K8S安装及部署calico(亲测有用[特殊字符])
一、 基础部署(三台均部署)
1. 关闭防火墙并修改网络为aliyun
要保证网络可以使用,可以将DNS的指向修改为114.114.114.114和8.8.8.8这两个。
systemctl stop firewalld && systemctl disable firewalld
sed -i 's/enforcing/disabled/' /etc/selinux/config && setenforce 0
rm -rf /etc/yum.repos.d/*
curl -o /etc/yum.repos.d/aliyun.repo https://mirrors.aliyun.com/repo/Centos-7.repo
2. 添加hosts记录
cat >>/etc/hosts <<EOF
192.168.180.110 k8s-master
192.168.180.120 k8s-node1
192.168.180.130 k8s-node2
EOF
3. 修改主机名称
hostnamectl set-hostname k8s-master && bash
hostnamectl set-hostname k8s-node1 && bash
hostnamectl set-hostname k8s-node2 && bash
4. 配置时间同步
#k8s-master:
yum install chrony -y
vim /etc/chrony.conf
server ntp6.aliyun.com iburst
allow 192.168.0.0/16
systemctl enable chronyd.service
systemctl restart chronyd.service
chronyc sources
chronyc -a makestep
#k8s-node1/k8s-node2:
yum install chrony -y
vim /etc/chrony.conf
server k8s-master iburst
systemctl enable chronyd.service
systemctl restart chronyd.service
chronyc sources
#关闭交换分区
swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab
5. 加载模块并添加ipv4流量传递
modprobe br_netfilter
cat > /etc/sysctl.conf << EOF
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p
6. 安装ipvs
yum install -y conntrack ntpdate ntp ipvsadm ipset iptables curl sysstat libseccomp wget vim net-tools git
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
lsmod | grep -e ip_vs -e nf_conntrack
7. 安装containerd
cat << EOF > /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
modprobe overlay
modprobe br_netfilter
wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#安装docker
yum install -y containerd.io docker-ce docker-ce-cli
mkdir /etc/containerd -p
containerd config default > /etc/containerd/config.toml
#修改文件
vim /etc/containerd/config.toml
SystemdCgroup = false 改为 SystemdCgroup = true
sandbox_image = "k8s.gcr.io/pause:3.6" 改为:
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.6"
#docker加速
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": [
"https://do.nark.eu.org",
"https://dc.j8.work",
"https://docker.m.daocloud.io",
"https://dockerproxy.com",
"https://docker.mirrors.ustc.edu.cn",
"https://docker.nju.edu.cn"
],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
systemctl enable containerd && systemctl start containerd
systemctl enable docker && systemctl start docker
二、 安装k8s(三台均安装)
1. 构建缓存
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
EOF
yum clean all
yum makecache fast
2. 初始化群集(master)
#安装指定版本
yum install -y kubelet-1.23.0-0 kubeadm-1.23.0-0 kubectl-1.23.0-0 --disableexcludes=kubernetes
vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--cgroup-driver=systemd"
systemctl enable kubelet && systemctl start kubelet
#初始化
kubeadm init --kubernetes-version=v1.23.0 --pod-network-cidr=10.244.0.0/16 --image-repository registry.aliyuncs.com/google_containers --apiserver-advertise-address 192.168.180.110
#这个是初始化成功后有显示的
export KUBECONFIG=/etc/kubernetes/admin.conf
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
3. 加入群集
#master初始化成功后将这一段复制到两个节点上加入群集
kubeadm join 192.168.180.110:6443 --token 8zgrg1.dwy5s6rqzzhlkkdl --discovery-token-ca-cert-hash sha256:9dfa30a7a8314887ea01b05cc26e80856bfd253d1a71de7cd5501c42f11c03264. 加入成功后安装calico网络插件(master)
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
kubectl get pod -n kube-system -o wide
这里只需要等待他们全部running即可
kubectl get nodes
包有用的!!!⭐