1.環(huán)境準(zhǔn)備
1.操作系統(tǒng)環(huán)境
Ubuntu-18.04.6
2.地址分配情況
| 節(jié)點(diǎn)名稱 | 地址 | 備注 | 部署內(nèi)容 |
|---|---|---|---|
| Master | 172.168.0.129 | 主節(jié)點(diǎn) | docker kubeadm kubelet kubectl |
| Node01 | 172.168.0.130 | Node01節(jié)點(diǎn) | docker kubeadm kubelet kubectl |
| Node02 | 172.168.0.131 | Node02節(jié)點(diǎn) | docker kubeadm kubelet kubectl |
3.系統(tǒng)級別配置
- 禁用操作系統(tǒng)SWAP
swapoff -a
vim /etc/fstab注釋掉SWAP那一行 - 修改Ubuntu操作系統(tǒng)鏡像源(ubuntu 18.04配置)
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse - 更新操作系統(tǒng)軟件,安裝vim編輯器便于配置文件修改
apt-get update && apt-get upgrade -y
apt-get install -y vim
2.部署K8S集群
1.安裝docker
apt-get install -y docker.io
2.配置dokcer鏡像加速
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://***(加速鏡像源地址)"],
"live-restore": true,
"exec-opts": ["native.cgroupdriver=systemd"]
}
systemctl daemon-reload
systemctl restart docker
systemctl enable docker
- 注:
"exec-opts": ["native.cgroupdriver=systemd"]
配置一定要加,讓docker以systemd的服務(wù)形式運(yùn)行,不然會和k8s沖突棘捣,后面kubeadm init的時(shí)候會報(bào)錯(cuò)
3.配置K8S鏡像源加速
vim /etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
4.配置K8S鏡像源key并更新
curl -s https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg|apt-key add -
apt-get update
5.安裝kubeadm kubelet kubectl軟件(1.20.1-00版本)
apt-get install -y kubeadm=1.20.1-00 kubelet=1.20.1-00 kubectl=1.20.1-00
apt-mark hold kubelet kubeadm kubectl
6.下載配置calico文件(master節(jié)點(diǎn))
wget https://docs.projectcalico.org/manifests/calico.yaml
7.hosts文件中添加本機(jī)host解析記錄
主機(jī)名配置的時(shí)候不能帶下劃線焕襟,不然等kubeadm初始化的時(shí)候會報(bào)錯(cuò)
172.168.0.129 k8smaster
172.168.0.130 k8snode01
172.168.0.131 k8snode02
8.配置kubeadm-config.yaml配置文件
vim kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: 1.20.1
controlPlaneEndpoint: "172.168.0.129:6443"
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
networking:
podSubnet: 192.168.0.0/16
9.使用kubeadm部署master節(jié)點(diǎn)
kubeadm init --config=kubeadm-config.yaml --upload-certs | tee kubeadm-init.out
10.配置kube config文件
- 以上配置以sudo -i配置
- 以下切換到普通用戶
mkdir -p $HOME/.kube
sudo cp -i /etc/kubenetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
less /.kube/config
11.通過calico安裝網(wǎng)絡(luò)
cp /root/calico.yaml .
kubectl apply -f calico.yaml
12.安裝bash-completion(為了支持kubectl子命令的補(bǔ)全)
sudo apt-get install bash-completion -y
<退出當(dāng)前命令窗口龙致,重新登陸>
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> $HOME/.bashrc
<可以通過tab補(bǔ)全子命令檢查是否正確配置>
13.Node節(jié)點(diǎn)基礎(chǔ)配置
- 在node節(jié)點(diǎn)中重復(fù)2-1至2-7(2-6不做)的各個(gè)步驟端礼,配置基礎(chǔ)環(huán)境
14.生成token(針對master節(jié)點(diǎn)token過期后加入master節(jié)點(diǎn)在master節(jié)點(diǎn)操作)
- 查看master節(jié)點(diǎn)token情況
sudo kubeadm token list - 創(chuàng)建一個(gè)新的token
sudo kubeadm token create - 使用新創(chuàng)建的token更新CA
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt |openssl rsa -pubin -outform der 2>/dev/null |openssl dgst -sha256 -hex | sed 's/^.* //'
15.將Node節(jié)點(diǎn)加入到集群中
- 查看之前保存到文件中的kubeadm init的輸出kubeadm-init.out
sudo cat /root/kubeadm-init.out - 以root權(quán)限,將Node節(jié)點(diǎn)加入集群中(注意核對token及ca-cert-hash)
kubeadm join 172.168.0.129:6443 --token 4rtqbq.qm26ch2d6hi1b6yx --discovery-token-ca-cert-hash sha256:af6fd593f604caf95fd331905216a06f52e9be9da0eee3e2dbef1d556c1e95f7 - 在master節(jié)點(diǎn)中株茶,查看當(dāng)前節(jié)點(diǎn)狀態(tài)
kubectl get nodes - 查看節(jié)點(diǎn)狀態(tài)為ready即可
