文章目录
- 前言
- 一、版本环境信息
- 二、服务部署
- 1.基础环境准备
- 2.docker 服务部署,
- 3.k8s服务部署
- 3.1 安装k8s服务,
- 3.2 修改配置文件
- 3.3 执行初始化
- 4.网络插件安装-calico
- 5.dashboard插件安装
- 卸载服务
- 总结
前言
K8s 1.23.6版本部署:kubelet-1.23.6+kube-proxy-1.17.6
记录一下k8s的部署记录。
一、版本环境信息
- 操作系统版本:CentOS Linux release 7.9.2009 (Core)
- docker服务:Docker version 20.10.21, build baeda1f
- kubelet:1.23.6
- kubeadm:1.23.6
- kubectl:1.23.6
- kube-proxy:1.17.6
- master-node-ip:172.16.31.33
- node-ip:172.16.31.34
二、服务部署
1.基础环境准备
执行节点:所有节点
互信和/etc/hosts文件要提前准备好
#=================================================================
#作用:移除无用软件包、安装工具包、更新操作系统、关闭防火墙、
# 配置selinux、设置时区、调整CPU频率、备份网络配置、备份yum配置
#=================================================================
#移除无用软件包
yum remove NetworkManager* -y;
yum remove postfix* -y;
yum remove libvirt* -y;
#安装软件包
yum install tree nmap ntpd dos2unix lrzsz lsof wget tcpdump htop iftop iotop sysstat nethogs -y;
yum install psmisc net-tools bash-completion vim-enhanced -y;
yum install -y vim pciutils traceroute unzip zip expect yum-utils epel-release tar telnet;
#更新打补丁
yum update -y;
#关闭selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux;
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config;
#关闭防火墙
systemctl stop firewalld.service;
systemctl disable firewalld.service;
#设置时区
timedatectl set-timezone "Asia/Shanghai";
hwclock;
#CPU升频
yum install cpupowerutils -y ;
cpupower frequency-set -g performance;
#备份网卡配置文件
mkdir -p /etc/sysconfig/network-scripts/bak
cp /etc/sysconfig/network-scripts/ifcfg-* /etc/sysconfig/network-scripts/bak
#备份yum源文件
mkdir -p /etc/yum.repos.d/bak
cp /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak
#修改系统参数,关闭swap分区
cat <<EOF >> /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1
vm.swappiness=0
EOF
sysctl -p
2.docker 服务部署,
执行节点:所有节点
使用阿里云的源,修改cgroupdriver,预防cgroup driver问题
#=================================================================
#作用:安装docker服务环境
#=================================================================
#修改yum源
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo;
#修改cgroupdriver
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts":["native.cgroupdriver=systemd"],
"log-driver":"json-file",
"log-opts":{
"max-size":"100m"
}
}
EOF
#安装软件包
yum install docker-ce docker-ce-cli -y;
#启动服务,设置自启动
systemctl restart docker;
systemctl enable docker;
3.k8s服务部署
3.1 安装k8s服务,
执行节点:所有节点
使用阿里云源指定安装1.23版本的kubeadm,kubelet,kubectl
因为1.24的版本默认运行时环境不是docker了
参考:https://blog.csdn.net/qq_48391148/article/details/127017827
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet-1.23.6 kubeadm-1.23.6 kubectl-1.23.6
systemctl enable kubelet.service
3.2 修改配置文件
执行节点:master节点
获取配置文件之后修改配置
kubeadm config print init-defaults > kubeadm-config.yaml
按照自己集群的情况修改配置文件
- advertiseAddress: 172.16.31.33
- imageRepository: registry.aliyuncs.com/google_containers
- name: node33
- podSubnet: 10.244.0.0/16
sed -i 's/imageRepository: k8s.gcr.io/imageRepository: registry.aliyuncs.com\/google_containers/g' kubeadm-config.yaml;
sed -i 's/advertiseAddress: 1.2.3.4/advertiseAddress: 172.16.31.33/g' kubeadm-config.yaml;
sed -i 's/name: node/name: node33/g' kubeadm-config.yaml;
sed -i 's/dnsDomain: cluster.local/dnsDomain: cluster.local\n podSubnet: 10.244.0.0\/16/g' kubeadm-config.yaml;
然后追加下面的配置
cat >> kubeadm-config.yaml << EOF
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
featureGates:
SupportIPVSProxyMode: true
mode: ipvs
EOF
3.3 执行初始化
执行节点:master节点
执行初始化命令
kubeadm init --config=kubeadm-config.yaml --upload-certs | tee kubeadm-init.log
结果:
按照提示执行新建后的命令
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
执行节点:node34
在node34节点执行join命令
kubeadm join 172.16.31.33:6443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:213fc7bd2e5f2fab60f911af991e7f34f9ba63141e917e2a49ec2df59cbb6732
增加后查看pod信息
proxy启动失败,进行降级操作
执行节点:master节点
kubectl -n kube-system set image daemonset/kube-proxy *=registry.aliyuncs.com/k8sxio/kube-proxy:v1.17.6
备注:v1.15.1版本使用如下命令进行初始化
kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log
4.网络插件安装-calico
执行节点:master节点
获取插件配置文件,修改网络配置后,进行安装
wget https://docs.projectcalico.org/manifests/calico.yaml
#更改配置
# - name: CALICO_IPV4POOL_CIDR 将注释打开,使用配置项
# value: "192.168.0.0/16" 将地址改为podSubnet配置的10.244.0.0/16
sed -i 's/# - name: CALICO_IPV4POOL_CIDR/- name: CALICO_IPV4POOL_CIDR/g' calico.yaml;
sed -i 's/# value: "192.168.0.0/ value: "10.244.0.0/g' calico.yaml;
kubectl apply -f calico.yaml
安装后的输出
如果安装异常了,可以使用下面命令卸载
kubectl delete -f calico.yaml
5.dashboard插件安装
执行节点:master节点
参考:https://blog.csdn.net/xhredeem/article/details/127439037
获取配置yaml文件
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
# 打开服务器端口配置
# 配置dashboard使用的网络端口
sed -i 's/targetPort: 8443/targetPort: 8443\n nodePort: 30443\n type: NodePort/g' recommended.yaml;
#执行部署
kubectl apply -f recommended.yaml
#成功后检查pod的启动状态
kubectl get pod -n kubernetes-dashboard
输出
获取普通用户token
#获取列表
kubectl get -n kubernetes-dashboard secrets
#获取密钥
kubectl describe -n kubernetes-dashboard secrets default-token-fjzh6
输出
获取管理员token dashboard-adminuser.yaml
cat >> dashboard-adminuser.yaml << EOF
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system
EOF
获取密钥
kubectl create -f dashboard-adminuser.yaml
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
输出
获取dashboard所在的节点
kubectl get -n kubernetes-dashboard svc
访问node点的IP+Port
https://172.16.31.34:30443/#/login
卸载服务
部署中出现问题之后,可以使用卸载命令将集群卸载
kubeadm reset
总结
部署成功
