kubeadm安装kubernetes1.28.2
一,环境准备:
1,时钟同步:
~# apt update
~# apt install -y chrony
~# systemctl restart chronyd
2.禁用swap和防火墙(ufw)
~# swapoff -a
~# ufw disable
3.配置DNS解析
root@k8s-master1:~# vim /etc/hosts
127.0.0.1 localhost
127.0.1.1 ubuntu
192.168.0.121 k8s-master1.example.com
192.168.0.122 k8s-master2.example.com
192.168.0.123 k8s-master3.example.com
192.168.0.124 k8s-node1.example.com
192.168.0.125 k8s-node2.example.com
192.168.0.126 k8s-node3.example.com
二,安装程序包
1.安装containerd
root@k8s-master1:~#wget https://github.com/containerd/containerd/releases/download/v1.6.26/containerd-1.6.26-linux-amd64.tar.gz
root@k8s-master1:~#tar xvf containerd-1.6.26-linux-amd64.tar.gz
#copy二进制
root@k8s-master1:~#cp bin/* /usr/local/bin/
containerd github.com/containerd/containerd v1.6.26 3dd1e886e55dd695541fdcd67420c2888645a495
root@k8s-master1:~#cat /lib/systemd/system/containerd.service
# Copyright The containerd Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target
[Service]
ExecStartPre=-/usr/sbin/modprobe overlay
ExecStart=/usr/local/bin/containerd
Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
LimitNOFILE=infinity
# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
OOMScoreAdjust=-999
[Install]
WantedBy=multi-user.target
#生成配置文件
root@k8s-master1:~#mkdir /etc/containerd
root@k8s-master1:~#containerd config default
root@k8s-master1:~#containerd config default > /etc/containerd/config.toml
修改配置文件
root@k8s-master1:~#vim /etc/containerd/config.toml
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9" #61行
SystemdCgroup = true #125行
[plugins."io.containerd.grpc.v1.cri".registry.mirrors] #在153行添加下面两行
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://5vw6tah8.mirror.aliyuncs.com"]
root@k8s-master1:~#systemctl daemon-reload
root@k8s-master1:~#systemctl restart containerd.service
2.部署runc
root@k8s-master1:~#wget https://github.com/opencontainers/runc/releases/download/v1.1.8/runc.amd64
root@k8s-master1:~#chmod a+x runc.amd64
root@k8s-master1:~#mv runc.amd64 /usr/bin/run
3.安装containerd客户端工具crictl
root@k8s-master1:~#wget https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.28.0/crictl-v1.28.0-linux-amd64.tar.gz
root@k8s-master1:~#tar xvf crictl-v1.28.0-linux-amd64.tar.gz -C /usr/local/bin/
配置crictl运行时环境:
root@k8s-master1:~#vim /etc/crictl.yaml
runtime-endpoint: unix:///var/run/containerd/containerd.sock
image-endpoint: unix:///var/run/containerd/containerd.sock
timeout: 10
debug: true
4.优化内核参数:
root@k8s-master1:~#vim /etc/sysctl.conf
net.ipv4.ip_forward=1
vm.max_map_count=262144
kernel.pid_max=4194303
fs.file-max=1000000
net.ipv4.tcp_max_tw_buckets=6000
net.netfilter.nf_conntrack_max=2097152
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.brid
root@k8s-master1:~# sysctl -p #使其生效
net.ipv4.ip_forward = 1
vm.max_map_count = 262144
kernel.pid_max = 4194303
fs.file-max = 1000000
net.ipv4.tcp_max_tw_buckets = 6000
net.netfilter.nf_conntrack_max = 2097152
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
vm.swappiness = 0
三.安装kubeadm,kubectl,kubelet
root@k8s-master1:~# apt-get update && apt-get install -y apt-transport-https
root@k8s-master1:~# curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
root@k8s-master1:~# cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
root@k8s-master1:~# apt-get update
root@k8s-master1:~# apt install -y kubeadm=1.28.2-00 kubectl=1.28.2-00 kubelet=1.28.2-00
node节点重新执行以上步骤
1.下载kubernetes相关镜像
registry.k8s.io/kube-apiserver:v1.28.2
registry.k8s.io/kube-controller-manager:v1.28.2
registry.k8s.io/kube-scheduler:v1.28.2
registry.k8s.io/kube-proxy:v1.28.2
registry.k8s.io/pause:3.9
registry.k8s.io/etcd:3.5.9-0
registry.k8s.io/coredns/coredns:v1.10.1
root@k8s-master1:~# vim image-down.sh (把镜像源改成国内镜像源)
#!/bin/bash
nerdctl pull registry.aliyuncs.com/google_containers/kube-apiserver:v1.28.2
nerdctl pull registry.aliyuncs.com/google_containers/kube-controller-manager:v1.28.2
nerdctl pull registry.aliyuncs.com/google_containers/kube-scheduler:v1.28.2
nerdctl pull registry.aliyuncs.com/google_containers/kube-proxy:v1.28.2
nerdctl pull registry.aliyuncs.com/google_containers/pause:3.9
nerdctl pull registry.aliyuncs.com/google_containers/etcd:3.5.9-0
nerdctl pull registry.aliyuncs.com/google_containers/coredns:v1.10.1
2.kubernetes集群初始化
root@k8s-master1:~# init --apiserver-advertise-address=192.168.0.121 --apiserver-bind-port=6443 --kubernetes-version=v1.28.2 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --service-dns-domain=cluster.local --image-repository=registry.aliyuncs.com/google_containers --ignore-preflight-errors=swap
3.添加node节点
root@k8s-node1:~# kubeadm join 192.168.0.121:6443 --token 17gph6.7ye8gif13pxahqa6 --discovery-token-ca-cert-hash sha256:4a44a1152dc74303d7f12397bb1386df67822ca9610b96ea54fe54cd721f6b44
root@k8s-node2:~# kubeadm join 192.168.0.121:6443 --token 17gph6.7ye8gif13pxahqa6 --discovery-token-ca-cert-hash sha256:4a44a1152dc74303d7f12397bb1386df67822ca9610b96ea54fe54cd721f6b44
root@k8s-node3:~# kubeadm join 192.168.0.121:6443 --token 17gph6.7ye8gif13pxahqa6 --discovery-token-ca-cert-hash sha256:4a44a1152dc74303d7f12397bb1386df67822ca9610b96ea54fe54cd721f6b44
检查添加情况:
root@k8s-node3:~# kubectl get nodes (显示NotReady是因为没有部署网络插件)
NAME STATUS ROLES AGE VERSION
k8s-master1.magedu.com Ready control-plane 28m v1.28.2
k8s-node1.magedu.com NotReady <none> 118s v1.28.2
k8s-node2.magedu.com NotReady <none> 25s v1.28.2
k8s-node3.magedu.com NotReady <none> 20s v1.28.2
四,部署flannel网络插件
root@k8s-node3:~# kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
root@k8s-node3:~# kubectl get pods -n kube-flannel
NAME READY STATUS RESTARTS AGE
kube-flannel-ds-2g9xs 1/1 Running 0 67m
kube-flannel-ds-4xv94 1/1 Running 0 67m
kube-flannel-ds-fr72b 1/1 Running 0 67m
kube-flannel-ds-t8r9l 1/1 Running 0 67m
root@k8s-master1:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master1.magedu.com Ready control-plane 100m v1.28.2
k8s-node1.magedu.com Ready <none> 73m v1.28.2
k8s-node2.magedu.com Ready <none> 72m v1.28.2
k8s-node3.magedu.com Ready <none> 72m v1.28.2
- 点赞
- 收藏
- 关注作者
评论(0)