1.1 安装Docker
[root@k8s-all ~]# wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.huaweicloud.com/docker-ce/linux/centos/docker-ce.repo
[root@k8s-all ~]# sed -i 's+download.docker.com+mirrors.huaweicloud.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
[root@k8s-all ~]# sed -i 's/$releasever/9Server/g' /etc/yum.repos.d/docker-ce.repo
[root@k8s-all ~]# yum install docker-ce -y
[root@k8s-all ~]# systemctl enable --now docker
1.2 配置Hosts解析
[root@k8s-all ~]# cat >> /etc/hosts << EOF
192.168.37.41 k8s-master-01
192.168.37.42 K8s-node-01
192.168.37.43 K8s-node-02
EOF
1.3 配置时间同步
[root@k8s-all ~]# vim /etc/chrony.conf
[root@k8s-all ~]# systemctl restart chronyd
[root@k8s-all ~]# chronyc sources
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 203.107.6.88 2 6 17 8 +638us[+6614us] +/- 44ms
1.4 禁用Swap
[root@k8s-all ~]# sed -i 's/.*swap.*/# &/' /etc/fstab
1.5 添加网桥过滤及内核转发配置文件
[root@k8s-master-01 ~]# cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
vm.swappiness = 0
EOF
[root@k8s-master-01 ~]# modprobe br-netfilter
[root@k8s-master-01 ~]# sysctl -p /etc/sysctl.d/k8s.conf
1.6 开启IPVS
[root@K8s-all ~]# yum install ipset ipvsadm -y
[root@K8s-all ~]# mkdir -p /etc/sysconfig/modules/
[root@K8s-all ~]# cat >> /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
ipvs_modules="ip_vs ip_vs_lc ip_vs_wlc ip_vs_rr ip_vs_wrr ip_vs_lblc ip_vs_lblcr ip_vs_dh ip_vs_vip ip_vs_sed ip_vs_ftp nf_conntrack"
for kernel_module in $ipvs_modules;
do
/sbin/modinfo -F filename $kernel_module >/dev/null 2>&1
if [ $? -eq 0 ]; then
/sbin/modprobe $kernel_module
fi
done
chmod 755 /etc/sysconfig/modules/ipvs.modules
EOF
[root@K8s-all ~]# bash /etc/sysconfig/modules/ipvs.modules
1.7 配置国内镜像源
[root@k8s-all ~]# vim /etc/yum.repos.d/k8s.repo
[k8s]
name=k8s
baseurl=https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/rpm
gpgcheck=0
#安装软件
1.8 安装K8s
[root@k8s-all ~]# dnf install kubelet-1.30.0 kubeadm-1.30.0 kubectl-1.30.0 -y
[root@k8s-all ~]# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"30", GitVersion:"v1.30.0", GitCommit:"7c48c2bd72b9bf5c44d21d7338cc7bea77d0ad2a", GitTreeState:"clean", BuildDate:"2024-04-17T17:34:08Z", GoVersion:"go1.22.2", Compiler:"gc", Platform:"linux/amd64"}
#为了实现docker使用的cgroupdriver与kubelet使用的cgroup的一致性,修改如下文件内容
[root@K8s-all ~]# cat <<EOF > /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--cgroup-driver=systemd"
KUBE_PROXY_MODE="ipvs"
EOF
[root@K8s-all ~]# systemctl enable kubelet.service --now
1.9 配置命令补全
[root@K8s-all ~]# yum install -y bash-completion
[root@K8s-all ~]# source /usr/share/bash-completion/bash_completion
[root@K8s-all ~]# source <(kubectl completion bash)
[root@K8s-all ~]# echo "source <(kubectl completion bash)" >> ~/.bashrc
1.10 安装cri-docker
[root@K8s-all ~]# yum install cri-dockerd-0.3.14-3.el8.x86_64.rpm libcgroup-0.41-19.el8.x86_64.rpm -y
[root@K8s-all ~]# sed -i 's#^ExecStart=.*#ExecStart=/usr/bin/cri-dockerd --network-plugin=cni --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9#' /usr/lib/systemd/system/cri-docker.service
[root@K8s-all ~]# systemctl daemon-reload
[root@K8s-all ~]# systemctl restart docker
[root@K8s-all ~]# systemctl enable --now cri-docker.service
1.11 初始化Master节点
[root@k8s-master-01 ~]# kubeadm init --kubernetes-version=v1.30.0 --pod-network-cidr=10.224.0.0/16 --apiserver-advertise-address=192.168.37.41 --apiserver-bind-port=6443 --cri-socket unix:///var/run/cri-dockerd.sock --image-repository registry.aliyuncs.com/google_containers
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
...
kubeadm join 192.168.37.41:6443 --token voennl.fktpgm96xp1dvvoh \
--discovery-token-ca-cert-hash sha256:6731367453b5bdfc83ff5047c6ccd6db49ff371e2daad17af73ed3c526141672
[root@k8s-master-01 ~]# mkdir -p $HOME/.kube
[root@k8s-master-01 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master-01 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
[root@k8s-node-all ~]# kubeadm join 192.168.37.41:6443 --token voennl.fktpgm96xp1dvvoh \
--discovery-token-ca-cert-hash sha256:6731367453b5bdfc83ff5047c6ccd6db49ff371e2daad17af73ed3c526141672 \
--cri-socket unix:///var/run/cri-dockerd.sock
1.12 安装网络插件
[root@k8s-master-01 ~]# wget -c https://gitee.com/kong-xiangyuxcz/svn/releases/download/V3.25.0/calico.yaml
[root@k8s-master-01 ~]# kubectl apply -f calico.yaml
[root@k8s-master-01 ~]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-5b9b456c66-j82dl 1/1 Running 0 15m
kube-system calico-node-k2x8l 1/1 Running 0 15m
kube-system calico-node-sc2lq 1/1 Running 0 15m
kube-system calico-node-zj2wl 1/1 Running 0 15m
kube-system coredns-7b5944fdcf-4qztv 1/1 Running 0 20m
kube-system coredns-7b5944fdcf-8wsp2 1/1 Running 0 20m
kube-system etcd-k8s-master-01 1/1 Running 0 20m
kube-system kube-apiserver-k8s-master-01 1/1 Running 0 20m
kube-system kube-controller-manager-k8s-master-01 1/1 Running 0 20m
kube-system kube-proxy-2vxpr 1/1 Running 0 18m
kube-system kube-proxy-9sxtb 1/1 Running 0 18m
kube-system kube-proxy-tjx9t 1/1 Running 0 20m
kube-system kube-scheduler-k8s-master-01 1/1 Running 0 20m
[root@k8s-master-01 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master-01 Ready control-plane 20m v1.30.0
k8s-node-01 Ready <none> 18m v1.30.0
k8s-node-02 Ready <none> 18m v1.30.0