环境准备:
| 角色 | IP | | --------- | ------------------| | master | 192.168.1.11 | | node1 | 192.168.1.12 | | node2 | 192.168.1.13 |
1.关闭防火墙 systemctl stop firewalld systemctl disable firewalld
2.关闭selinux sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久 setenforce 0 # 临时
3.关闭swap swapoff -a # 临时 sed -ri 's/.*swap.*/#&/' /etc/fstab # 永久
4.根据规划设置主机名 hostnamectl set-hostname <hostname>
5.在master添加hosts cat >> /etc/hosts << EOF 192.168.44.146 k8smaster 192.168.44.145 k8snode1 192.168.44.144 k8snode2 EOF
6.将桥接的IPv4流量传递到iptables的链 cat > /etc/sysctl.d/k8s.conf << EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF sysctl --system # 生效
7.时间同步
Cent7及以前版本: yum install ntpdate -y
ntpdate time.windows.com
CentOS8版本:
或许会涉及到修改时区,如果安装时一路默认,可能会遇到此问题
检查现在的时区:timedatectl修改时区为上海:timedatectl set-timezone Asia/Shanghai列出所有时区:timedatectl list-timezones同步时间步骤:
1.yum install -y chrony
2.systemctl start chrony
3.systemctl enable chrony
4.vim /etc/chrony.conf
5.把第一行配置注释掉,在它之下追加
server ntp.aliyun.com iburst server cn.ntp.org.cn iburst6.systemctl restart chronyd.service
7.chronyc sources -v #手动刷新时间
8.date命令,查看当前时间与node节点时间是否保持一致,时间不统一会出问题:
执行命令:kubectl get nodes
报Unable to connect to the server: x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kubernetes")错误
解决办法就是更新系统时间或调整系统时区与本地当前时区一致。
1.安装docker
https://blog.csdn.net/zhao123sun/article/details/108894893
2.添加阿里云YUM软件源
$ cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
3 安装kubeadm,kubelet和kubectl
$ yum install -y kubelet-1.18.0 kubeadm-1.18.0 kubectl-1.18.0 $ systemctl enable kubelet
4. 部署Kubernetes Master(此项仅在master节点执行)
$ kubeadm init \ --apiserver-advertise-address=192.168.44.146 \ --image-repository registry.aliyuncs.com/google_containers \ --kubernetes-version v1.18.0 \ --service-cidr=10.96.0.0/12 \ --pod-network-cidr=10.244.0.0/16
(ps:此处IP地址配master节点IP地址)
启动没问题(包括处理所有警告,没有Error)
执行:Your Kubernetes control-plane has initialized successfully!
这句话的这段命令:
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
ps:仅在master节点执行
使用kubectl get nodes命令查看节点状态,因为当前只配置好了master,所以也只能看到master
然后再在node节点上执行,连接master代码:
kubeadm join 192.168.1.4:6443 --token xemjzd.dg21vgwmdglr6oyf \ --discovery-token-ca-cert-hash sha256:8fad114b44892c675ff61ce0ae37a852f61df72ba33f2a9c4e2bcc27f03a8c32
标红段为加密秘钥,每次生产均不同,要拷贝你自己的执行结果。
以上都执行完,最后需要执行一个配置文件。
可以下载,也可以线上执行。首先确认是否能访问到,如不能,可选择下载到本地进行应用。
kubectl apply -f kube-flannel.yaml
kubectl apply -f https://github.com/lison-lion/ElasticsearchStudy/blob/master/kube-flannel.yaml
至此,全部安装过程结束
以下是测试效果:
kubectl create deployment nginx --image=nginx kubectl expose deployment nginx --port=80 --type=NodePort
部署完成,访问nginx地址,如果配置没问题,就会久违的Welcome NGINX了!
常用查询命令:
例:
NAME STATUS ROLES AGE VERSION master NotReady master 49s v1.18.0
例:
NAME READY STATUS RESTARTS AGE coredns-7ff77c879f-6rpcx 0/1 Pending 0 4m42s coredns-7ff77c879f-x56hn 0/1 Pending 0 4m42s etcd-master 1/1 Running 0 4m46s kube-apiserver-master 1/1 Running 0 4m46s kube-controller-manager-master 1/1 Running 0 4m46s kube-proxy-ftgs4 1/1 Running 0 2m58s kube-proxy-mqh5j 1/1 Running 0 83s kube-proxy-qzxqk 1/1 Running 0 4m42s kube-scheduler-master 1/1 Running 0 4m46s
