Kubernetes集群部署
Kubernetes集群部署
https://github.com/Mirantis/cri-dockerd/releases/tag/v0.2.5
https://github.com/kubernetes/kubernetes/releases/tag/v1.24.3
10.0.0.106 master01
10.0.0.103 node01
10.0.0.104 node02
10.0.0.105 node03
在每个机器上修改hosts
[root@he ~]#cat /etc/hosts
10.0.0.102 k8s-master01.magedu.com k8s-master01 kubeapi.magedu.com k8sapi.magedu.com kubeapi
10.0.0.103 k8s-node01.magedu.com k8s-node01
10.0.0.104 k8s-node02.magedu.com k8s-node02
10.0.0.105 k8s-node03.magedu.com k8s-node03
初始化设置
#禁用swap
swapoff -a
#禁用防火墙
ufw disable
#保证所有机器时间同步
[root@k8s-master01 ~]#date
Sun 14 Aug 2022 08:32:09 PM CST
在所有节点安装docker-ce
#安装必要的一些系统工具
sudo apt-get update
sudo apt-get -y install apt-transport-https ca-certificates curl software-properties-common
#安装GPG证书
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
#写入软件源信息
sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
#更新并安装Docker-CE
sudo apt-get -y update
sudo apt-get -y install docker-ce
修改docker引擎使用systemd作为CGroup的驱动
[root@k8s-master01 ~]#vim /etc/docker/daemon.json
{
"registry-mirrors": [
"https://docker.mirrors.ustc.edu.cn",
"https://hub-mirror.c.163.com",
"https://reg-mirror.qiniu.com",
"https://registry.docker-cn.com"
],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "200m"
},
"storage-driver": "overlay2"
}
[root@k8s-master01 ~]#systemctl daemon-reload
[root@k8s-master01 ~]#systemctl enable --now docker.service
[root@k8s-master01 ~]#docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.8.2-docker)
scan: Docker Scan (Docker Inc., v0.17.0)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 20.10.17
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd #修改成功
安装cri-dockerd
https://github.com/Mirantis/cri-dockerd/releases/tag/v0.2.5
dpkg -i cri-dockerd_0.2.5.3-0.ubuntu-focal_amd64.deb
在各个节点安装工具kubelet、kubeadm和kubectl
[root@k8s-master01 ~]#apt-get update && apt-get install -y apt-transport-https
[root@k8s-master01 ~]#curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
[root@k8s-master01 ~]#cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
[root@k8s-master01 ~]#apt-get update && apt-get install -y kubelet kubeadm kubectl
配置cri-docked
配置cri-dockerd,确保其能够正确加载到CNI插件
[root@k8s-master01 ~]#vim /usr/lib/systemd/system/cri-docker.service
[Service]
Type=notify
#ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// #添加下面一行
ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --network-plugin=cni --cni-bin-dir=/opt/cni/bin --cni-cache-dir=/var/lib/cni/cache --cni-conf-dir=/etc/cni/net.d
[root@k8s-master01 ~]#systemctl daemon-reload && systemctl restart cri-docker.service
配置kubelet
配置kubelet,为其指定cri-dockerd在本地打开的Unix Sock文件的路径
[root@k8s-master01 ~]#mkdir /etc/sysconfig
[root@k8s-master01 sysconfig]#vim /etc/sysconfig/kubelet
KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint=/run/cri-dockerd.sock"
导入kubernetes镜像
#在master节点导入
[root@k8s-master01 ~]#docker load -i k8s-master-components.tar
#在node节点导入
[root@k8s-node01 ~]#docker load -i k8s-worker-components.tar
#在master和node都导入
[root@k8s-node01 ~]#docker load -i calico-components.tar
#查看导入的镜像
[root@k8s-master01 ~]#kubeadm config images list
k8s-master01节点的初始化:
[root@k8s-master01 ~]#kubeadm init --control-plane-endpoint="kubeapi.magedu.com" --kubernetes-version=v1.24.3 --pod-network-cidr=192.168.0.0/16 --service-cidr=10.96.0.0/12 --token-ttl=0 --cri-socket unix:///run/cri-dockerd.sock --upload-certs
--image-repository=registry.aliyuncs.com/google_containers
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join kubeapi.magedu.com:6443 --token 8u7wsa.zl3jwtsv0stjh7si \
--discovery-token-ca-cert-hash sha256:66bbcb062cd5827ad4138765ea4f361baa0910a25cdd6ceb101d0c2755468a48
设定kubectl
[root@k8s-master01 ~]#mkdir -p $HOME/.kube
[root@k8s-master01 ~]#cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master01 ~]#kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master01 NotReady control-plane 28s v1.24.3
如果出错的话重置
[root@k8s-master01 ~]#kubeadm reset --cri-socket unix:///run/cri-dockerd.sock
[root@k8s-master01 ~]#rm -rf /etc/kubernetes/ /var/lib/kubelet/
部署Project calico网络插件
https://www.tigera.io/project-calico/
[root@k8s-master01 ~]#curl https://projectcalico.docs.tigera.io/manifests/calico.yaml -O
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 225k 100 225k 0 0 200k 0 0:00:01 0:00:01 --:--:-- 200k
[root@k8s-master01 ~]#kubectl apply -f calico.yaml
验证master节点已经就绪
[root@k8s-master01 ~]#kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-555bc4b957-b9hdz 1/1 Running 0 8m44s
calico-node-vzv44 1/1 Running 0 8m44s
coredns-6d4b75cb6d-pgmgq 1/1 Running 0 14m
coredns-6d4b75cb6d-w9mpd 1/1 Running 0 14m
etcd-k8s-master01 1/1 Running 0 14m
kube-apiserver-k8s-master01 1/1 Running 0 14m
kube-controller-manager-k8s-master01 1/1 Running 0 14m
kube-proxy-2n2dv 1/1 Running 0 14m
kube-scheduler-k8s-master01 1/1 Running 0 14m
[root@k8s-master01 ~]#
[root@k8s-master01 ~]#
[root@k8s-master01 ~]#kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master01 Ready control-plane 14m v1.24.3
在每个node节点上执行
[root@k8s-node01 ~]#kubeadm join kubeapi.magedu.com:6443 --token fkkolf.o1q0gej1vmjqxoac --discovery-token-ca-cert-hash sha256:5c69e2159418a74988f134630c2501032c23f72e7dfcfedca7595fc6cab8779e --cri-socket unix:///run/cri-dockerd.sock
在master上查看集群加入情况
[root@k8s-master01 ~]#kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master01 Ready control-plane 35m v1.24.3
k8s-node01 Ready <none> 98s v1.24.3
k8s-node02 Ready <none> 47s v1.24.3
k8s-node03 Ready <none> 45s v1.24.3
[root@k8s-master01 ~]#kubectl get pods -n kube-system
测试
#kubectl create命令编排测试
#创建deployment 3个实例
[root@k8s-master01 ~]#kubectl create deployment demoapp --image=ikubernetes/demoapp:v1.0 --replicas=3
deployment.apps/demoapp created
[root@k8s-master01 ~]#kubectl create service nodeport demoapp --tcp=80:80
[root@k8s-master01 ~]#kubectl get pods #查看创建的3个pod
[root@k8s-master01 ~]#kubectl get pods -o wide #查看创建的pod调度在哪个节点上
demoapp-78b49597cf-67s9x 1/1 Running 0 3m15s 192.168.135.130 k8s-node03 <none> <none>
demoapp-78b49597cf-nmmgw 1/1 Running 0 3m15s 192.168.85.194 k8s-node01 <none> <none>
demoapp-78b49597cf-rgt95 1/1 Running 0 3m15s 192.168.85.193 k8s-node01 <none> <none>
浙公网安备 33010602011771号