一、场景:随着centos8的终结,centos7也将在2024年寿终正寝,所以本文将从centos创始人维护的RockyLinux重新进入BP时代。
二、系统安装
1、下载RockyLinux系统管网下载:Rocky Linux
2、系统安装和centos差不多,本文将通过Promox Virtual进行,Promox的安装请参考:
微服务架构(一)简单的服务器虚拟框架选型及安装_Morik的博客-CSDN博客_微服务架构服务器配置
2.1、系统基本配置2核、4g、双网卡
2.2、选择最小安装、时区上海、网络打开--->配置--->常规--->自动连接、设置root密码直接开始;等待安装完成重启 ip a 查看地址,idea或其他工具远程连接。
三、初始化系统
1、dnf配置
1.1、安装语言
[root@anonymous ~]# dnf install glibc-langpack-en
1.2、替换阿里云源
[root@anonymous ~]# sed -e 's|^mirrorlist=|#mirrorlist=|g' -e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://mirrors.aliyun.com/rockylinux|g' -i.bak /etc/yum.repos.d/Rocky-*.repo
2、生成缓存、下载常用工具
[root@anonymous ~]# dnf makecache [root@anonymous ~]# dnf -y install vim bash-completion net-tools gcc wget -y
3、Docker 安装
3.1、设置docker镜像仓库
[root@anonymous ~]# dnf config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
3.2、yum 软件包索引
[root@anonymous ~]# dnf update
3.3、查看目前官方仓库的 docker 版本。
[root@anonymous ~]# dnf list docker-ce.x86_64 --showduplicates |sort -r
[root@anonymous ~]# dnf remove docker-ce docker-ce-cli containerd.io -y
[root@anonymous ~]# dnf install -y docker-ce-20.10.8 docker-ce-cli-20.10.8 containerd.io-1.4.10 --allowerasing
[root@anonymous ~]# dnf remove podman -y
#修改docker镜像下载地址
[root@anonymous ~]# mkdir -p /etc/docker
[root@anonymous ~]# cat >> /etc/docker/daemon.json << OFF
{
"registry-mirrors": ["https://registry.cn-hangzhou.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
OFF
#启动docker并设置开机启动
[root@anonymous ~]# systemctl start docker
[root@anonymous ~]# systemctl enable docker --now
4、关闭swap分区
[root@anonymous ~]# swapoff -a [root@anonymous ~]# sed -i 's/.*swap.*/#&/' /etc/fstab
5、禁用 SELINUX
[root@anonymous ~]# setenforce 0 [root@anonymous ~]# sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux [root@anonymous ~]# sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config [root@anonymous ~]# sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/sysconfig/selinux [root@anonymous ~]# sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/selinux/config
6、关闭防火墙和开启启动
[root@anonymous ~]# systemctl stop firewalld.service [root@anonymous ~]# systemctl disable firewalld.service
7、安装iptables
[root@anonymous network-scripts]# modprobe -- ip_vs [root@anonymous network-scripts]# modprobe -- ip_vs_rr [root@anonymous network-scripts]# modprobe -- ip_vs_wrr [root@anonymous network-scripts]# modprobe -- ip_vs_sh [root@anonymous network-scripts]# modprobe -- nf_conntrack_ipv4 [root@anonymous network-scripts]# lsmod | grep ip_vs
8、将桥接的IPv4流量传递到iptables的链:
[root@anonymous network-scripts]# cat >>/etc/sysctl.d/k8s.conf<< OFF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 OFF [root@anonymous network-scripts]# modprobe br_netfilter #查看 [root@anonymous network-scripts]# sysctl -p /etc/sysctl.d/k8s.conf
9、添加k8s软件源信息
[root@anonymous network-scripts]# cat </etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
10、删除已有环境,到此一个干净的系统就初始化完成了(生成vm模板供主节点和工作节点克隆)
#这里连续敲几下回车 [root@anonymous network-scripts]# dnf list kubeadm --showduplicates |sort -r [root@anonymous network-scripts]# dnf remove kubeadm.x86_64 kubectl.x86_64 kubelet.x86_64 -y
