环境要求
- 至少2台 2核4G 的服务器
- 不能使用 localhost 作为hostname
- 所有节点网络必须互通
博主这边准备的是 3台 2核4G的ubuntu18.04 虚拟机。
切换apt为阿里云源
- /etc/apt/sources.list
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
修改hostname
vi /etc/hostname
禁用交换内存
这个会导致某个程序占用过多导致机器死机 少用交换内存
swapoff -a
设置桥接流量要求
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
安装docker 这里直接用ubuntu apt的
- docker
apt install docker.io
配置docker阿里云加速
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://9fx2xqey.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
安装kubeadm
- kubeadm:引导集群的命令。
- kubelet:在群集中所有计算机上运行的组件,它执行诸如启动Pod和容器之类的操作。
- kubectl:用于与您的集群通信的命令行工具。
在上述安装 kubeadm 的过程中,kubeadm 和 kubelet、kubectl、kubernetes-cni 这几个二进制文件都会被自动安装好。
阿里提供了镜像,方便大家下载 详情看https://developer.aliyun.com/mirror/kubernetes?spm=a2c6h.13651102.0.0.3e221b11VlJoux
apt-get update && apt-get install -y apt-transport-https
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubeadm
提前拉起所需镜像
sudo docker pull registry.aliyuncs.com/google_containers/kube-apiserver:v1.18.2
sudo docker pull registry.aliyuncs.com/google_containers/kube-controller-manager:v1.18.2
sudo docker pull registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.2
sudo docker pull registry.aliyuncs.com/google_containers/kube-proxy:v1.18.2
sudo docker pull registry.aliyuncs.com/google_containers/pause:3.2
sudo docker pull registry.aliyuncs.com/google_containers/etcd:3.4.3-0
sudo docker pull registry.aliyuncs.com/google_containers/coredns:1.6.7
将阿里云的惊喜重新打上tag 让kubuadm可以识别到
sudo docker tag registry.aliyuncs.com/google_containers/kube-apiserver:v1.18.2 k8s.gcr.io/kube-apiserver:v1.18.2
sudo docker tag registry.aliyuncs.com/google_containers/kube-controller-manager:v1.18.2 k8s.gcr.io/kube-controller-manager:v1.18.2
sudo docker tag registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.2 k8s.gcr.io/kube-scheduler:v1.18.2
sudo docker tag registry.aliyuncs.com/google_containers/kube-proxy:v1.18.2 k8s.gcr.io/kube-proxy:v1.18.2
sudo docker tag registry.aliyuncs.com/google_containers/pause:3.2 k8s.gcr.io/pause:3.2
sudo docker tag registry.aliyuncs.com/google_containers/etcd:3.4.3-0 k8s.gcr.io/etcd:3.4.3-0
sudo docker tag registry.aliyuncs.com/google_containers/coredns:1.6.7 k8s.gcr.io/coredns:1.6.7
虚拟机可以开始复制了。
环境说明
- node1 192.168.28.131
- node2 192.168.28.100
- node3 192.168.28.99
集群搭建
创建Master节点
- 查看
Kubernetes
版本
kubelet --version
Kubernetes v1.18.2
- 查看搭建
k8s
所需镜像
kubeadm config images list
k8s.gcr.io/kube-apiserver:v1.18.2
k8s.gcr.io/kube-controller-manager:v1.18.2
k8s.gcr.io/kube-scheduler:v1.18.2
k8s.gcr.io/kube-proxy:v1.18.2
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.3-0
k8s.gcr.io/coredns:1.6.7
因为这些都在国外,所以我们要在国内下载,并能让kubuadm
识别到,这些镜像是可以在初始化master
之前提前下载的。
初始化
sudo systemctl enable docker.service # 启动docker服务
vim /etc/docker/daemon.json # k8s要求cgroups为systemd
{
"registry-mirrors": ["https://v16stybc.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
- Master开搞
sudo kubeadm init
# 有些人在初始化的时候就指定了pod的ip等。我们这里还没有安装网络插件 等会我们再弄 先直接初始化 有想了解一下默认值的可以去看官网
# 成功了
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
# 加入集群命令
kubeadm join 192.168.28.131:6443 --token 1e0gpf.tnph6fuvlf1rphxy \
--discovery-token-ca-cert-hash sha256:3de217f1be9b6cb646d9fe1b68ed04a49be25103ee33062d6fc63a0ca750ccd5
- 使用集群 普通用户执行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
- root 用户 执行
export KUBECONFIG=/etc/kubernetes/admin.conf
安装网络插件
Kubernetes
为了网络的扩展性,有一套网络插件的接口(CNI),具体流行插件实现有:Flannel
、Calico
、Canal
、Weave
等等
这些网络主要是为我们的Pod
提供统一网络
我们这里先选择 Weave
,后面再来说一下这些网络插件的差别
- 安装 Weave
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
kubectl get pods -n kube-system # 查看系统pod是否正常运行 全部正常运行就可以啦
kubectl get pods #能正常运行就代表ok
kubectl get pods --all-namespaces # 查看一下网络pod是否正常运行
部署worker节点
worker node
很简单,不需要初始化那些master
节点的东西,只需安装docker
、kubeadm
即可。
在node2
和node3
上执行加入集群命令
kubeadm join 192.168.28.131:6443 --token 1e0gpf.tnph6fuvlf1rphxy \
--discovery-token-ca-cert-hash sha256:3de217f1be9b6cb646d9fe1b68ed04a49be25103ee33062d6fc63a0ca750ccd5
在 Master
上查看集群节点
kubect get nodes
查错命令
# 查看日志
journalctl -f -u kubelet
# 删除集群节点
kubectl delete node node3