Kubernetes集群安装

安装

安装前的准备工作

  1. 修改hostname,因为kubernetes使用hostname来区分集群

    1
    
    sudo vim /etc/hostname
    
  2. 使用docker作为容器运行时,kubernetes支持多种容器运行时,使用docker比较方便。

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    
    cat <<EOF | sudo tee /etc/docker/daemon.json
    {
      "exec-opts": ["native.cgroupdriver=systemd"],
      "log-driver": "json-file",
      "log-opts": {
        "max-size": "100m"
      },
      "storage-driver": "overlay2"
    }
    EOF
    
    sudo systemctl enable docker
    sudo systemctl daemon-reload
    sudo systemctl restart docker
    
  3. 修改iptables的配置,启用"br_netfilter"

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    
    cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
    br_netfilter
    EOF
    
    cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
    net.ipv4.ip_forward=1 # better than modify /etc/sysctl.conf
    EOF
    
    sudo sysctl --system
    
  4. 修改 /etc/fstab,关闭Linux Swap分区,提升kubernetes的性能

    1
    2
    
    sudo swapoff -a
    sudo sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab
    

安装kubeadm

以ubuntu系统为例

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
sudo apt install -y apt-transport-https ca-certificates curl

#新的版本中这个已经是过时的了
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
cat <<EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
#新的版本仅以使用这个
curl -fsSL https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-archive-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-archive-keyring.gpg] https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

sudo apt update
#安装指定的版本,也可以不指定,默认安装最新版
sudo apt install -y kubeadm=1.27.3-00 kubelet=1.27.3-00 kubectl=1.27.3-00
#最好锁定版本
sudo apt-mark hold kubeadm kubelet kubectl

#使用如下的命令验证安装情况
kubeadm version
kubectl version --client

下载 Kubernetes 组件镜像

从Google下载镜像需要魔法,可以使用国内的镜像站,这个使用感觉比较麻烦

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
repo=registry.aliyuncs.com/google_containers

for name in `kubeadm config images list --kubernetes-version v1.27.3`; do

    src_name=${name#k8s.gcr.io/}
    src_name=${src_name#coredns/}

    docker pull $repo/$src_name

    docker tag $repo/$src_name $name
    docker rmi $repo/$src_name
done

也可以使用梯子

1
2
3
4
5
6
7
8
9
sudo systemctl set-environment HTTP_PROXY=127.0.0.1:1080
sudo systemctl set-environment HTTPS_PROXY=127.0.0.1:1080
# 注意,如果设置了proxy,一定要把本机的ip的地址中加入到NO_PROXY
sudo systemctl set-environment NO_PROXY=127.0.0.1,localhost,master,192.168.31.159
sudo systemctl show-environment #查看已经配置的环境变量
sudo systemctl restart containerd.service
sudo kubeadm config images pull


安装master节点

1
kubeadm init  --apiserver-advertise-address=192.168.31.159  --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.27.3  --service-cidr=10.96.0.0/12  --pod-network-cidr=10.244.0.0/16

image-20230711231513323

遇到的问题

container runtime is not running:

需要修改 /etc/containerd/config.toml 配置文件,查看 cri 插件是否被禁用

6443端口没有监听,是因为用的containerd作为容器运行时,这个需要单独配置

默认kubeadm使用的是systemd作为驱动,所以containerd也要配置Systemd。

1
2
3
4
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
...
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
 SystemdCgroup = true

注意,如果是发行版自带的containerd,可能默认的配置文件,不是这样的,可以使用containerd config default > /etc/containerd/config.toml获取默认的配置文件,然后再做修改

安装成功会有如下的提示,根据提示操作即可

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
#Your Kubernetes control-plane has initialized successfully!

#To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

#Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

#You should now deploy a pod network to the cluster.
#Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
#  https://kubernetes.io/docs/concepts/cluster-administration/addons/

#Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.31.159:6443 --token e9uygt.cl9w56si9xje59tt \
	--discovery-token-ca-cert-hash sha256:1852654cb71afc09f5c7ff1895e10a79bc283255d160ffaae21e53c5736c7316

tips

查看日志 journalctl -xe -f /usr/bin/kubelet

运行 kubeadm reset 之后要删除 $HOME/.kube目录

安装网络组件

1
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml