基础配置[三台centos]
1.关闭防火墙与selinux
systemctl stop firewalld
systemctl disable firewalld
sed -i ‘s/enforcing/disabled/’ /etc/selinux/config
setenforce 0
2.添加host记录
cat >>/etc/hosts <<EOF
192.168.180.190 k8s-master
192.168.180.180 k8s-node1
192.168.180.170 k8s-node2
EOF
3.修改主机名
hostnamectl set-hostname k8s-master && bash
hostnamectl set-hostname k8s-node1 && bash
hostnamectl set-hostname k8s-node2 && bash
4.关闭交换分区
swapoff -a
sed -ri ‘s/.swap./#&/’ /etc/fstab
##低版本内核可能不稳定所以先更新内核[三台cnetos]
1.安装epel源
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
yum install -y https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm
yum -y update
2.查看内核版本并安装最新内核版本
yum --disablerepo="" --enablerepo=“elrepo-kernel” list available
3.安装最新it内核
yum --disablerepo='’ --enablerepo=elrepo-kernel install kernel-lt -y
4.指定新安装的内核版本为默认启动内核
grub2-set-default 0
5.卸载旧版内核并重启机器
yum remove kernel -y //可选
reboot
6.加载模块并添加v4流量传递
modprobe br_netfilter
cat >> /etc/sysctl.conf<< EOF
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p
7.安装ipvs
yum install -y conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget vim net-tools git
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe – ip_vs
modprobe – ip_vs_rr
modprobe – ip_vs_wrr
modprobe – ip_vs_sh
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
lsmod | grep -e ip_vs -e nf_conntrack
8.安装containerd
cat << EOF > /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
modprobe overlay
modprobe br_netfilter
wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum list | grep containerd
yum install -y containerd.io
mkdir /etc/containerd -p
containerd config default > /etc/containerd/config.toml
vim /etc/containerd/config.toml
SystemdCgroup = false 改为 SystemdCgroup = true
sandbox_image = “k8s.gcr.io/pause:3.6”
改为:
sandbox_image = “registry.aliyuncs.com/google_containers/pause:3.6”
systemctl enable containerd && systemctl start containerd
ctr version
runc -version
安装k8s[三台centos]
cat < /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
EOF
yum clean all
yum makecache fast
yum install -y kubectl kubelet kubeadm
systemctl enable kubelet
vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS=“–cgroup-driver=systemd”
kubeadm config images list --kubernetes-version=v1.24.2
初始化群集[master]
kubeadm init --kubernetes-version=v1.24.2 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.180.190 --image-repository registry.aliyuncs.com/google_containers
export KUBECONFIG=/etc/kubernetes/admin.conf
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown ( i d − u ) : (id -u): (id−u):(id -g) $HOME/.kube/config
加入群集[这里的token和discovery-token都是初始化群集最好所给的]
kubeadm join 192.168.1.135:6443 --token 8zgrg1.dwy5s6rqzzhlkkdl --discovery-token-ca-cert-hash sha256:9dfa30a7a8314887ea01b05cc26e80856bfd253d1a71de7cd5501c42f11c0326
部署calico网络[master]
wget https://docs.projectcalico.org/v3.18/manifests/calico.yaml
vim calico.yaml //3673行修改为如下
- name: CALICO_IPV4POOL_CIDR
value: “10.244.0.0/16”
kubectl apply -f calico.yaml
kubectl describe node master
kubectl taint nodes --all node-role.kubernetes.io/control-plane:NoSchedule-
kubectl get pod -n kube-system
kubectl get node
部署flanne网络[master]
sed -i ‘s/10.240.0.0/10.224.0.0/’ kube-flannel.yml
sed -i ‘s@quay.io@quay-mirror.qiniu.com@g’ kube-flannel.yml
kubectl apply -f kube-flannel.yml
kubectl get pods -n kube-system
##calico与flanne两个网络插件二选一即可,如何部署了calico之后使用k8s部署网页无法访问的话请自己找解决方法或者使用flannel网络插件
部署dashboard服务[master]
wget https://raw.githubusercontent.com/cby-chen/Kubernetes/main/yaml/dashboard.yaml
##2.24.0版本需要2.6版本的dashboard
)
)
)