Centos服务器相关
Centos8中K8S的安装
2021-08-10 408 0
简介 Centos8中K8S的安装
我的环境
| 环境 | 说明 |
|---|---|
| 宿主机 | windows10(内存16G) |
| vmware | VMware® Workstation 16 Pro |
| centos | v8.03 |
centos 7.6 原版镜像:
链接:https://pan.baidu.com/s/1LBBqxM43yUctfiWv8ysEPw 提取码:l8rx
| 虚拟机 | 说明 |
|---|---|
| 192.168.137.130 | master,2G |
| 192.168.137.129 | node1,2G |
| 192.168.137.131 | node2,2G |
查看CENTOS的内核版本:cat /proc/version
3台centos都要执行的步骤
关闭防火墙
顺序执行命令:
iptables -P INPUT ACCEPT
iptables -F 清除所有规则来暂时停止防火墙: (警告:这只适合在没有配置防火墙的环境中,如果已经配置过默认规则为deny的环境,此步骤将使系统的所有网络访问中断,所以要先执行上面的一步 iptables -P INPUT ACCEPT)
setenforce 0
systemctl stop firewalld
systemctl disable firewalld
装有防火墙selinux需要进行关闭
sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
修改hostname
在终端窗口中输入命令:hostname或uname –n,均可以查看到当前主机名
执行命令: vi /etc/hostname 或 hostnamectl set-hostname master
三机机子IP分别为
主:
192.168.137.130/24 hostnamectl set-hostname master 执行后将本台机子改为master
NODE1:
192.168.137.129/24 hostnamectl set-hostname node1 执行后将本台机子改为node1
NODE2:
192.168.137.131/24 hostnamectl set-hostname node2 执行后将本台机子改为 node2
修改host文件
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.137.130 master
192.168.137.129 node1
192.168.137.131 node2
centos8重启网络
nmcli c reload
nmcli c up ens33
ifconfig 显示或设置网络设备
测试是否连通其它机子
[root@master ~]# ping node1
PING node1 (192.168.137.129) 56(84) bytes of data.
64 bytes from node1 (192.168.137.129): icmp_seq=1 ttl=64 time= 0.794 ms
64 bytes from node1 (192.168.137.129): icmp_seq=2 ttl= 64 time= 0.450 ms
禁用swap
执行命令:
swapoff -a
sed -i 's/.*swap.*/#&/' /etc/fstab
下面一步先不管,好像执行了上面这一句面会的会生效
vi /etc/fstab
找到下面行在前面加一个 # 注释 swap功能
#/dev/mapper/centos-swap swap swap defaults 0 0 #禁用swap自动挂载
注意:刚安装好centos虚拟机时 我在 fstab 文件没有找到这行,我重启了找到,所以如果你没找到的话,可以先继续
下面步骤,因为后面启动出错会有提示让你禁用swap
修改源镜像地址
①安装wget命令 yum -y install wget
②备份系统自带的源镜像地址
Find / -name "CentOS-Linux-BaseOS.repo" cp -v /etc/yum.repos.d/CentOS-Linux-BaseOS.repo /mybak
③下载阿里云的源镜像地址
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo
④生成缓冲 yum clean all 这句是否执行看情况,先不执行
yum -y update 这句也可不执行
yum makecache
安装Docker
CentOS 8中安装Docker出现和Podman冲突
1.查看是否安装 Podman
rpm -q podman
2.删除之后在重新yum install docker-ce下载
dnf remove podman
3.运行下面的代码, 查询执行便可.
