目录
前言
一,kubeadm简介
二,节点组件介绍
1,控制节点组件
2,工作节点组件
三,部署拓扑
四,开虚拟化支持,改主机名,配IP,配域名解析,配置免密登录
1,三台节点编辑此虚拟机设置—cpu—三个复选框全勾上
2,改主机名
3,配IP地址
4,配域名解析
5,配置免密登录
二,关交换分区,修改内核参数,关闭防火墙,关闭selinux,配置yum源
1,关交换分区
2,修改内核参数,开启数据包转发
3,关闭防火墙和禁止开机自启动
4,关闭selinux,重启机器
5,配置阿里云yum源
三,安装基础软件包,安装iptables
1,安装基础软件包
2,安装iptables,禁止开机自启动
四,安装配置docker,配置docker加速,安装k8s软件包
1,安装docker
2,配置docker镜像加速
3,安装初始化k8s软件包
五,初始化k8s集群
1,导入镜像包
2,使用kubeadm初始化k8s集群
3,添加工作节点
4,安装网络插件calico
前言
注意事项:这个博客所有搭建步骤基本都可以直接复制的,如果你IP和我的一样的话,不过还是不建议直接复制粘贴,毕竟是学习嘛,还有在部署时一定要注意节点不要搞错了,否则后边有些步骤是很难逆的。
一,kubeadm简介
kubeadm是官方提供部署k8s集群的工具,为开源项目,源码在github上,源码可以看到,可以再二次开发,快速搭建集群的一种方式,官方推荐,主要通过kubectl init 和kubectl join两个命令快速搭建k8s集群,并可以实现k8s集群的扩容。
kubeadm初始化时,所有组件都是通过pod的形式运行的,可通过监控任务实现故障自恢复功能
kubeadm是一种自动化搭建的工具,通过脚本的方式帮我们搭建集群,属于自动部署,简单易学,屏蔽了很多细节,虽快,但是组件自动安装,调用对每个模块感知较少,遇到问题很难排查。
适用于经常部署,或者对自动化要求较高的情况下使用。
二,节点组件介绍
1,控制节点组件
apiserver controller-manager scheduler kubelet etcd docker kube-proxy keepalived nginx calico
2,工作节点组件
kubelet kube-proxy docker calico coredns
三,部署拓扑
三个节点,单控制,双工作
使用centos 7.6版本
node1 192.168.100.30
master 192.168.100.40
Node2 192.168.100.50
四,开虚拟化支持,改主机名,配IP,配域名解析,配置免密登录
1,三台节点编辑此虚拟机设置—cpu—三个复选框全勾上
2,改主机名
master:
hostnamectl set-hostname master && bashnode1:
hostnamectl set-hostname node1 && bashnode2:
hostnamectl set-hostname node2 && bash3,配IP地址
master:
vim /etc/sysconfig/network-scripts/ifcfg-ens33TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=9b050f16-c845-4870-bdd5-f2b26e65ea65
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.40
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
DNS1=114.114.114.114systemctl restart network
ip a
ping www.baidu.comnode1:
vim /etc/sysconfig/network-scripts/ifcfg-ens33TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=9b050f16-c845-4870-bdd5-f2b26e65ea65
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.30
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
DNS1=114.114.114.114systemctl restart network
ip a
ping www.baidu.comnode2:
vim /etc/sysconfig/network-scripts/ifcfg-ens33TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=9b050f16-c845-4870-bdd5-f2b26e65ea65
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.50
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
DNS1=114.114.114.114systemctl restart network
ip a
ping www.baidu.com4,配域名解析
master:
vim /etc/hosts127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.30 node1
192.168.100.40 master
192.168.100.50 node2scp /etc/hosts root@192.168.100.30:/etc/hosts
scp /etc/hosts root@192.168.100.50:/etc/hosts
ping node15,配置免密登录
master:
ssh-keygenssh-copy-id master
ssh-copy-id node1
ssh-copy-id node2node1:
ssh-keygenssh-copy-id master
ssh-copy-id node1
ssh-copy-id node2node2:
ssh-keygenssh-copy-id master
ssh-copy-id node1
ssh-copy-id node2二,关交换分区,修改内核参数,关闭防火墙,关闭selinux,配置yum源
1,关交换分区
master:
vim /etc/fstab#
# /etc/fstab
# Created by anaconda on Wed Jan 5 19:24:01 2022
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=2ee72c81-de7c-40bb-a058-0c08a718c73c /boot xfs defaults 0 0
/dev/mapper/centos-home /home xfs defaults 0 0
#/dev/mapper/centos-swap swap swap defaults 0 0scp /etc/fstab root@192.168.100.30:/etc/fstab
scp /etc/fstab root@192.168.100.50:/etc/fstab2,修改内核参数,开启数据包转发
master:
modprobe br_netfilter
lsmod | grep br_netfiltervim /etc/sysctl.d/k8s.confnet.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1sysctl -p /etc/sysctl.d/k8s.conf
scp /etc/sysctl.d/k8s.conf root@192.168.100.30:/etc/sysctl.d/k8s.conf
scp /etc/sysctl.d/k8s.conf root@192.168.100.50:/etc/sysctl.d/k8s.confnode1:
sysctl -p /etc/sysctl.d/k8s.confnode2:
sysctl -p /etc/sysctl.d/k8s.conf3,关闭防火墙和禁止开机自启动
master:
systemctl stop firewalld && systemctl disable firewalld
systemctl status firewalldnode1:
systemctl stop firewalld && systemctl disable firewalld
systemctl status firewalldnode2:
systemctl stop firewalld && systemctl disable firewalld
systemctl status firewalld4,关闭selinux,重启机器
master:
vim /etc/selinux/config# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targetedscp /etc/selinux/config root@192.168.100.30:/etc/selinux/config
scp /etc/selinux/config root@192.168.100.50:/etc/selinux/config
init 6node1:
init 6node2:
init 65,配置阿里云yum源
master:
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum makecache
