k8s集群搭建

操作系统：centos7.9

内核：5.15.63-1.el7.x86_64

172.20.10.128 master01
172.20.10.129 master02
172.20.10.130 master03
172.20.10.131 node01
172.20.10.132 node02

 

部署方案：

yum install socat conntrack ebtables ipset -y

export KKZONE=cn

curl -sfL https://get-kk.kubesphere.io | sh -                     #可能会有问题，需要去github上面下载

sudo chmod +x kk

./kk create config --with-kubernetes <Kubernetes version>         #我这里安装的版本是1.28.12

编辑新生成的config-sample.yaml文件

apiVersion: kubekey.kubesphere.io/v1alpha2
kind: Cluster
metadata:
name: sample
spec:
hosts:
- {name: master01, address: 172.20.10.128, internalAddress: 172.20.10.128, user: root, password: "密码"}              #配置服务器信息
- {name: master02, address: 172.20.10.129, internalAddress: 172.20.10.129, user: root, password: "密码"}
- {name: master03, address: 172.20.10.130, internalAddress: 172.20.10.130, user: root, password: "密码"}
- {name: node01, address: 172.20.10.131, internalAddress: 172.20.10.131, user: root, password: "密码"}
- {name: node02, address: 172.20.10.132, internalAddress: 172.20.10.132, user: root, password: "密码"}
roleGroups:
etcd:
- master01
- master02
- master03
control-plane:
- master01
- master02
- master03
worker:
- node01
- node02
controlPlaneEndpoint:
## Internal loadbalancer for apiservers
internalLoadbalancer: haproxy        #打开高可用

domain: lb.kubesphere.local
address: ""
port: 6443
kubernetes:
version: v1.28.12
clusterName: cluster.local
autoRenewCerts: true
containerManager: containerd
etcd:
type: kubekey
network:
plugin: calico
kubePodsCIDR: 10.233.64.0/18
kubeServiceCIDR: 10.233.0.0/18
## multus support. https://github.com/k8snetworkplumbingwg/multus-cni
multusCNI:
enabled: false
registry:
privateRegistry: ""
namespaceOverride: ""
registryMirrors: []
insecureRegistries: []
addons: []

通过上述文件直接运行如下命令进行创建：

./kk create cluster -f config-sample.yaml

当然这里会有一个报错，纠结了很久：

[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[kubelet-check] Initial timeout of 40s passed.

Unfortunately, an error has occurred:
timed out waiting for the condition

This error is likely caused by:
- The kubelet is not running
- The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled)

If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands:
- 'systemctl status kubelet'
- 'journalctl -xeu kubelet'

Additionally, a control plane component may have crashed or exited when started by the container runtime.
To troubleshoot, list all containers using your preferred container runtimes CLI.
Here is one example how you may list all running Kubernetes containers by using crictl:
- 'crictl --runtime-endpoint unix:///run/containerd/containerd.sock ps -a | grep kube | grep -v pause'
Once you have found the failing container, you can inspect its logs with:
- 'crictl --runtime-endpoint unix:///run/containerd/containerd.sock logs CONTAINERID'
error execution phase wait-control-plane: couldn't initialize a Kubernetes cluster
To see the stack trace of this error execute with --v=5 or higher: Process exited with status 1
01:38:20 PDT retry: [master01]

 

需要通过如下方法解决：

升级lib

rpm -qa | grep libseccomp
libseccomp-2.3.1-4.el7.x86_64

rpm -e libseccomp-2.3.1-4.el7.x86_64 --nodeps

安装新的

去官网下载：

https://oraclelinux.pkgs.org/8/ol8-baseos-latest-x86_64/libseccomp-2.5.1-1.el8.x86_64.rpm.html

rpm -ivh libseccomp-2.5.1-1.el8.x86_64.rpm

如果不是libseccomp的问题，有可能是底层runc的问题

安装runc

wget https://golang.org/dl/go1.18.linux-amd64.tar.gz

sudo tar -C /usr/local -xzf go1.18.linux-amd64.tar.gz

echo 'export PATH=$PATH:/usr/local/go/bin' >> ~/.bashrc

source ~/.bashrc

git clone https://github.com/opencontainers/runc.git    #需要FQ

cd runc

git checkout v1.1.8

make

make install

runc --version

最后是删除集群再安装集群

./kk delete cluster -f config-sample.yaml

./kk create cluster -f config-sample.yaml