1、配置hosts
cat >> /etc/hosts << EOF 192.168.140.129 master 192.168.140.130 node1 192.168.140.131 node2 185.199.109.133 raw.githubusercontent.com EOF
2、关闭交换分区(swap)
[root@master ~]# swapoff -a # 临时关闭
[root@master ~]# sed -ri 's/.*swap.*/#&/' /etc/fstab # 永久关闭,需要重启才生效
3、修改内核参数
# 加载 br_netfilter 模块
[root@master ~]# modprobe br_netfilter
# 验证模块是否加载成功:
[root@master ~]# lsmod |grep br_netfilter
# 修改内核参数
cat > /etc/sysctl.d/k8s.conf <<EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 EOF
# 使修改的内核参数生效
[root@master ~]# sysctl -p /etc/sysctl.d/k8s.conf
4、安装iptables(可选)
[root@master ~]# yum install iptables-services -y
#禁用 iptables
[root@master ~]# service iptables stop && systemctl disable iptables
#清空防火墙规则
[root@master ~]# iptables -F
5、安装和配置docker
[root@master ~]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
[root@master ~]# yum -y install docker-ce-20.10.9-3.el7
[root@master ~]# systemctl enable --now docker && systemctl status docker
# 指定镜像仓库,并修改docker文件驱动为systemd,默认为cgroupfs,kubelet默认使用systemd,两者必须一致才可以
cat > /etc/docker/daemon.json << EOF { "registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com","https://rsbud4vc.mirror.aliyuncs.com","https://registry.docker-cn.com","https://docker.mirrors.ustc.edu.cn","https://dockerhub.azk8s.cn","http://hub-mirror.c.163.com","http://qtid6917.mirror.aliyuncs.com", "https://rncxm540.mirror.aliyuncs.com"], "exec-opts": ["native.cgroupdriver=systemd"] } EOF
[root@master ~]# systemctl daemon-reload && systemctl restart docker && systemctl status docker
6、配置k8s yum源
cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
7、安装k8s组件(master,node都要装)
[root@master ~]# yum install -y kubelet-1.23.3 kubeadm-1.23.3 kubectl-1.23.3
启动kubelet服务
[root@master ~]# systemctl enable --now kubelet
以上步骤所有节点都需要执行
8、在master上执行初始化
kubeadm init \ --apiserver-advertise-address=[master_IP] \ --image-repository registry.aliyuncs.com/google_containers \ --kubernetes-version v1.23.3 \ --service-cidr=10.96.0.0/12 \ --pod-network-cidr=10.244.0.0/16
9、node节点执行kubectl get nodes报错:
[root@node ~]# kubectl get nodes
The connection to the server localhost:8080 was refused - did you specify the right host or port?
原因:
kubectl命令需要使用kubernetes-admin来运行,需要admin.conf文件(conf文件是通过“ kubeadmin init”命令在主节点/etc/kubernetes 中创建),但是从节点没有conf文件,也没有设置 KUBECONFIG =/root/admin.conf环境变量,所以需要复制conf文件到从节点,并设置环境变量就OK了
解决方法:
[root@node ~]# scp root@master:/etc/kubernetes/admin.conf /etc/kubernetes/
[root@node ~]# mkdir -p $HOME/.kube
[root@node ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@node ~]# chown $(id -u):$(id -g) $HOME/.kube/config
[root@node ~]# export KUBECONFIG=/etc/kubernetes/admin.conf
10、配置NetworkManager
[root@master ~]# cat > /etc/NetworkManager/conf.d/calico.conf <<EOF [keyfile] unmanaged-devices=interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico;interface-name:wireguard.cali EOF
11、安装calico组件
[root@master ~]# wget --no-check-certificate https://docs.projectcalico.org/manifests/calico.yaml
[root@master ~]# sed -i 's#docker.io/##g' calico.yaml
[root@master ~]# kubectl apply -f calico.yaml
12、calico官方安装方法
# 安装tigera-operator
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/tigera-operator.yaml
# 安装calico
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/custom-resources.yaml
13、安装rancher dashboard
docker run --privileged -d --restart=unless-stopped -p 80:80 -p 443:443 rancher/rancher
查看join命令在master上执行
kubeadm token create --print-join-command
参考链接:
https://zhuanlan.zhihu.com/p/625125823
https://zhuanlan.zhihu.com/p/639042196
https://www.cnblogs.com/shuiyao3/p/17290271.html
https://www.cnblogs.com/fengdejiyixx/p/16576021.html
https://blog.csdn.net/ma_jiang/article/details/124962352 # K8S Calico网络插件
https://docs.tigera.io/calico/latest/getting-started/kubernetes/quickstart # 官网calico安装