k8s集群搭建
机器准备
3台机器,分别是FL01,FL02,FL03
每台机器上都需要设置/etc/hosts
hostname也需要设置
sudo hostnamectl set-hostname FL01 # 不同机器请替换hostname
安装前准备
防火墙关闭
sudo systemctl stop firewalld
sudo systemctl disable firewalld
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
内存交换区关闭
sudo swapoff -a
sudo sed -i '/swap/s/^\(.*\)$/#\1/g' /etc/fstab
iptables设置
sudo iptables -F
sudo iptables -X
sudo iptables -F -t nat
sudo iptables -X -t nat
sudo iptables -P FORWARD ACCEPT
系统参数设置
vim /etc/sysctl.d/k8s.conf
内容如下
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
sysctl --system
安装前准备
sudo yum -y update
sudo yum install -y conntrack ipvsadm ipset jq sysstat curl iptables libseccomp
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
软件安装
docker
镜像源配置
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
安装
yum install -y docker-ce-18.09.0 docker-ce-cli-18.09.0 containerd.io
参数设置
sudo vim /etc/docker/daemon.json
内容如下
{
"registry-mirrors": ["https://orptaaqe.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
启动
sudo systemctl start docker.service && sudo systemctl enable docker
kube*
镜像源修改
sudo vim /etc/yum.repos.d/kubernetes.repo
内容如下
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
安装
sudo yum -y install kubectl-1.23.5-0 kubelet-1.23.5-0 kubeadm-1.23.5-0
自动补全
sudo yum -y install bash-completion
source /usr/share/bash-completion/bash_completion
sudo kubectl completion bash | sudo tee /etc/bash_completion.d/kubectl > /dev/null
sudo chmod a+r /etc/bash_completion.d/kubectl
启动
sudo systemctl start kubelet && sudo systemctl enable kubelet
主节点
初始化
ip请自行替换
kubeadm init --kubernetes-version=1.23.5 --apiserver-advertise-address=192.168.0.57 --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16
执行完之后,会有一个文字,显示加入的命令
kubeadm join 192.168.0.57:6443 --token zq0ulp.m5uhmwb9ku84lpv2 --discovery-token-ca-cert-hash sha256:1fc709d35dc3019f16779d25d2a9920feb0729e9b7f2796ce1e2cd9be98f6660
配置copy
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
网络配置
wget https://docs.projectcalico.org/manifests/calico.yaml
kubectl apply -f calico.yaml
从节点
执行刚才主节点输出的命令加入网络
参考
https://baijiahao.baidu.com/s?id=1749026775713590928\&wfr=spider\&for=pc