-
k8s 1.28安装
容器运行时,containerd
按照官方的指导,需要安装runc和cni插件,提示的安装方式,有三种:
- 二进制安装包
- 源码
- apt-get 或 dnf安装
我们这里选用第三种,找到docker官方提供的安装方式
ubuntu-containerd
# Add Docker's official GPG key: sudo apt-get update sudo apt-get install ca-certificates curl gnupg sudo install -m 0755 -d /etc/apt/keyrings curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg sudo chmod a+r /etc/apt/keyrings/docker.gpg # Add the repository to Apt sources: echo \ "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \ sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt-get update- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
这里我都是直接安装的最新版
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin- 1
你也可以通过指令查看可以安装的指定版本
apt-cache madison docker-ce| awk '{ print $3 }'- 1
centos-containerd
添加源
sudo yum install -y yum-utils sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo- 1
- 2
安装最新版本
sudo yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin- 1
注意要生成containerd 配置文件,并修改SystemdCgroup为true
containerd config default > /etc/containerd/config.toml- 1
设置容器运行时
crictl config runtime-endpoint unix:///run/containerd/containerd.sock- 1
cni
前面的docker安装种保护了containerd.io 包,他包含了 runc 但是不包含 CNI plugins,因此需要补充CNI插件
你可以从找到cni插件的下载连接,官方,也可以使用我之前下载的链接:https://pan.baidu.com/s/1eHV4KuM_1bUTuZ_2zW3UQg?pwd=ypdi 提取码:ypdi- 1
- 2
将文件cni-plugins-linux-arm64-v1.3.0.tgz拷贝至节点
$ mkdir -p /opt/cni/bin $ tar Cxzvf /opt/cni/bin cni-plugins-linux-arm64-v1.3.0.tgz ./ ./macvlan ./static ./vlan ./portmap ./host-local ./vrf ./bridge ./tuning ./firewall ./host-device ./sbr ./loopback ./dhcp ./ptp ./ipvlan ./bandwidth- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
kubelet
前置条件
关闭交换分区 swappoff
#关闭分区 swappof -a #查看交换分区,swap 显示为0 或者交换显示为0 表示关闭了 free -h- 1
- 2
- 3
- 4
关闭防火墙
#禁止 ufw disable #查看状态 ufw status #inactive 表示禁止了 Status: inactive- 1
- 2
- 3
- 4
- 5
- 6
安装
按照阿里云安装最新的:
ubuntu-k8s
apt-get update && apt-get install -y apt-transport-https curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add - cat <<EOF >/etc/apt/sources.list.d/kubernetes.list deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main EOF apt-get update apt-get install -y kubelet kubeadm kubectl- 1
- 2
- 3
- 4
- 5
- 6
- 7
你也可以通过指令查看可以安装的版本
apt-cache madison kubelet| awk '{ print $3 }'- 1
centos-k8s
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF setenforce 0 yum install -y kubelet kubeadm kubectl systemctl enable kubelet && systemctl start kubelet- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
初始化节点
主节点
导入默认初始化配置文件
kubeadm config print init-defaults > kubeadm.yaml- 1
修改配置kubeadm.yaml
apiVersion: kubeadm.k8s.io/v1beta3 bootstrapTokens: - groups: - system:bootstrappers:kubeadm:default-node-token token: abcdef.0123456789abcdef ttl: 24h0m0s usages: - signing - authentication kind: InitConfiguration localAPIEndpoint: advertiseAddress: 192.168.10.37 #节点局域网ip地址 bindPort: 6443 nodeRegistration: criSocket: unix:///run/containerd/containerd.sock imagePullPolicy: IfNotPresent name: k8s-master taints: null --- apiServer: timeoutForControlPlane: 4m0s apiVersion: kubeadm.k8s.io/v1beta3 certificatesDir: /etc/kubernetes/pki clusterName: kubernetes controllerManager: {} dns: {} etcd: local: dataDir: /var/lib/etcd imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers kind: ClusterConfiguration kubernetesVersion: 1.28.0 networking: dnsDomain: cluster.local serviceSubnet: 10.96.0.0/12 #默认 podSubnet: 10.244.0.0/16 #pod子网 scheduler: {} --- apiVersion: kubeproxy.config.k8s.io/v1alpha1 # KubeProxyConfiguration 代理模式,指定 ipvs,默认是 iptables,iptables 效率低。 kind: KubeProxyConfiguration mode: ipvs #指定 --- apiVersion: kubelet.config.k8s.io/v1beta1 # 修改 KubeletConfiguration 驱动为 systemd kind: KubeletConfiguration cgroupDriver: systemd #指定- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
执行初始化
kubeadm init --config kubeadm.yaml- 1
此时会输出
To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config Alternatively, if you are the root user, you can run: export KUBECONFIG=/etc/kubernetes/admin.conf You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root: kubeadm join 192.168.10.37:6443 --token abcdef.0123456789abcdef \ --discovery-token-ca-cert-hash sha256:ecbe8d9e29a5a255ab641d7b95fc643458b5575c33b057b6d56044f395ec92e2- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
可以完全按照提示的内容进行集群的操作
执行第一步就可以获取到节点了root@k8s-master:~# kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-master NotReady control-plane 6m56s v1.28.0- 1
- 2
- 3
查看系统pod状态,发现coredns处于Pending 状态,原因是缺少pod网络插件
root@k8s-master:~# kubectl get pods -n kube-system -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES coredns-7f8cbcb969-9j5v6 0/1 Pending 0 9m38s <none> <none> <none> <none> coredns-7f8cbcb969-vnz5h 0/1 Pending 0 9m38s <none> <none> <none> <none> etcd-master 1/1 Running 0 10m 192.168.17.130 master <none> <none> kube-apiserver-master 1/1 Running 0 10m 192.168.17.130 master <none> <none> kube-controller-manager-master 1/1 Running 0 10m 192.168.17.130 master <none> <none> kube-proxy-5hv9x 1/1 Running 0 9m39s 192.168.17.130 master <none> <none> kube-proxy-gv5g8 1/1 Running 0 5m21s 192.168.17.132 node2 <none> <none> kube-proxy-smk2m 1/1 Running 0 6m18s 192.168.17.131 node1 <none> <none> kube-scheduler-master 1/1 Running 0 10m 192.168.17.130 master <none> <none>- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
接下来安装pod网络插件
链接:https://pan.baidu.com/s/1eHV4KuM_1bUTuZ_2zW3UQg?pwd=ypdi 提取码:ypdi- 1
- 2
提取calico.yaml,应用安装,单网卡这样就够了,如果多网卡还要修改calico.yaml文件
kubectl apply -f calico.yaml- 1
至此主节点安装完成,将节点加入集群,执行第三步,
kubeadm join 192.168.10.37:6443 --token abcdef.0123456789abcdef \ --discovery-token-ca-cert-hash sha256:ecbe8d9e29a5a255ab641d7b95fc643458b5575c33b057b6d56044f395ec92e2- 1
- 2
- 3
如果忘记,可以从主节点重新获取
kubeadm token create --print-join-command- 1
可能会遇到的问题
1
Failed to create pod sandbox: open /run/systemd/resolve/resolv.conf: no such file or directory- 1
将主节点/run/systemd/resolve 目录下的文件 ,拷贝到节点一样的目录下,没有则自己创建
2
/proc/sys/net/bridge/bridge-nf-call-iptables does not exist- 1
执行如下命令解决modprobe br_netfilter echo 1 > /proc/sys/net/ipv4/ip_forward- 1
- 2
3
Failed to create pod sandbox: open /run/systemd/resolve/resolv.conf: no such file or directory- 1
1、将主节点/run/systemd/resolve 目录下的文件 ,拷贝到节点一样的目录下,节点没有则自己创建
2、如果没有安装systemd-resolved,则可以安装
3、如果systemd-resolved没有启动则启动他
6443 连接不上
The connection to the server 192.168.10.37:6443 was refused - did you specify the right host or port- 1
查看/etc/containerd/config.toml中,修改SystemdCgroup配置为true。
一些常用的指令
删除节点
先驱逐kubectl drain --ignore-daemonsets <节点名称>- 1
再删除
kubectl delete node <节点名称>- 1
清除ipvs命令
ipvsadm -C- 1
清楚iptables
iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X- 1
-
相关阅读:
部署LVS-DR群集
解决使用(Jenkins检出代码)git clone检出代码提示必须安装 .NET framework,Version =v4.7.2
Python自动化办公【PDF文件自动化】
最长上升子序列及拓展
最详细STM32,cubeMX 按键点亮 led
反转字符串中的单词-力扣
苹果加大对印度的扶持,提高在其生产iphone的比重
Git泄露
Servlet学习笔记
华为认证系统学习大纲及课程
- 原文地址:https://blog.csdn.net/dai1396734/article/details/134214325
