寫在最前:本文隻是以kubeadm部署kubernetes單機版本的學習環境,版本:1.23 如果要是部署更新的版本請留意小編後續的文章,因為kubernetes在1.24後的版本部署方法略有不同。如果想把kubernetes整個元件了解透徹,還是得以二進制的方法部署,請留意小編後續的文章。
一、系統準備
檢視系統版本
~]# cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)
配置網絡
~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="dhcp"
DEFROUTE="yes"
NAME="ens33"
DEVICE="ens33"
ONBOOT="yes"
添加國内源
~]# rm -rfv /etc/yum.repos.d/*
~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
~]#
配置主機名
~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.4.7.142 k8s-master
關閉swap,注釋swap分區
~]# swapoff -a
~]# cat /etc/fstab
#
# /etc/fstab
# Created by anaconda on Wed Nov 10 16:59:28 2021
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
dev/mapper/centos-root / xfs defaults 0 0
UUID=092d352e-0991-4e6f-921f-42cc4862134c /boot xfs defaults 0 0
#/dev/mapper/centos-swap swap swap defaults 0 0
配置核心參數,将橋接的IPv4流量傳遞到iptables的鍊
~]# cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
~]# sysctl --system
二、安裝常用包
~]# yum install vim bash-completion net-tools gcc -y
三、docker-ce安裝
請檢視小編之前的文章之Docker-ce安裝
四、安裝kubectl、kubelet、kubeadm
添加國内的kubernetes源,如阿裡源、清華源等。
~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo \
[kubernetes] \
name=Kubernetes \
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ \
enabled=1 \
gpgcheck=1 \
repo_gpgcheck=1 \
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg \
EOF
安裝
~]# yum install kubectl kubelet kubeadm -y
~]# systemctl start kubelet && systemctl enable kubelet
五、初始化k8s叢集
~]# kubeadm init --kubernetes-version=1.23.4 --apiserver-advertise-address=10.4.7.142 --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.10.0.0/16 --pod-network-cidr=10.122.0.0/16
POD的網段為: 10.122.0.0/16, api server位址就是master本機IP。
這一步很關鍵,由于kubeadm 預設從官網k8s.grc.io下載下傳所需鏡像,國内無法通路,是以需要通過–image-repository指定阿裡雲鏡像倉庫位址。
叢集初始化成功後傳回如下資訊:
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.4.7.142:6443 --token 7zjwdp.w13re4uslonfrv5z \
--discovery-token-ca-cert-hash sha256:17d6e33d0bfcedf09835a34557f937113084eb67c56aeb682c790ce6ee02e9f1
記錄生成的最後部分内容,此内容需要在其它節點加入Kubernetes叢集時執行。
根據提示建立kubectl
如果報kubelet啟動失敗
sudo mkdir /etc/docker
cat <<EOF | sudo tee /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
~]# mkdir -p $HOME/.kube
~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
執行下面指令,使kubectl可以自動補充
~]# source <(kubectl completion bash)
檢視節點,pod
~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane,master 6m v1.23.4
~]# kubectl get pods --all-namespaces
node節點為NotReady,因為corednspod沒有啟動,缺少網絡pod
六、安裝flannel或Calico網絡
我這裡以flannel為例,在安裝前請注意flannel與kubernetes對應的版本。
~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
檢視pod和node此時叢集狀态正常
七、dashboard 這裡用NodePort暴露端口
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml
#修改service
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
type: NodePort #新增
ports:
- port: 443
targetPort: 8443
nodePort: 30001 #新增,根據自己的改
selector:
k8s-app: kubernetes-dashboard
#kubectl apply -f dashboard.yaml
建立admin
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
addonmanager.kubernetes.io/mode: Reconcile
name: kubernetes-dashboard-admin
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard-admin
namespace: kubernetes-dashboard
labels:
k8s-app: kubernetes-dashboard
addonmanager.kubernetes.io/mode: Reconcile
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard-admin
namespace: kubernetes-dashboard