Vanitas笔记

kubernetes学习笔记(部署)

  • 2021-06-08
  • 作者 Vanitas
  • ~3.02K 字
  1. 1. 部署master节点
  2. 2. 部署node节点
  3. 3. 部署cni 容器网络
  4. 4. 验证kubernetes

准备三台干净的服务器,系统版本: CentOS Linux release 7.9.2009

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
sudo sed -e 's|^mirrorlist=|#mirrorlist=|g' \
         -e 's|^#baseurl=http://mirror.centos.org/centos|baseurl=https://mirrors.ustc.edu.cn/centos|g' \
         -i.bak \
         /etc/yum.repos.d/CentOS-Base.repo
# 更换ustc软件源


yum -y install yum-utils device-mapper-persistent-data lvm2
## 安装docker依赖
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

yum makecache fast
#添加阿里云docker源
yum -y install docker-ce python3 python3-pip lrzsz 
# 安装docker-ce

systemctl disable firewalld --now  #关闭防火墙

 sed -i 's/enforcing/disabled/' /etc/selinux/config  # 关闭selinux

添加hosts

1
2
3
172.16.8.10 k8s-master
172.16.8.20 k8s-node1
172.16.8.30 k8s-node2       
1
2
3
4
5
6
7
8
9
10
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
## 转发桥接的ipv4流量
 sysctl --system  # 生效
 
 #时间同步:
yum install ntpdate -y
ntpdate time.windows.com

配置docker加速

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
cat >  /etc/docker/daemon.json <<EOF
{
"registry-mirrors": [
"https://registry.docker-cn.com",
"https://reg-mirror.qiniu.com"]
}
EOF


#添加软件源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

yum install -y kubelet-1.19.0 kubeadm-1.19.0 kubectl-1.19.0
 systemctl enable kubelet

部署master节点

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
kubeadm init \
      --apiserver-advertise-address=172.16.8.10 \
      --image-repository registry.aliyuncs.com/google_containers \
      --kubernetes-version v1.19.0 \
      --service-cidr=10.96.0.0/12 \
      --pod-network-cidr=10.244.0.0/16 \
      --ignore-preflight-errors=all
      
      
## 执行完这条命令将会生成一个token 后面需要使用这个token部署node
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get nodes

# 如果token过期或者遗忘 可重新生成
kubeadm token create 

openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'



部署node节点

1
2
3
4
5
kubeadm   join 172.16.8.10:6443 --token yu1d41.14sn0raj2f9upgwe  --discovery-token-ca-cert-hash sha256:f4a052579f60e2792f68629bd88d5eb32b2ce0a39228770377ebc880a44ba822


## 至此 kubectl get nodes 仍会显示not ready 
#需要安装cni

部署cni 容器网络

1
2
3
wget https://docs.projectcalico.org/manifests/calico.yaml
kubectl apply -f calico.yaml
kubectl get pods -n kube-system

也可使用flannel

1
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

如果要切换cni插件,需要先把所有节点的/etc/cni/net.d/文件清空

验证kubernetes

1
2
3
kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get pod,svc
本作品采用 知识共享署名-相同方式共享 4.0 国际许可协议 进行许可
最后编辑:2021-07-02