四、主节点部署
1、clone三 中的vm并配置网络
[root@anonymous ~]# cat << OFF >/etc/sysconfig/network-scripts/ifcfg-ens19 TYPE=Ethernet PROXY_METHOD=none BROWSER_onLY=no BOOTPROTO=static DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=ens19 UUID=f47b7ac6-e1e3-4ec5-a1b4-855dff9fa3cb DEVICE=ens19 onBOOT=yes IPADDR=192.168.1.80 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 OFF
2、刷新查看网络配置
[root@anonymous ~]# nmcli c reload [root@anonymous ~]# nmcli c up ens19 [root@anonymous ~]# nmcli d show
3、设置主机
[root@anonymous ~]# hostnamectl set-hostname k8s-master [root@anonymous ~]# cat >> /etc/hosts <4、安装k8s依赖
[root@anonymous ~]# dnf install -y kubeadm-1.21.5 kubectl-1.21.5 kubelet-1.21.55、启动kubelet
[root@anonymous ~]# systemctl daemon-reload [root@anonymous ~]# systemctl start kubelet.service [root@anonymous ~]# systemctl enable kubelet.service [root@anonymous ~]# systemctl status kubelet.service6、初始化k8s,成功后记录红框内的token和hash
[root@anonymous ~]# kubeadm init --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=v1.21.5 --pod-network-cidr=10.10.0.0/16 --service-cidr=10.20.0.0/16 --apiserver-advertise-address=192.168.1.807、创建kubectl
[root@anonymous ~]# mkdir -p $HOME/.kube [root@anonymous ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config [root@anonymous ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config [root@anonymous ~]# source <(kubectl completion bash) && echo 'source <(kubectl completion bash)' >> ~/.bashrc8、安装calico网络
[root@anonymous ~]# kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml9、安装kubernetes-dashboard
9.1、下载配置文件(下载不成功可以用浏览器直接打开vim进去)
[root@anonymous ~]# wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.3.1/aio/deploy/recommended.yaml9.2、修改配置文件在service节点下新增type: NodePort和nodePort: 30000
kind: Service apiVersion: v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboard spec: type: NodePort ports: - port: 443 targetPort: 8443 nodePort: 30000 selector: k8s-app: kubernetes-dashboard9.3、启动用生成的token登录进去
[root@anonymous k8s]# echo "export KUBEConFIG=/etc/kubernetes/admin.conf" >> /etc/profile [root@anonymous k8s]# source /etc/profile [root@anonymous k8s]# kubectl create -f recommended.yaml [root@anonymous k8s]# kubectl get pod -n kubernetes-dashboard五、工作节点部署
1、clone三 中的vm并配置网络
[root@anonymous ~]# cat << OFF >/etc/sysconfig/network-scripts/ifcfg-ens19 TYPE=Ethernet PROXY_METHOD=none BROWSER_onLY=no BOOTPROTO=static DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=ens19 UUID=f47b7ac6-e1e3-4ec5-a1b4-855dff9fa3cb DEVICE=ens19 onBOOT=yes IPADDR=192.168.1.81 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 OFF2、重启网络
[root@anonymous ~]# nmcli c reload [root@anonymous ~]# nmcli c up ens19 [root@anonymous ~]# nmcli d show #设置主机名 [root@anonymous ~]# cat >> /etc/hosts <3、安装kubeadm、kubectl
[root@anonymous ~]# dnf install -y kubeadm-1.21.5 kubectl-1.21.5 #Node Join [root@anonymous ~]# kubeadm join 192.168.1.80:6443 --token buwk6x.qxoj9n2l29s73lxk --discovery-token-ca-cert-hash sha256:0614dcce78b5608932e91f25ffbf8850f6cb0341afd1b58fcf42e7bb884b1ad64、去到master主机上查询([root@anonymous k8s]# kubectl get nodes)
