ubuntu20.04使用kubeadm安装kubernetes1.24.4

介绍

1.k8s的版本在1.24版本开始

Kubernetes 正式移除对 Dockershim 的支持，Kubernetes1.24 之后，如还想继续在k8s中使用docker，需要自行安装cri-dockerd 组件或者containerd组件，下面的步骤，经过反复测试很多次，步骤应该很稳

2.#更新阿里云yum

sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak

cat <<EOF | sudo tee /etc/apt/sources.list
deb http://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse


#deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main
EOF


1
2
3
4
5
6
7
8
9

3.#更新源 ##更新软件

sudo apt-get update -y && sudo apt-get -f install -y
1

4.#安装ssh #启动ssh

sudo apt-get install openssh-server openssh-client net-tools ntpdate -y && sudo /etc/init.d/ssh restart
1

5.#替换上海时区 #时间同步

sudo timedatectl set-timezone Asia/Shanghai  && sudo ntpdate time.windows.com
1

6.#修改root用户密码,命令为：passwd root

#使用root账户，进行ssh登录

sed -i "s|#PermitRootLogin prohibit-password|PermitRootLogin yes|" /etc/ssh/sshd_config 
#重启ssh
sudo systemctl restart ssh
1
2
3

7.#修改ip

cat <<EOF | sudo tee /etc/netplan/00-installer-config.yaml
network:
  ethernets:
    ens32:
      addresses:
      - 172.121.13.211/24
      gateway4: 172.121.13.254
      nameservers:
        addresses:
        - 114.114.114.114
  version: 2
EOF


#更新ip
sudo netplan apply
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

sudo hostnamectl set-hostname k8s-mast
sudo hostnamectl set-hostname k8s-node01
sudo hostnamectl set-hostname k8s-node02

8、安装docker

#添加源
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add


cat <<EOF | sudo tee /etc/apt/sources.list
deb http://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse

deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main
EOF

#安装docker
sudo apt install docker.io -y

#查看版本
sudo docker version

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

9.k8s主节点安装

a.环境准备

下面脚本，基本上都是固定格式，后面需要更改的地方是ip和主机名称，需要更改一下，其他均不变

#!/bin/bash

echo "--------------------------------------------------------------5.add hostname ip----------------------------------------------------------------"
#hosts文件　域名通信
echo 192.168.1.20 k8s-mast >> /etc/hosts
echo 192.168.1.21 k8s-node1 >> /etc/hosts
echo 192.168.1.22 k8s-node2 >> /etc/hosts


echo "--------------------------------------------------------------1.close firewall---------------------------------------------------------------------"
sudo ufw disable


echo "--------------------------------------------------------------2.close swap-------------------------------------------------------------------------"
#修改swap可以参考链接：https://blog.csdn.net/weixin_42599091/article/details/107164366
#临时关闭
swapoff -a
#永久关闭,这个需要重启生效
sed -i 's#\/swap.img#\#\/swap.img#g' /etc/fstab

echo "--------------------------------------------------------------3.allow iptables bridge flow---------------------------------------------------------"
#参考kubadm官网:https://kubernetes.io/zh/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 11
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --system

echo "--------------------------------------------------------------4.modify docker cgroup---------------------------------------------------------------"
#将docker的cgroup修改为systemd的参考链接：https://www.jianshu.com/p/8a62750c0eef
sudo mkdir /etc/docker
cat <<EOF | sudo tee /etc/docker/daemon.json
{
  "registry-mirrors": ["https://nr240upq.mirror.aliyuncs.com", "https://registry.docker-cn.com", "https://docker.mirrors.ustc.edu.cn", "https://dockerhub.azk8s.cn", "http://hub-mirror.c.163.com"],
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2"
}
EOF
sudo systemctl enable docker
sudo systemctl daemon-reload
sudo systemctl restart docker


echo "--------------------------------------------------------------6.add k8s source list----------------------------------------------------------------"
#参考链接https://blog.csdn.net/uucckk/article/details/105193431
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add
echo "deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main" >>  /etc/apt/sources.list


echo "-----------------------------------------------------------7.install k8s apt packages------------------------------------------------------------"
#参考kubadm官网（同步骤3）:https://kubernetes.io/zh/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
sudo apt-get update
sudo apt-get upgrade -y
sudo apt-get install -y apt-transport-https ca-certificates curl

echo "-----------------------------------------------------------8.install kubelet kubeadm kubectl-----------------------------------------------------"
#参考kubadm官网（同步骤3）:https://kubernetes.io/zh/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
sudo apt install kubeadm -y
sudo apt install kubectl -y
sudo apt install kubelet -y
sudo apt-mark hold kubelet kubeadm kubectl

