Kubeadm 是一个 K8s 部署工具,提供 kubeadm init 和 kubeadm join,用于快速部署 Kubernetes 集群。
官方地址:https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm/
这个工具能通过两条指令完成一个 kubernetes 集群的部署:
1)创建一个 Master 节点 kubeadm init
2)将 Node 节点加入到当前集群中 $ kubeadm join <Master 节点的 IP 和端口 >
一、安装要求
- 一台或多台机器,操作系统 CentOS7.x-86_x64
- 硬件配置:2GB 或更多 RAM,2 个 CPU 或更多 CPU,硬盘 30GB 或更多
- 集群中所有机器之间网络互通
- 可以访问外网,需要拉取镜像
- 禁止 swap 分区
二、准备环境
2.1 三台虚拟机
| 角色 | ip | hostname |
|---|---|---|
| master | 192.168.184.137 | k8s-master |
| worker node | 192.168.184.138 | k8s-node1 |
| worker node | 192.168.184.139 | k8s-node2 |
2.2 linux初始化
2.2.1 关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
2.2.2 关闭selinux
# 永久
sed -i 's/enforcing/disabled/' /etc/selinux/config
# 临时
setenforce 0
2.2.3 关闭swap
swap 分区就是交换分区,(windows平台叫虚拟内存)。在物理内存不够用时,操作系统会从物理内存中把部分暂时不被使用的数据转移到交换分区,从而为当前运行的程序留出足够的物理内存空间。
kubelet 在 1.8 版本以后强制要求 swap 必须关闭。
临时关闭:
swapoff -a
永久关闭 编辑下面文件,注释掉swap那行
vi /etc/fstab
#/dev/mapper/centos-swap swap swap defaults 0 0
# 永久关闭重启linux
reboot
2.2.4 设置主机名
按照前面规划的三台虚拟机主机名:
hostnamectl set-hostname <hostname>
2.2.5 修改Master节点的hosts
vi /etc/hosts
增加以下内容:
192.168.184.137 k8s-master
192.168.184.138 k8s-node1
192.168.184.139 k8s-node2
2.2.7 将桥连的ipv4流量传递到iptables
echo "1" >/proc/sys/net/bridge/bridge-nf-call-iptables
2.2.8 同步时间
yum install ntpdate -y
ntpdate time.windows.com
2.3 安装Docker/kubeadm/kubelet
在三台节点当中分别安装Docker/kubeadm/kubelet
2.3.1安装docker
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum -y install docker-ce-18.06.1.ce-3.el7
systemctl enable docker && systemctl start docker
docker --version
给 docker设置阿里源
vi /etc/docker/daemon.json
添加下面内容:
{
"registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"]
}
2.3.2 添加yum源
vi /etc/yum.repos.d/kubernetes.repo
添加下面内容:
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
2.3.3 安装 kubeadm,kubelet 和 kubectl
yum install -y kubelet-1.18.1-0 kubeadm-1.18.1-0 kubectl-1.18.1-0
systemctl enable kubelet
三、部署节点
3.1 部署Master节点
3.1.1 初始化kubeadm
在192.168.184.137上执行下面的命令:
kubeadm init \
--apiserver-advertise-address=192.168.184.137 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.18.1 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16
执行结果如下,:
... ...
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.184.137:6443 --token cple2x.gieng4q082nrc2ml \
--discovery-token-ca-cert-hash sha256:5bd8349e530333725f7b70f6bce716156f81c337fc9cbb9eed9a68f11436375d
3.1.2 kubectl工具
接下来使用kubectl工具,分别执行以下命令:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get nodes
查看节点:
NAME STATUS ROLES AGE VERSION
k8s-master NotReady control-plane,master 50s v1.21.1
3.1.3 安装pod网络插件(CNI)
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
3.2添加k8s node节点
在执行kubeadm init后,会打印出添加节点的命令:
kubeadm join 192.168.184.137:6443 --token gr4zvu.05mckhlvhve1rrvq --discovery-token-ca-cert-hash sha256:e9bc42fe3b0b6c991b7cb4489a319d8367f862b1034780cf1e0fca81909ef2ec
若果没有记录下来可以使用以下命令查看:
kubeadm token create --print-join-command
如果出现如下问题,可以使用kubeadm reset命令重置:
[preflight] Running pre-flight checks
[WARNING Hostname]: hostname "k8s-node1" could not be reached
[WARNING Hostname]: hostname "k8s-node1": lookup k8s-node1 on 192.168.184.2:53: no such host
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR FileAvailable--etc-kubernetes-kubelet.conf]: /etc/kubernetes/kubelet.conf already exists
[ERROR FileAvailable--etc-kubernetes-pki-ca.crt]: /etc/kubernetes/pki/ca.crt already exists
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
四、集群验证
在 Kubernetes 集群中创建一个 pod,验证是否正常运行,分别执行以下命令:
kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=NodePort
查看:
[root@k8s-master ~]# kubectl get pod,svc
NAME READY STATUS RESTARTS AGE
pod/nginx-6799fc88d8-zx89s 1/1 Running 0 27m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 143m
service/nginx NodePort 10.111.56.177 <none> 80:30880/TCP 27m
分别通过三个节点访问nginx,都得到以下的界面:
http://192.168.184.137:30880
http://192.168.184.138:30880
http://192.168.184.139:30880
结果
