内核参数永久修改
[root@master ~] vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
[root@master ~]
modprobe br_netfilter
sysctl -p /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
1. 安装docker
https://www.runoob.com/docker/centos-docker-install.html
2. 使用阿里镜像,安装k8s
https://developer.aliyun.com/mirror/kubernetes?spm=a2c6h.13651102.0.0.3e221b11arAkyI
3. 编辑配置文件kubeadm.yaml
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
controllerManager:
extraArgs:
node-monitor-grace-period: "10s"
apiServer:
extraArgs:
runtime-config: "api/all=true"
kubernetesVersion: v1.22.2
imageRepository: registry.aliyuncs.com/google_containers
networking:
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
podSubnet: 10.244.0.0/16
4.执行 kubeadm init --config kubeadm.yaml
5.遇到的问题
5.1拉镜像失败:参考https://www.jianshu.com/p/866f02f67578方法
5.2
...
^@[kubelet-check] It seems like the kubelet isn't running or healthy.
[kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get "http://localhost:10248/healthz": dial tcp [::1]:10248: connect: connection refused.
Unfortunately, an error has occurred:
timed out waiting for the condition
This error is likely caused by:
- The kubelet is not running
- The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled)
If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands:
- 'systemctl status kubelet'
- 'journalctl -xeu kubelet'
Additionally, a control plane component may have crashed or exited when started by the container runtime.
To troubleshoot, list all containers using your preferred container runtimes CLI.
Here is one example how you may list all Kubernetes containers running in docker:
- 'docker ps -a | grep kube | grep -v pause'
Once you have found the failing container, you can inspect its logs with:
- 'docker logs CONTAINERID'
error execution phase wait-control-plane: couldn't initialize a Kubernetes cluster
To see the stack trace of this error execute with --v=5 or higher
执行命令
tail /var/log/messages
上述日志表明:kubelet的cgroup driver是systemd,docker的 cgroup driver是cgroupfs,两者不一致导致kubelet启动失败。
解决方法
编辑 /etc/docker/daemon.json (没有该文件就新建一个),添加如下启动项参数即可:
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
保存上述配置,重启 Docker 即可生效systemctl restart docker
6.执行 kubeadm init --ignore-preflight-errors=all成功
7.kubectl get nodes NotReady
runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized
安装flannel网络
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
8. 其他问题
coredns没有正常运行: "Error adding pod to network" err="open /run/flannel/subnet.env: no such file or directory
https://blog.csdn.net/kwame211/article/details/96032535健康检查失败:Get "http://127.0.0.1:10251/healthz": dial tcp 127.0.0.1:10251: connect: connection refused
https://www.cnblogs.com/potato-chip/p/13973760.htmlKubernetes-kubectl命令出现错误The connection to the server localhost:8080 was refused - did you specif...
https://blog.csdn.net/qq_24046745/article/details/94405188
9. 单节点运行,执行kubectl taint nodes --all node-role.kubernetes.io/master-去除污点
10.k8s命令自动补全
yum install -y bash-completion
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc