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71

10.#安装 cri-dockerd

#-----https://github.com/Mirantis/cri-dockerd/tags
tar zxf cri-dockerd-0.2.3.amd64.tgz && cp cri-dockerd/cri-dockerd /usr/bin/

1
2
3

11.#替换 cri-docker.service

cat <<EOF | sudo tee /usr/lib/systemd/system/cri-docker.service
[Unit]
Description=CRI Interface for Docker Application Container Engine
Documentation=https://docs.mirantis.com
After=network-online.target firewalld.service docker.service
Wants=network-online.target
Requires=cri-docker.socket

[Service]
Type=notify
ExecStart=/usr/bin/cri-dockerd --network-plugin=cni --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.7
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
StartLimitBurst=3

StartLimitInterval=60s

LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity

TasksMax=infinity
Delegate=yes
KillMode=process

[Install]
WantedBy=multi-user.target
EOF

#替换 cri-docker.socket
cat <<EOF | sudo tee /usr/lib/systemd/system/cri-docker.socket

[Unit]
Description=CRI Docker Socket for the API
PartOf=cri-docker.service

[Socket]
ListenStream=%t/cri-dockerd.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker

[Install]
WantedBy=sockets.target
EOF



#运行 ipvs.modules
cat <<EOF | sudo tee /root/ipvs.modules
#!/bin/bash
ipvs_modules="ip_vs ip_vs_lc ip_vs_wlc ip_vs_rr ip_vs_wrr ip_vs_lblc ip_vs_lblcr ip_vs_dh ip_vs_sh ip_vs_fo ip_vs_nq ip_vs_sed ip_vs_ftp nf_conntrack"
for kernel_module in ${ipvs_modules}; do
    /sbin/modinfo -F filename ${kernel_module} > /dev/null 2>&1
    if [ 0 -eq 0 ]; then
        /sbin/modprobe ${kernel_module}
    fi
done
EOF


#运行
sudo chmod +x /root/ipvs.modules && /root/ipvs.modules && lsmod | grep ip_vs

# 启动cri-docker并设置开机自动启动
sudo systemctl daemon-reload
sudo systemctl restart cri-docker
sudo systemctl enable cri-docker --now

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71

12.master 主节点初始化

# 初始化master节点192.168.1.20


kubeadm init \
 --apiserver-advertise-address=192.168.1.20 \
 --image-repository registry.aliyuncs.com/google_containers \
 --kubernetes-version v1.24.4 \
 --pod-network-cidr=10.244.0.0/16 \
 --cri-socket /run/containerd/containerd.sock \
 --cri-socket unix://var/run/cri-dockerd.sock --ignore-preflight-errors=NumCPU



sudo mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

13.node节点加入master

sudo kubeadm join 192.168.1.20:6443 --token rx8xpw.9in4g5bctm30w539 \
  --cri-socket unix://var/run/cri-dockerd.sock --ignore-preflight-errors=NumCPU \
        --discovery-token-ca-cert-hash sha256:e7f14900cd3fde2f343146e49b8d06d774ae930081943a059fdbaa185c2ed126
1
2
3

14.查看nodes

kubectl get nodes
1

15.#k8s自动补全

apt install -y bash-completion
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc

alias k=kubectl
complete -o default -F __start_kubectl k

1
2
3
4
5
6
7
8

16.主节点安装网络组件calico

sudo kubectl create -f https://docs.projectcalico.org/manifests/tigera-operator.yaml

sudo wget https://docs.projectcalico.org/manifests/custom-resources.yaml
1
2
3

17.#custom-resources.yaml 改为初始化的地址10.244.0.0/16

cat <<EOF | sudo tee /root/custom-resources.yaml
apiVersion: operator.tigera.io/v1
kind: Installation
metadata:
  name: default
spec:
  calicoNetwork:
    # Note: The ipPools section cannot be modified post-install.
    ipPools:
    - blockSize: 26
      cidr: 10.244.0.0/16
      encapsulation: VXLANCrossSubnet
      natOutgoing: Enabled
      nodeSelector: all()
---
apiVersion: operator.tigera.io/v1
kind: APIServer
metadata:
  name: default
spec: {}
EOF

#安装
kubectl create -f /root/custom-resources.yaml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

18.#如果网络安装失败，可以下载离线包

calicov3.24.0

19.#监控创建过程

kubectl get pods -n calico-system -w

kubectl get pods -A
1
2
3

calico启动异常

参考博客:https://blog.csdn.net/u011643449/article/details/126241671
https://blog.csdn.net/qq_37837432/article/details/123055180
https://blog.csdn.net/weixin_43501172/article/details/125869017