K8s-Centos7-安装

devops , , 评论

Kubernetes-Centos7-安装

关闭swap/selinux/firewalld

1
2
3
4
5
6
7
8
9
10
11
12
13
## 关闭swap
swapoff -a
vi /etc/fstab
注释掉swap的一行

## 关闭selinux
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config

## 关闭防火墙
systemctl disable firewalld
systemctl stop firewalld
systemctl status firewalld

安装docker

1
2
3
4
5
6
yum install -y yum-utils
yum install -y bash-completion
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum clean all
yum install -y docker-ce-20.10.8
sudo systemctl enable docker

配置阿里云镜像加速

1
2
3
4
5
6
7
8
mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://nn5bgten.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

修改docker cgroup驱动为systemd

1
2
3
4
5
sed -i "s|ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock|ExecStart=/usr/bin/dockerd --exec-opt native.cgroupdriver=systemd|g" /usr/lib/systemd/system/docker.service

systemctl daemon-reload
systemctl restart docker
docker info | grep -i cgroup

添加k8s仓库

1
2
3
4
5
6
7
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
EOF

安装kubeadm

1
2
3
4
5
yum list kubeadm --showduplicates
yum install -y kubeadm-1.20.9 kubectl-1.20.9 kubelet-1.20.9

systemctl enable kubelet.service
systemctl restart kubelet

修改网络参数(centos7)

1
2
3
modprobe br_netfilter
echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables
echo 1 > /proc/sys/net/ipv4/ip_forward

kubeadm初始化

1
2
3
4
5
kubeadm init --apiserver-advertise-address=0.0.0.0 --apiserver-cert-extra-sans=127.0.0.1 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.20.9 --pod-network-cidr=10.133.0.0/16 \
--image-repository=registry.aliyuncs.com/google_containers

## kubeadm 初始化清理(如果失败,可以reset进行清理)
kubeadm reset

配置文件

1
2
3
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

安装calico(指定版本)

1
kubectl apply -f https://docs.projectcalico.org/v3.19/manifests/calico.yaml

节点加入

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
## 节点执行到安装完kubeadm
kubeadm join 192.168.8.112:6443 --token 74kuf2.6f1pv9lbrkxw5n0k \
    --discovery-token-ca-cert-hash sha256:7566c21fdbc491dac295412629680d3778ba04de933902a842a028e5accbeb47

## master节点加入
### 主节点运行获取证书
kubeadm init phase upload-certs --upload-certs
### 新节点加入
kubeadm join 192.168.8.112:6443 --token lb45cr.d5s17hnbgsj6sf5b   \
  --discovery-token-ca-cert-hash sha256:7566c21fdbc491dac295412629680d3778ba04de933902a842a028e5accbeb47 \
--control-plane   --certificate-key f3657ba47289c8994771aaf2ebd2a90ee335f0fff41b9c1470ad15d21e185094

# 错误:
# unable to add a new control plane instance a cluster that doesn't have a stable controlPlaneEndpoint address
# 解决办法:加上controlPlaneEndpoint
kubectl edit configmap -n kube-system   kubeadm-config
    clusterName: kubernetes
    controlPlaneEndpoint: 192.168.8.112:6443

kubectl自动补全

1
echo "source <(kubectl completion bash)" >> /etc/profile; source /etc/profile

kubeadm安装后scheduler状态为unhealthy

1
2
3
4
5
6
7
8
kubectl get cs
## 备份修改两个文件
vi /etc/kubernetes/manifests/kube-controller-manager.yaml
vi /etc/kubernetes/manifests/kube-scheduler.yaml

## 去掉 --port=0
## 重启kubelet
systemctl restart kubelet

biglovewheat老年佛系运维

老年佛系运维 | biglovewheat@126.com