郑文峰的博客
zhengwenfeng
2022-09-13
目录

使用kubeadm安装k8s

# 相关链接

kubeadm安装官网 (opens new window)

kubeadm安装k8s完整教程 (opens new window)

# 安装配置

以下操作是每个节点都要执行的步骤

  1. 配置hosts

将主节点与子节点分别配置hostname如下:

hostnamectl set-hostname master  # 主节点
hostnamectl set-hostname node1   # 子节点
hostnamectl set-hostname node2   # 子节点
1
2
3

/etc/hosts中添加本机hostname与ip的映射关系

1.1.1.1 master
1.1.1.2 node1
1.1.1.3 node2
1
2
3
  1. 关闭防火墙

需要将主节点与子节点都关闭防火墙

systemctl stop firewalld
1
  1. 配置yum源

在安装kubeadm之前,都需要配置yum源,创建文件/etc/yum.repos.d/kubernetes.repo

[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
1
2
3
4
5
  1. 将 SELinux 设置为 permissive 模式(相当于将其禁用)
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
1
2
  1. 安装kubeadm、kubelet、kubectl
sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
1
  1. 安装docker并开启
curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
systemctl enable --now docker
1
2
  1. 开启kubelet
sudo systemctl enable --now kubelet
1
  1. 手动配置containerd的配置

自动生成的文件会使用k8s.gcr.io/pause:3.6镜像,国内无法下载,导致kubeadm初始化失败。

生成 containerd 的配置文件

mkdir -p /etc/containerd
containerd config default > /etc/containerd/config.toml
1
2

修改 SystemdCgroup 为 true

# 编辑文件
vi /etc/containerd/config.toml

#更改SystemdCgroup值为true
SystemdCgroup = true
1
2
3
4
5

修改 sandbox_image 值

# 更改k8s.gcr.io/pause:3.6为registry.aliyuncs.com/google_containers/pause:3.7
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.7"
1
2

重启containerd

systemctl restart containerd
1

# 主节点执行

  1. 使用kubedam init初始化
kubeadm init --image-repository registry.aliyuncs.com/google_containers --v=5 --pod-network-cidr 10.244.0.0/16
1
  1. kubectl读取k8s授权认证文件

将安全配置文件放在指定目录中,该文件时kubectl需要读取的授权文件,放在指定目录下,kubectl才能读取到并访问到k8s

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config
1
2
3

或者放在环境变量中,kubectl会读取该环境变量中的文件

vim /etc/profile
export KUBECONFIG=/etc/kubernetes/admin.conf
source /etc/profile
1
2
3
  1. 创建网络flannel
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
1

# 子节点加入集群

  1. 使用kubeadm join加入集群

先在主节点使用kubeadm token create --print-join-command来获取到子节点加入主节点的命令

[root@master ~]# kubeadm token create --print-join-command
kubeadm join 172.16.16.16:6443 --token vnu6yz.4zk8f7hdorb8fpl0 --discovery-token-ca-cert-hash sha256:ca4e1e3e2afe16f592c3623f17a6b0dc9cfebd4ec459755e02f4b8db779e21d4
1
2

再在子节点上执行该命令,即可加入集群

  1. 将主节点的config移动到子节点

子节点也需要主节点的config文件,才能通过kubectl访问集群

scp ~/.kube/config node1:~/.kube/config
1

# 测试

在主节点创建deployment.yaml文件如下

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: demoapp
  name: demo-deploy

spec:
  replicas: 10
  selector:
    matchLabels:
      app: demoapp

  template:
    metadata:
      labels:
        app: demoapp
    spec:
      containers:
      - image: ikubernetes/demoapp:v1.0
        name: demoapp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

创建控制器

[root@master ~]# kubectl apply -f deployment.yaml 
deployment.apps/demo-deploy created
1
2

可以看到创建成功,并且所有的pod已经READY

[root@master ~]# kubectl get deploy -n zwf
NAME          READY   UP-TO-DATE   AVAILABLE   AGE
demo-deploy   10/10   10           10          3m15s
1
2
3

可以看到pod都已经创建成功。

[root@master ~]# kubectl get pods -n zwf 
NAME                           READY   STATUS    RESTARTS   AGE
demo-deploy-55c5f88dcb-2nzbf   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-5kwc9   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-8jd9k   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-b7zjp   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-bs7tm   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-jrbzw   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-lsfff   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-mgqpq   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-wfzzb   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-wkbv2   1/1     Running   0          4m38s
1
2
3
4
5
6
7
8
9
10
11
12

# 常见错误

  • kubeadm init 报错 ”unknown service runtime.v1alpha2.RuntimeService”

解决:

rm /etc/containerd/config.toml -f
systemctl restart containerd
1
2

  • 如果在kubeadm init中出现了失败,在解决问题后,需要执行kubeadm reset,否则会报错

  • Failed to create pod sandbox: rpc error: code = Unknown desc = failed to get sandbox image "k8s.gcr.io/pause:3.6": failed to pull image "k8s.gcr.io/pause:3.6": failed to pull and unpack image "k8s.gcr.io/pause:3.6": failed to resolve reference "k8s.gcr.io/pause:3.6": failed to do request: Head "https://k8s.gcr.io/v2/pause/manifests/3.6": dial tcp 74.125.23.82:443: connect: connection refused

是因为拉不到k8s官方的k8s.gcr.io/pause:3.6镜像,使用主节点container配置可以解决。

  • kube-flannel报错:

    running-error-CrashLoopBackOff。node“k8s-master-1“podcidr not assigned

https://blog.csdn.net/shm19990131/article/details/107115750/

https://blog.csdn.net/anqixiang/article/details/107715591

  • plugin type="flannel" failed (add): failed to delegate add: failed to set bridge addr: "cni0" already has an IP address different from

解决办法:

sudo ifconfig cni0 down  
sudo ip link delete cni0
1
2

相关资料:

https://blog.csdn.net/ibless/article/details/107899009

#k8s#容器#云原生
上次更新: 2023/05/29, 06:49:01
k8s之StatefulSet
pod中将代码与运行环境分离

pod中将代码与运行环境分离

最近更新
01
理解calico容器网络通信方案原理
06-03
02
理解flannel的三种容器网络方案原理
06-01
03
理解Linux IPIP隧道
05-26
更多文章>
Theme by Vdoing | Copyright © 2022-2023 zhengwenfeng | MIT License