K8S经典安装流程
2021-06-20 本文已影响0人
linanwx
在所有机器上运行
机器均为debian
首先安装docker
sudo apt-get update
sudo apt-get install -y \
apt-transport-https \
ca-certificates \
curl \
gnupg \
lsb-release
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo \
"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install -y docker-ce docker-ce-cli containerd.io
sudo mkdir /etc/docker
cat <<EOF | sudo tee /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
sudo usermod -aG docker ${USER}
sudo systemctl restart docker
sudo su ${USER}
此时运行 docker ps -a 无异常,docker安装成功
接下来安装k8s组件
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl
sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
在主节点上运行
接下来初始化控制平面
sudo kubeadm init --apiserver-advertise-address masterip --control-plane-endpoint masterdns --pod-network-cidr 10.244.0.0/16
将输出内容的最后部分保存备用,包括如何配置.kube以及节点的加入命令,并按照提示配置.kube文件
然后初始化网络插件
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
检查pods运行状况是否正常
kubectl get pods -A
在另外一个节点安装k8s组件,然后运行加入节点join命令,该命令在kubeadm init结束时会打印出来
之后检查pods运行状态是否正常
下载dashboad
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml -o dashboard.yaml
编辑dashboard.yaml
在第一处8843下面添加nodePort: 31001,并在上方修改type:NodePort,找到namespace=处在下面添加一行 - --token-ttl=43200
具体可以参见
https://www.huaweicloud.com/articles/dc1dcb0c48cc785a9193c9ce709c8b35.html
创建管理员角色
kubectl create -f https://raw.githubusercontent.com/rootsongjc/kubernetes-handbook/master/manifests/dashboard-1.7.1/admin-role.yaml
应用pod
kubectl apply -f dashboard.yaml
检查端口
sudo lsof -i:31001
获得token
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-token | awk '{print $1}')
访问 https://masterip:31001 并在chrome输入 thisisunsafe,然后输入token
dashboard
