1. 环境准备

准备三台虚拟机,建议最小硬件配置:2核CPU、2G内存、20G硬盘 ,可以访问外网,

💡ps:以下命令在三台虚拟机上都要执行一遍,直到kubeadm init

设置虚拟机hostname

sudo hostnamectl set-hostname <hostname>

编辑三台虚拟机的hosts文件,添加如下内容:

192.168.0.130 master

192.168.0.131 slave01

192.168.0.132 slave02

  1. 修改系统配置:

# (1)关闭防火墙
systemctl stop firewalld && systemctl disable firewalld
# (2)关闭selinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
# (3)关闭swap
swapoff -a
sed -i '/swap/s/^\(.*\)$/#\1/g' /etc/fstab
# (4)配置iptables的ACCEPT规则
iptables -F && iptables -X && iptables -F -t nat && iptables -X -t nat && iptables -P FORWARD ACCEPT
# (5)设置系统参数
cat <<EOF >  /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
# 执行如下命令生效
sysctl --system
  1. docker 安装

#1.安装docker依赖
yum install -y yum-utils
#2.设置docker仓库镜像地址
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#3.安装下载20.10.9版本的docker
yum -y install docker-ce-20.10.9 docker-ce-cli-20.10.9 containerd.io docker-compose-plugin
#4.设置docker开机启动
systemctl enable docker && systemctl start docker
#5.配置docker 镜像加速器
vi /etc/docker/daemon.json

{     
    "exec-opts": ["native.cgroupdriver=systemd"],     
    "registry-mirrors": ["https://kn0t2bca.mirror.aliyuncs.com"]
 } 
#6.重启docker服务
systemctl restart docker
  1. kubernetes安装

替换国内镜像源:

cat << EOF > /etc/yum.repos.d/kubernetes.repo 
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg 
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

下载指定版本 kubeadm,kubelet和kubectl

yum install -y kubelet-1.23.0 kubeadm-1.23.0 kubectl-1.23.0
#设置kubelet开机启动
systemctl enable kubelet

💡ps:下面的操作只需要在master节点上执行即可

kubeadm init \
  --apiserver-advertise-address=192.168.0.130 \
  --image-repository registry.aliyuncs.com/google_containers \
  --kubernetes-version v1.23.0 \
  --service-cidr=10.96.0.0/12 \
  --pod-network-cidr=10.244.0.0/16 \
  --ignore-preflight-errors=all

如果kubeadm init失败,重置kubeadm kubeadm reset, 且重新执行d第二步骤的4、5点

初始化完毕,会提示执行如下命令:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

并生成节点jion命令,在子节点上运行,让子节点加入集群

kubeadm join 192.168.0.130:6443 --token 9wtoea.6qjwjb366gjy6i8w \
        --discovery-token-ca-cert-hash sha256:c2ad1c956f5f9c4039b7bf3e28e6305abdcfef12c22637c45bb10fef818e9b9f 

如果子节点加入失败:

[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
[kubelet-check] Initial timeout of 40s passed.
error execution phase kubelet-start: error uploading crisocket: Unauthorized
To see the stack trace of this error execute with --v=5 or higher

重置kubeadm:kubeadm reset,, 且重新执行d第二步骤的4、5点,kill掉10250端口的进程,删除/etc/kubernets目录,执行

 rm /etc/cni/net.d/* -f
systemctl daemon-reload
systemctl restart kubelet

然后重新加入节点

#默认token有效期为24小时,当过期之后,该token就不可用了。这时就需要重新创建token,可以直接使用命令快捷生成:
kubeadm token create --print-join-command

执行kubectl -n kube-system get pod,发现coredns状态一直处于pengding状态,要安装CNI

5.部署容器网络(CNI)

💡 ps:以后所有yaml文件都只在Master节点执行。

Calico是一个纯三层的数据中心网络方案,是目前Kubernetes主流的网络方案。

# 在k8s中安装calico
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

💡ps:最好开启vpn,否则下载可能会失败

# 确认一下calico是否安装成功
kubectl get pods --all-namespaces -w

至此,k8s集群部署完毕。

部署nginx测试

vi nginx-deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx 
# 创建nginx deployment
kubectl apply -f nginx.yaml

vi nginx-svc.yaml

apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  selector:
    app: nginx
  type: NodePort
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
# 创建nginx svc
kubectl apply -f nginx-service.yaml
# 查看服务,状态为Running说明部署成功
kubectl get pod,svc

访问:http://192.168.0.131:31854/

参考: https://blog.csdn.net/JDKSDD/article/details/126500985

Logo

华为开发者空间,是为全球开发者打造的专属开发空间,汇聚了华为优质开发资源及工具,致力于让每一位开发者拥有一台云主机,基于华为根生态开发、创新。

更多推荐