yum makecache fast
service docker start
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet-1.20.6 kubeadm-1.20.6 kubectl-1.20.6
systemctl enable kubelet && systemctl start kubelet
yum -y install ntpdate
ntpdate cn.pool.ntp.orgnode1:
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum makecache
yum makecache fast
service docker start
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet-1.20.6 kubeadm-1.20.6 kubectl-1.20.6
systemctl enable kubelet && systemctl start kubelet
yum -y install ntpdate
ntpdate cn.pool.ntp.orgnode2:
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum makecache
yum makecache fast
service docker start
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum -y install ntpdate
ntpdate cn.pool.ntp.org三,安装基础软件包,安装iptables
1,安装基础软件包
maser:
yum install -y yum-utils device-mapper-persistent-data lvm2 wget net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release openssh-server socat ipvsadm conntrack ntpdate telnet ipvsadmnode1:
yum install -y yum-utils device-mapper-persistent-data lvm2 wget net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release openssh-server socat ipvsadm conntrack ntpdate telnet ipvsadmnode2:
yum install -y yum-utils device-mapper-persistent-data lvm2 wget net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release openssh-server socat ipvsadm conntrack ntpdate telnet ipvsadm2,安装iptables,禁止开机自启动
master:
yum -y install iptables-services
systemctl stop iptables && ststemctl disable iptablesnode1:
yum -y install iptables-services
systemctl stop iptables && ststemctl disable iptablesnode2:
yum -y install iptables-services
systemctl stop iptables && ststemctl disable iptables四,安装配置docker,配置docker加速,安装k8s软件包
1,安装docker
master:
yum -y install docker-ce docker-ce-cli containerd.io
systemctl restart docker && systemctl enable docker && systemctl status dockernode1:
yum -y install docker-ce docker-ce-cli containerd.io
systemctl restart docker && systemctl enable docker && systemctl status dockernode2:
yum -y install docker-ce docker-ce-cli containerd.io
systemctl restart docker && systemctl enable docker && systemctl status docker2,配置docker镜像加速
master:
vim /etc/docker/daemon.json{
“registry-mirrors”:[“https://rsbud4vc.mirror.aliyuncs.com”],
“exec-opts”: [“native.cgroupdriver=systemd”]
}systemctl daemon-reload && systemctl restart docker
scp /etc/docker/daemon.json root@192.168.100.30:/etc/docker/daemon.json
scp /etc/docker/daemon.json root@192.168.100.50:/etc/docker/daemon.jsonnode1:
systemctl daemon-reload && systemctl restart dockernode2:
systemctl daemon-reload && systemctl restart docker3,安装初始化k8s软件包
master:
yum install -y kubelet-1.20.6 kubeadm-1.20.6 kubectl-1.20.6
systemctl enable kubelet && systemctl start kubeletnode1:
yum install -y kubelet-1.20.6 kubeadm-1.20.6 kubectl-1.20.6
systemctl enable kubelet && systemctl start kubeletnode2:
yum install -y kubelet-1.20.6 kubeadm-1.20.6 kubectl-1.20.6
systemctl enable kubelet && systemctl start kubelet五,初始化k8s集群
1,导入镜像包
链接:https://pan.baidu.com/s/1RiXNhjWrq41VoqA60ARM4A?pwd=wqdj
提取码:wqdj
将k8simage.tar.gz上传到三个节点
master:
docker load -I k8simage.tar.gznode1:
docker load -I k8simage.tar.gznode2:
docker load -I k8simage.tar.gz2,使用kubeadm初始化k8s集群
master:
kubeadm init --kubernetes-version=1.20.6 --apiserveradvertise-address=192.168.100.40 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.220.0.0/16 --ignore-preflight-errors=SystemVerification
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config.
kubeadm token create --print-join-command3,添加工作节点
node1:
复制join命令,执行
node2:
复制join命令,执行
master:
看到如下情况为正确
[root@master manifests]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master NotReady control-plane,master 25m v1.20.6
node1 NotReady <none> 20s v1.20.6
node2 NotReady <none> 14s v1.20.64,安装网络插件calico
链接:https://pan.baidu.com/s/1RiXNhjWrq41VoqA60ARM4A?pwd=wqdj
提取码:wqdj
导入calico.yaml
master:
kubectl apply -f calico.yaml看到如下为成功
[root@master manifests]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready control-plane,master 25m v1.20.6
node1 Ready <none> 20s v1.20.6
node2 Ready <none> 14s v1.20.6至此,基于kubeadm的快速部署k8s集群完成。感谢大家阅读,欢迎学习,转发,评论。
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
