3台ubuntu上部署k8s集群

版本信息

Ubuntu 22.04

k8s v1.28.4

1. 环境准备（所有节点）

1.1 配置root用户、sshd服务和IP地址

enp0s3: NAT模式（dhcp） ，用于访问公网

enp0s8: host-only模式（静态IP），用于和宿主机的通信

# Ubuntu 默认禁用root用户
sudo passwd root
su - root

apt install -y openssh-server
echo "PermitRootLogin yes
PasswordAuthentication yes" >> /etc/ssh/sshd_config
systemctl restart sshd


echo "network:
  version: 2
  renderer: networkd
  ethernets:
    enp0s3:
      dhcp4: true
    enp0s8:
      dhcp4: false
      addresses: [192.168.56.201/24]" |tee /etc/netplan/xxx.yaml
netplan apply  #reboot后失效

#reboot后修改依旧生效

echo "network: {config: disabled}" |tee /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg 
systemctl restart cloud-init

 

1.2 配置hostname、hosts解析、ntp时间同步和时区

hostnamectl set-hostname xxx

vim /etc/hosts

apt install -y ntpdate
ntpdate ntp.aliyun.com

timedatectl set-timezone Asia/Shanghai

 

1.3 关闭swap

#查看swap是否启用
free -h　　# swap一行为0，未启用
swapon -s　　# 输出为空，未启用
cat /proc/swaps　　# 输出为空，未启用

#ubuntu 可能默认禁用swap

#执行以下命令永久关闭swap
sudo swapoff -a
sudo sed -i '/ swap / s/^/#/' /etc/fstab
# 对于Ubuntu 22.04及以上版本，还需执行以下命令以确保彻底禁用[6](@ref)
sudo systemctl mask swap.img.swap

 

1.4 配置内核模块与内核参数

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF

sudo modprobe overlay
sudo modprobe br_netfilter

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF

sudo sysctl --system

 

2. 安装containerd（所有节点）

　　Kubernetes 1.24+ 默认不再支持Docker，推荐使用containerd

sudo apt install -y containerd
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
# 修改配置，启用Systemd Cgroup驱动
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
# 对于国内环境，建议额外替换sandbox_image为国内镜像源[2,3](@ref)
sudo sed -i 's|registry.k8s.io/pause:3.8|registry.aliyuncs.com/google_containers/pause:3.9|g' /etc/containerd/config.toml
sudo systemctl restart containerd
sudo systemctl enable containerd

 

3. 安装k8s组件（所有节点）

sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl
# 添加Kubernetes官方GPG密钥和软件源（适用于1.28版）[1](@ref)
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
# 或者使用国内镜像源（如阿里云）[2,5](@ref)
# curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
# echo "deb https://mirrors.aliyuncs.com/kubernetes/apt/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

sudo apt-get update
sudo apt-get install -y kubelet=1.28.4-1.1 kubeadm=1.28.4-1.1 kubectl=1.28.4-1.1
sudo apt-mark hold kubelet kubeadm kubectl
# 将 kubelet、kubeadm 和 kubectl 这三个软件包标记为“保留”（hold）状态，以防止它们被意外升级