一、主机准备
| 主机名 | NAT IP | 系统 | 配置 |
| k8s-master | 192.168.1.201 | ubuntu 18.04.6 | 2C2G |
| k8s-node01 | 192.168.1.202 | ubuntu 18.04.6 | 2C2G |
| k8s-node02 | 192.168.1.203 | ubuntu 18.04.6 | 2C2G |
二、前提
主机配置好网络、ntp,关闭ufw,swap,安装好containerd,runc服务
三、安装步骤
master、node01、node02均运行:
转发 IPv4 并让 iptables 看到桥接流量
执行下述指令:
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf overlay br_netfilter EOF sudo modprobe overlay sudo modprobe br_netfilter # 设置所需的 sysctl 参数,参数在重新启动后保持不变 cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 EOF # 应用 sysctl 参数而不重新启动 sudo sysctl --system
通过运行以下指令确认 br_netfilter 和 overlay 模块被加载:
lsmod | grep br_netfilter lsmod | grep overlay
通过运行以下指令确认 net.bridge.bridge-nf-call-iptables、net.bridge.bridge-nf-call-ip6tables 和 net.ipv4.ip_forward 系统变量在你的 sysctl 配置中被设置为 1:
sysctl net.bridge.bridge-nf-call-iptables net.bridge.bridge-nf-call-ip6tables net.ipv4.ip_forward
配置containerd systemd cgroup 驱动
结合 runc 使用 systemd cgroup 驱动,在 /etc/containerd/config.toml (没有的就手动生成)中设置:
containerd config default > /etc/containerd/config.toml
#编辑配置文件
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
...
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true
#重启并启用 containerd 服务
systemctl daemon-reload
systemctl restart containerd
systemctl enable containerd
安装 kubeadm、kubelet 和 kubectl
安装 CNI 插件(大多数 Pod 网络都需要):
CNI_PLUGINS_VERSION="v1.1.1"
ARCH="amd64"
DEST="/opt/cni/bin"
sudo mkdir -p "$DEST"
curl -L "https://github.com/containernetworking/plugins/releases/download/${CNI_PLUGINS_VERSION}/cni-plugins-linux-${ARCH}-${CNI_PLUGINS_VERSION}.tgz" | sudo tar -C "$DEST" -xz
定义要下载命令文件的目录。说明:
DOWNLOAD_DIR 变量必须被设置为一个可写入的目录。
DOWNLOAD_DIR="/usr/local/bin" sudo mkdir -p "$DOWNLOAD_DIR"
安装 crictl(kubeadm/kubelet 容器运行时接口(CRI)所需)
CRICTL_VERSION="v1.25.0"
ARCH="amd64"
curl -L "https://github.com/kubernetes-sigs/cri-tools/releases/download/${CRICTL_VERSION}/crictl-${CRICTL_VERSION}-linux-${ARCH}.tar.gz" | sudo tar -C $DOWNLOAD_DIR -xz
创建crictl配置文件:/etc/crictl.yaml。修改crictl默认配置,把runtime-endpoint和image-endpoint指向containerd
vim /etc/crictl.yaml
runtime-endpoint: unix:///run/containerd/containerd.sock image-endpoint: unix:///run/containerd/containerd.sock timeout: 2 debug: true pull-image-on-create: false
安装 kubeadm、kubelet并添加 kubelet 系统服务:
RELEASE="$(curl -sSL https://dl.k8s.io/release/stable.txt)"
ARCH="amd64"
cd $DOWNLOAD_DIR
sudo curl -L --remote-name-all https://dl.k8s.io/release/${RELEASE}/bin/linux/${ARCH}/{kubeadm,kubelet}
sudo chmod +x {kubeadm,kubelet}
RELEASE_VERSION="v0.4.0"
curl -sSL "https://raw.githubusercontent.com/kubernetes/release/${RELEASE_VERSION}/cmd/kubepkg/templates/latest/deb/kubelet/lib/systemd/system/kubelet.service" | sed "s:/usr/bin:${DOWNLOAD_DIR}:g" | sudo tee /etc/systemd/system/kubelet.service
sudo mkdir -p /etc/systemd/system/kubelet.service.d
curl -sSL "https://raw.githubusercontent.com/kubernetes/release/${RELEASE_VERSION}/cmd/kubepkg/templates/latest/deb/kubeadm/10-kubeadm.conf" | sed "s:/usr/bin:${DOWNLOAD_DIR}:g" | sudo tee /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
激活并启动 kubelet:
systemctl enable --now kubelet
安装工具conntrack
sudo apt-get install conntrack
kubeadm init初始化管理平面
master执行
kubeadm init --apiserver-advertise-address 192.168.1.201 --apiserver-bind-port 6443 --cri-socket=/run/containerd/containerd.sock --cri-socket=/run/containerd/containerd.sock -–pod-network-cidr=10.244.0.0/16
完成如上图,可以执行如下命令让其他节点加入集群。
kubeadm join 192.168.1.201:6443 --token qtj2on.fbg7att0xixsdnew \
--discovery-token-ca-cert-hash sha256:9fbf4265d1350b7ddf65b5e8cdea34fea93d42fca469e49255cd10ca66e8b9ef
安装kubectl
用 curl 在 Linux 系统中安装 kubectl
用以下命令下载最新发行版:
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"说明:
如需下载某个指定的版本,请用指定版本号替换该命令的这一部分: $(curl -L -s https://dl.k8s.io/release/stable.txt)。
curl -LO https://dl.k8s.io/release/v1.26.15/bin/linux/amd64/kubectl
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
执行测试,以保障你安装的版本是最新的:
kubectl version --client(可选)安装bash-completion
apt-get install bash-completion #启动 kubectl 自动补全功能 echo 'source <(kubectl completion bash)' >>~/.bashrc
安装flannel网络插件
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
如果你的容器子网CIDR (不是 10.244.0.0/16)那可以把yml下载下来后修改再apply,注意需要和init初始化管理平面时 kubeadm init命令中--pod-network-cidr=10.244.0.0/16 的值保持一致。
最终结果:
参考文档:
containerd/docs/getting-started.md at main · containerd/containerd · GitHub
GitHub - flannel-io/flannel: flannel is a network fabric for containers, designed for Kubernetes
标签:kubectl,kubelet,containerd,sudo,contanerd,v1.30,kubeadm,k8s From: https://www.cnblogs.com/JiaoTou/p/18294735