k8s集群搭建
一、初始化# 关闭swap分区n$ swapoff -anvim /etc/fastabn #/dev/mapper/centos-swap swap swap defau
一、初始化
# 关闭swap分区n$ swapoff -anvim /etc/fastabn #/dev/mapper/centos-swap swap swap defaults 0 0n$ grep "#" fstab |grep "swap" >/dev/null || sed -i 's/^.*swap/#&/g' fstabn# 关闭防火墙n$ iptables -Fn$ systemctl stop firewalldn# 关闭selinuxn$ sed -i '7s/enforcing/disabled/' /etc/selinux/confign$ setenforce 0n# 设置免密登录n$ ssh-keygenn$ ssh-copy-id $IPn# 修改主机名称n# hostnamectl set-hostname $hostnamen# 修改/etc/hosts文件,保证节点间能通过主机名进行访问n# 在所有节点上安装docker和k8s相关软件n# 安装dockern$ yum -y install yum-utilsn# 添加docker yum源仓库n$ yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repon# 建立yum仓库n$ yum makecachen# 安装dockern$ yum install docker-ce -yn# 查看版本n$ docker versionn# 安装kubelet kubeadm kubectln# 配置K8Syum源仓库nvim t/etc/yum.repos.d/kubernetes.repon [kubernetes]n name=Kubernetesn baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64n enabled=1n gpgcheck=0n repo_gpgcheck=0n gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg tttthttp://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgn# 配置内核参数,将桥接的IPv4流量传递到iptables的链n$ vim /etc/sysctl.d/k8s.confn net.bridge.bridge-nf-call-ip6tables = 1n net.bridge.bridge-nf-call-iptables = 1n net.ipv4.ip_forward = 1n# 安装kubelet kubeadm kubectl n$ yum install -y kubelet-1.17.3 kubeadm-1.17.3 kubectl-1.17.3n# 查看kubelet和docker的cgroup,如果不同修改为相同驱动类型n# 见K8s排坑n$ systemctl enable kubelet & systemctl restart kubelet
二、主节点初始化集群
# 在主节点初始化集群n$ kubeadm init --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=cri --control-plane-endpoint "118.31.166.138:6443" --kubernetes-version=1.17.3n# 参数详解n --image-repository registry.aliyuncs.com/google_containers 镜像仓库地地址n --pod-network-cidr=10.244.0.0/16 pod通信网段n --ignore-preflight-errors=cri 将错误显示为警告的检查列表进行忽略n --control-plane-endpoint "118.31.166.138:6443" 通过这个地址访问apiservern --kubernetes-version=1.17.3 指定版本n# 安装flannel插件n# 上传flannel的yml文件nhttps://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.ymln# 创建flanneln$ kubectl apply -f flannel.ymln# 删除flanneln$ kubectl delete -f kube-flannel.ymln# 查看k8s的node节点状态n$ kubectl get nodesn# 查看各组件状态n$ kubectl get pod -o wide --all-namespaces n# 安装kuboard n# 获取yaml文件nhttps://kuboard.cn/install-script/kuboard.yamln# 创建n$ kubectl apply -f kuboard.yaml n# 获取tokenn$ echo $(kubectl -n kube-system get secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}') -o go-template='{{.data.token}}' | base64 -d)
三、向集群添加或删除master、node节点
# 通过kubeadm获取加入集群的命令n$ kubeadm token create --print-join-commandn# 添加node节点n$ kubeadm join 192.168.220.11:6443 --token 2jbg3t.6nst8modlquuek8h --discovery-token-ca-cert-hash sha256:c1b9b5deb4fcb168fbb13056fe01d8c1ed10d2d5e4a0c974e9e7707363da3bb2n# 添加master节点n# 创建目录n$ mkdir -p /etc/kubernetes/pki/etcd/n# 传输相关文件n$ sh join-master.shn scp -r /etc/kubernetes/admin.conf master02:/etc/kubernetes/n scp -r /etc/kubernetes/pki/ca* master02:/etc/kubernetes/pki/n scp -r /etc/kubernetes/pki/sa* master02:/etc/kubernetes/pki/n scp -r /etc/kubernetes/pki/front* master02:/etc/kubernetes/pki/n scp -r /etc/kubernetes/pki/etcd/ca* master02:/etc/kubernetes/pki/etcd/n# 在master执行命令n$ kubeadm join 192.168.220.11:6443 --token 2jbg3t.6nst8modlquuek8h --discovery-token-ca-cert-hash sha256:c1b9b5deb4fcb168fbb13056fe01d8c1ed10d2d5e4a0c974e9e7707363da3bb2 --control-plane n# 可以提前将master01的镜像通过docker命令拉取到master02本地nn# 加入主节点的第二种方式n$ kubeadm init phase upload-certs --upload-certsn$ kubeadm token create --print-join-commandn# 生成信息拼接n$ kubeadm join 192.168.3.156:8000 --token ht53d3.la3fkq53ln6hkaex --discovery-token-ca-cert-hash sha256:c1c27fac502a0c7de29846831adf404dcc76ca8390b26988e263d9eb15dd6917 --control-plane --certificate-key 4b44d7dc3fcf9132f8c8e7cb97e00cb398eb8fae9bec881c5c5325a93ecf5fcc