k8s集群搭建

Ethereal Lv4
  2023-07-12 18:28:16 2023-07-12 18:28 Created   2024-01-31 11:43:17 2024-01-31 11:43 Updated  

  1. 更新 apt 包索引并安装使用 Kubernetes apt 仓库所需要的包:

    1
    2
    sudo apt-get update
    sudo apt-get install -y apt-transport-https ca-certificates curl

  2. 下载阿里云公开签名秘钥:

    1
    curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -

  3. 添加 Kubernetes apt 仓库:

    1
    echo "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

  4. 更新 apt 包索引,安装 kubelet、kubeadm 和 kubectl,并锁定其版本:

    1
    2
    3
    sudo apt-get update
    sudo apt-get install -y kubelet kubeadm kubectl # v1.28.4
    sudo apt-mark hold kubelet kubeadm kubectl

  5. 更新containerd

    1
    2
    3
    4
    apt install containerd.io
    # apt install containerd
    rm /etc/containerd/config.toml
    systemctl restart containerd

  6. 配置crictl

    1
    2
    3
    4
    5
    6
    crictl config runtime-endpoint unix:///var/run/containerd/containerd.sock
    crictl config image-endpoint unix:///run/containerd/containerd.sock
    # kubeadm config images list --kubernetes-version v1.28.4 # 查看对应pause容器版本要求
    # 注意:kubeadm启动时会检查更新,因此最终版本大概率不一致。且此处要求的pause和实际kubeadm想要拉取的pause版本也不一致。因此必须查看之后报错的log来确定要拉取的pause版本
    crictl pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.8 # 这里看对应的k8s的要求
    ctr -n k8s.io i tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.8 registry.k8s.io/pause:3.8

  7. 加载网络

    1
    2
    3
    4
    5
    6
    7
    sudo modprobe br_netfilter
    vim /etc/sysctl.conf
    # 添加如下三行
    # net.ipv4.ip_forward = 1
    # net.bridge.bridge-nf-call-ip6tables = 1
    # net.bridge.bridge-nf-call-iptables = 1
    sudo sysctl -p

  8. 初始化节点

  • master

    1
    2
    3
    4
    5
    6
    kubeadm init --image-repository registry.aliyuncs.com/google_containers
    # mkdir -p $HOME/.kube
    # sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
    # sudo chown $(id -u):$(id -g) $HOME/.kube/config
    kubeadm token create --ttl 0 --print-join-command
    # kubectl taint nodes --all node-role.kubernetes.io/control-plane- # 消除主节点taint

  • slave
    (首先关闭安全组)

    1
    2
    kubeadm join 192.168.1.9:6443 --token xp53z0.b5br1yeaje1jw3hl \
          --discovery-token-ca-cert-hash sha256:148caf5c038378b1c8f88a292b8bcf5c5270474645e581153701e0d2199f6e9d

  1. 配置网络

    1
    2
    kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
    vim /run/flannel/subnet.env
    1
    2
    3
    4
    FLANNEL_NETWORK=10.244.0.0/16
    FLANNEL_SUBNET=10.244.0.1/24
    FLANNEL_MTU=1450
    FLANNEL_IPMASQ=true
    1
    vim /etc/kubernetes/manifests/kube-controller-manager.yaml

    添加参数:

    1
    2
    - --allocate-node-cidrs=true
    - --cluster-cidr=10.244.0.0/16

  2. 配置metrics
    https://zhuanlan.zhihu.com/p/611766273 

    1
    wget https://link.zhihu.com/?target=https%3A//github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml

    将镜像地址修改

    1
    image: k8s.gcr.io/metrics-server/metrics-server:v0.6.2

    增加参数

    1
    --kubelet-insecure-tls

  3. 配置应用
    节点搭建:
    https://blog.csdn.net/weixin_51969975/article/details/126308811?spm=1001.2014.3001.5501
    k8s dashboard搭建:
    https://blog.csdn.net/weixin_51969975/article/details/126309401?spm=1001.2014.3001.5501

  4. 其他

    1
    2
    3
    4
    5
    6
    7
    journalctl -xeu kubelet # 查看log
    sudo kubeadm reset # 重置
    # 如果coredns以及service无法正常访问执行下面两条
    sudo systemctl restart containerd
    sudo systemctl restart kubelet
    # 重启后要执行
    sudo modprobe br_netfilter
  • Title: k8s集群搭建
  • Author: Ethereal
  • Created at: 2023-07-12 18:28:16
  • Updated at: 2024-01-31 11:43:17
  • Link: https://ethereal-o.github.io/2023/07/12/k8s集群搭建/
  • License: This work is licensed under CC BY-NC-SA 4.0.
 Comments
On this page
k8s集群搭建