我是基于一台centos7.6的腾讯云主机进行操作的,配置为4C8G,之前的文档自己试着搭建发现有问题了,这里重新整理下笔记,集群版本选择1.22.2(一年前搭的)用的还不错

清理环境

之前我的环境可能装过docker或者什么东西,先清理下

yum -y remove docker-ce contaienrd

一、环境初始化

systemctl stop firewalld
systemctl disable firewalld
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
setenforce 0
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab



#添加内核参数
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
 
# 让系统生效
sysctl --system

 拉取yum源

mkdir /etc/yum.repos.d/backup/ -p
mv /etc/yum.repos.d/* /etc/yum.repos.d/backup/   #*/

#拉取docker源
wget -O /etc/yum.repos.d/docker-ce.repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
 
#拉取阿里yum源
wget -O/etc/yum.repos.d/aliyun-yilai.repo http://mirrors.aliyun.com/repo/Centos-7.repo

 安装docker

yum -y install docker-ce

# 设置Docker镜像加速器
mkdir -p /etc/docker/
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts":["native.cgroupdriver=systemd"],
"registry-mirrors": ["http://hub-mirror.c.163.com"]
}
EOF



systemctl start docker && systemctl enable docker

升级内核 (虚拟机操作下,云主机跳过)

rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

yum --enablerepo=elrepo-kernel install -y kernel-lt 

#这里根据上面安装的版本不同设置启动的内核版本
grub2-set-default 'CentOS Linux (5.4.175-1.el7.elrepo.x86_64) 7 (Core)'
#重启

#查看首选内核版本
awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg

二、安装k8s

cat > /etc/yum.repos.d/kubernetes.repo <<EOF 
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

yum install -y kubelet-1.22.2 kubeadm-1.22.2 kubectl-1.22.2
systemctl enable kubelet

 须知

在初始化的时候,我们会去官方拉取镜像,但国内的网络一般是拉取不到的,我们这里手动准备一些镜像

#查看该版本所需镜像
kubeadm config images list --kubernetes-version=v1.22.2

 返回

k8s.gcr.io/kube-apiserver:v1.22.2
k8s.gcr.io/kube-controller-manager:v1.22.2
k8s.gcr.io/kube-scheduler:v1.22.2
k8s.gcr.io/kube-proxy:v1.22.2
k8s.gcr.io/pause:3.5
k8s.gcr.io/etcd:3.5.0-0
k8s.gcr.io/coredns/coredns:v1.8.4

 替换前缀为阿里云,并拉取

docker pull registry.aliyuncs.com/google_containers/kube-apiserver:v1.22.2
docker pull registry.aliyuncs.com/google_containers/kube-controller-manager:v1.22.2
docker pull registry.aliyuncs.com/google_containers/kube-scheduler:v1.22.2
docker pull registry.aliyuncs.com/google_containers/kube-proxy:v1.22.2
docker pull registry.aliyuncs.com/google_containers/pause:3.5
docker pull registry.aliyuncs.com/google_containers/etcd:3.5.0-0
docker pull registry.aliyuncs.com/google_containers/coredns:v1.8.4

 然后批量修改标签名称和删除镜像

docker images | grep registry.aliyuncs.com/google_containers | awk '{print "docker tag",$1":"$2,$1":"$2}' | sed -e 's#registry.aliyuncs.com/google_containers#k8s.gcr.io#2' | sh -x


docker images |grep registry.aliyuncs.com/google_containers |awk '{print "docker rmi ", $1":"$2}' |sh -x


docker images |grep registry.cn-hangzhou.aliyuncs.com/moziang |awk '{print "docker rmi ", $1":"$2}' |sh -x

 

三、初始化集群

#修改你的ip地址,其他的不动
kubeadm init --apiserver-advertise-address=10.0.16.15 --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.22.2 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16

添加kubectl认证配置

mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

这个也可能不加,你添加一条环境变量声明下kubeconfig文件位置,变量名$KUBECONFIG

#master去污点   集群模式忽略,我是单节点
kubectl taint nodes --all node-role.kubernetes.io/master-

 四、安装calico插件

官方文档

https://docs.projectcalico.org/getting-started/kubernetes/quickstart

安装

#https://ghproxy.com/ 是加速器地址
#https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/tigera-operator.yaml
#这个是github文件下载地址

wget https://ghproxy.com/https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/tigera-operator.yaml

wget https://ghproxy.com/https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/custom-resources.yaml

 vi custom-resources.yaml

#修改 为上面的--pod-network-cidr=10.244.0.0/16
cidr: 10.244.0.0/16

部署

kubectl create -f tigera-operator.yaml  
kubectl create -f custom-resources.yaml

测试

cat > test-dns.yaml <<EOF
apiVersion: v1
kind: Pod
metadata:
  name: busybox
  namespace: default
spec:
  containers:
  - name: busybox
    image: busybox:1.28.4
    command:
      - sleep
      - "3600"
    imagePullPolicy: IfNotPresent
  restartPolicy: Always
EOF

部署

kubectl apply -f test-dns.yaml

验证

#查看所有pod
kubectl get pod -A

#查看解析是否正常
kubectl exec -it busybox nslookup kubernetes

kubernetes进阶 (一) 环境搭建_ico

添加额外解析

vi /var/lib/kubelet/config.yaml

#添加
resolvConf: "/etc/resolv.conf"

重启服务

systemctl restart kubelet