目录
设置host
关闭防火墙
配置ssh
配置网络转发
配置ipvs
配置host
配置仓库
安装组件:
配置KUBE_PROXY_MODE
创建集群
node加入集群
安装flannel否则节点一直处于noready
创建nginx的pod
创建svc并访问服务:
设置host
各主机执行
hostnamectl --static set-hostname master hostnamectl --static set-hostname node1 hostnamectl --static set-hostname node2
关闭防火墙
各主机执行
systemctl stop firewalld & systemctl disable firewalld systemctl stop iptables & systemctl disable iptables sed -i 's/enforcing/disabled/' /etc/selinux/config setenforce 0
配置ssh
各主机执行
修改/etc/ssh/sshd_config助释放开:PubkeyAuthentication yes mkdir /root/.ssh scp ./id_rsa.pub root@10.211.55.5:/root/.ssh cat /root/.ssh/id_rsa.pub > /root/.ssh/authorized_keys chmod 700 /root/.ssh chmod 600 /root/.ssh/authorized_keys
配置网络转发
各主机执行
编辑:vi /etc/sysctl.d/kubernetes.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 #重载配置 sysctl -p # 加载网桥过滤模块 modprobe br_netfilter # 查看网桥过滤模块是否加载成功 lsmod | grep br_netfilter
配置ipvs
各主机执行
cat </etc/sysconfig/modules/ipvs.modules #!/bin/bash modprobe -- ip_vs modprobe -- ip_vs_rr modprobe -- ip_vs_wrr modprobe -- ip_vs_sh modprobe -- nf_conntrack_ipv4 EOF chmod +x /etc/sysconfig/modules/ipvs.modules /bin/bash /etc/sysconfig/modules/ipvs.modules lsmod | grep -e ip_vs -e nf_conntrack_ipv4
配置host
各主机执行
cat </etc/hosts 10.211.55.3 master 10.211.55.4 node1 10.211.55.5 node2 EOF
配置仓库
各主机执行
配置kubernetes.repo
cat </etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=0 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
配置docker
registry-mirrors镜像地址获取方法:
访问:https://cr.console.aliyun.com/
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum install --setopt=obsoletes=0 docker-ce-18.06.3.ce-3.el7 -y
mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://xxxxx.mirror.aliyuncs.com"]
}
EOF
安装组件:
各主机执行
yum install --setopt=obsoletes=0 kubeadm-1.17.4-0 kubelet-1.17.4-0 -y
配置KUBE_PROXY_MODE
各主机执行
vim /etc/sysconfig/kubelet
KUBELET_CGROUP_ARGS="--cgroup-driver=systemd" KUBE_PROXY_MODE="ipvs"
创建集群
各主机执行:
systemctl enable kubelet.service systemctl start kubelet.service systemctl enable kube-proxy.service systemctl start kube-proxy.service systemctl start docker & systemctl enable docker
master执行
kubeadm init --apiserver-advertise-address=10.211.55.3 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=v1.17.4 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12
各主机执行
mkdir -p $HOME/.kube cp -i /etc/kubernetes/admin.conf $HOME/.kube/config chown $(id -u):$(id -g) $HOME/.kube/config
node加入集群
node主机需要
kubeadm join 10.211.55.3:6443 --token 1rp3tx.xgumf4f7vcdbf0u2
--discovery-token-ca-cert-hash sha256:5978ae9c8cf4f17af81a65c338f9b21e3440ab878ae79daab4119c9568a5ca4e
如果遇到报错,根据显示有可能是docker没启动或者k8s api-server 没启动,或者token失效,对于token失效,则通过kubeadm join token失效 - mvpbang - 博客园
中kubeadm token create --print-join-command创建新token,默认token有失时间,也可以设置用不失效
kubeadm join 10.211.55.3:6443 --token 1rp3tx.xgumf4f7vcdbf0u2 --discovery-token-ca-cert-hash sha256:5978ae9c8cf4f17af81a65c338f9b21e3440ab878ae79daab4119c9568a5ca4e
安装flannel否则节点一直处于noready
master主机需要
wget https://raw.githubusercontent.com/coreos/flannel/master/documentation/kube-flannel.yml kubectl apply -f kube-flannel.yml kubectl get nodes
master节点镜像:
查看所有命令空间和命名空间下的pod:
创建nginx的pod
master主机执行
kubectl create deployment nginx --image=nginx:1.14-alpine kubectl get deploy kubectl describe pod nginx-6867cdf567-9tbg9
创建svc并访问服务:
kubectl expose deploy nginx --port=80 --target-port=80 --type=NodePort
service/nginx exposed
外部访问:master节点ip+svc中的ports端口
http://10.211.55.3:32022/
kubectl get pod -o wide
查看pod ip
在集群内部可以:
kubectl get svc
查看service ip
参考:
https://segmentfault.com/a/1190000039805777
手把手从零搭建与运营生产级的 Kubernetes 集群与 KubeSphere_Kubernetes中文社区
centos8操作系统初始化设置_u013078871的博客-CSDN博客
