最近玩k8s,踩了好多坑,自己总结了1.13.1版本的部署过程。希望可以帮助到大家
有问题可以留言
所有操作都在root下操作
Master节点
修改主机名
hostnamectl set-hostname <name>
保证所有软件处于最新
yum -y update
关闭防火墙
systemctl stop firewalld & systemctl disable firewalld
禁用SELINUX
setenforce 0
vi /etc/selinux/config
SELINUX=disabled
创建k8s.conf 文件
vi /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
modprobe br_netfilter //执行命令使修改生效
sysctl -p /etc/sysctl.d/k8s.conf
kube-proxy开启ipvs的前置条件(master,node)
由于ipvs已经加入到了内核的主干,所以为kube-proxy开启ipvs的前提需要加载以下的内核模块
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
安装docker
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
yum makecache fast
yum install -y --setopt=obsoletes=0 \
docker-ce-18.06.1.ce-3.el7
systemctl start docker
systemctl enable docker
修改docker转发策略
vi /lib/systemd/system/docker.service
//在[Service]中添加
ExecStartPost=/sbin/iptables -I FORWARD -s 0.0.0.0/0 -j ACCEPT
//然后重启docker
systemctl daemon-reload
systemctl restart docker
关闭系统的Swap
swapoff -a
vi /etc/fstab //注释掉swap的那一行
修改kubernetes源并安装 kubectl,kubelet,kubedam
vi /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes Repo baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
enabled=1
yum install -y kubelet-1.13.0
yum install -y kubectl-1.13.0
yum install -y kubeadm-1.13.0
systemctl enable kubelet.service //设置所有节点
可以事先将k8s所需要的镜像下载好并修改tag为初始化k8s所需tag
docker pull mirrorgooglecontainers/kube-apiserver-amd64:v1.13.0
docker pull mirrorgooglecontainers/kube-controller-manager-amd64:v1.13.0
docker pull mirrorgooglecontainers/kube-scheduler-amd64:v1.13.0
docker pull mirrorgooglecontainers/kube-proxy-amd64:v1.13.0
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd-amd64:3.2.24
docker pull coredns/coredns:1.2.6
docker tag mirrorgooglecontainers/kube-apiserver-amd64:v1.13.0 k8s.gcr.io/kube-apiserver:v1.13.0
docker tag mirrorgooglecontainers/kube-controller-manager-amd64:v1.13.0 k8s.gcr.io/kube-controller-manager:v1.13.0
docker tag mirrorgooglecontainers/kube-scheduler-amd64:v1.13.0 k8s.gcr.io/kube-scheduler:v1.13.0
docker tag mirrorgooglecontainers/kube-proxy-amd64:v1.13.0 k8s.gcr.io/kube-proxy:v1.13.0
docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag mirrorgooglecontainers/etcd-amd64:3.2.24 k8s.gcr.io/etcd:3.2.24
docker tag coredns/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
初始化k8s
kubeadm init --kubernetes-version=v1.13.0 --apiserver-advertise-address <自己master主机> --pod-network-cidr=10.244.0.0/16
export KUBECONFIG=/etc/kubernetes/admin.conf
/etc/kubernetes/admin.conf
这个文件主要是集群初始化的时候用来传递参数的
其他节点加入
kubeadm join 172.16.119.132:6443 --token 3kcxkv.d64hi78rujporf7i --discovery-token-ca-cert-hash sha256:8903951dd93d04ee76dfc1f75d1a9932f6bd1e902b945060ab00ca46034676b9
此处token来自init成功后的第九步信息 可用kubeadm token list查看
部署flannel网络
wget https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml
//在这里的配置文件yml需要指定集群内部网卡
vi kube-flaneel.yml
- --iface=eth1 //放在 - --kube-subnet-mgr 平级的地方
kubectl apply -f kube-flannel.yml
之后使用 kubect get nodes你就会发现master 显示Ready状态
Node节点基本一致 所需要镜像会稍有区别,
Node节点
yum -y update
systemctl stop firewalld & systemctl disable firewalld
vi /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes Repo
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
enabled=1
curl https://releases.rancher.com/install-docker/17.03.sh | sh
systemctl start docker & systemctl enable docker
swapoff -a
#注释掉含swapoff的一行
vi /etc/fstab
yum install -y kubectl-1.13.0
yum install -y kubelet-1.13.0
yum install -y kubeadm-1.13.0
docker pull mirrorgooglecontainers/kube-proxy-amd64:v1.13.0
docker pull coredns/coredns:1.2.6
docker pull mirrorgooglecontainers/pause:3.1
docker pull quay-mirror.qiniu.com/coreos/flannel:v0.11.0-amd64
docker tag mirrorgooglecontainers/kube-proxy-amd64:v1.13.0 k8s.gcr.io/kube-proxy:v1.13.0
docker tag coredns/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag quay-mirror.qiniu.com/coreos/flannel:v0.11.0-amd64 quay.io/coreos/flannel:v0.11.0-amd64
此处的jon是自己master节点init成功后的信息
kubeadm join 172.16.119.132:6443 --token 3kcxkv.d64hi78rujporf7i --discovery-token-ca-cert-hash sha256:8903951dd93d04ee76dfc1f75d1a9932f6bd1e902b945060ab00ca46034676b9
