry.k8s.io/pause:3.6#registry.aliyuncs.com/google_containers/pause:3.6#g" /etc/containerd/config.toml
systemctl daemon-reload && systemctl restart containerd
|
1
2
3
4
5
6
7
|
kubeadm reset
kubeadm init \
--config /root/kubeadm.yaml \
--ignore-preflight-errors=SystemVerification \
--upload-certs
|
集群配置5
journalctl -xefu kubelet 的报错信息如下:
1
2
| 11月 29 00:11:19 k8s-master kubelet[42857]: E1129 00:11:19.795996 42857
|
改回systemd
1
2
3
4
5
6
7
|
kubeadm reset
kubeadm init \
--config /root/kubeadm.yaml \
--ignore-preflight-errors=SystemVerification \
--upload-certs
|
1
2
3
4
| mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
[root@k8s-master ~]
apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168.1.100
bindPort: 6443
nodeRegistration:
criSocket: unix:///var/run/containerd/containerd.sock
imagePullPolicy: IfNotPresent
name: k8s-master
taints: null
---
apiServer:
timeoutForControlPlane: 4m0s
certSANs:
- 192.168.1.100
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: 1.24.4
networking:
dnsDomain: cluster.local
podSubnet: 10.244.0.0/16
serviceSubnet: 10.96.0.0/12
scheduler: {}
---
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
cgroupDriver: systemd
|
node节点
两个节点都执行如下方法:
1
2
3
4
5
6
| cat /etc/containerd/config.toml |grep image
sed -i "s#registry.k8s.io/pause:3.6#registry.aliyuncs.com/google_containers/pause:3.6#g" /etc/containerd/config.toml
systemctl daemon-reload && systemctl restart containerd
|
1
2
| kubeadm join 192.168.1.100:6443
|
集群安装成功~
网络插件
1
2
3
|
curl https://raw.githubusercontent.com/projectcalico/calico/v3.24.1/manifests/calico.yaml -o calico-3-24-1.yaml
kubectl apply -f calico-3-24-1.yaml
|
部署完成之后多等一会,就会变成running了~
node也全部都是ready了~
测试
1
2
3
4
| kubectl create deployment nginx --image=nginx
kubectl get pod
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get pod,svc
|
工具类学习
1
| grep 'registry.k8s.io/pause:3.6' /var/log/syslog
|
参考
# [最新]ubuntu22.04安装kubernetes1.25 k8s1.25 前半部分配置
Ubuntu22.04 安装 K8S 后半部分配置 kubeadm的config配置 ipvs配置