安装说明: 基础环境配置、安装docker、安装cri-docker、安装k8s软件依赖包 需要在所有机器都执行。
基础环境配置
修改主机名:
hostnamectl set-hostname master1
hostnamectl set-hostname node1
hostnamectl set-hostname node2
优化:
# 有内部源不用修改
#mkdir /etc/yum.repos.d/backup && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/backup
#curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
#curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
#关闭firewalld
systemctl disable firewalld && systemctl stop firewalld
#关闭selinux
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
setenforce 0
yum -y install bash-completion.noarch net-tools vim wget lrzsz
安装docker
卸载旧版本docker
yum remove -y docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-engine docker-selinux docker-ce
# 配置阿里云docker 源,安装新版本docker和docker依赖
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum -y install docker-ce docker-ce-cli
# 内核参数优化
cat >> /etc/sysctl.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-arptables = 1
EOF
sysctl -p
安装cri-docker
# 下载cri-docker安装包或者二进制包
yum -y localinstall cri-dockerd-0.3.14-3.el7.x86_64.rpm
systemctl stop cri-docker.service cri-docker.socket
systemctl disable cri-docker.service cri-docker.socket
mv /usr/lib/systemd/system/cri-docker.service /usr/lib/systemd/system/cri-docker.bak
mv /usr/lib/systemd/system/cri-docker.socket /usr/lib/systemd/system/cri-docker-socket.bak
cat > /usr/lib/systemd/system/cri-dockerd.service<<-EOF
[Unit]
Description=CRI Interface for Docker Application Container Engine
Documentation=https://docs.mirantis.com
After=network-online.target firewalld.service docker.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/bin/cri-dockerd --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.9 --network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin --container-runtime-endpoint=unix:///var/run/cri-dockerd.sock --cri-dockerd-root-directory=/var/lib/dockershim --docker-endpoint=unix:///var/run/docker.sock --cri-dockerd-root-directory=/var/lib/docker
ExecReload=/bin/kill -s HUP
TimeoutSec=0
RestartSec=2
Restart=always
StartLimitBurst=3
StartLimitInterval=60s
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
EOF
cat > /usr/lib/systemd/system/cri-dockerd.socket <<-EOF
[Unit]
Description=CRI Docker Socket for the API
PartOf=cri-docker.service
[Socket]
ListenStream=/var/run/cri-dockerd.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker
[Install]
WantedBy=sockets.target
EOF
systemctl daemon-reload
systemctl enable --now cri-dockerd.service docker.service
安装k8s软件依赖包
# 安装k8s
cat <<EOF | tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.28/rpm/
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.28/rpm/repodata/repomd.xml.key
EOF
yum clean all
yum makecache
yum install -y kubelet kubeadm kubectl ipvsadm ipset conntrack
systemctl enable kubelet
master节点初始化
# 初始化,修改apiserver-advertise-address IP地址为master主机IP
kubeadm init --kubernetes-version=1.28.11 --apiserver-advertise-address=10.23.159.198 --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=Swap --cri-socket=unix:///var/run/cri-dockerd.sock
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
添加worker节点
# 添加worker节点。改成自己的
kubeadm join 192.168.6.55:6443 --token e6qcy9.2vm8smdoj2hzikh1 \
--discovery-token-ca-cert-hash sha256:51cd8bb180c8efec8a1e529a3e572a7cc998652664dcb8c53a9ac1776ad38c5c --cri-socket=unix:///var/run/cri-dockerd.sock
启动calico容器
vim calico.yaml
找的CALICO_IPV4POOL_CIDR配置修改:
# 修改第二行
- name: CALICO_IPV4POOL_CIDR
value: "10.244.0.0/16"
# 添加下面2行
- name: IP_AUTODETECTION_METHOD
value: "interface=eth.*"
kubectl apply -f calico.yaml
安装nfs
yum -y install nfs-utils
mkdir /data/volumes/share -p
# 根据服务器网段修改IP范围
echo "/data/volumes 192.168.6.0/24(rw,no_root_squash,no_all_squash,async,anonuid=501,anongid=501)" >> /etc/exports
systemctl start nfs-server && systemctl enable nfs-server
配置nfs-client-provisioner
kubectl apply -f nfs-client-provisioner.yaml
添加动态存储
kubectl apply -f nfs-sc.yaml
启动演示服务
kubectl apply -f nginx-demo.yaml
参考:
评论区