一分钟搞定！最简单的 kubeadm containerd 安装教程，CentOS7.9.2009 快速启动 Kubernetes v1.31.4 单节点集群~

原创已于 2025-01-03 10:17:45 修改 · 187 阅读
CC 4.0 BY-SA版权
文章标签：
#linux #centos #kubernetes #devops #bash #云原生 #容器
于 2025-01-02 16:11:33 首次发布
#!/bin/bash
#起码能上网没问题吧，上不了自己找个代理没问题吧~ 嘿嘿~
#单节点演示一下 记录一下  无论什么版本系统都是一样的操作 
#一定要有耐心 注意看日志即可
#相信自己是最棒的哦
#后面多节点绑定alb ---> apiserver etcd 多集群node kubectl join 都是一样的逻辑 原理
#换汤不换药

#服务器环境 centos7.9 内核 3.10
#[root@3d kubeadm]# cat /etc/redhat-release
#CentOS Linux release 7.9.2009 (Core)
#[root@3d kubeadm]# getenforce
#Disabled
#[root@3d kubeadm]# uname -a
#Linux 3d 3.10.0-1160.el7.x86_64 #1 SMP Mon Oct 19 16:18:59 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
#[root@3d kubeadm]# ping 3d
#PING 3d (192.168.2.96) 56(84) bytes of data.
#64 bytes from 3d (192.168.2.96): icmp_seq=1 ttl=64 time=0.049 ms
#^C
#--- 3d ping statistics ---
#1 packets transmitted, 1 received, 0% packet loss, time 0ms
#rtt min/avg/max/mdev = 0.049/0.049/0.049/0.000 ms
#[root@3d kubeadm]#


# 更新系统并安装必要工具
echo "更新系统并安装必要工具..."
yum update -y
yum install -y yum-utils device-mapper-persistent-data lvm2 bash-completion

# 禁用 SELinux 和防火墙
echo "禁用 SELinux 和防火墙..."
setenforce 0
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
systemctl disable --now firewalld

# 优化系统配置，开启 IP 转发、关闭 swap 等
echo "优化系统配置..."
cat <<EOF | tee /etc/sysctl.d/k8s.conf
vm.swappiness = 0
vm.panic_on_oom = 0
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_syncookies = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-arptables = 1
net.ipv4.ip_forward = 1
net.ipv6.conf.all.disable_ipv6 = 1
net.netfilter.nf_conntrack_max = 2310720
fs.inotify.max_user_instances = 8192
fs.inotify.max_user_watches = 1048576
fs.file-max = 52706963
fs.nr_open = 52706963
EOF
sysctl -p /etc/sysctl.d/k8s.conf

# 加载 br_netfilter 模块
echo "加载 br_netfilter 模块..."
modprobe br_netfilter
lsmod | grep br_netfilter

# 安装 ipset 和 ipvsadm
echo "安装 ipset 和 ipvsadm..."
yum -y install ipset ipvsadm

# 配置 ipvsadm 模块加载方式
echo "配置 ipvsadm 模块加载方式..."
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack
EOF

chmod 755 /etc/sysconfig/modules/ipvs.modules
bash /etc/sysconfig/modules/ipvs.modules
lsmod | grep -e ip_vs -e nf_conntrack

# 安装 Containerd
echo "安装 Containerd..."
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install -y containerd.io

# 配置 Containerd
echo "配置 Containerd..."
mkdir -p /etc/containerd
containerd config default > /etc/containerd/config.toml
#Kubernetes 官方推荐： Kubernetes 官方文档建议在使用 systemd 作为操作系统初始化系统时，将 cgroupDriver 配置为 systemd。这样可以确保资源管理方式与操作系统保持一致，从而避免潜在的问题。
#长远考虑： 未来 Kubernetes 和 containerd 的更新可能进一步加强 cgroupDriver 配置的一致性要求，导致不启用 SystemdCgroup 的配置变得不可用。
#默认配置生成 containerd config default > /etc/containerd/config.toml.default
#/home/containerd-data 我自己的数据目录    自己的根目录够用就删掉使用默认目录

mkdir -p /home/containerd-data
cat >> /etc/containerd/config.toml << EOF
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."swr.cn-north-4.myhuaweicloud.com"]
    endpoint = ["https://swr.cn-north-4.myhuaweicloud.com"]

  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
    endpoint = ["https://swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io"]

[plugins."io.containerd.grpc.v1.cri"]
  systemd_cgroup = true

root = "/home/containerd-data"
state = "/var/run/containerd"
EOF
systemctl enable --now containerd

