- 安装kubeadm安装k8s集群、安装k8s高可用集群
- sudo su 切换到root修改主机名称 hostnamectl set-hostname xxxxx关闭 swap
swapoff -a
vim /etc/fstab
# # /etc/fstab # Created by anaconda on Sun Mar 13 12:51:19 2022 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/mapper/cl-root / xfs defaults 0 0 UUID=f724164d-a1bc-412e-b119-fb07aab95643 /boot xfs defaults 0 0 /dev/mapper/cl-home /home xfs defaults 0 0 #/dev/mapper/cl-swap swap swap defaults 0 0
将 带有swap那行注释掉
6.修改本机名和添加其它节点的主机名
vim /etc/hosts
添加如下内容
192.168.x.x k8s-master-1 192.168.x.x k8s-node-13、安装 Docker
官网安装
设置 Docker 国内镜像,并设置cgroupDriver
vim /etc/docker/daemon.json
添加如下内容
{
"exec-opts":["native.cgroupdriver=systemd"],
"registry-mirrors": ["https://2vgbfb0x.mirror.aliyuncs.com"]
}
4、安装docker-compose
官网安装
在非root权限时出现的问题
docker-compose:找不到命令
解决方案
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose5、国内yum源安装kubectl、kubelet和kubeadm
1.设置国内阿里源
cat </etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
2.开始安装
yum install -y kubelet kubeadm kubectl
ps :需要安装指定版本时
如下
yum install -y kubelet-1.23.4 kubeadm-1.23.4 kubectl-1.23.4
3.设置开机启动
systemctl enable kubelet && systemctl start kubelet6、master 节点执行初始化
1.生成初始化文件
mkdir k8s && cd k8s && kubeadm config print init-defaults > kubeadm-config.yaml
2.修改配置文件
vim kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168.xx.xx (修改成master节点IP)
bindPort: 6443
nodeRegistration:
criSocket: /var/run/dockershim.sock
imagePullPolicy: IfNotPresent
name: k8s-master-1 (之前/etc/hosts里设置节点的别名)
taints: null
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers (改成国内源)
kind: ClusterConfiguration
kubernetesVersion: 1.23.0
networking:
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
podSubnet: 10.244.0.0/16
scheduler: {}
- 预先拉取所需镜像
kubeadm config images pull --config=kubeadm-config.yaml
- 初始化
加上 tee kubeadm-init.log,方便后续查看 token 和初始化信息
kubeadm init --config=kubeadm-config.yaml | tee kubeadm-init.log
按照提示,root 身份简单设置
echo “export KUBEConFIG=/etc/kubernetes/admin.conf” >> /etc/profile
启动生效
source /etc/profile7、master节点安装pod网络
- 获取 kube-flannel.yml
curl -o kube-flannel.yml https://raw.githubusercontent.com/coreos/flannel/master/documentation/kube-flannel.yml
- 把yml文件中的所有的quay.io改为quay.mirrors.ustc.edu.cn
sed -i 's/quay.io/quay.mirrors.ustc.edu.cn/g' kube-flannel.yml
- 生成 flannel 插件pod
kubectl apply -f kube-flannel.yml
4.确认所有的Pod都处于Running状态
kubectl get pod -n kube-system8、worker节点join
- 每一个节点服务器也和 master 主节点一样安装 Docker、kubectl、kubelet和kubeadm如果master 重新init,则work节点join之前先执行 kubeadm reset按照 master 初始化的输出提示加入集群
kubeadm join 192.168.0.141:6443 --token abcdef.0123456789abcdef --discovery-token-ca-cert-hash sha256:57df376d612009f381bd3f3835464578666536080c6f779cffcf8bc90af10930
如果没有记住刚才的 token , master 主机 # cat kubeadm-init.log 可以找到
或者这样
kubeadm token list
如果超过 24 小时没有 join ,token 过期,需要在 master 重新获取 token
kubeadm token create 8mfiss.yvbnl8m319ysiflh
获取ca证书sha256编码hash值
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
节点加入集群
kubeadm join --token aa78f6.8b4cafc8ed26c34f --discovery-token-ca-cert-hash sha256:0fd95a9bc67a7bf0ef42da968a0d55d92e52898ec37c971bd77ee501d845b538 192.168.x.x:6443 --skip-preflight-checks
4 .验证node和 Pod状态,
全部是ready
kubectl get nodes
全部是Running
kubectl get pods --all-namespaces8、部署dashboard
dashboard官方仓库
kubectl命令汇总1.删掉节点
kubectl delete node xxx(节点名称)二、建立gitlab仓库
官方多种安装方式
1、使用docker-compose来安装
设置卷位置
对于 Linux 用户,将路径设置为 /srv/gitlab:
sudo su
export GITLAB_HOME=/srv/gitlab
不设置会出现下面警告
WARNING: The GITLAB_HOME variable is not set. Defaulting to a blank string.
新建docker-compose.yml文件
version: '3.6'
services:
web:
image: 'gitlab-jh.tencentcloudcr.com/omnibus/gitlab-jh:latest'
restart: always
hostname: 'xxx.xxx.xxx.xxx' #主机IP
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'http://主机IP:8929'
gitlab_rails['gitlab_shell_ssh_port'] = 2224
# Add any other gitlab.rb configuration here, each on its own line
ports:
- '8929:8929'
- '443:443'
- '2224:22'
volumes:
- '$GITLAB_HOME/config:/etc/gitlab'
- '$GITLAB_HOME/logs:/var/log/gitlab'
- '$GITLAB_HOME/data:/var/opt/gitlab'
shm_size: '256m'
等待一段时间
中间可以通过以下命令追踪
sudo docker logs -f gitlab
访问极狐GitLab URL,并使用用户名 root 和来自以下命令的密码登录:
sudo docker exec -it gitlab grep 'Password:' /etc/gitlab/initial_root_password1. 修改界面语言
右上角头像——>preferences——>Localization2. 添加普通用户 3. 官方安装runner的方法
通过docker方式安装runner 1.使用系统的本地卷挂载来启动容器
docker run -d --name gitlab-runner --restart always -v /srv/gitlab-runner/config:/etc/gitlab-runner -v /var/run/docker.sock:/var/run/docker.sock gitlab/gitlab-runner:latest
2.使用docker创建的volume卷来启动容器
docker volume create gitlab-runner-config
docker run -d --name gitlab-runner --restart always
-v /var/run/docker.sock:/var/run/docker.sock
-v gitlab-runner-config:/etc/gitlab-runner
gitlab/gitlab-runner:latest
3.注册runner(docker)
运行以下命令
本地卷
docker run --rm -it -v /srv/gitlab-runner/config:/etc/gitlab-runner gitlab/gitlab-runner register
docker卷
docker run --rm -it -v gitlab-runner-config:/etc/gitlab-runner gitlab/gitlab-runner:latest register
2.输入gitlab的url
3.输入gitlab上面runner的token
4.输入对于runner的描述. 可以随后进行修改
5.输入 关于runner的tags , 用","来分割。可以随后进行修改。
6.(可选)输入维护人员名字
7.输入runner excutor类型例如shell,docker,大多数选择docker
8.If you entered docker as your executor, you are asked for the default image to be used for projects that do not define one in .gitlab-ci.yml.(默认docker:latest)
ps问题:
How to fix Gitlab CI error during connect: Post http://docker:2375/v1.40/auth: dial tcp: lookup docker on … no such host
解决:
修改config.toml文件
privileged = true volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock"]4.重启runner
修改完config.toml文件需要重启
docker restart gitlab-runner
