一、环境准备(所有节点)
1、节点信息
k8s-master:192.168.101.1
k8s-node1:192.168.101.2
k8s-node2:192.168.101.3
2、系统信息
CentOS Linux release 7.8.2003 (Core)
3、关闭selinuxsed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0
4、关闭防火墙systemctl stop firewalld
systemctl disable firewalld
5、关闭swap(测试环境可不关闭)vi /etc/fstab
去除swap配置,并reboot
PS:为了应用发生OOM时,使其被系统kill掉,及时发现问题
6、设置主机名和hosts
主节点:k8s-master
工作节点1:k8s-node1
工作节点2:k8s-node2vi /etc/hosts
1)k8s-master节点127.0.0.1 k8s-master
192.168.101.2 k8s-node1
192.168.101.3 k8s-node2
2)k8s-node1节点127.0.0.1 k8s-node1
192.168.101.1 k8s-master
192.168.101.3 k8s-node2
3)k8s-node2节点127.0.0.1 k8s-node2
192.168.101.1 k8s-master
192.168.101.2 k8s-node1
7、同步系统时间yum install ntpdate
ntpdate -s 0.us.pool.ntp.org
8、内核参数修改cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p /etc/sysctl.d/k8s.conf
二、安装k8s软件(所有节点)
1、安装dockeryum install yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install docker-ce
2、启动并加入开机启动systemctl enable docker
systemctl start docker
3、将systemd用作Kubernetes的cgroup驱动程序cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
重启docker:systemctl restart docker
4、新增kubernetes源(官方源)cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
5、更新yum缓存yum makecache
6、安装kubeadm,kubelet和kubectlyum install kubeadm kubelet kubectl
说明:
1)kubeadm:是Kubernetes官方提供的用于快速安装Kubernetes集群的工具
2)kubelet:是运行在每个节点上的节点代理
3)kubectl:是Kubernetes集群的命令行工具
7、设置开机启动kubeletsystemctl enable kubelet
PS:这里不要启动kubelet,后面初始化节点时会自动启动
8、使用kubeadm config print init-defaults可以打印集群初始化默认的使用的配置kubeadm config print init-defaults
9、使用kubeadm config images pull预先在各个节点上拉取所k8s需要的docker镜像kubeadm config images pull
W0710 05:18:32.735791 1802 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
[config/images] Pulled k8s.gcr.io/kube-apiserver:v1.18.5
[config/images] Pulled k8s.gcr.io/kube-controller-manager:v1.18.5
[config/images] Pulled k8s.gcr.io/kube-scheduler:v1.18.5
[config/images] Pulled k8s.gcr.io/kube-proxy:v1.18.5
[config/images] Pulled k8s.gcr.io/pause:3.2
[config/images] Pulled k8s.gcr.io/etcd:3.4.3-0
[config/images] Pulled k8s.gcr.io/coredns:1.6.7
10、如不关闭swapvi /etc/sysconfig/kubelet
添加:KUBELET_EXTRA_ARGS="--fail-swap-on=false"
11、k8s服务器需要专机专用,不要再提供其他服务,因为安装k8s后,默认会在iptables内添加许多Chain,会影响其他服务的端口访问,例如:Chain INPUT (policy ACCEPT)
target prot opt source destination
KUBE-SERVICES all -- anywhere anywhere ctstate NEW /* kubernetes service portals */
KUBE-EXTERNAL-SERVICES all -- anywhere anywhere ctstate NEW /* kubernetes externally-visible service portals */
参考资料:
https://www.jianshu.com/p/d8d09a597d59
https://blog.51cto.com/3241766/2405624
https://www.kubernetes.org.cn/5551.html
https://blog.csdn.net/weixin_48645951/article/details/106744583
https://blog.csdn.net/happyfreeangel/article/details/93637159
关于swap的讨论:
https://github.com/kubernetes/kubernetes/issues/53533
kubelet 架构浅析:
https://www.jianshu.com/p/f888020d7dcc