把工作节点加入集群(只在工作节点跑)
这时候如果在主节点上执行 kubectl get node 是没有子节点的,如下
把上面保存下来的数据在所有 node 节点上执行
在去执行下面命令就可以看到,多了两个节点 node1、node2
kubectl get node
从上图可以看出,有一个 master节点,两个 node 节点,但是他们的状态是 NotReady 的,这时需要安装网络插件,否则 node 是 NotReady 状态(主节点跑)
安装网络插件 flannel,只在主节点安装
# 很有可能国内网络访问不到这个资源,你可以网上找找国内的源安装 flannel kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
查看节点,要在主节点查看(执行完等会在查看)
安装 calico 网络插件
1.在 master 上下载配置 calico 网络的 yaml
# 注意,你的 k8s 和 calico 版本可能不对应,如果执行 kubectl apply -f calico.yaml 的时候报错,则要重新找对应的 calico 版本 [root@master1 ~]# wget https://docs.projectcalico.org/v3.20/manifests/calico.yaml --no-check-certificate
2.修改 calico.yaml 里的 pod 网段。
搜索 192,大概在 676 行左右,如下
把两个 # 及 # 后面的空格去掉,并把 192.168.0.0/16 改成 10.244.0.0/16 # 这里的 10.244.0.0/16 是你 kubuadm init 时 --pod-network-cidr 的值,这里是 10.244.0.0/16 kubeadm init --apiserver-advertise-address=10.6.215.30 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.23.5 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16
改完后的如下
3.提前下载所需要的镜像。
# 查看此文件用哪些镜像: [root@master1 ~]# grep image calico.yaml image: docker.io/calico/cni:v3.20.5 image: docker.io/calico/cni:v3.20.5 image: docker.io/calico/pod2daemon-flexvol:v3.20.5 image: docker.io/calico/node:v3.20.5 image: docker.io/calico/kube-controllers:v3.20.5
在所有节点(包括master)上把这些镜像下载下来:
# 注意,你的版本可能和我的不一样 for i in calico/cni:v3.20.5 calico/pod2daemon-flexvol:v3.20.5 calico/node:v3.20.5 calico/kube-controllers:v3.20.5 ; do docker pull $i ; done
4.安装 calico 网络
在 master 上执行如下命令:
[root@master1 ~]# kubectl apply -f calico.yaml configmap/calico-config created customresourcedefinition.apiextensions.k8s.io/bgpconfigurations.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/bgppeers.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/blockaffinities.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/clusterinformations.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/felixconfigurations.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/globalnetworkpolicies.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/globalnetworksets.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/hostendpoints.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/ipamblocks.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/ipamconfigs.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/ipamhandles.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/ippools.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/kubecontrollersconfigurations.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/networkpolicies.crd.projectcalico.org created customresourcedefinition.apiextensions.k8s.io/networksets.crd.projectcalico.org created clusterrole.rbac.authorization.k8s.io/calico-kube-controllers created clusterrolebinding.rbac.authorization.k8s.io/calico-kube-controllers created clusterrole.rbac.authorization.k8s.io/calico-node created clusterrolebinding.rbac.authorization.k8s.io/calico-node created daemonset.apps/calico-node created serviceaccount/calico-node created deployment.apps/calico-kube-controllers created serviceaccount/calico-kube-controllers created Warning: policy/v1beta1 PodDisruptionBudget is deprecated in v1.21+, unavailable in v1.25+; use policy/v1 PodDisruptionBudget poddisruptionbudget.policy/calico-kube-controllers created
5:验证结果。
再次在 master 上运行命令 kubectl get node 查看运行结果
[root@master1 ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION master1 Ready control-plane,master 34m v1.23.5 node1 Ready <none> 20m v1.23.5 node2 Ready <none> 20m v1.23.5
6.测试 k8s 集群
[root@master1 ~]# kubectl create deployment nginx --image=nginx deployment.apps/nginx created # 可以看到我们的 pod 都运行了 [root@master1 ~]# kubectl get deploy,pod NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/nginx 1/1 1 1 47s NAME READY STATUS RESTARTS AGE pod/nginx-85b98978db-l75b5 1/1 Running 0 47s