yum erase podman buildah
不然呆会安装时会出现报错
problem with installed package buildah-1.15.1-2.module_el8.3.0+475+c50ce30b.x86_64
列出其支持的所有可安装版本
yum list docker-ce --showduplicates | sort -r
安装依赖
yum install -y yum-utils device-mapper-persistent-data lvm2
添加yum仓库
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
安装docker-ce指定版本
yum install -y docker-ce-3:20.10.8-3.el8
设置DOCKER开机运行
systemctl start docker.service
systemctl enable docker.service
查看DOCKER状态
systemctl status docker.service
先查出这个呆会要对
[root@node1 mybak]# docker info|grep Cgroup
Cgroup Driver: cgroupfs Cgroup
Version: 1
有systemd和cgroupfs两种,把kubelet service配置改成与docker一致,这里查出的为cgroupfs,
先不管呆会装完kubelet 后要修改
配置阿里云镜像加速器
cat>>/etc/docker/daemon.json<<EOF
{
"registry-mirrors":[ "https://nyakyfun.mirror.aliyuncs.com" ]
}
EOF
上面执行完后 重启docker生效
执行命令:
systemctl daemon-reload
systemctl restart docker
添加K8s 国内镜像源
cat>>/etc/yum.repos.d/kubrenetes.repo<<EOF
[kubernetes]
name=Kubernetes Repo
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
EOF
安装K8s所需要的3个组件
执行命令:
yum install -y kubeadm kubelet kubectl
说明:
kubeadm:安装工具,使所有的组件都会以容器的方式运行
kubectl:客户端连接K8S API工具
kubelet:运行在node节点,用来启动容器的工具
测试k8s安装
kubelet --version
设置k8s开机自启动
执行命令:
systemctl enable kubelet.service
加载内核模块(这一步暂时不管)
cat>>/etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1
vm.swappiness=0
EOF
然后执行
vi /etc/sysctl.conf 填写: net.ipv4.ip_forward = 1
执行命令: sysctl -p
执行命令:
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- br_netfilter
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
执行命令:
chmod 755 /etc/sysconfig/modules/ipvs.modules
bash /etc/sysconfig/modules/ipvs.modules
lsmod | grep -E "ip_vs|nf_conntrack_ipv4"
上面的步骤需要在3台centos虚拟机都得执行的!
下面的步骤只在master机器上操作
我是用 192.168.137.130 作为 master机器
初始化MATER
(1)解决镜像拉取问题
docker pull coredns/coredns:1.8.4
docker tag coredns/coredns:1.8.4 registry.aliyuncs.com/google_containers/coredns:v1.8.4
docker rmi -f coredns/coredns:1.8.4
(2)vi /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf 添加
这一句先加吧,初始化成功后再去掉,不然在安装flannel 后查询节状态时会出错
Environment="KUBELET_NETWORK_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/ --cni-bin-dir= /opt/cni/bin"
(3)修改docker的配置文件新建/etc/docker/daemon.json 文件,添加以下内容。
{ "exec-opts": ["native.cgroupdriver=systemd"] }
重启docker服务
systemctl daemon-reload
systemctl restart docker
一定要先执行上面3步不然初始化时会出现各种麻烦
初始化说明:
kubeadminit --kubernetes-version= 1.22.0 --apiserver-advertise-address=192.168.137.130
--pod-network-cidr=192.168.0.0/16
--image-repository registry.aliyuncs.com/google_containers --ignore-preflight-errors=Swap
上面的要放在一行内执行
–pod-network-cidr是指配置节点中的pod的可用IP地址,此为内部IP
–apiserver-advertise-address 为master的IP地址 默认端口:6443
–kubernetes-version 通过kubectl version 可以查看到
--image-repository string 拉取镜像的仓库
进行初始化配置 init
kubeadm init --kubernetes-version=1.22.0 --apiserver-advertise-address=192.168.137.130 --pod-network-cidr=192.168.0.0/16 --image-repository registry.aliyuncs.com/google_containers --ignore-preflight-errors=Swap
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
[kubelet-check] Initial timeout of 40s passed.
