一.安装k8s环境

1.初始操作

默认3台服务器都执行

# 关闭防火墙
systemctl stop firewalld
systemctl disable firewalld# 关闭selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config  # 永久
setenforce 0  # 临时# 关闭swap
swapoff -a  # 临时
sed -ri 's/.*swap.*/#&/' /etc/fstab    # 永久# 关闭完swap后，一定要重启一下虚拟机！！！
# 根据规划设置主机名
hostnamectl set-hostname <hostname># 在master添加hosts
cat >> /etc/hosts << EOF
192.168.124.4 k8s-master
192.168.124.5 k8s-node1
192.168.124.6 k8s-node2
EOF# 将桥接的IPv4流量传递到iptables的链
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOFsysctl --system  # 生效# 时间同步
yum install ntpdate -y
ntpdate time.windows.com

2.安装基础软件

基础软件需要在三台服务器都执行

2.1安装docker

在这里，我们将向您介绍Docker的安装方法。但首先，我们需要先安装依赖包。您需要通过使用以下命令安装一些基本软件：

yum install -y yum-utils device-mapper-persistent-data lvm2

然后，您可以使用以下命令来安装Docker：

sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

当安装成功时，您可以执行以下命令来更新缓存并安装Docker Community版：

sudo yum update

sudo yum install docker-ce-20.10.5 docker-ce-cli-20.10.5 containerd.io

docker -v
输出 Docker version 20.10.5, build 55c4c88

2.2添加阿里云 yum 源

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

2.3安装 kubeadm、kubelet、kubectl

yum install -y kubelet-1.23.6 kubeadm-1.23.6 kubectl-1.23.6systemctl enable kubelet# 配置关闭 Docker 的 cgroups，修改 /etc/docker/daemon.json，加入以下内容
"exec-opts": ["native.cgroupdriver=systemd"]# 重启 docker
systemctl daemon-reload
systemctl restart docker

3. 部署 Kubernetes Master

# 在 Master 节点下执行kubeadm init \--apiserver-advertise-address=192.168.124.4 \--image-repository registry.aliyuncs.com/google_containers \--kubernetes-version v1.23.6 \--service-cidr=10.96.0.0/12 \--pod-network-cidr=10.244.0.0/16# 安装成功后，复制如下配置并执行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get nodes

4.加入 Kubernetes Node

分别在 k8s-node1 和 k8s-node2 执行# 下方命令可以在 k8s master 控制台初始化成功后复制 join 命令
#下面的命令是第3步生成的命令kubeadm join 192.168.124.4:6443 --token w34ha2.66if2c8nwmeat9o7 --discovery-token-ca-cert-hash sha256:20e2227554f8883811c01edd850f0cf2f396589d32b57b9984de3353a7389477# 如果初始化的 token 不小心清空了，可以通过如下命令获取或者重新申请
# 如果 token 已经过期，就重新申请
kubeadm token create# token 没有过期可以通过如下命令获取
kubeadm token list# 获取 --discovery-token-ca-cert-hash 值，得到值后需要在前面拼接上 sha256:
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \
openssl dgst -sha256 -hex | sed 's/^.* //'

查看node情况，发现都是Notready。是因为网络原因。执行第5步即可。

[root@k8s-master k8s]# kubectl get node
NAME         STATUS     ROLES                  AGE   VERSION
k8s-master   NotReady   control-plane,master   22h   v1.23.6
k8s-node01   NotReady   <none>                 22h   v1.23.6
k8s-node02   Ready      <none>                 22h   v1.23.6

5. 部署 CNI 网络插件

# 在 master 节点上执行
# 下载 calico 配置文件，可能会网络超时
curl https://docs.projectcalico.org/manifests/calico.yaml -O# 修改 calico.yaml 文件中的 CALICO_IPV4POOL_CIDR 配置，修改为与初始化的 cidr 相同# 修改 IP_AUTODETECTION_METHOD 下的网卡名称# 删除镜像 docker.io/ 前缀，避免下载过慢导致失败
sed -i 's#docker.io/##g' calico.yaml

