写在最前:本文只是以kubeadm部署kubernetes单机版本的学习环境,版本:1.23 如果要是部署更新的版本请留意小编后续的文章,因为kubernetes在1.24后的版本部署方法略有不同。如果想把kubernetes整个组件了解透彻,还是得以二进制的方法部署,请留意小编后续的文章。
一、系统准备
查看系统版本
~]# cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)
配置网络
~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="dhcp"
DEFROUTE="yes"
NAME="ens33"
DEVICE="ens33"
ONBOOT="yes"
添加国内源
~]# rm -rfv /etc/yum.repos.d/*
~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
~]#
配置主机名
~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.4.7.142 k8s-master
关闭swap,注释swap分区
~]# swapoff -a
~]# cat /etc/fstab
#
# /etc/fstab
# Created by anaconda on Wed Nov 10 16:59:28 2021
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
dev/mapper/centos-root / xfs defaults 0 0
UUID=092d352e-0991-4e6f-921f-42cc4862134c /boot xfs defaults 0 0
#/dev/mapper/centos-swap swap swap defaults 0 0
配置内核参数,将桥接的IPv4流量传递到iptables的链
~]# cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
~]# sysctl --system
二、安装常用包
~]# yum install vim bash-completion net-tools gcc -y
三、docker-ce安装
请查看小编之前的文章之Docker-ce安装
四、安装kubectl、kubelet、kubeadm
添加国内的kubernetes源,如阿里源、清华源等。
~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo \
[kubernetes] \
name=Kubernetes \
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ \
enabled=1 \
gpgcheck=1 \
repo_gpgcheck=1 \
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg \
EOF
安装
~]# yum install kubectl kubelet kubeadm -y
~]# systemctl start kubelet && systemctl enable kubelet
五、初始化k8s集群
~]# kubeadm init --kubernetes-version=1.23.4 --apiserver-advertise-address=10.4.7.142 --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.10.0.0/16 --pod-network-cidr=10.122.0.0/16
POD的网段为: 10.122.0.0/16, api server地址就是master本机IP。
这一步很关键,由于kubeadm 默认从官网k8s.grc.io下载所需镜像,国内无法访问,因此需要通过–image-repository指定阿里云镜像仓库地址。
集群初始化成功后返回如下信息:
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.4.7.142:6443 --token 7zjwdp.w13re4uslonfrv5z \
--discovery-token-ca-cert-hash sha256:17d6e33d0bfcedf09835a34557f937113084eb67c56aeb682c790ce6ee02e9f1
记录生成的最后部分内容,此内容需要在其它节点加入Kubernetes集群时执行。
根据提示创建kubectl
如果报kubelet启动失败
sudo mkdir /etc/docker
cat <<EOF | sudo tee /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
~]# mkdir -p $HOME/.kube
~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
执行下面命令,使kubectl可以自动补充
~]# source <(kubectl completion bash)
查看节点,pod
~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane,master 6m v1.23.4
~]# kubectl get pods --all-namespaces
node节点为NotReady,因为corednspod没有启动,缺少网络pod
六、安装flannel或Calico网络
我这里以flannel为例,在安装前请注意flannel与kubernetes对应的版本。
~]# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
查看pod和node此时集群状态正常
七、dashboard 这里用NodePort暴露端口
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml
#修改service
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
type: NodePort #新增
ports:
- port: 443
targetPort: 8443
nodePort: 30001 #新增,根据自己的改
selector:
k8s-app: kubernetes-dashboard
#kubectl apply -f dashboard.yaml
创建admin
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
addonmanager.kubernetes.io/mode: Reconcile
name: kubernetes-dashboard-admin
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard-admin
namespace: kubernetes-dashboard
labels:
k8s-app: kubernetes-dashboard
addonmanager.kubernetes.io/mode: Reconcile
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard-admin
namespace: kubernetes-dashboard