kubernetes 安裝

代理配置（可選）

對于 docker daemon

sudo mkdir -p /etc/systemd/system/docker.service.d
sudo tee /etc/systemd/system/docker.service.d/http-proxy.conf <<EOF
[Service]
Environment="HTTP_PROXY=http://10.0.1.19:8889"
Environment="HTTPS_PROXY=http://10.0.1.19:8889"
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

export http_proxy=http://10.0.1.19:8889;export https_proxy=http://10.0.1.19:8889

清理：

rm -f /etc/systemd/system/docker.service.d/http-proxy.conf
unset http_proxy;unset https_proxy

前置準備

確認主機名稱满俗、IP、product_uuid 地址均唯一

ip link
sudo cat /sys/class/dmi/id/product_uuid

關(guān)閉 swap（臨時）

sudo swapoff -a

持久化關(guān)閉 swap 需要編輯 /etc/fstab 文件作岖，·

讓 bridge 能夠讓 iptables 看見 bridge 上的流量唆垃，這是網(wǎng)絡(luò)插件所要求。

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system

安裝 CRI

conainerd 與 docker 可選痘儡，選擇使用 docker 時可不用配置 congainerd

安裝 containerd

cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF

sudo modprobe overlay
sudo modprobe br_netfilter

# Setup required sysctl params, these persist across reboots.
cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables  = 1
net.ipv4.ip_forward                 = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF

# Apply sysctl params without reboot
sudo sysctl --system

sudo apt install containerd.io -y

sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
sudo systemctl restart containerd

設(shè)置 runc 使用 systemd cgroup 驅(qū)動 /etc/containerd/config.toml

[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
  ...
  [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
    SystemdCgroup = true

sudo systemctl restart containerd

安裝 docker(可選)

清理舊版本 docker(可選)

sudo apt-get remove docker docker-engine docker.io containerd runc
sudo rm -rf /var/lib/docker
sudo rm -rf /var/lib/containerd

可選擇一鍵安裝腳本：

curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh --mirror Aliyun # 阿里云鏡像
sudo sh get-docker.sh --mirror AzureChinaCloud # azure中國鏡像

或者

docker 原地址為：https://download.docker.com/linux/ubuntu
aliyun 鏡像地址為： http://mirrors.aliyun.com/docker-ce/linux/ubuntu

curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo \
 "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] http://mirrors.aliyun.com/docker-ce/linux/ubuntu \
 $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io -y

配置 docker daemon

sudo mkdir /etc/docker
cat <<EOF | sudo tee /etc/docker/daemon.json
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2"
}
EOF
sudo systemctl enable docker
sudo systemctl daemon-reload

sudo usermod -aG docker $USER

sudo systemctl restart docker

安裝 kubernetes

sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl

google 原地址為：https://packages.cloud.google.com/apt/

aliyun 鏡像地址為： https://mirrors.aliyun.com/kubernetes/apt/

可以使用 aliyun mirror 進行替換

sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl

kubeadm config images pull
kubeadm init --pod-network-cidr 10.233.0.0/16

添加節(jié)點：

export KUBECONFIG=/etc/kubernetes/admin.conf
kubeadm join 10.0.2.15:6443 --token sun8lk.v61hbv2q4t6eyyuh \
    --discovery-token-ca-cert-hash sha256:7f3a8759ea6da926297fc082370982ee10e2ecf2a834847a9d9178ae963c0a49

配置 kubectl

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

安裝網(wǎng)絡(luò)插件

kubectl taint nodes --all node-role.kubernetes.io/master-

calico 和 flannel 可選

calico

kubectl create -f https://docs.projectcalico.org/manifests/tigera-operator.yaml
kubectl create -f https://docs.projectcalico.org/manifests/custom-resources.yaml
# update cidr setting

flannel

flannel:

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

安裝 go

sudo apt install golang -y

或

sudo snap install golang --classic

或

rm -rf /usr/local/go && tar -C /usr/local -xzf go1.16.2.linux-amd64.tar.gz
echo 'export PATH=$PATH:/usr/local/go/bin' | sudo tee /etc/profile.d/golang.sh
go version

operator framework

export ARCH=$(case $(arch) in x86_64) echo -n amd64 ;; aarch64) echo -n arm64 ;; *) echo -n $(arch) ;; esac)
export OS=$(uname | awk '{print tolower($0)}')
export OPERATOR_SDK_DL_URL=https://github.com/operator-framework/operator-sdk/releases/latest/download
curl -LO ${OPERATOR_SDK_DL_URL}/operator-sdk_${OS}_${ARCH}
chmod +x operator-sdk_${OS}_${ARCH} && sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk

or

git clone https://github.com/operator-framework/operator-sdk
cd operator-sdk
git checkout master
make install

使用

mkdir operator-example;cd operator-example
operator-sdk init --domain git.ghostcloud.cn   --repo github.com/fatalc/operator-example  --project-name operator-example  --skip-go-version-check
operator-sdk create api --group device --version v1 --kind Car --controller --resource