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.137.130:6443 --token im1s4j.eg0adu0hsxts9t69 \
--discovery-token-ca-cert-hash sha256:3f6e903d3d9dbbfc0ea5c38ef4b5928c8dc13268213e5088ae7e951c685e23f5
到此初始化成功
如果在初始化过程中出现错误,排除错误后,执行下列操作重置
[root@kube-master-2 ~]# kubeadm reset
[root@kube-master-2 ~]# rm -rf /etc/cni/net.d
[root@kube-master-2 ~]# rm -rf $HOME/.kube/config
[root@kube-master-2 ~]# rm -rf /etc/kubernetes/
[root@k8s-master ~]# rm -rf /etc/kubernetes/*
[root@k8s-master ~]# rm -rf ~/.kube/*
[root@k8s-master ~]# rm -rf /var/lib/etcd/*
systemctl daemon-reload
systemctl restart kubelet
安装成功后注意看console上运行的信息
会显示如下的信息 按步执行即可
To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube 说明:递归创建目录,即使上级目录不存在,会按目录层级自动创建目录 sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config chown 需要超级用户 root 的权限才能执行此命令。 只有超级用户和属于组的文件所有者才能变更文件关联组 Alternatively, if you are the root user, you can run: export KUBECONFIG=/etc/kubernetes/admin.conf 2.会显示加入到master的命令,保存下来 把下面的命令拿到 192.168.159.135 工作节点虚拟机上运行 You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ 上面两行暂时先不理它 在节点机子上执行这个 Then you can join any number of worker nodes by running the following on each as root: kubeadm join 192.168.137.130:6443 --token im1s4j.eg0adu0hsxts9t69 \ --discovery-token-ca-cert-hash sha256:3f6e903d3d9dbbfc0ea5c38ef4b5928c8dc13268213e5088ae7e951c685e23f5 如果没有以上信息说明安装失败了! 以上运行成功 检测下 sudo kubectl get nodes 你会发现 Status 是 NotReady,因为没有安装网络插件! 因为上面我们安装的的k8s的版本是 v 1.22.0 安装FILANEL 离线安装 下载成功后 docker load < flanneld-v0.14.0-amd64.docker 然后再次 kubectl apply -f kube-flannel.yml [root@master mybak]# kubectl apply -f kube-flannel.yml Warning: policy/v1beta1 PodSecurityPolicy is deprecated in v1.21+, unavailable in v1.25+ podsecuritypolicy.policy/psp.flannel.unprivileged configured clusterrole.rbac.authorization.k8s.io/flannel created clusterrolebinding.rbac.authorization.k8s.io/flannel created serviceaccount/flannel unchanged configmap/kube-flannel-cfg unchanged daemonset.apps/kube-flannel-ds created 安装成功 kubectl get pods -n kube-system 等 flannel 状态显示 Running后 sudo kubectl get nodes 用kubectl get pods -n kube-system查询后如果显示 [root@master mybak]# kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE coredns-7f6cbbb7b8-gxftg 0/1 Pending 0 8h coredns-7f6cbbb7b8-wgn79 0/1 Pending 0 8h etcd-master 1/1 Running 4 (9m24s ago) 19h kube-apiserver-master 1/1 Running 13 (9m24s ago) 19h kube-controller-manager-master 1/1 Running 26 (9m24s ago) 19h kube-flannel-ds-amd64-2fqht 0/1 Terminating 0 77m kube-flannel-ds-amd64-vdhkg 1/1 Running 7 (9m24s ago) 54m kube-flannel-ds-ff4jt 1/1 Running 1 (9m24s ago) 20m kube-flannel-ds-xlkgh 0/1 Terminating 0 49m kube-proxy-hf5cx 1/1 Running 2 (9m24s ago) 8h kube-proxy-mfx6q 1/1 Running 0 5h15m kube-scheduler-master 1/1 Running 27 (9m24s ago) 19h 查询具体出错原因 [root@master mybak]# kubectl --namespace kube-system logs kube-flannel-ds-amd64-2fqht Error from server: Get " -flannel": dial tcp 192.168.137.129:10250: connect: no route to host [root@master mybak]#
最近更新
热点排行
