一 环境设置
1.hostname配置 vim /etc/hosts 2.关闭swap分区 swapoff -a && sysctl -w vm.swappiness=0 sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab 3.设置时区 timedatactl timedatectl set-timezone Asia/Shanghai
二 安装docker
sudo apt-get -y install apt-transport-https ca-certificates curl software-properties-common curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add - sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" sudo apt-get update sudo apt-cache madison docker-ce apt install docker-ce
2.2 在**/etc/docker/daemon.json**中写入如下内容(如果文件不存在请新建该文件)
{ "registry-mirrors": ["https://njxt9r87.mirror.aliyuncs.com"] } EOF sudo systemctl daemon-reload sudo systemctl restart docker
2.3 重新安装containerd
sudo systemctl stop containerd.service sudo cp /etc/containerd/config.toml /etc/containerd/config.toml.bak sudo containerd config default > $HOME/config.toml sudo cp $HOME/config.toml /etc/containerd/config.toml # 修改 /etc/containerd/config.toml 文件后,要将 docker、containerd 停止后,再启动 sudo sed -i "s#registry.k8s.io/pause#registry.cn-hangzhou.aliyuncs.com/google_containers/pause#g" /etc/containerd/config.toml # https://kubernetes.io/zh-cn/docs/setup/production-environment/container-runtimes/#containerd-systemd # 确保 /etc/containerd/config.toml 中的 disabled_plugins 内不存在 cri sudo sed -i "s#SystemdCgroup = false#SystemdCgroup = true#g" /etc/containerd/config.toml sudo systemctl enable --now containerd.service
三 haproxy和keepalived
check_apiserver.sh文件:
#!/bin/bash err=0 for k in $(seq 1 3) do check_code=$(pgrep haproxy) if [[$check_code == ""]]; then err=$(expr $err + 1) sleep 1 continue else err=0 break; fi done if [[ $err != "0"]]; then echo "systemctl stop keepalived" /usr/bin/systemctl stop keepalived exit 1 else exit 0 fi
keepalived.conf文件:
!Configuration File for keepalived global_defs { router_id LVS_DEVEL script_user root anable_script_security } vrrp_script chk_apiserver { script "/etc/keepalived/check_apiserver.sh" interval 5 weight -5 fall 2 rise 1 } vrrp_instance VI_1 { state MASTER interface ens33 # localhost name mcast_src_ip 192.168.189.101 virtual_router_id 51 priority 101 advert_int 2 authentication { auth_type PASS auth_pass K8SHA_KA_AUTH } virtual_ipaddress { 192.168.189.210 } track_script { chk_apiserver } }
再执行下面的命令:
systemctl daemon-reload systemctl enable --now haproxy systemctl enable --now keepalived
四 安装k8s
1.kubeadm工具安装
apt-get install -y kubelet kubeadm kubectl(当时默认v.1.26.3) systemctl daemon-reload systemctl restart kubelet systemctl enable kubelet
2.kubeadm安装k8s(1maser,1node)
1.下载所需镜像 kubeadm config images list --kubernetes-version=v1.26.0 docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.26.0 2.初始化参数 kubeadm config print init-defaults > kubeadm-config.yaml #初始化参数 3.修改kubeadm里面 imageRepository:registry.cn-hangzhou.aliyuncs.com/google_containers KubenetesVersion: v1.26.0 4.安装 kubeadm init --config /root/kubeadm-config.yaml --upload-certs 5.在master上面执行 mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config kubectl cluster-info 6.在node上面执行 kubeadm join 192.168.189.101:6443 --token abcdef.0123456789abcdef \ --discovery-token-ca-cert-hash sha256:10316337f3794d540d5a91d92839bc591921b6a616968bcbdf00910c8e3564b8 7.在另一台master上面 kubeadm join 192.168.189.101:6443 --token abcdef.0123456789abcdef \ --discovery-token-ca-cert-hash sha256:10316337f3794d540d5a91d92839bc591921b6a616968bcbdf00910c8e3564b8 \ --control-plane --certificate-key 80e1b22968b8189e512466c2f13426769ec0f9f47fac3158d705b4af0467179e
五 安装calico
curl --no-check-certificate https://projectcalico.docs.tigera.io/archive/ v3.25/manifests/calico.yaml >> calico.yaml kubectl apply -f calico.yaml
六 安装rancher
docker run -d --restart=unless-stopped --privileged=true -v /data/rancher:/var/lib/rancher/ -p 8081:80 -p 8443:443 rancher/rancher:v2.7.1;
6.1 ubuntu22.04 安装 rancher 报[FATAL] k3s exited with: exit status 1错误
修改 /etc/default/grub 文件
添加 GRUB_CMDLINE_LINUX="cgroup_memory=1 cgroup_enable=memory swapaccount=1 systemd.unified_cgroup_hierarchy=0" sudo update-grub sudo reboot
6.2
netstat -tlnp|grep 8443 # 查看8443端口情况
参考:https://www.jianshu.com/p/e5920bac279e
https://cloud.tencent.com/developer/article/2104804
https://blog.csdn.net/TvTooOO/article/details/128904429
https://blog.csdn.net/qq_32596527/article/details/127735327(重点推荐k8s安装)
https://www.bookstack.cn/read/rancher-2.4.8-zh/746f4f29e1a4766a.md(删除rancher)
