1.设置固定IP
vi /etc/sysconfig/network-scripts/xxxx
BOOTPROTO="static"
IPADDR="192.168.18.128"
GATEWAY="192.168.18.2"
DNS1="8.8.8.8"
DNS2="8.8.4.4"
2. 替换yum 仓库 /etc/yum.repos.d/
使用附件中的CentOS-Base.repo 替换
加入docker-ce.repo和kubernetes.repo
执行下列命令
yum clean all
yum makecache
3.设置时区并同步时间
timedatectl set-timezone Asia/Shanghai
ntpdate time.windows.com
4.设置hostname
hostnamectl set-hostname k8s-master
hostnamectl set-hostname k8s-node1
hostnamectl set-hostname k8s-node2
5.修改hosts vi /etc/hosts
192.168.18.128 k8s-master
192.168.18.129 k8s-node1
192.168.18.130 k8s-node2
6.关闭防火墙
systemctl stop firewalld
systemctl enable firewalld
7. 禁用SELinux和关闭swap
setenforce 0
sed -i 's/enforcing/disabled/' /etc/selinux/config
#sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config
swapoff -a
free
sed -ri 's/.*swap.*/#&/' /etc/fstab
8. 将桥接的IPv4流量传递到iptables的链,直接可以用附件文件替换
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness = 0
EOF
9. 加载br_netfilter模块(开启透明代理)
modprobe br_netfilter
#查看是否加载成功
lsmod | grep br_netfilter
sysctl --system
10.开启ipvs
#安装ipset和ipvsadm
yum -y install ipset ipvsadm
#执行脚本,直接可以用附件文件替换
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
#授权、运行、检查是否加载
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
#检查是否加载
lsmod | grep -e ipvs -e nf_conntrack_ipv4
11.安装container(老版本安装docker)
# 安装containerd
yum install -y containerd.io
# 创建默认配置文件
containerd config default > /etc/containerd/config.toml
# 设置aliyun地址,不设置会连接不上
sed -i "s#registry.k8s.io/pause#registry.aliyuncs.com/google_containers/pause#g" /etc/containerd/config.toml
# 设置驱动为systemd
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
# 设置dicker地址为aliyun镜像地址
vi /etc/containerd/config.toml
# 文件内容为
[plugins."io.containerd.grpc.v1.cri".registry]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://8aj710su.mirror.aliyuncs.com" ,"https://registry-1.docker.io"]
# 重启服务
systemctl daemon-reload
systemctl enable --now containerd
systemctl restart containerd
12.安装kubelet kubeadm kubectl 和crictl工具
# 安装crictl工具
yum install -y cri-tools
# 生成配置文件
crictl config runtime-endpoint
# 编辑配置文件
cat << EOF | tee /etc/crictl.yaml
runtime-endpoint: "unix:///run/containerd/containerd.sock"
image-endpoint: "unix:///run/containerd/containerd.sock"
timeout: 10
debug: false
pull-image-on-create: false
disable-pull-on-run: false
EOF
yum install -y kubelet-1.25.7 kubectl-1.25.7 kubeadm-1.25.7
#启动kubelet
systemctl enable kubelet && systemctl start kubelet
#查看kubelet状态
systemctl status kubelet
13.在master执行初始化(只在master上执行)
kubeadm init --apiserver-advertise-address=192.168.18.128 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.26.0 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16
14.主节点上执行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
15. 子节点上执行
kubeadm join 192.168.18.128:6443 --token g5xt36.o3k393yzue1pe0sk --discovery-token-ca-cert-hash sha256:ec778e1f9cb4227ad4fcbde953de13aa58787dacc6abcc1fe6b2d90c9ffb524a
16.在master配置CNI
kubectl apply -f ./kube-flannel.yml
执行完后,可能安装得等4-5分钟,可在master节点查看所有pod的安装进度
kubectl get pods -n kube-system
#如果等待了很久都还是有pods 没有全部running,可以查看日志
tail -200f /var/log/messages
17.测试
kubectl get node
kubectl get pods -n kube-system
kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get pod,svc
扫一扫
1446
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
