环境要求
- 至少2台 2核4G 的服务器
- 不能使用 localhost 作为hostname
- 所有节点网络必须互通
博主这边准备的是 3台 2核4G的ubuntu18.04 虚拟机。
切换apt为阿里云源
- /etc/apt/sources.list
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
修改hostname
vi /etc/hostname
禁用交换内存
这个会导致某个程序占用过多导致机器死机 少用交换内存
swapoff -a
设置桥接流量要求
cat <<EOF > /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF sysctl --system
安装docker 这里直接用ubuntu apt的
- docker
apt install docker.io
配置docker阿里云加速
sudo mkdir -p /etc/docker sudo tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://9fx2xqey.mirror.aliyuncs.com"] } EOF sudo systemctl daemon-reload sudo systemctl restart docker
安装kubeadm
- kubeadm:引导集群的命令。
- kubelet:在群集中所有计算机上运行的组件,它执行诸如启动Pod和容器之类的操作。
- kubectl:用于与您的集群通信的命令行工具。
在上述安装 kubeadm 的过程中,kubeadm 和 kubelet、kubectl、kubernetes-cni 这几个二进制文件都会被自动安装好。
阿里提供了镜像,方便大家下载 详情看https://developer.aliyun.com/mirror/kubernetes?spm=a2c6h.13651102.0.0.3e221b11VlJoux
apt-get update && apt-get install -y apt-transport-https curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add - cat <<EOF >/etc/apt/sources.list.d/kubernetes.list deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main EOF apt-get update apt-get install -y kubeadm
提前拉起所需镜像
sudo docker pull registry.aliyuncs.com/google_containers/kube-apiserver:v1.18.2 sudo docker pull registry.aliyuncs.com/google_containers/kube-controller-manager:v1.18.2 sudo docker pull registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.2 sudo docker pull registry.aliyuncs.com/google_containers/kube-proxy:v1.18.2 sudo docker pull registry.aliyuncs.com/google_containers/pause:3.2 sudo docker pull registry.aliyuncs.com/google_containers/etcd:3.4.3-0 sudo docker pull registry.aliyuncs.com/google_containers/coredns:1.6.7
将阿里云的惊喜重新打上tag 让kubuadm可以识别到
sudo docker tag registry.aliyuncs.com/google_containers/kube-apiserver:v1.18.2 k8s.gcr.io/kube-apiserver:v1.18.2 sudo docker tag registry.aliyuncs.com/google_containers/kube-controller-manager:v1.18.2 k8s.gcr.io/kube-controller-manager:v1.18.2 sudo docker tag registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.2 k8s.gcr.io/kube-scheduler:v1.18.2 sudo docker tag registry.aliyuncs.com/google_containers/kube-proxy:v1.18.2 k8s.gcr.io/kube-proxy:v1.18.2 sudo docker tag registry.aliyuncs.com/google_containers/pause:3.2 k8s.gcr.io/pause:3.2 sudo docker tag registry.aliyuncs.com/google_containers/etcd:3.4.3-0 k8s.gcr.io/etcd:3.4.3-0 sudo docker tag registry.aliyuncs.com/google_containers/coredns:1.6.7 k8s.gcr.io/coredns:1.6.7
虚拟机可以开始复制了。
环境说明
- node1 192.168.28.131
- node2 192.168.28.100
- node3 192.168.28.99
集群搭建
创建Master节点
- 查看
Kubernetes版本
kubelet --version Kubernetes v1.18.2
- 查看搭建
k8s所需镜像
kubeadm config images list k8s.gcr.io/kube-apiserver:v1.18.2 k8s.gcr.io/kube-controller-manager:v1.18.2 k8s.gcr.io/kube-scheduler:v1.18.2 k8s.gcr.io/kube-proxy:v1.18.2 k8s.gcr.io/pause:3.2 k8s.gcr.io/etcd:3.4.3-0 k8s.gcr.io/coredns:1.6.7
因为这些都在国外,所以我们要在国内下载,并能让kubuadm识别到,这些镜像是可以在初始化master之前提前下载的。
初始化
sudo systemctl enable docker.service # 启动docker服务 vim /etc/docker/daemon.json # k8s要求cgroups为systemd { "registry-mirrors": ["https://v16stybc.mirror.aliyuncs.com"], "exec-opts": ["native.cgroupdriver=systemd"] }
- Master开搞
sudo kubeadm init # 有些人在初始化的时候就指定了pod的ip等。我们这里还没有安装网络插件 等会我们再弄 先直接初始化 有想了解一下默认值的可以去看官网 # 成功了 Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root: # 加入集群命令 kubeadm join 192.168.28.131:6443 --token 1e0gpf.tnph6fuvlf1rphxy \ --discovery-token-ca-cert-hash sha256:3de217f1be9b6cb646d9fe1b68ed04a49be25103ee33062d6fc63a0ca750ccd5
- 使用集群 普通用户执行
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
- root 用户 执行
export KUBECONFIG=/etc/kubernetes/admin.conf
安装网络插件
Kubernetes为了网络的扩展性,有一套网络插件的接口(CNI),具体流行插件实现有:Flannel、Calico、Canal、Weave 等等
这些网络主要是为我们的Pod提供统一网络
我们这里先选择 Weave,后面再来说一下这些网络插件的差别
- 安装 Weave
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')" kubectl get pods -n kube-system # 查看系统pod是否正常运行 全部正常运行就可以啦 kubectl get pods #能正常运行就代表ok kubectl get pods --all-namespaces # 查看一下网络pod是否正常运行
部署worker节点
worker node很简单,不需要初始化那些master节点的东西,只需安装docker、kubeadm即可。
在node2和node3上执行加入集群命令
kubeadm join 192.168.28.131:6443 --token 1e0gpf.tnph6fuvlf1rphxy \ --discovery-token-ca-cert-hash sha256:3de217f1be9b6cb646d9fe1b68ed04a49be25103ee33062d6fc63a0ca750ccd5
在 Master 上查看集群节点
kubect get nodes
查错命令
# 查看日志 journalctl -f -u kubelet # 删除集群节点 kubectl delete node node3