#执行
kubectl apply -f calico.yaml[root@k8s-master k8s]# kubectl get pod -n kube-system -o wide
NAME                                       READY   STATUS                  RESTARTS      AGE     IP              NODE         NOMINATED NODE   READINESS GATES
calico-kube-controllers-74dbdc644f-l95jc   0/1     ContainerCreating       0             2m37s   <none>          k8s-node02   <none>           <none>
calico-node-82kwk                          0/1     Init:2/3                0             2m37s   192.168.124.5   k8s-node01   <none>           <none>
calico-node-pcbtl                          0/1     Init:ImagePullBackOff   0             2m37s   192.168.124.4   k8s-master   <none>           <none>
calico-node-v96st                          0/1     Init:2/3                0             2m37s   192.168.124.6   k8s-node02   <none>           <none>
coredns-6d8c4cb4d-jqktl                    0/1     ContainerCreating       0             22h     <none>          k8s-node02   <none>           <none>
coredns-6d8c4cb4d-rhgsv                    0/1     ContainerCreating       0             22h     <none>          k8s-node02   <none>           <none>
etcd-k8s-master                            1/1     Running                 1 (22h ago)   22h     192.168.124.4   k8s-master   <none>           <none>
kube-apiserver-k8s-master                  1/1     Running                 1 (22h ago)   22h     192.168.124.4   k8s-master   <none>           <none>
kube-controller-manager-k8s-master         1/1     Running                 1 (22h ago)   22h     192.168.124.4   k8s-master   <none>           <none>
kube-proxy-2k2n6                           1/1     Running                 1 (22h ago)   22h     192.168.124.6   k8s-node02   <none>           <none>
kube-proxy-2kv9q                           1/1     Running                 1 (22h ago)   22h     192.168.124.5   k8s-node01   <none>           <none>
kube-proxy-hpjw6                           1/1     Running                 1 (22h ago)   22h     192.168.124.4   k8s-master   <none>           <none>
kube-scheduler-k8s-master                  1/1     Running                 1 (22h ago)   22h     192.168.124.4   k8s-master   <none>           <none>#查看报错的pod
[root@k8s-master k8s]# kubectl describe po calico-node-pcbtl -n kube-system
Name:                 calico-node-pcbtl
Namespace:            kube-system...................省略了信息Warning  Failed     5m58s                  kubelet            Error: ErrImagePullNormal   BackOff    5m57s                  kubelet            Back-off pulling image "calico/cni:v3.26.1"Warning  Failed     5m57s                  kubelet            Error: ImagePullBackOffNormal   Pulling    5m43s (x2 over 6m53s)  kubelet            Pulling image "calico/cni:v3.26.1"

第5步非常慢，请耐心等待。可以使用docker pull 下载下面的镜像。

执行完之后，再查看node信息

[root@k8s-master k8s]# kubectl get pod -n kube-system 
NAME                                       READY   STATUS    RESTARTS      AGE
calico-kube-controllers-74dbdc644f-l95jc   1/1     Running   0             109m
calico-node-82kwk                          1/1     Running   0             109m
calico-node-ps5f8                          1/1     Running   0             60m
calico-node-v96st                          1/1     Running   0             109m
coredns-6d8c4cb4d-jqktl                    1/1     Running   0             24h
coredns-6d8c4cb4d-rhgsv                    1/1     Running   0             24h
etcd-k8s-master                            1/1     Running   1 (23h ago)   24h
kube-apiserver-k8s-master                  1/1     Running   1 (23h ago)   24h
kube-controller-manager-k8s-master         1/1     Running   1 (23h ago)   24h
kube-proxy-2k2n6                           1/1     Running   1 (23h ago)   24h
kube-proxy-2kv9q                           1/1     Running   1 (23h ago)   24h
kube-proxy-hpjw6                           1/1     Running   1 (23h ago)   24h
kube-scheduler-k8s-master                  1/1     Running   1 (23h ago)   24h
[root@k8s-master k8s]# kubectl get node
NAME         STATUS   ROLES                  AGE   VERSION
k8s-master   Ready    control-plane,master   24h   v1.23.6
k8s-node01   Ready    <none>                 24h   v1.23.6
k8s-node02   Ready    <none>                 24h   v1.23.6

6. 测试 kubernete

[root@k8s-master k8s]# kubectl create deployment nginx-test --image=nginx
deployment.apps/nginx-test created
[root@k8s-master k8s]# kubectl get pod
NAME                          READY   STATUS    RESTARTS   AGE
nginx-85b98978db-lgzwl        1/1     Running   0          116s
nginx-test-84b478f9c5-sl8rg   1/1     Running   0          15s
# 暴露端口
[root@k8s-master k8s]# kubectl expose deployment nginx-test --port=80 --type=NodePort
service/nginx-test exposed# 查看 pod 以及服务信息
[root@k8s-master k8s]# kubectl get pod,svc
NAME                              READY   STATUS    RESTARTS   AGE
pod/nginx-85b98978db-lgzwl        1/1     Running   0          2m27s
pod/nginx-test-84b478f9c5-sl8rg   1/1     Running   0          46sNAME                 TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
service/kubernetes   ClusterIP   10.96.0.1        <none>        443/TCP        24h
service/nginx        NodePort    10.106.211.191   <none>        80:30662/TCP   86m
service/nginx-test   NodePort    10.103.164.185   <none>        80:30393/TCP   15s
[root@k8s-master k8s]#