RockyLinux10/AlmaLinux10安装k8s3.31.2最新版

1、环境准备

　　采用4台虚机，1台master，3台worker。IP地址及主机名如下：

192.168.15.120 k8s-master01
192.168.15.121 k8s-worker01
192.168.15.122 k8s-worker02
192.168.15.123 k8s-worker03

2、下载ISO镜像文件在VMware Workstation Pro上安装1台虚机，采用mini安装，镜像下载地址是：

　　Rockylinux：https://www.rockylinux.cn/download

　　AlmaLinux：https://almalinux.org/zh-hans/get-almalinux/

　　VMware Workstation Pro及虚机安装过程对各位应该很简单了，略过。

　　虚机安装完成后克隆3台。

3、个性化操作-可选，无影响

　　echo "export PS1='[\u@\H \w]<K8S>" >> /etc/profule  #自定义命令行提示符

4、 修改IP地址、主机名，配置/etc/hosts

　　4.1.使用nmtui在命令行下伪图形配置，或者直接编辑网卡配置文件：

　　vi /etc/NetworkManager/system-connections/ens160.nmconnection

[ipv4]
address1=192.168.15.121/24
dns=192.168.15.2;
gateway=192.168.15.2

　　4.2.修改主机名

vi /etc/hostname
k8s-worker01

　　4.3.修改host文件

vi /etc/hosts
192.168.15.120 k8s-master01
192.168.15.121 k8s-worker01
192.168.15.122 k8s-worker02
192.168.15.123 k8s-worker03

5、关闭防火墙、selinux、swap

systemctl stop firewalld && systemctl disable firewalld
sed -i 's/enforcing/disabled/' /etc/selinux/config && setenforce 0
swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab

6、加载必要的核心模块

　　lsmod |grep -E "overlay|br_netfilter" #检查

　　modprobe overlay && modprobe br_netfilter 　　#加载

　　echo "overlay

br_netfilter" >/etc/modules-load.d/k8s.conf　　#配置文件，以后自动加载

7、修改主机内核参数

　　echo "net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1" > /etc/sysctl.d/k8s.conf

　　sysctl --system　　#加载生效

8、配置yum源

 

echo "[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/10/x86_64/stable
enabled=1
gpgcheck=0
gpgkey=https://mirrors.aliyun.com/docker-ce/linux/centos/gpg" > /etc/yum.repos.d/containerd.repo

echo "[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.34/rpm
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.34/rpm/repodata/repomd.xml.key" > /etc/yum.repos.d/kubernetes.repo

 

测试环境，未开启校验，如果生产环境，最好打开。即修改gpgcheck=0为gpgcheck=1

 

9、配置了很多，最好重启一下虚机

 

10、安装软件包并配置

　　yum install -y  wget net-tools containerd.io kubectl kubelet kubeadm

　　systemctl enable --now containerd　　#设置开机自启动，并立即启动
　　systemctl enable --now kubelet

　　containerd config default |sudo tee /etc/containerd/config.toml　　#生成containerd配置文件

　　修改containerd配置文件 sandbox 和SystemdCgroup两个参数 ：

　　vi /etc/containerd/config.toml

<1>
49 [plugins.'io.containerd.cri.v1.images'.pinned_images]
50 sandbox = 'registry.aliyuncs.com/google_containers/pause:3.10.1'

<2>
99 [plugins.'io.containerd.cri.v1.runtime'.containerd.runtimes.runc.options]
100 BinaryName = ''
101 CriuImagePath = ''
102 CriuWorkPath = ''
103 IoGid = 0
104 IoUid = 0
105 NoNewKeyring = false
106 Root = ''
107 ShimCgroup = ''
108 SystemdCgroup = true

11、初始化crictl配置文件

echo "runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint:unix:///run/containerd/containerd.sock
timeout: 10
debug: false" > /etc/crictl.yaml

　　systemctl restart containerd

12、提前下载k8s初始化需要的镜像

kubeadm config images pull --images-repository=registry.aliyuncs.com/google_containers

13、初始化k8s

kubeadm init --ignore-preflight-errors=Swap --apiserver-advertise-address=192.168.15.120 --image-repository registry.aliyuncs.com/google_containers

14、按照提示在master上执行

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
export KUBECONFIG=/etc/kubernetes/admin.conf
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> /etc/profile

在worker所有节点执行加入：

kubeadm join 192.168.15.120:6443 --token rdnyje.fbap4y52wp3jzqkq         --discovery-token-ca-cert-hash sha256:09a9d656c69f3b7324de054d3955930ef5ba910b64dda092e482af78d1218cc0

15、安装网络插件

wget https://raw.githubusercontent.com/projectcalico/calico/v3.31.2/manifests/calico.yaml　　#下载YAML文件

mkdir colico && cd colico
wget https://github.com/projectcalico/calico/releases/download/v3.31.2/release-v3.31.2.tgz　　#下载calico完整离线包
tar -zxf release-v3.31.2.tgz

ctr namespace ls　　#查看本地库，应该有一个k8s

ls -l calico*.tar |awk '{print "ctr -n k8s.io images import "$NF}'　　#生成导入执行命令

ctr -n k8s.io images import calico-cni.tar
ctr -n k8s.io images import calico-dikastes.tar
ctr -n k8s.io images import calico-flannel-migration-controller.tar
ctr -n k8s.io images import calico-kube-controllers.tar
ctr -n k8s.io images import calico-node.tar
ctr -n k8s.io images import calico-pod2daemon.tar
ctr -n k8s.io images import calico-typha.tar

kubectl apply -f calico.yaml　　#所需镜像已在本地，很快就好了。