配置详情
| 节点 | k8s | docker | containerd |
|---|---|---|---|
| master | v1.26.0 | 24.0.6 | 1.6.22 |
| node1 | v1.26.0 | 24.0.6 | 1.6.22 |
| node2 | v1.26.0 | 24.0.6 | 1.6.22 |
| node3 | v1.26.0 | 24.0.6 | 1.6.22 |
所有节点操作
替换系统源
cat <<'EOF' > /etc/apt/sources.list
# 默认注释了源码镜像以提高 apt update 速度,如有需要可自行取消注释
deb https://mirrors.cloud.tencent.com/ubuntu/ jammy main restricted universe multiverse
# deb-src https://mirrors.cloud.tencent.com/ubuntu/ jammy main restricted universe multiverse
deb https://mirrors.cloud.tencent.com/ubuntu/ jammy-updates main restricted universe multiverse
# deb-src https://mirrors.cloud.tencent.com/ubuntu/ jammy-updates main restricted universe multiverse
deb https://mirrors.cloud.tencent.com/ubuntu/ jammy-backports main restricted universe multiverse
# deb-src https://mirrors.cloud.tencent.com/ubuntu/ jammy-backports main restricted universe multiverse# deb https://mirrors.cloud.tencent.com/ubuntu/ jammy-security main restricted universe multiverse
# deb-src https://mirrors.cloud.tencent.com/ubuntu/ jammy-security main restricted universe multiversedeb https://mirrors.cloud.tencent.com/ubuntu/ jammy-security main restricted universe multiverse
# deb-src https://mirrors.cloud.tencent.com/ubuntu/ jammy-security main restricted universe multiverse# 预发布软件源,不建议启用
# deb https://mirrors.cloud.tencent.com/ubuntu/ jammy-proposed main restricted universe multiverse
# deb-src https://mirrors.cloud.tencent.com/ubuntu/ jammy-proposed main restricted universe multiverse
EOF
修改内核(containerd、k8s)
sudo tee /etc/modules-load.d/containerd.conf <<EOF
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfiltersudo tee /etc/sysctl.d/kubernetes.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOFsudo sysctl --system
安装docker、containerd
sudo apt-get update
sudo apt-get install ca-certificates curl gnupgsudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
echo \"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://mirrors.cloud.tencent.com/docker-ce/linux/ubuntu \"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \sudo tee /etc/apt/sources.list.d/docker.list > /dev/nullsudo apt-get update
sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
更换docker源 、设置systemd为docker cgroup驱动程序
echo "DOCKER_OPTS="--registry-mirror=https://mirror.ccs.tencentyun.com"" >> /etc/default/docker
cat >> /etc/docker/daemon.json << EOF
{
"registry-mirrors": [
"https://mirror.ccs.tencentyun.com"
],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
systemctl restart docker && systemctl enable docker检测Cgroup是否为systemddocker info|grep Cgroupcontainerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
sed -i "s#registry.k8s.io/pause#registry.aliyuncs.com/google_containers/pause#g" /etc/containerd/config.toml
sed -i "s#3.6#3.9#g" /etc/containerd/config.toml#sed -i -r '/cri/s/(.*)/#\1/' /etc/containerd/config.toml
systemctl restart containerd && systemctl enable containerd
设置阿里云k8s源并安装(1.26.0为例)
apt-get update && apt-get install -y apt-transport-https
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat > /etc/apt/sources.list.d/kubernetes.list << EOF
deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main
EOF
sudo apt-get update# 安装具体版本 apt-get install -y kubelet=1.26.0-00 kubeadm=1.26.0-00 kubectl=1.26.0-00
systemctl enable kubelet --now
主节点安装k8s
拉取镜像
sudo kubeadm config images pull --kubernetes-version=v1.26.0 --image-repository registry.aliyuncs.com/google_containers
部署
sudo kubeadm init --kubernetes-version=v1.26.0 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16
复制配置文件到当前用户目录下
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown -R $USER:$USER $HOME/.kube
安装网络插件
kubectl apply -f https://mirror.ghproxy.com/https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
子节点加入集群
master生成
kubeadm token create --print-join-command --ttl 0 --kubeconfig /etc/kubernetes/admin.conf
node节点加入
需要将下面的详细命令替换为master生成的加入命令
kubeadm join 192.168.100.11:6443 --token j5y9po.3zl4scvmlr847zyj \--discovery-token-ca-cert-hash sha256:110d875dc494ac5ea2a80806dd08e909b344dda73a889e3b39d15a704fcd7379
错误处理
crictl images/ps报错
root@master:~# crictl ps
WARN[0000] runtime connect using default endpoints: [unix:///var/run/dockershim.sock unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead.
WARN[0000] image connect using default endpoints: [unix:///var/run/dockershim.sock unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead.
E1225 09:02:56.219076 11547 remote_runtime.go:390] "ListContainers with filter from runtime service failed" err="rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial unix /var/run/dockershim.sock: connect: no such file or directory\"" filter="&ContainerFilter{Id:,State:&ContainerStateValue{State:CONTAINER_RUNNING,},PodSandboxId:,LabelSelector:map[string]string{},}"
FATA[0000] listing containers: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial unix /var/run/dockershim.sock: connect: no such file or directory"
解决方法
cat > /etc/crictl.yaml <<EOF
runtime-endpoint: unix:///var/run/containerd/containerd.sock
image-endpoint: unix:///var/run/containerd/containerd.sock
timeout: 0
debug: false
pull-image-on-create: false
EOF
 的使用引起程序中止/崩溃问题)
)
覆盖优化 - 附代码)
详解(三))
散点图颜色判断)
)
