k8s 1.18版本是很旧的版本,部署这个版本是为了做一些测试
生产环境推荐部署1.26版本,运行时使用的是containerd
主机列表
10.29.64.48 m1-48 master
10.29.64.49 m1-49 node
10.29.64.50 m1-50 node
系统环境设置
# 关闭防火墙 systemctl stop firewalld systemctl disable firewalld # 关闭selinux sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久 setenforce 0 # 临时 # 关闭swap swapoff -a # 临时 sed -ri 's/.*swap.*/#&/' /etc/fstab # 永久 # 将桥接的IPv4流量传递到iptables的链 cat > /etc/sysctl.d/k8s.conf << EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF sysctl -p # 生效 # 时间同步 yum install ntpdate -y # 根据规划设置主机名 hostnamectl set-hostname m1-48 hostnamectl set-hostname m2-49 hostnamectl set-hostname m3-50 # 注意:在master添加hosts cat >> /etc/hosts << EOF 10.29.64.48 m1-48 10.29.64.49 m1-49 10.29.64.50 m1-50 10.29.64.48 api.k8s-test.com 10.29.64.48 api.rancer-test.com EOF
三台节点,安装docker/kubeadm/kubelet
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo yum -y install docker-ce-18.06.1.ce-3.el7 sed -i '3i ,\"exec-opts\": [\"native.cgroupdriver=systemd\"]' /etc/docker/daemon.json systemctl restart docker systemctl enable docker && systemctl start docker --version
配置镜像源
cat > /etc/docker/daemon.json << EOF
{
"registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"]
}
EOF
添加阿里yum软件源
cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF 重启docker systemctl restart docker systemctl enable docker
升级内核
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm #安装完成后检查 /boot/grub2/grub.cfg中对应内核menuentry中是否包含initrd16配置,如果没有,再安装一次 yum --enablerepo=elrepo-kernel install -y kernel-lt #设置开机从新内核启动 grub2-set-default 'CentOS Linux (4.4.189-1.el7.elrepo.x86_64) 7 (Core)' #重启机器 reboot
安装kubeadm
yum install -y kubelet-1.18.0 kubeadm-1.18.0 kubectl-1.18.0 systemctl enable kubelet systemctl restart kubelet # 安装其他版本使用的命令 #yum -y install kubeadm-1.23.4 kubectl-1.23.4 kubelet-1.23.4 #yum -y install kubeadm-1.26.3 kubectl-1.26.3 kubelet-1.26.3
获取初始配置模版
kubeadm config print init-defaults > kubeadm-config.1.18.yaml #将初始化文件打印至目标文件
修改kubeadm-config.1.18.yaml文件
apiVersion: kubeadm.k8s.io/v1beta2 bootstrapTokens: - groups: - system:bootstrappers:kubeadm:default-node-token token: abcdef.0123456789abcdef ttl: 24h0m0s usages: - signing - authentication kind: InitConfiguration localAPIEndpoint: advertiseAddress: 10.29.64.48 #修改apiserver地址,写master主机的IP bindPort: 6443 nodeRegistration: criSocket: /var/run/dockershim.sock name: m1-48 taints: - effect: NoSchedule key: node-role.kubernetes.io/master --- apiServer: timeoutForControlPlane: 4m0s apiVersion: kubeadm.k8s.io/v1beta2 certificatesDir: /etc/kubernetes/pki clusterName: kubernetes controllerManager: {} dns: type: CoreDNS etcd: local: dataDir: /var/lib/etcd imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers #修改为国内仓库地址 kind: ClusterConfiguration kubernetesVersion: v1.18.0 networking: dnsDomain: cluster.local serviceSubnet: 10.29.91.0/24 #集群部署后,可以在/etc/kubernetes/manifests/kube-controller-manager.yaml中查看-cluster-cidr字段 podSubnet: 10.29.90.0/24 #集群部署后,可以在/etc/kubernetes/manifests/kube-apiserver.yaml中查看,service-cluster-ip-range字段 scheduler: {}
部署master01
kubeadm init --config=kubeadm-config.1.18.yaml | tee kubeadm-init.log # 执行完成后,会给出kubeadm join提示,可以分别加入其他master节点和node节点,两个命令的区别是 --control-plane 参数 # kubeadm reset 恢复初始状态,可以直接剔掉一个master节点
配置kubectl工具
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config kubectl get nodes kubectl get pods -n kube-system