# 禁用 swap
echo "禁用 swap..."
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

# 安装 Kubernetes 工具
echo "安装 Kubernetes 工具..."
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubeadm-1.31.4

#二进制安装 kubectl 1.31.4
# 1. 下载 kubectl 二进制文件
curl -LO "https://dl.k8s.io/release/v1.31.4/bin/linux/amd64/kubectl"

# 2. 查看下载文件的详细信息
ll  # 查看文件列表（可选，查看下载的文件）

# 3. 查看文件的大小
du -sh kubectl  # 查看下载文件的大小（可选）

# 4. 给 kubectl 添加执行权限
chmod +x kubectl

# 5. 检查 kubectl 版本
kubectl --version  # 查看 kubectl 的版本
kubectl -v  # 以更详细的方式查看版本信息（可选）
kubectl -V  # 另一种查看版本信息的方式（可选）
kubectl version  # 另一种查看 kubectl 版本的命令（可选）



#二进制安装kubelet 1.31.4
# 1. 下载 kubelet 二进制文件
curl -LO "https://dl.k8s.io/release/v1.31.4/bin/linux/amd64/kubelet"

# 2. 给 kubelet 添加执行权限
chmod +x kubelet

# 3. 将 kubelet 移动到 /usr/bin/
sudo mv kubelet /usr/bin/

# 4. 检查 kubelet 版本
kubelet --version

# 5. 配置 kubelet 服务
## 5.1 创建 kubelet 的 systemd 服务文件
sudo tee /usr/lib/systemd/system/kubelet.service > /dev/null <<EOF
[Unit]
Description=kubelet: The Kubernetes Node Agent
Documentation=https://kubernetes.io/docs/
After=network.target

[Service]
ExecStart=/usr/bin/kubelet
Restart=always
RestartSec=10
LimitNOFILE=1048576
TasksMax=infinity
LimitNPROC=infinity
LimitCORE=infinity

[Install]
WantedBy=multi-user.target
EOF

## 5.2 刷新 systemd 配置并启动服务
sudo systemctl daemon-reload  # 刷新 systemd 配置
sudo systemctl start kubelet  # 启动 kubelet 服务
sudo systemctl enable kubelet # 设置 kubelet 开机自启

# 6. 配置 kubelet 配置文件
## 6.1 创建 kubelet 配置文件
sudo mkdir -p /var/lib/kubelet
sudo tee /var/lib/kubelet/config.yaml > /dev/null <<EOF
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
authentication:
  anonymous:
    enabled: false
authorization:
  mode: Webhook
clusterDNS:
  - 10.96.0.10
clusterDomain: cluster.local
cgroupDriver: systemd
containerRuntime: remote
containerRuntimeEndpoint: unix:///var/run/containerd/containerd.sock
kubeletCgroups: /kubelet
cpuManagerReconcilePeriod: 5s
EOF

## 6.2 设置权限
sudo chown root:root /var/lib/kubelet/config.yaml
sudo chmod 644 /var/lib/kubelet/config.yaml

# 7. 重启 kubelet 服务
sudo systemctl restart kubelet

# 8. 查看 kubelet 状态
sudo systemctl status kubelet

# 9. 查看 kubelet 日志
journalctl -u kubelet -f


# 初始化 Kubernetes 集群
echo "初始化 Kubernetes 集群..."
#提前看一下需要哪些镜像
kubeadm config images list

#kubeadm config images list
#I0102 15:39:39.034563   27577 version.go:261] remote version is much newer: v1.32.0; falling back to: stable-1.31
#registry.k8s.io/kube-apiserver:v1.31.4
#registry.k8s.io/kube-controller-manager:v1.31.4
#registry.k8s.io/kube-scheduler:v1.31.4
#registry.k8s.io/kube-proxy:v1.31.4
#registry.k8s.io/coredns/coredns:v1.11.3
#registry.k8s.io/pause:3.10
#registry.k8s.io/etcd:3.5.15-0
#[root@3d kubeadm]# kubeadm version
#kubeadm version: &version.Info{Major:"1", Minor:"31", GitVersion:"v1.31.4", GitCommit:"a78aa47129b8539636eb86a9d00e31b2720fe06b", GitTreeState:"clean", BuildDate:"2024-12-10T11:42:09Z", GoVersion:"go1.22.9", Compiler:"gc", Platform:"linux/amd64"}
#[root@3d kubeadm]#
#
#可以一键命令初始化 
#也可以生成默认yaml进行修改
#kubeadm config print init-defaults > kubeadm-init-default.yaml

