Kubernetes安装指南

kolbe 2021年10月30日 245次浏览

1、配置规划

节点类型节点名称IP地址操作系统服务器配置
Mastermaster1192.168.0.1CentOS 7.98核CPU,16G内存,100G硬盘
Nodenode1192.168.0.2CentOS 7.98核CPU,16G内存,100G硬盘
Nodenode2192.168.0.3CentOS 7.98核CPU,16G内存,100G硬盘

2、修改Hostname(Master & Node)

$ hostnamectl set-hostname master1
$ hostnamectl set-hostname node1
$ hostnamectl set-hostname node2

$ vim /etc/hosts

192.168.0.1     master1
192.168.0.2     node1
192.168.0.3     node2

3、设置免密登陆(Master & Node)

1)Node1

$ ssh-keygen -t rsa
$ cp ~/.ssh/id_rsa.pub ~/.ssh/node1_id_rsa.pub
$ scp ~/.ssh/node1_id_rsa.pub master:~/.ssh/

2)Node2

$ ssh-keygen -t rsa
$ cp ~/.ssh/id_rsa.pub ~/.ssh/node2_id_rsa.pub
$ scp ~/.ssh/node2_id_rsa.pub master:~/.ssh/

3)Master

$ ssh-keygen -t rsa
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
$ cat ~/.ssh/slave1_id_rsa.pub >> ~/.ssh/authorized_keys
$ cat ~/.ssh/slave2_id_rsa.pub >> ~/.ssh/authorized_kyes

-- 拷贝文件至slave1及slave2
$ scp ~/.ssh/authorized_keys node1:~/.ssh
$ scp ~/.ssh/authorized_keys node2:~/.ssh

4、安装基础组件(Master & Node)

$ yum -y install yum-utils

$ yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

$ yum makecache fast

$ yum -y install docker-ce

$ systemctl start docker

yum-config-manager 用法参考:https://www.cnblogs.com/G-Aurora/p/13166168.html

5、配置安装源地址(Master & Node)

$ vim /etc/yum.repos.d/Kubernetes.repo

[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

6、安装Kubernetes的关键组件(Master & Node)

$ setenforce 0

# 安装最新版使用 yum install -y kubelet kubeadm kubectl
$ yum install -y kubelet-1.15.12 kubeadm-1.15.12 kubectl-1.15.12

$ systemctl enable kubelet && systemctl start kubelet

7、查看镜像版本(Master)

$ kubeadm config images list

I1101 23:32:57.801551   16075 version.go:248] remote version is much newer: v1.22.3; falling back to: stable-1.15
k8s.gcr.io/kube-apiserver:v1.15.12
k8s.gcr.io/kube-controller-manager:v1.15.12
k8s.gcr.io/kube-scheduler:v1.15.12
k8s.gcr.io/kube-proxy:v1.15.12
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.3.10
k8s.gcr.io/coredns:1.3.1

8、手动拉取镜像(Master & Node)

$ docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.15.12
$ docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.15.12 k8s.gcr.io/kube-apiserver:v1.15.12

$ docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.15.12
$ docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.15.12 k8s.gcr.io/kube-controller-manager:v1.15.12

$ docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.15.12
$ docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.15.12 k8s.gcr.io/kube-scheduler:v1.15.12

$ docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.15.12
$ docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.15.12 k8s.gcr.io/kube-proxy:v1.15.12

$ docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1
$ docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 k8s.gcr.io/pause:3.1

$ docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.10
$ docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10

$ docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.3.1
$ docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1

9、指定版本初始化(Master)

$ kubeadm init --kubernetes-version=1.15.12 --pod-network-cidr 10.244.0.0/16


Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.0.1:6443 --token d3thnv.vydec6lgryigrtm3 \
    --discovery-token-ca-cert-hash sha256:123127b71ec0f8072e9f2255420a638bc5960147efadd5fad08625e2fab0ab0f

10、执行初始化指令(Master)

  $ mkdir -p $HOME/.kube
  $ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  $ sudo chown $(id -u):$(id -g) $HOME/.kube/config

11、查看集群状态(Master)

$ kubectl get nodes

NAME      STATUS     ROLES    AGE   VERSION
master1   NotReady   master   10m   v1.15.12

12、根据提示将Node加入集群(Node)

$ kubeadm join 192.168.0.1:6443 --token d3thnv.vydec6lgryigrtm3 \
    --discovery-token-ca-cert-hash sha256:123127b71ec0f8072e9f2255420a638bc5960147efadd5fad08625e2fab0ab0f
    

[preflight] Running pre-flight checks
	[WARNING Service-Docker]: docker service is not enabled, please run 'systemctl enable docker.service'
	[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
	[WARNING SystemVerification]: this Docker version is not on the list of validated versions: 20.10.10. Latest validated version: 18.09
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.15" ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Activating the kubelet service
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

13、安装Pod网络插件(Master)

$ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

14、将Master的admin.conf拷到Node1和Node2节点上

$ scp /etc/kubernetes/admin.conf root@node1:/etc/kubernetes/

$ scp /etc/kubernetes/admin.conf root@node2:/etc/kubernetes/

15、当Node处理NotReady时,可以通过指令查看报错日志(Master)

# 通过kube-system查看pod状态
$ kubectl get pod -n kube-system

# 通过kubectl describe pod -n kub-system <服务名> 查看报错日志
$ kubectl describe pod -n kube-system kube-flannel-ds-t2jqq