部署架构
环境准备
安装运行时环境,步骤省略
k8s 支持一下容器运行环境
设置 hostname
sudo hostnamectl set-hostname k8s-master1 # master 节点执行 sudo hostnamectl set-hostname k8s-node1 # node 节点执行 sudo hostnamectl set-hostname k8s-node2 # node 节点执行配置 hosts
cat << EOF | sudo tee -a /etc/hosts 192.168.1.200 k8s-master1 192.168.1.10 k8s-node1 192.168.1.121 k8s-node2 EOF禁用 swap
sudo swapoff -a sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab加载内核模块
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf overlay br_netfilter EOF sudo modprobe overlay sudo modprobe br_netfilterlsmod | grep br_netfilter命令可以验证 br_netfilter 模块是否已加载网桥设置
# 设置所需的 sysctl 参数,参数在重新启动后保持不变 cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 EOF # 应用 sysctl 参数而不重新启动 sudo sysctl --systemsystemd cgroup 驱动配置
# 生成默认配置 containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1 # 修改 cgroup 为 systemd sudo sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml重启容器运行环境
sudo systemctl restart containerd
安装
安装 kubeadm
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl
# 下载 Google Cloud 公开签名秘钥:
sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
# 添加 Kubernetes apt 仓库
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
# 安装 kubelet、kubeadm 和 kubectl,并锁定其版本
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl部署 master
# 修改为对应 master ip
# pod-network-cidr 是对应 pod ip 段
sudo kubeadm init --kubernetes-version=1.25.0 --apiserver-advertise-address=192.168.1.200 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16 --image-repository registry.aliyuncs.com/google_containers执行成功会出现以下内容
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.1.200:6443 --token 9s6kq5.0r2yj3bpzy7an0um \
--discovery-token-ca-cert-hash sha256:62c0d12c44e2ccccc734a1429c04a24f7e28e4f40b3b5351d24d3e4e9981c0a9拷贝配置文件到普通用户目录,方便使用普通用户管理不需要 sudo 执行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config安装网络插件
kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml部署 node
Then you can join any number of worker nodes by running the following on each as root:
sudo kubeadm join 192.168.1.200:6443 --token 9s6kq5.0r2yj3bpzy7an0um \
--discovery-token-ca-cert-hash sha256:62c0d12c44e2ccccc734a1429c04a24f7e28e4f40b3b5351d24d3e4e9981c0a9 --v=5测试
# 查看 node 状态,Ready 表示正常
kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master1 Ready control-plane 11h v1.25.0
k8s-node1 Ready <none> 10h v1.25.0
k8s-node2 Ready <none> 62m v1.25.0部署 nginx(在 master 执行)
kubectl create deployment my-nginx --image=nginx
# 暴露 nginx 端口
kubectl expose deployment nginx-app --type=NodePort --port=80
# 查看服务状态,找到 PORT(S) 对应的端口
kubectl get svc my-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
my-nginx NodePort 10.111.141.52 <none> 80:30681/TCP 11m通过 PORT(S) 对应的端口使用任意 node 公网(局域网)ip 测试访问是否正常
curl http://192.168.1.121:30681删除实例
kubectl delete deployment my-nginx常见问题
- 安装后启动失败,可以使用
journalctl -f -u kubelet查看日志
