Kubernetes一次搞定
本文详细介绍了Kubernetes集群的安装配置流程,主要包括:1)彻底清理并重新安装指定版本(19.03.15)Docker,配置阿里云镜像源;2)设置Docker和containerd的systemd cgroup驱动,配置镜像仓库;3)系统环境初始化(关闭防火墙、SELinux和swap);4)配置Kubernetes网络参数和阿里云yum源,安装指定版本(1.20.9)kubelet等组件
所有节点执行:
1. Docker 清理→依赖→源配置→安装(补充缓存更新)
yum remove -y docker* containerd.io && rm -rf /var/lib/docker /var/lib/containerd /etc/docker /run/docker.sock && yum clean all && rm -rf /var/cache/yum/*
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache fast # 新增:更新Yum缓存
yum install -y docker-ce-19.03.15 docker-ce-cli-19.03.15 containerd.io-1.4.9 --nogpgcheck
2. Docker 配置→重启→验证 + containerd补充配置(保留现有,无修改)
mkdir -p /etc/docker && tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": [
"https://2d3pt3dk.mirror.aliyuncs.com",
"https://docker.m.daocloud.io",
"https://docker.1panel.live",
"https://hub.rat.dev"
],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
docker info | grep -i cgroup
#Cgroup Driver: cgroupfs是docker的默认驱动需要改成和k8s一致的systemd
systemctl daemon-reload && systemctl restart docker
cat /var/lib/kubelet/config.yaml | grep cgroupDriver
#cgroupDriver: systemd
3.containerd启动与开机自启
systemctl start containerd && systemctl enable --now containerd && systemctl status containerd
4.containerd config.toml配置
mkdir -p /etc/containerd && containerd config default > /etc/containerd/config.toml
sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/' /etc/containerd/config.toml
sed -i 's#sandbox_image \= "k8s.gcr.io/pause:3.2"#sandbox_image \= "registry.aliyuncs.com/google_containers/pause:3.2"#' /etc/containerd/config.toml
systemctl restart containerd
5.系统环境初始化(删除重复命令)
systemctl stop firewalld && systemctl disable firewalld
setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config # 仅保留disabled配置
swapoff -a && sed -i '/swap/s/^/#/' /etc/fstab # 仅保留一次关闭操作
4.K8s 网络配置→源配置→组件安装(删除重复源配置和未指定版本安装)
# 桥接规则+IP转发配置
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system
7.IP转发启用
echo "net.ipv4.ip_forward = 1" > /proc/sys/net/ipv4/ip_forward
echo "net.ipv4.ip_forward = 1" | tee -a /etc/sysctl.d/k8s.conf
sudo sysctl --system && sysctl net.ipv4.ip_forward
8.K8s 源配置+指定版本安装
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF
sudo yum install -y kubelet-1.20.9 kubeadm-1.20.9 kubectl-1.20.9 --disableexcludes=kubernetes
sudo systemctl enable --now kubelet
仅在master上执行:
9. K8s 初始化→网络插件→节点加入→验证
kubeadm init --apiserver-advertise-address=192.168.200.201 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.20.9 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16
mkdir -p $HOME/.kube && sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config && sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
仅在node上执行:
10.
在master执行
kubeadm token create --print-join-command
换成你的token
kubeadm join 192.168.200.201:6443 --token 9wof0h.l12mgnya0n0zgqjl --discovery-token-ca-cert-hash sha256:199bfcab18cd06fb3ec43b5087ed4d133494a75153c92a1472720cad44d558dc
仅在master上执行:
11.
kubectl get nodes && kubectl get pods -A
所有节点执行:
12.
systemctl enable --now docker
systemctl enable --now containerd
systemctl enable --now kubelet
有“AI”的1024 = 2048,欢迎大家加入2048 AI社区
更多推荐
18
0- 0
已为社区贡献1条内容
所有评论(0)