kubeadm config images pull --kubernetes-version v1.31.4 --image-repository registry.aliyuncs.com/google_containers --cri-socket unix:///var/run/containerd/containerd.sock
#pull完之后 修改一下tag 名称 方便其能找到
# 为每个镜像重新打标签
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/coredns:v1.11.3 registry.k8s.io/coredns:v1.11.3
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/etcd:3.5.15-0 registry.k8s.io/etcd:3.5.15-0
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/kube-apiserver:v1.31.4 registry.k8s.io/kube-apiserver:v1.31.4
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/kube-controller-manager:v1.31.4 registry.k8s.io/kube-controller-manager:v1.31.4
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/kube-proxy:v1.31.4 registry.k8s.io/kube-proxy:v1.31.4
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/kube-scheduler:v1.31.4 registry.k8s.io/kube-scheduler:v1.31.4
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/pause:3.10 registry.k8s.io/pause:3.10
#查看镜像
ctr -n k8s.io image list
crictl images|grep 1.31.4
ctr -n k8s.io image list|grep 1.31.4
#开始初始化集群
kubeadm init --kubernetes-version v1.31.4 --image-repository registry.aliyuncs.com/google_containers --cri-socket unix:///run/containerd/containerd.sock --v=6 

#此时实时查看 containerd 的日志信息 比如上面 kubeadm config images list 
#显示是需要registry.k8s.io/pause:3.10
#journalctl -u containerd.service -f  error 会显示 pull 3.6的版本
#那么就手动下载一下到本地就可以啦
#crictl pull registry.aliyuncs.com/google_containers/pause:3.6
#ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/pause:3.6 registry.k8s.io/pause:3.6

#journalctl -u containerd.service -f
#一切看日志 看日志说话 不行就重置 重新开始哟~
#kubeadm reset --cri-socket unix:///var/run/containerd/containerd.sock
#

# 配置 kubectl
echo "配置 kubectl..."
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

# 部署 Calico 网络插件
echo "部署 Calico 3.26.1 网络插件..."
curl https://raw.githubusercontent.com/projectcalico/calico/v3.26.0/manifests/calico.yaml -O
#默认是 3.26.0  使用 3.26.1版本的
sed -i 's|docker.io/calico/cni:v3.26.0|swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/cni:v3.26.1|g' calico.yaml
sed -i 's|docker.io/calico/node:v3.26.0|swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/node:v3.26.1|g' calico.yaml
sed -i 's|docker.io/calico/kube-controllers:v3.26.0|swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/kube-controllers:v3.26.1|g' calico.yaml

kubectl apply -f calico.yaml

# 去除控制平面污点，支持单节点集群
echo "去除控制平面污点..."
kubectl taint nodes --all node-role.kubernetes.io/control-plane-

# 验证安装
echo "验证安装..."
kubectl get nodes
kubectl get pods -n kube-system -o wide

#[root@3d kubeadm]# kubectl get pods -n kube-system -o wide
#NAME                                      READY   STATUS    RESTARTS   AGE    IP             NODE   NOMINATED NODE   READINESS GATES
#calico-kube-controllers-bcf9fddb5-7cppp   1/1     Running   0          107m   172.16.30.66   3d     <none>           <none>
#calico-node-9ctr8                         1/1     Running   0          107m   192.168.2.96   3d     <none>           <none>
#coredns-855c4dd65d-9mzzw                  1/1     Running   0          123m   172.16.30.65   3d     <none>           <none>
#coredns-855c4dd65d-qwqwx                  1/1     Running   0          123m   172.16.30.67   3d     <none>           <none>
#etcd-3d                                   1/1     Running   32         123m   192.168.2.96   3d     <none>           <none>
#kube-apiserver-3d                         1/1     Running   31         123m   192.168.2.96   3d     <none>           <none>
#kube-controller-manager-3d                1/1     Running   33         123m   192.168.2.96   3d     <none>           <none>
#kube-proxy-cv62p                          1/1     Running   0          123m   192.168.2.96   3d     <none>           <none>
#kube-scheduler-3d                         1/1     Running   0          123m   192.168.2.96   3d     <none>           <none>
#[root@3d kubeadm]# date
#2025年 01月 02日 星期四 15:54:04 CST
#[root@3d kubeadm]#

#添加一下命令自动补全命令追加环境变量
cat >> /root/.bashrc <<EOF
export CRICTL_SOCKET=/var/run/containerd/containerd.sock
source <(crictl completion bash)
source <(kubectl completion bash)

# env.sh
export KUBECONFIG=~/.kube/config   # 设置 kubeconfig 的路径
export KUBEVERSION=v1.31.4        # 设置 Kubernetes 版本
#设置k8s集群证书通信
export KUBECONFIG=/etc/kubernetes/admin.conf

EOF
source /root/.bashrc


echo "Kubernetes 单节点集群部署完成！"