网站导航
> 文档中心 > ubuntu20.04使用kubeadm方式搭建k8s

ubuntu20.04使用kubeadm方式搭建k8s

网友: 文档中心 2022-06-01 09:38:56

ubuntu20.04使用kubeadm方式搭建k8s

系统环境准备

配置主机名

主机名 IP地址master 172.16.131.130node1 172.16.131.131node2 172.16.131.132

配置host解析(每台主机都操作)

1 cat >> /etc/hosts << EOF172.16.131.130 master172.16.131.131 node1172.16.131.132 node2EOF

一:安装docker

1.1安装apt依赖包,用于通过HTTPS来获取仓库

sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common

1.2添加docker的官方GPG密钥

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

curl -fsSL https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/gpg | sudo apt-key add -

1.3设置稳定版仓库

sudo add-apt-repository   "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" #ubuntu官方sudo add-apt-repository   "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"

1.4安装docker-ce

默认安装最新版本(使用指定安装)sudo apt-get update sudo apt-get install -y docker-ce docker-ce-cli containerd.io 指定安装------推荐apt-cache madison docker-ce(列出当前可安装的docker版本)sudo apt install docker-ce=5:19.03.9~3-0~ubuntu-focal docker-ce-cli=5:19.03.9~3-0~ubuntu-focal

1.5配置daemon.json文件,镜像加速

cat > /etc/docker/daemon.json <<EOF{    "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"],     "exec-opts":["native.cgroupdriver=systemd"]}EOFsudo systemctl daemon-reloadsudo service docker restartdocker version  或 docker -v

二:关闭防火墙、swap

2.1防火墙

sudo ufw disable

2.2关闭swap

#/swap.img   none  swap  sw   0    0 #在/etc/fstab文件下配置  将这行注释掉mount -a sudo swapoff -a

三:安装kubelet、kubeadm、kubectl

3.1添加阿里源 ##云平台服务器不需要添加

deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main  #在/etc/apt/sources.list中添加curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -   #添加源的keysudo apt-get update    #更新源

3.2添加 Kubernetes apt 仓库:

echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main"| sudo tee /etc/apt/sources.list.d/kubernetes.list

3.3开始安装

安装指定版本sudo apt updatesudo apt install -y kubectl=1.17.12-00 kubeadm=1.17.12-00 kubelet=1.17.12-00 kubelet --version启动systemctl start kubelet

四:部署master节点(以上操作所有节点都操作)

4.1下载

固定版本安装

sudo docker pull registry.aliyuncs.com/google_containers/kube-proxy:v1.17.12sudo docker pull registry.aliyuncs.com/google_containers/kube-apiserver:v1.17.12sudo docker pull registry.aliyuncs.com/google_containers/kube-controller-manager:v1.17.12sudo docker pull registry.aliyuncs.com/google_containers/kube-scheduler:v1.17.12sudo docker pull registry.aliyuncs.com/google_containers/etcd:3.4.3-0sudo docker pull registry.aliyuncs.com/google_containers/coredns:1.6.5sudo docker pull registry.aliyuncs.com/google_containers/pause:3.1
kubeadm config images list  #获取最新版所需镜像列表

4.2 执行init,初始化k8s

  kubeadm init \  --apiserver-advertise-address=172.16.131.130 \  --image-repository registry.aliyuncs.com/google_containers \  --kubernetes-version v1.19.3 \  --service-cidr=10.1.0.0/16 \  --pod-network-cidr=10.2.0.0/16 \  --service-dns-domain=cluster.local \  --ignore-preflight-errors=Swap \  --ignore-preflight-errors=NumCPU

4.3 创建目录

mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/config

4.4 node节点加入集群

 kubeadm join 172.16.131.130:6443 --token ohe2ri.mehnmyieotwi7cad \>     --discovery-token-ca-cert-hash sha256:bd498e350bbdf474102aa83545bc16d8ed02bc6f9eab47aaa60fee28faf2a848

