k8s通过kubeadm简单搭建

1.初始化系统

systemctl stop firewalld
systemctl disable firewalld

swapoff -a 
sed -i 's/.*swap.*/#&/' /etc/fstab

sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0

/etc/hosts
192.168.123.23   node01  node01.cool360.com
192.168.123.63   node02  node02.cool360.com
192.168.123.105  node03  node03.cool360.com

创建/etc/sysctl.d/k8s.conf文件,添加如下内容:
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

modprobe br_netfilter
sysctl -p /etc/sysctl.d/k8s.conf

时间同步
yum install  ntpdate  -y
ntpdate   time7.aliyun.com

优化系统
    echo "* soft nofile 65536">> /etc/security/limits.conf
    echo "* hard nofile 65536" >> /etc/security/limits.conf
    echo "* soft nproc 65536"  >> /etc/security/limits.conf
    echo "* hard nproc 65536"  >> /etc/security/limits.conf
    echo "* soft  memlock  unlimited" >> /etc/security/limits.conf
    echo "* hard memlock  unlimited"  >> /etc/security/limits.conf

设置yum源
yum install -y epel-release
/etc/yum.repos.d/kubernetes.repo
cat > /etc/yum.repos.d/kubernetes.repo<<EOF
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg  http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker.repo

 yum clean all  && yum makecache fast

安装依赖包
yum install -y yum-utils device-mapper-persistent-data lvm2 net-tools conntrack-tools wget vim  ntpdate libseccomp libtool-ltdl 

vim /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=cgroupfs"
systemctl daemon-reload

2 进行kubeadm 集群安装部署

1.安装docker

yum install docker-ce -y
systemctl restart docker
systemctl enable docker.service

2.安装kubeadm

yum install  kubelet kubeadm kubectl ipvsadm -y
systemctl enable kubelet && systemctl start kubelet

3.集群初始化

kubeadm init   --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=v1.13.3  --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.123.23

执行结果:
Your Kubernetes master has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of machines by running the following on each node
as root:

  kubeadm join 192.168.123.23:6443 --token 68d4hn.v33nfh5qhbdft1h5 --discovery-token-ca-cert-hash sha256:8cb042529487237a6a856668000a3911345f96c87add94093b4c4a878d0660bd

4.根据提示执行

      mkdir -p $HOME/.kube
      sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
      sudo chown $(id -u):$(id -g) $HOME/.kube/config

查看集群状态:
[root@node01 ~]# kubectl get nodes
NAME     STATUS     ROLES    AGE     VERSION
node01   NotReady   master   5m30s   v1.13.3

5.安装Pod网络插件

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

6.单节点解除master限制

默认情况下,由于安全原因,集群并不会将pods部署在Master节点上。但是在开发环境下,我们可能就只有一个Master节点,这时可以使用下面的命令来解除这个限制:

kubectl taint nodes --all node-role.kubernetes.io/master-

7.其他节点加入集群

kubeadm join 192.168.123.23:6443 --token 68d4hn.v33nfh5qhbdft1h5 --discovery-token-ca-cert-hash sha256:8cb042529487237a6a856668000a3911345f96c87add94093b4c4a878d0660bd

8.部署dashboard

wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
修改镜像地址
 spec:
      containers:
      - name: kubernetes-dashboard
        image: registry.cn-hangzhou.aliyuncs.com/google_containers/kubernetes-dashboard-amd64:v1.10.1
        ports:
        - containerPort: 8443
          protocol: TCP

暴露端口
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kube-system
spec:
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 30001
  selector:
    k8s-app: kubernetes-dashboard

执行:
kubectl apply -f kubernetes-dashboard.yaml

9.重置集群

 kubeadm reset
 iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X
 ipvsadm --clear

10.问题排查

1.查看日志kubelet

journalctl -f -u kubelet

参考:
http://www.21yunwei.com/archives/6846
https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/

  • 我的微信
  • 这是我的微信扫一扫
  • weinxin
  • 我的微信公众号
  • 我的微信公众号扫一扫
  • weinxin
avatar

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: