Rocky Linux9(aarch64)安装k8s
[root@localhost ~]# hostnamectl set-hostname master
初始化操作:
[root@master ~]# swapoff -a [root@master ~]# sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab [root@master ~]# setenforce 0 [root@master ~]# sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/sysconfig/selinux [root@master ~]# systemctl stop firewalld [root@master ~]# systemctl disable firewalld
[root@master ~]# modprobe overlay [root@master ~]# modprobe br_netfilter
配置转发:
[root@master ~]# cat /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 net.bridge.bridge-nf-call-ip6tables = 1
[root@master ~]# sysctl --system
安装containerd服务:
[root@master ~]# yum install yum-utils -y [root@master ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo [root@master ~]# dnf install containerd.io
修改配置文件:
[root@master ~]# containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1 [root@master ~]# sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml [root@master ~]# systemctl restart containerd [root@master ~]# systemctl enable containerd Created symlink /etc/systemd/system/multi-user.target.wants/containerd.service → /usr/lib/systemd/system/containerd.service. [root@master ~]# systemctl status containerd
修改pause镜像:
[root@master ~]# grep "sandbox_image" /etc/containerd/config.toml sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"
配置镜像加速器:
mkdir -p /etc/containerd/certs.d/docker.io tee /etc/containerd/certs.d/docker.io/hosts.toml <<EOF [host."https://docker.actima.top"] # 替换为你的加速器地址 capabilities = ["pull", "resolve"] # 支持拉取和解析镜像[1,7](@ref) EOF 编辑 /etc/containerd/config.toml,启用动态镜像配置目录: [plugins."io.containerd.grpc.v1.cri".registry] config_path = "/etc/containerd/certs.d" # 指定镜像配置目录[1,7](@ref)
重启服务后测试:
crictl pull nginx:latest 查看命名空间: ctr ns list ctr -n k8s.io images ls | grep nginx
ctr的命令操作:
查看镜像: [root@master ~]# crictl images ls IMAGE TAG IMAGE ID SIZE docker.io/calico/cni v3.26.1 750dd81f472ae 85.5MB docker.io/calico/kube-controllers v3.26.1 01cf521462df2 29.2MB docker.io/calico/node v3.26.1 d5dd9023bb474 84.7MB docker.io/library/nginx latest 889e2cc329c8e 68.7MB registry.aliyuncs.com/google_containers/coredns v1.10.1 97e04611ad434 14.6MB registry.aliyuncs.com/google_containers/etcd 3.5.15-0 27e3830e14027 66.5MB registry.aliyuncs.com/google_containers/kube-apiserver v1.28.15 e5e63a95df81d 31.5MB registry.aliyuncs.com/google_containers/kube-controller-manager v1.28.15 30ceff9df337a 30.4MB registry.aliyuncs.com/google_containers/kube-proxy v1.28.15 518310802a1e4 25MB registry.aliyuncs.com/google_containers/kube-scheduler v1.28.15 97e0e1bb5a1b0 16.9MB registry.aliyuncs.com/google_containers/pause 3.9 829e9de338bd5 268kB
查看容器服务:
[root@master ~]# crictl ps -a CONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID POD 544d08cc0f943 889e2cc329c8e 12 hours ago Running nginx 0 d04a69f9bd5c5 nginx-7854ff8877-8dqnl 8847862ee4610 01cf521462df2 13 hours ago Running calico-kube-controllers 0 e366314cd05e0 calico-kube-controllers-7ddc4f45bc-8wvmd 1d7d9ce0ddbda 97e04611ad434 13 hours ago Running coredns 0 1de3cd44b2a2b coredns-66f779496c-ffxfz b203af32e49e3 97e04611ad434 13 hours ago Running coredns 0 f4641f61ef66a coredns-66f779496c-r75pt c5f1ce1deac8b d5dd9023bb474 13 hours ago Running calico-node 0 fa8c0d6cb1548 calico-node-2n679 4f487a1c5116b d5dd9023bb474 13 hours ago Exited mount-bpffs 0 fa8c0d6cb1548 calico-node-2n679 6d1a4ae37a009 750dd81f472ae 13 hours ago Exited install-cni 0 fa8c0d6cb1548 calico-node-2n679 06f8dbd68973a 750dd81f472ae 13 hours ago Exited upgrade-ipam 0 fa8c0d6cb1548 calico-node-2n679 65232ec5a5d51 518310802a1e4 13 hours ago Running kube-proxy 0 cc39ee5c85b28 kube-proxy-pgf7g 67a281e67fe7b 27e3830e14027 13 hours ago Running etcd 2 c532239c20c3d etcd-master 495c460e690df e5e63a95df81d 13 hours ago Running kube-apiserver 2 79a2f15646551 kube-apiserver-master 1ec4542530f14 97e0e1bb5a1b0 13 hours ago Running kube-scheduler 2 db307dbd1e03f kube-scheduler-master e41145d29e0af 30ceff9df337a 13 hours ago Running kube-controller-manager 2 4b220ce777c3e kube-controller-manager-master
下载镜像:
[root@master ~]# crictl pull nginx Image is up to date for sha256:889e2cc329c8ea157b2ac764f62dcc6b4f3e495d4a47583287c1f96df9823482
配置k8s repo:
[root@master ~]# cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://pkgs.k8s.io/core:/stable:/v1.28/rpm/ enabled=1 gpgcheck=1 gpgkey=https://pkgs.k8s.io/core:/stable:/v1.28/rpm/repodata/repomd.xml.key exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni EOF [kubernetes] name=Kubernetes baseurl=https://pkgs.k8s.io/core:/stable:/v1.28/rpm/ enabled=1 gpgcheck=1 gpgkey=https://pkgs.k8s.io/core:/stable:/v1.28/rpm/repodata/repomd.xml.key exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
安装k8s:
[root@master ~]# yum install kubelet kubeadm kubectl --disableexcludes=kubernetes
[root@master ~]# systemctl enable --now kubelet
初始化集群:
[root@master ~]# kubeadm init --apiserver-advertise-address=10.0.2.15 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/16 [root@master ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION master NotReady control-plane 72s v1.28.15
安装calico:
[root@master ~]# wget https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/calico.yaml [root@master ~]# kubectl apply -f calico.yaml
查看集群:
[root@master ~]# kubectl get nodes -owide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME master Ready control-plane 13h v1.28.15 10.0.2.15 <none> Rocky Linux 9.6 (Blue Onyx) 5.14.0-570.17.1.el9_6.aarch64 containerd://1.7.27
参考:https://www.linuxtechi.com/install-kubernetes-on-rockylinux-almalinux/
浙公网安备 33010602011771号