4.5 部署flannel网络

cat > kube-flannel.yml << EOF---apiVersion: policy/v1beta1kind: PodSecurityPolicymetadata:  name: psp.flannel.unprivileged  annotations:    seccomp.security.alpha.kubernetes.io/allowedProfileNames: docker/default    seccomp.security.alpha.kubernetes.io/defaultProfileName: docker/default    apparmor.security.beta.kubernetes.io/allowedProfileNames: runtime/default    apparmor.security.beta.kubernetes.io/defaultProfileName: runtime/defaultspec:  privileged: false  volumes:  - configMap  - secret  - emptyDir  - hostPath  allowedHostPaths:  - pathPrefix: "/etc/cni/net.d"  - pathPrefix: "/etc/kube-flannel"  - pathPrefix: "/run/flannel"  readOnlyRootFilesystem: false  # Users and groups  runAsUser:    rule: RunAsAny  supplementalGroups:    rule: RunAsAny  fsGroup:    rule: RunAsAny  # Privilege Escalation  allowPrivilegeEscalation: false  defaultAllowPrivilegeEscalation: false  # Capabilities  allowedCapabilities: ['NET_ADMIN', 'NET_RAW']  defaultAddCapabilities: []  requiredDropCapabilities: []  # Host namespaces  hostPID: false  hostIPC: false  hostNetwork: true  hostPorts:  - min: 0    max: 65535  # SELinux  seLinux:    # SELinux is unused in CaaSP    rule: 'RunAsAny'---kind: ClusterRoleapiVersion: rbac.authorization.k8s.io/v1metadata:  name: flannelrules:- apiGroups: ['extensions']  resources: ['podsecuritypolicies']  verbs: ['use']  resourceNames: ['psp.flannel.unprivileged']- apiGroups:  - ""  resources:  - pods  verbs:  - get- apiGroups:  - ""  resources:  - nodes  verbs:  - list  - watch- apiGroups:  - ""  resources:  - nodes/status  verbs:  - patch---kind: ClusterRoleBindingapiVersion: rbac.authorization.k8s.io/v1metadata:  name: flannelroleRef:  apiGroup: rbac.authorization.k8s.io  kind: ClusterRole  name: flannelsubjects:- kind: ServiceAccount  name: flannel  namespace: kube-system---apiVersion: v1kind: ServiceAccountmetadata:  name: flannel  namespace: kube-system---kind: ConfigMapapiVersion: v1metadata:  name: kube-flannel-cfg  namespace: kube-system  labels:    tier: node    app: flanneldata:  cni-conf.json: |    {      "name": "cbr0",      "cniVersion": "0.3.1",      "plugins": [ {   "type": "flannel",   "delegate": {     "hairpinMode": true,     "isDefaultGateway": true   } }, {   "type": "portmap",   "capabilities": {     "portMappings": true   } }      ]    }  net-conf.json: |    {      "Network": "10.2.0.0/16",      "Backend": { "Type": "vxlan"      }    }---apiVersion: apps/v1kind: DaemonSetmetadata:  name: kube-flannel-ds  namespace: kube-system  labels:    tier: node    app: flannelspec:  selector:    matchLabels:      app: flannel  template:    metadata:      labels: tier: node app: flannel    spec:      affinity: nodeAffinity:   requiredDuringSchedulingIgnoredDuringExecution:     nodeSelectorTerms:     - matchExpressions:- key: kubernetes.io/os  operator: In  values:  - linux      hostNetwork: true      priorityClassName: system-node-critical      tolerations:      - operator: Exists effect: NoSchedule      serviceAccountName: flannel      initContainers:      - name: install-cni image: quay.io/coreos/flannel:v0.13.0 command: - cp args: - -f - /etc/kube-flannel/cni-conf.json - /etc/cni/net.d/10-flannel.conflist volumeMounts: - name: cni   mountPath: /etc/cni/net.d - name: flannel-cfg   mountPath: /etc/kube-flannel/      containers:      - name: kube-flannel image: quay.io/coreos/flannel:v0.13.0 command: - /opt/bin/flanneld args: - --ip-masq - --kube-subnet-mgr - --iface=ens33 resources:   requests:     cpu: "100m"     memory: "50Mi"   limits:     cpu: "100m"     memory: "50Mi" securityContext:   privileged: false   capabilities:     add: ["NET_ADMIN", "NET_RAW"] env: - name: POD_NAME   valueFrom:     fieldRef:fieldPath: metadata.name - name: POD_NAMESPACE   valueFrom:     fieldRef:fieldPath: metadata.namespace volumeMounts: - name: run   mountPath: /run/flannel - name: flannel-cfg   mountPath: /etc/kube-flannel/      volumes:      - name: run hostPath:   path: /run/flannel      - name: cni hostPath:   path: /etc/cni/net.d      - name: flannel-cfg configMap:   name: kube-flannel-cfgEOF注:修改配置文件,将128行替换为PodIP,在189行新增加一行指定网卡名vim kube-flannel.yml128: "Network": "10.2.0.0/16",189: - --iface=ens33

4.6 应用资源配置清单

kubectl apply -f kube-flannel.yml

4.7 查看pod状态

 kubectl -n kube-system get pod :正常应该全是running状态

4.8 重置k8s集群(若有需要)

kubeadm resetrm -fr  $HOME/.kube/config

4.9 支持命令补全

apt-get install bash-completion -ysource /usr/share/bash-completion/bash_completionsource /etc/bash_completion.d/kubectl

狗狗宠物资料大全

网络标签:

相关问题