前置环境：
准备三台虚拟机
192.168.1.104（用来做k8s的mater节点）
192.168.1.105（节点node2）
192.168.1.109（节点node3）
关闭防火墙

systemctl stop firewalld
systemctl disable firewalld

安装docker
https://blog.csdn.net/weixin_41645232/article/details/104578306
修改/etc/docker/daemon.json
关闭 docker cgroup
配置镜像加速器 “registry-mirrors”: [“https://xxxx.mirror.aliyuncs.com”]

{
    "exec-opts": ["native.cgroupdriver=systemd"],
    "registry-mirrors": ["https://3mqrr214.mirror.aliyuncs.com"]
}

执行 systemctl daemon-reload && systemctl restart docker
永久禁用SELinux

sed -i 's/enforcing/disabled/' /etc/selinux/config

关闭系统Swap

sed -i 's/.*swap.*/#&/' /etc/fstab

将桥接的ipv4流量传递到iptables的链

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1
EOF

生效 sysctl --system
6）添加主机名与ip对应关系
vi /etc/hosts

cat > /etc/hosts << EOF
192.168.1.104 k8s-master
192.168.1.105 k8s-node2
192.168.1.109 k8s-node3
EOF

指定新的主机名：

hostnamectl set-hostname k8s-master

7）同步最新时间

date 查看时间（可选）
yum install -y ntpdate
ntpdate time.windows.com 

开始安装
添加k8s阿里云yum源

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

检查是否有yum源

yum list | grep kube

安装

yum install -y kubelet-1.28.2 kubeadm-1.28.2 kubectl-1.28.2

配置kubelet开机自启

systemctl enable kubelet
systemctl start kubelet

开启CRI，vim /etc/containerd/config.toml
把 disabled_plugins = [“cri”] 改成disabled_plugins = []
systemctl restart containerd
初始化master节点（选用192.168.1.104作为master节点执行下面命令）
初始化master

kubeadm init \
--apiserver-advertise-address=192.168.1.104 \
--image-repository registry.cn-hangzhou.aliyuncs.com/google_containers \
--kubernetes-version v1.28.2 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=10.244.0.0/16

注：
以下两个ip无需更改
–service-cidr
–pod-network-cidr
下面的ip指定的主节点ip
–apiserver-advertise-address

初始化看到以下信息则证明成功，下面提示信息非常有用，创建完之前一定要先保留

[addons] Applied essential addon: kube-proxy

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.1.104:6443 --token codrrk.522goq99cigjqf5j \
        --discovery-token-ca-cert-hash sha256:3404f14cfcf42a6f4e17baf34aa4db0ae9cee187a6e95ca4f89e832a88f6ed61

按照上面提示，使用集群需要配置

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

按照提示需要给集群部署一个pod网络插件，参考地址为：
https://kubernetes.io/docs/concepts/cluster-administration/addons/
这里我们选用安装flannel插件

kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml

按提示，其他节点安装后不需要初始化，直接执行下面命令加入主节点完成集群搭建，下面这句话直接复制初始化完成时的提示即可，在node2和node3上执行

kubeadm join 192.168.1.104:6443 --token codrrk.522goq99cigjqf5j \
        --discovery-token-ca-cert-hash sha256:3404f14cfcf42a6f4e17baf34aa4db0ae9cee187a6e95ca4f89e832a88f6ed61

在主节点查看节点信息

[root@k8s-master k8s]# kubectl get nodes

node节点配置证书，支持kubectl操作api
主节点复制证书

scp /etc/kubernetes/admin.conf root@192.168.1.105:/etc/kubernetes

node节点

echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
source ~/.bash_profile

问题：
1.查看po发现coreDns pod启动失败

kubectl edit cm coredns -n kube-system // 删除 loop 保存并退出
kubectl delete pod coredns-xxx-xxxx -n kube-system // 删除coredns的两个pod会自动重新创建