Kuebernetes 群集基于 Docker 部署
实验报告
资源列表
| 主机 | 操作系统 | IP | 配置 |
|---|---|---|---|
| master | CentOS7 | 192.168.72.131 | 2C4G |
| node1 | CentOS7 | 192.168.72.132 | 2C4G |
| node2 | CentOS7 | 192.168.72.133 | 2C4G |
基础环境
- 所有环境都要操作
- 关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
- 关闭内核安全机制
setenforce 0
sed -i "s/^SELINUX=.*/SELINUX=disabled/g" /etc/selinux/config
- 关闭 swap
[root@master ~]# free -h
total used free shared buff/cache available
Mem: 3.7G 154M 3.4G 11M 126M 3.3G
Swap: 3.9G 0B 3.9G
# 临时关闭
swapoff -a
# 永久关闭
sed -i 's/.*swap.*/#&/g' /etc/fstab
[root@master ~]# free -h
total used free shared buff/cache available
Mem: 3.7G 152M 3.4G 11M 127M 3.4G
Swap: 0B 0B 0B
- 修改主机名
hostnamectl set-hostname master
hostnamectl set-hostname node1
hostnamectl set-hostname node2
- CentOS7已经停止维护了,这里我用的是华为源
# 阿里
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
# 网易
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo
# 华为
curl -o /etc/yum.repos.d/CentOS-Base.repo https://repo.huaweicloud.com/repository/conf/CentOS-7-anon.repo
- 添加 hosts 解析
cat >> /etc/hosts << EOF
192.168.72.131 master
192.168.72.132 node1
192.168.72.133 node2
EOF
- 时间同步
yum -y install chrony
systemctl enable chronyd --now
systemctl restart chronyd
chronyc sources -v
- 桥接的 IPv4 流量传递到 iptables 的链
modprobe overlay
modprobe br_netfilter
cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
sysctl --system
一、准备 Docker
- 所有节点都要操作
1、安装 Docker
1.方案一
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: 添加软件源信息
sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# Step 3
sudo sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
# Step 4: 更新并安装Docker-CE
sudo yum makecache fast
sudo yum -y install docker-ce
2.方案二
# 上传软件包 docker-ce-24.0.7.rpm.tar.gz
tar zxf docker-ce-24.0.7.rpm.tar.gz
cd docker-ce-24.0.7.rpm
yum -y localinstall *
# 启动服务
systemctl start docker
systemctl enable docker
2、配置 Docker
# 设置驱动
cat > /etc/docker/daemon.json << EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": ["https://cf-workers-docker-io-8jv.pages.dev"]
}
EOF
systemctl daemon-reload
systemctl restart docker
二、安装 Kubeadm 工具
- 所有节点都要操作
1、配置 yum 源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
2、安装 Kubeadm 工具
# 这里指定了版本号,若需要其他版本的可自行更改
yum install -y kubelet-1.23.0 kubeadm-1.23.0 kubectl-1.23.0
systemctl enable kubelet
三、初始化 Master 节点
- Master 节点操作即可
[root@master ~]# ls
anaconda-ks.cfg kubernetes_images_1.23.tar.gz
[root@master ~]# docker load < kubernetes_images_1.23.tar.gz
# --apiserver-advertise-address指定当前节点的IP
# --kubernetes-version指定版本号要与安装的版本一致
kubeadm init \
--apiserver-advertise-address=192.168.72.131 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.23.0 \
--service-cidr=10.1.0.0/16 \
--pod-network-cidr=10.244.0.0/16
1、配置 Master 节点
# 初始化成功以后要根据提示执行以下3条命令,才可以操作集群
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
2、常见故障
# 如果kubelet报以下错误可以尝试执行yum -y install systemd把systemd更新一下
11月 24 16:39:53 master kubelet[24746]: E1124 16:39:53.511808 24746 node_container_manager_linux.go:61] "Failed to create cgroup" err="Cannot set property TasksAccounting, or unknown property." cgroupName=[kubepods]
11月 24 16:39:53 master kubelet[24746]: E1124 16:39:53.511848 24746 kubelet.go:1431] "Failed to start ContainerManager" err="Cannot set property TasksAccounting, or unknown property."
# 如果第一次初始化没有成功,可以使用kubeadm reset重置一下
四、Node 节点加入集群
- 所有 Node 节点操作
# 在master节点初始化的时候返回信息中最后的命令就是node节点加入集群的命令,将该命令复制到node节点执行即可
kubeadm join 192.168.72.131:6443 --token t91n8f.7nk8h1hayi0sqf8h \
--discovery-token-ca-cert-hash sha256:6a4340629b2333076a33ff1942e95641179247ae6f4cc6c56539241eaead49a3
# 如果加入集群的命令找不到了可以在master节点生成一个
[root@master ~]# kubeadm token create --print-join-command
五、部署网络插件(CNI)
- Master 节点操作
# 上传 kube-flannel.yaml
[root@master ~]# kubectl apply -f kube-flannel.yaml
namespace/kube-flannel created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds created
六、验证
1、查看节点状态
[root@master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
master Ready control-plane,master 14m v1.23.0
node1 Ready <none> 7m36s v1.23.0
node2 Ready <none> 7m34s v1.23.0
2、查看集群组件状态
[root@master ~]# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
etcd-0 Healthy {"health":"true","reason":""}
scheduler Healthy ok
3、查看集群中所有命名空间下的 Pod
[root@master ~]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-flannel kube-flannel-ds-thq5p 1/1 Running 0 2m12s
kube-flannel kube-flannel-ds-vx8jd 1/1 Running 0 2m12s
kube-flannel kube-flannel-ds-wqsm6 1/1 Running 0 2m12s
kube-system coredns-6d8c4cb4d-5fwct 1/1 Running 0 14m
kube-system coredns-6d8c4cb4d-jph5p 1/1 Running 0 14m
kube-system etcd-master 1/1 Running 0 14m
kube-system kube-apiserver-master 1/1 Running 0 14m
kube-system kube-controller-manager-master 1/1 Running 0 14m
kube-system kube-proxy-5zwhr 1/1 Running 0 7m34s
kube-system kube-proxy-6ntkf 1/1 Running 0 14m
kube-system kube-proxy-psgx4 1/1 Running 0 7m32s
kube-system kube-scheduler-master 1/1 Running 0 14m
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
