(240516更新)
基本信息
系统:Debian 12.05
k8s版本:1.30
环境:虚拟机
| 序号 | IP地址 | 域名 | 主机名 |
|---|---|---|---|
| 1 | 192.168.100.12 | k8s-master.$yourname.com | k8s-master |
| 2 | 192.168.100.15 | k8s-node1.yourname.com | k8s-node1 |
| 3 | 192.168.100.16 | k8s-node2.yourname.com | k8s-node2 |
| 4 | 192.168.100.21 | k8s-register.yourname.com | k8s-register |
基本设置
VMware虚拟网络编辑器
ssh设置
sudo apt-get update && apt-get upgrade
sudo apt-get install vim
/etc/ssh/sshd_config
...
PermitRootLogin yes
PubkeyAuthentication no
...
master连通其他node
for i in master node1 node2 register; do ssh-copy-id root@k8s-$i; done
镜像修改国内源
sed -i 's|deb.debian.org|mirrors.aliyun.com|g' /etc/apt/sources.list
静态IP设置
/etc/network/interfaces
其他主机修改IP即可
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
auto ens33
iface ens33 inet static
address 192.168.100.12
netmask 255.255.255.0
gateway 192.168.100.254
search localdomain
nameserver 8.8.8.8
nameserver 114.114.114.114
/etc/init.d/networking restart
主机名和域名
/etc/hostname
k8s-master
/etc/hosts
127.0.0.1 localhost
127.0.1.1 k8s01
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.100.12 k8s-master.$yourname.com k8s-master
192.168.100.15 k8s-node1.$yourname.com k8s-node1
192.168.100.16 k8s-node2.$yourname.com k8s-node2
192.168.100.21 k8s-register.$yourname.com k8s-register
用scp将hosts文件传输到node
for i in node1 node2 register; do scp /etc/hosts root@k8s-$i:/etc/hosts; done
关闭swap
# 关闭当前已启用的swap分区
swapoff -a
#禁用swap设备
sed -i 's/.*swap.*/#&/' /etc/fstab
#内核禁用swap参数
cat >> /etc/sysctl.d/k8s.conf << EOF
vm.swappiness=0
EOF
内核优化
#配置iptables参数,允许流量通过防火墙
cat << EOF | sudo tee /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
EOF
#下载overlay和br_netfilter
sudo modprobe overlay
sudo modprobe br_netfilter
lsmod | grep overlay
lsmod | grrp br_netfilter
#加载k8s.conf
sysctl -p /etc/sysctl.d/k8s.conf
kubeadm安装
更新 apt 包索引并安装使用 Kubernetes apt 仓库所需要的包
sudo apt-get update
# apt-transport-https 可能是一个虚拟包(dummy package);如果是的话,你可以跳过安装这个包
sudo apt-get install -y apt-transport-https ca-certificates curl gpg
下载用于 Kubernetes 软件包仓库的公共签名密钥(阿里云国内源)
# 如果 `/etc/apt/keyrings` 目录不存在,则应在 curl 命令之前创建它,请阅读下面的注释。
# sudo mkdir -p -m 755 /etc/apt/keyrings
curl -fsSL https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
添加 Kubernetes apt 仓库(阿里云国内源)
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb/ /" | tee /etc/apt/sources.list.d/kubernetes.list
更新 apt 包索引,安装 kubelet、kubeadm 和 kubectl,并锁定其版本
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
Docker Engine安装
Debian系统安装Docker Engine | Docker文档
删除旧版本Docker
for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt-get remove $pkg; done
添加密钥和存储库
# 添加Docker的官方GPG密钥:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# 将存储库添加到Apt源:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
安装Docker组件
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
#检验时候安装成功
sudo docker run hello-world
容器环境修改
cat >> /etc/docker/daemon.json << EOF
{
"registry-mirrors":[
"https://registry.docker-cn.com",
"http://hub-mirror.c.163.com",
"https://docker.mirrors.ustc.edu.cn"
],
"insecure-registries":["k8s-register.mugetsu.com"]
"exec-opts":["native.cgroupdriver=systemd"]
}
EOF