1)机器准备
机器配置建议:
环境 2C4G 50G
准备工作(三台机器都操作)
关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
关闭SeLinux
setenforce 0 当次有效
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config 永久生效
关闭swap
swapoff -a 当次有效
yes | cp /etc/fstab /etc/fstab_bak
vi /etc/fstab #注释下面这swap一行就,永久生效
#/dev/mapper/centos-swap swap
设置主机名
nmtui或vi /etc/hostname
设置/etc/hosts
vi /etc/hosts
192.168.222.101 aminglinux01
192.168.222.102 aminglinux02
192.168.222.103 aminglinux03
将桥接的ipv4流量传递到iptables链
modprobe br_netfilter ##生成bridge相关内核参数
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system # 生效
打开端口转发
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
sysctl -p
时间同步
yum install -y chrony;
systemctl start chronyd;
systemctl enable chronyd
2)安装containerd(三个节点上操作)
先安装yum-utils工具
yum install -y yum-utils
配置Docker官方的yum仓库,如果做过,可以跳过
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
安装containerd
yum install containerd.io -y
启动服务
systemctl enable containerd
systemctl start containerd
生成默认配置
containerd config default > /etc/containerd/config.toml
修改配置
vi /etc/containerd/config.toml
sandbox_image = "registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.8" # 修改为阿里云镜像地址
SystemdCgroup = true # 使用systemd cgroup
重启containerd服务
systemctl restart containerd
3)配置kubernetes仓库(三个节点都操作)
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
说明:kubernetes用的是RHEL7的源,和8是通用的
4)安装kubeadm和kubelet(三个节点都操作)
查看所有版本
yum --showduplicates list kubeadm
安装1.26.2版本
yum install -y kubelet-1.26.2 kubeadm-1.26.2 kubectl-1.26.2
启动kubelet服务
systemctl start kubelet.service
systemctl enable kubelet.service
5)设置crictl连接 containerd(三个节点都操作)
crictl config --set runtime-endpoint=unix:///run/containerd/containerd.sock
6)初始化(master上)
kubeadm init --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers --apiserver-advertise-address=192.168.222.101 --kubernetes-version=v1.26.2 --service-cidr=10.15.0.0/16 --pod-network-cidr=10.18.0.0/16
7)创建目录(master)
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
获取节点信息:
kubectl get node
kubectl get pod --all-namespaces
8)node节点上加入master(两个都执行)
kubeadm join 192.168.222.101:6443 --token 2p7l35.z78ulkjyqbpckkx5 --discovery-token-ca-cert-hash sha256:4b2b7f20e32055fd8ab034ce3f6bbe90afcd248f438a8ce3745cba2463aba3b5
9)安装calico网络(master节点上)
curl https://raw.githubusercontent.com/projectcalico/calico/v3.25.0/manifests/calico.yaml -O
下载完后还需要修改⾥⾯定义 Pod ⽹络(CALICO_IPV4POOL_CIDR),与前⾯ kubeadm init 的 --podnetwork-cidr 指定的⼀样
vi calico.yaml
vim calico.yaml
# - name: CALICO_IPV4POOL_CIDR
# value: "192.168.0.0/16"
# 修改为:
- name: CALICO_IPV4POOL_CIDR
value: "10.18.0.0/16"
部署
kubectl apply -f calico.yaml
查看
kubectl get pods -n kube-system
10) 在K8s里快速部署一个应用
1)创建deployment
kubectl create deployment testdp --image=nginx:1.23.2 ##deploymnet名字为testdp 镜像为nginx:1.23.2
2)查看deployment
kubectl get deployment
3)查看pod
kubectl get pods
4)查看pod详情
kubectl describe pod testdp-786fdb4647-pbm7b
5)创建service,暴漏pod端口到node节点上
kubectl expose deployment testdp --port=80 --type=NodePort --target-port=80 --name=testsvc
6)查看service
kubectl get svc
testsvc NodePort 10.15.232.70 <none> 80:32503/TCP
可以看到暴漏端口为一个大于30000的随机端口,浏览器里访问 192.168.222.101:32503
