k8s v1.25.0 安装
1.关闭selinux
sed -i "s/^SELINUX=.*/SELINUX=disabled/g" /etc/selinux/config
sed -i "s/^SELINUXTYPE=.*/SELINUXTYPE=targeted/g" /etc/selinux/config
查看配置结果
getenforce
2.关闭交换分区
#设置开机自动关闭分区
swapoff -a
#设置永久禁用分区,打开/etc/fstab文件注释掉带有swap
sed -i 's/.*swap.*/#&/' /etc/fstab
3. 修改内核参数
3.1 #开启网络参数
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
#加载配置
sysctl -p
4. 配置hosts文件
5.docker安装部署(所有节点)
先卸载系统的旧版本
yum remove docker \
docker-common \
docker-selinux \
docker-engine
设置docker仓库为阿里云
yum install -y yum-utils
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
5.1 查看支持哪些docker版本
yum list docker-ce --showduplicates |sort -r
5.2 安装docker社区版
yum -y install docker-ce-20.10.21
5.3 修改docker配置
#设置更多镜像地址
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": [
"https://7mimmp7p.mirror.aliyuncs.com",
"https://registry.docker-cn.com",
"http://hub-mirror.c.163.com",
"https://docker.mirrors.ustc.edu.cn"
],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
}
,
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
5.4 重启docker
systemctl daemon-reload && systemctl restart docker
5.5 配置k8s网络
#配置网络
echo """
vm.swappiness = 0
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
""" > /etc/sysctl.conf
#加载配置
sysctl -p
5.6 开启ipvs
#不开启ipvs将会使用iptables,但是效率低,所以官网推荐需要开通ipvs内核、
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
ipvs_modules="ip_vs ip_vs_lc ip_vs_wlc ip_vs_rr ip_vs_wrr ip_vs_lblc ip_vs_lblcr ip_vs_dh ip_vs_sh ip_vs_nq ip_vs_sed ip_vs_ftp nf_conntrack"
for kernel_module in \${ipvs_modules}; do
/sbin/modinfo -F filename \${kernel_module} > /dev/null 2>&1
if [ $? -eq 0 ]; then
/sbin/modprobe \${kernel_module}
fi
done
EOF
#修改执行权限并执行
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep ip_vs
5.7 安装容器运行时接口cri-docker
rpm -ivh cri-dockerd-0.3.1-3.el7.x86_64.rpm
#重载沙箱(pause)镜像
vi /usr/lib/systemd/system/cri-docker.service
(增加 --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.8)
ExecStart=/usr/bin/cri-dockerd --network-plugin=cni --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.8 --container-runtime-endpoint
启动并设置开机重启cri-docker
systemctl start cri-docker
systemctl enable cri-docker
6 安装kubectl、kubelet、kubeadm组件(所有节点)
添加阿里云的源:
[root@k8s-master ~]# cat >/etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
安装指定版本:
yum install -y kubelet-1.25.0 kubeadm-1.25.0 kubectl-1.25.0
启动kubelet并设置为开机启动
systemctl enable kubelet
systemctl start kubelet
7 主节点部署k8s 初始化
kubeadm init \
--apiserver-advertise-address=192.168.10.128 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.25.0 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16 \
--cri-socket unix:///var/run/cri-dockerd.sock
8 其他节点加入集群
kubeadm join 192.168.10.128:6443 --token 8qaujz.v1ur8wtagip0lqvx \
--discovery-token-ca-cert-hash sha256:bb5d14a343260fc5f71a7cc12e54d40ac0964eae9e7061299773047990755f9d --cri-socket unix:///var/run/cri-dockerd.sock
9 Calico 网络插件
使用桌面的calico.yaml
kubectl apply -f calico.yaml
10 集群状态检测
[root@k8-master home]# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-566654d67d-c74ml 1/1 Running 0 5m21s
kube-system calico-node-z8dwd 1/1 Running 0 5m21s
kube-system calico-node-zk78s 1/1 Running 0 5m21s
kube-system coredns-c676cc86f-gq8cw 1/1 Running 0 12m
kube-system coredns-c676cc86f-qt7vw 1/1 Running 0 12m
kube-system etcd-k8-master 1/1 Running 0 13m
kube-system kube-apiserver-k8-master 1/1 Running 0 12m
kube-system kube-controller-manager-k8-master 1/1 Running 0 12m
kube-system kube-proxy-mkngt 1/1 Running 0 10m
kube-system kube-proxy-q8lzp 1/1 Running 0 12m
kube-system kube-scheduler-k8-master 1/1 Running 0 12m
[root@k8-master home]# kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
k8-master Ready control-plane 13m v1.25.0 192.168.10.128 <none> CentOS Linux 7 (Core) 3.10.0-1160.el7.x86_64 docker://20.10.21
k8-node Ready <none> 10m v1.25.0 192.168.10.129 <none> CentOS Linux 7 (Core) 3.10.0-1160.el7.x86_64 docker://20.10.21
11 附卸载k8s操作
kubeadm reset -f
yum remove -y kubelet kubeadm kubectl
rm -rf ~/.kube/
rm -rf /etc/kubernetes/
rm -rf /etc/systemd/system/kubelet.service.d
rm -rf /etc/systemd/system/kubelet.service
rm -rf /usr/bin/kube*
rm -rf /etc/cni
rm -rf /opt/cni
rm -rf /var/lib/etcd
rm -rf /var/etcd
yum clean all
标签:--,ip,system,etc,yum,v1.25,install,docker,k8s From: https://www.cnblogs.com/vzhangxk/p/17108039.html