Centos搭建kubernates集群

发表于 | 分类于

1. 前期准备

Master节点和Node节点都需要配置这些准备

1.1 安装docker

删除原先docker

1
2
3
4
5
6
7
8
sudo yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-engine

安装依赖

1
2
3
sudo yum update -y && sudo yum install -y yum-utils \
  device-mapper-persistent-data \
  lvm2

添加官方yum库

1
2
3
sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo

安装docker

1
sudo yum install docker-ce docker-ce-cli containerd.io

开机自启

1
systemctl enable --now docker

1.2 修改docker cgroup驱动

1
2
3
4
5
6
7
8
9
10
11
12
13
cat > /etc/docker/daemon.json <<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ]
}
EOF

重启生效

1
systemctl restart docker

1.3 更换kubernates源

1
2
3
4
5
6
7
8
9
10
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
       http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

关闭SElinux

1
2
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

1.4 安装kubelet kubeadm kubectl

1
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

开机自启kubelet

1
systemctl enable --now kubelet

1.5 设置路由

1
yum install -y bridge-utils.x86_64

加载br_netfilter模块

1
modprobe  br_netfilter
1
2
3
4
cat <<EOF >  /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

重新加载所有配置

1
sysctl --system

关闭防火墙

1
2
3
systemctl disable --now firewalld
systemctl daemon-reload
iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X

k8s要求关闭swap

1
2
3
4
# 关闭swap
swapoff -a && sysctl -w vm.swappiness=0
# 取消开机挂载
sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab

2. 配置Master和Node端

2.1 Master端拉取集群所需镜像

需要翻墙

1
kubeadm config images pull

不翻墙可以尝试下列方法

  1. 列出所需镜像
1
kubeadm config images list

  1. 根据所需镜像名字先拉取国内资源

    1
    2
    3
    4
    5
    6
    7
    docker pull mirrorgooglecontainers/kube-apiserver:v1.14.1
    docker pull mirrorgooglecontainers/kube-controller-manager:v1.14.1
    docker pull mirrorgooglecontainers/kube-scheduler:v1.14.1
    docker pull mirrorgooglecontainers/kube-proxy:v1.14.1
    docker pull mirrorgooglecontainers/pause:3.1
    docker pull mirrorgooglecontainers/etcd:3.3.10
    docker pull coredns/coredns:1.3.1

  2. 修改镜像tag

1
2
3
4
5
6
7
8
9
10
11
docker tag mirrorgooglecontainers/kube-apiserver:v1.14.1 k8s.gcr.io/kube-apiserver:v1.14.1

docker tag mirrorgooglecontainers/kube-controller-manager:v1.14.1 k8s.gcr.io/kube-controller-manager:v1.14.1

docker tag mirrorgooglecontainers/kube-scheduler:v1.14.1 k8s.gcr.io/kube-scheduler:v1.14.1

docker tag mirrorgooglecontainers/kube-proxy:v1.14.1 k8s.gcr.io/kube-proxy:v1.14.1

docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag mirrorgooglecontainers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10
docker tag coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
  1. 删除原来镜像
1
2
3
4
5
6
7
docker rmi mirrorgooglecontainers/kube-apiserver:v1.14.1
docker rmi mirrorgooglecontainers/kube-controller-manager:v1.14.1
docker rmi mirrorgooglecontainers/kube-scheduler:v1.14.1
docker rmi mirrorgooglecontainers/kube-proxy:v1.14.1
docker rmi mirrorgooglecontainers/pause:3.1
docker rmi mirrorgooglecontainers/etcd:3.3.10
docker rmi coredns/coredns:1.3.1

2.2 Node拉取所需镜像

需要翻墙

1
kubeadm config images pull

不需要翻墙的安装方式与上面一样

3. 创建集群

使用kubeadm创建集群,这是在Master节点中需要执行的(至少是2核)

  • –apiserver-advertise-address 是你本机的ip地址
  • –pod-network-cidr 指定pod网络子网,使用fannel网络必须使用这个CIDR,不用改
1
kubeadm init --apiserver-advertise-address 108.61.187.245 --pod-network-cidr 10.244.0.0/16

创建成功后会提示你成功,这时要记录token,我们后面将其他节点加入到该集群中需要使用到它

注意 :如果出现 Error writing Crisocket information for the control-plane node: timed out waiting for the condition
重启 kubeadm 然后再执行init

1
sudo kubeadm reset

设置权限(一条条执行)

1
2
3
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

应用flannel网络

1
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

4. Node节点加入集群

这句话其实就是Master节点执行kubeadm init成功之后输出的最后一句话,我们拿到Node节点中直接执行即可

1
2
kubeadm join 108.61.187.245:6443 --token t0dx7r.jjmf3pnmwj3shbc6 \
    --discovery-token-ca-cert-hash sha256:794376ec13c98bdc0aa0c2f762a4a0864079638eb4665f9397ee68c0187e800b

当看到下面这句话就说明加入成功了

5. 查看节点状态

回到Maser节点,运行下面命令

获取namespace信息

1
kubectl get namespace

查看pod状态

1
kubectl get pods --all-namespaces

查看有多少个节点

1
kubectl get nodes

查看kubelet进程日志

1
journalctl -f -u kubelet

查看所有的token

1
kubeadm token list

创建新的token

1
kubeadm token create
-------------本文结束感谢您的阅读-------------