安装k8s 1.28 版本
2023-10-23 本文已影响0人
Joening
安装k8s 1.28 版本
配置hostname解析
echo 10.0.0.11 k8s-master01 >> /etc/hosts
echo 10.0.0.12 k8s-node01 >> /etc/hosts
echo 10.0.0.13 k8s-node02 >> /etc/hosts
关闭selinux 防火墙
systemctl disable firewalld && systemctl stop firewalld
setenforce 0
关闭swap
swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab
加载 overlay br_netfilter
cat > /etc/modules-load.d/k8s.conf <<EOF
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
加载模块
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness = 0
vm.overcommit_memory = 0
EOF
sysctl -p /etc/sysctl.d/k8s.conf
加载ipvs模块
mkdir -pv /etc/sysconfig/modules
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules
bash /etc/sysconfig/modules/ipvs.modules
lsmod | grep -e ip_vs -e nf_conntrack
安装ipvsadm
yum install ipset ipvsadm -y
时间同步
yum install chrony -y
systemctl enable chronyd --now
chronyc sources
安装yum-utils 添加 docker源
yum remove docker*
yum install -y yum-utils
yum-config-manager --add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
安装配置启动docker
yum -y install docker-ce
mkdir -p /etc/docker
cat << 'EOF' > /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": [
"https://docker.mirrors.ustc.edu.cn",
"https://hub-mirror.c.163.com",
"https://reg-mirror.qiniu.com",
"https://registry.docker-cn.com"
]
}
EOF
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["https://ig2l319y.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
systemctl daemon-reload && systemctl enable docker --now
安装配置启动 cri-dockerd
[root@master01 ~]# wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.4/cri-dockerd-0.3.4.amd64.tgz
[root@master01 ~]# tar xf cri-dockerd-0.3.4.amd64.tgz
[root@master01 ~]# mv cri-dockerd/cri-dockerd /usr/local/bin/
cat << 'EOF' > /usr/lib/systemd/system/cri-dockerd.service
[Unit]
Description=CRI Interface for Docker Application Container Engine
Documentation=https://docs.mirantis.com
After=network-online.target firewalld.service docker.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/local/bin/cri-dockerd --pod-infra-container-image=registry.
aliyuncs.com/google_containers/pause:3.9
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
StartLimitBurst=3
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload && systemctl enable cri-dockerd --now
安装启动kubeadm kubectl kubelet
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet-1.28.1 kubeadm-1.28.1 kubectl-1.28.1
systemctl enable kubelet && systemctl start kubelet
查看k8s依赖镜像
kubeadm config images list --kubernetes-version=1.28.1 --image-repository registry.aliyuncs.com/google_containers --cri-socket=unix:///var/run/cri-dockerd.sock
kubeadm config images pull --kubernetes-version=1.28.1 --image-repository registry.aliyuncs.com/google_containers --cri-socket=unix:///var/run/cri-dockerd.sock
初始化集群
kubeadm init \
--apiserver-advertise-address=10.0.0.9 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.28.1 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=192.168.0.0/16 \
--cri-socket=unix:///var/run/cri-dockerd.sock
node节点加入k8s集群
kubeadm join 10.0.0.9:6443 --token spjpcr.9wqs7bcu090ilhvm \
--discovery-token-ca-cert-hash sha256:3940a494ab9fd2e18c55c44905da932939d669cebbd62d0c66138d21d17a3b4e \
--cri-socket=unix:///var/run/cri-dockerd.sock
