AlmaLinux 9上安装Kubernetes 1.25集群
0. 确认Linux版本
uname -a
1. 禁用swap
sudo swapoff -a
2. 禁用防火墙
sudo systemctl stop firewalld
sudo systemctl disable firewalld
3. 将SELinux设置为permissive模式
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
4. 更新/etc/hosts
/etc/hosts中加入下面命令的输出结果
echo $(hostname -i) $(hostname -long)
5. 安装podman, podman remotes, socat, runc, conmon
sudo dnf install -y podman podman-remote socat runc conmon
启用 podman socket
sudo systemctl enable -- now podman.socket
检查远程 podman-remote info 的显示信息
sudo podman-remote info
6. 安装crio
sudo rpm -ivh https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/1.25:/1.25.1/Fedora_36/x86_64/cri-o-1.25.1-3.1.fc36.x86_64.rpm
sudo systemctl enable --now crio
7. 安装kubelet kubeadm kubectl
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch
enabled=1
gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF
sudo dnf install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
sudo systemctl enable --now kubelet
8. 更新模块设置
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
对模块使用modprobe
sudo modprobe overlay
sudo modprobe br_netfilter
为 k8s.conf 设置 sysctl.d
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
应用 sysctl 参数,无需重启
sysctl --system
9. 设置一个calico ignore并加载calicoctl
cat << EOF > /etc/NetworkManager/conf.d/calico.conf
[keyfile]
unmanaged-devices=interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico;interface-name:vxlan-v6.calico;interface-name:wireguard.cali;interface-name:wg-v6.cali
EOF
下载和安装calicoctl
curl -L -o calicoctl https://github.com/projectcalico/calico/releases/download/v3.24.5/calicoctl-linux-amd64
chmod +x calicoctl
mv calicoctl /bin
编辑 crio,添加最后两个值
vi /etc/crio/crio.conf
---
[crio.runtime]
conmon_cgroup = "pod"
cgroup_manager = "systemd"
---
10. 初始化Kubernetes集群
kubeadm init --cri-socket=unix:///var/run/crio/crio.sock --pod-network-cidr=10.244.0.0/16
11. 配置集群访问
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl taint nodes --all node-role.kubernetes.io/control-plane-
kubectl completion bash | sudo tee /etc/bash_completion.d/kubectl > /dev/null
echo 'alias k=kubectl' >>~/.bashrc
echo 'complete -o default -F __start_kubectl k' >>~/.bashrc
12. 确认集群
kubectl get nodes
kubectl get pods -A
完结!
![[Python]Django 配置](https://img-blog.csdnimg.cn/d31a25179e8942708dea11db5486e66d.png)
