k8s原来这么简单（二）安装k8s1.23集群

官方文档：安装 kubeadm

安装条件

1. 多台Linux机器 CentOS7
2. 2G以上RAM，2个以上CPU
3. 集群网络互通，可访问外网
4. 关闭防火墙，关闭swap分区

准备安装环境

node	IP
k8s-master	192.168.43.111
k8s-node1	192.168.43.112
k8s-node2	192.168.43.113

以下命令在三个主机上运行

关闭防火墙

systemctl stop firewalld && systemctl disable firewalld

关闭selinux

sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久setenforce 0 # 临时

关闭swap

swapoff -a # 临时vi /etc/fstab # 永久

设置主机名

hostnamectl set-hostname <hostname>

添加hosts

cat >> /etc/hosts << EOF192.168.43.111 k8s-master192.168.43.112 k8s-node1192.168.43.113 k8s-node2EOF

允许 iptables 检查桥接流量

cat <<EOF | sudo tee /etc/modules-load.d/k8s.confbr_netfilterEOF

 

cat <<EOF | sudo tee /etc/sysctl.d/k8s.confnet.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1EOF

 

sudo sysctl --system

安装Docker

yum install wget -ywget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repoyum -y install docker-cesystemctl enable docker && systemctl start docker

配置Docker

cat > /etc/docker/daemon.json << EOF{"exec-opts": ["native.cgroupdriver=systemd"],"log-driver": "json-file","log-opts": {"max-size": "100m"},"storage-driver": "overlay2","registry-mirrors": ["https://vydiw6v2.mirror.aliyuncs.com"]}EOF

 

systemctl restart docker

安装kubeadm，kubelet和kubectl

添加阿里yum源

cat > /etc/yum.repos.d/kubernetes.repo << EOF[kubernetes]name=Kubernetesbaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64enabled=1gpgcheck=0repo_gpgcheck=0gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF

 

sudo yum install -y kubelet-1.23.0 kubeadm-1.23.0 kubectl-1.23.0 --disableexcludes=kubernetes sudo systemctl enable --now kubelet

 

以下命令在master主机上运行

初始化master

https://kubernetes.io/zh/docs/reference/setup-tools/kubeadm/kubeadm-init/kubeadm init \--apiserver-advertise-address=192.168.43.111 \--image-repository registry.aliyuncs.com/google_containers \--kubernetes-version v1.23.0 \--service-cidr=10.96.0.0/12 \--pod-network-cidr=10.244.0.0/16 \--ignore-preflight-errors=allvi /etc/profileexport KUBECONFIG=/etc/kubernetes/admin.confsource /etc/profile

 

kubectl get nodes

 

以下命令在node主机上运行

加入node

执行master init之后的join命令

kubeadm join 192.16...........

 

重新获取join命令

kubeadm token create --print-join-command

 

master上安装容器网络

https://kubernetes.io/zh/docs/concepts/cluster-administration/networking/#how-to-implement-the-kubernetes-networking-model

wget https://projectcalico.docs.tigera.io/manifests/tigera-operator.yaml --no-check-certificatewget https://projectcalico.docs.tigera.io/manifests/custom-resources.yaml --no-check-certificate

 

修改pod网络calicoNetwork

kubectl create -f tigera-operator.yamlkubectl create -f custom-resources.yaml

 

验证

kubectl get pods -n kube-system

kubectl get nodes -o wide

 

测试集群

kubectl create deployment nginx --image=nginxkubectl expose deployment nginx --port=80 --type=NodePortkubectl get pod,svc