1 系统环境准备
1.1 安装所需工具
yum -y install vim
yum -y install wget
# 设置yum源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
1.2 修改主机名
#master
hostnamectl set-hostname master
#node1
hostnamectl set-hostname node1
#node2
hostnamectl set-hostname node2
1.3 编辑hosts
[root@localhost ~]# vim /etc/hosts
# 增加以下内容
192.168.19.128 master
192.168.19.129 node1
192.168.19.130 node2
1.4 安装ntpdate并同步时间
yum -y install ntpdate
ntpdate ntp1.aliyun.com
systemctl start ntpdate
sustemctl enable ntpdate
systemctl status ntpdate
1.5 安装并配置 bash-completion,添加命令自动补充
yum -y install bash-completion
source /etc/profile
1.6 关闭防火墙
systemctl stop firewalld.service
systemctl disable firewalld.service
1.7 关闭selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久关闭
1.8 关闭 swap
free -h
sudo swapoff -a
sudo sed -i 's/.*swap.*/#&/' /etc/fstab
free -h
二:安装k8s 1.26.x
2.1 安装 Containerd
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y containerd.io
systemctl stop containerd.service
cp /etc/containerd/config.toml /etc/containerd/config.toml.bak
sudo containerd config default > $HOME/config.toml
sudo cp $HOME/config.toml /etc/containerd/config.toml
# 修改 /etc/containerd/config.toml 文件后,要将 docker、containerd 停止后,再启动
sudo sed -i "s#registry.k8s.io/pause#registry.cn-hangzhou.aliyuncs.com/google_containers/pause#g" /etc/containerd/config.toml
# https://kubernetes.io/zh-cn/docs/setup/production-environment/container-runtimes/#containerd-systemd
# 确保 /etc/containerd/config.toml 中的 disabled_plugins 内不存在 cri
sudo sed -i "s#SystemdCgroup = false#SystemdCgroup = true#g" /etc/containerd/config.toml
#启动containerd
systemctl start containerd.service
systemctl status containerd.service
2.2 添加阿里云 k8s 镜像仓库
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
# 是否开启本仓库
enabled=1
# 是否检查 gpg 签名文件
gpgcheck=0
# 是否检查 gpg 签名文件
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
2.3 将桥接的 IPv4 流量传递到 iptables 的链
# 设置所需的 sysctl 参数,参数在重新启动后保持不变
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
# 应用 sysctl 参数而不重新启动
sudo sysctl --system
# 启动br_netfilter
modprobe br_netfilter
echo 1 > /proc/sys/net/ipv4/ip_forward
2.4 安装k8s
# 可以安装1.24.0-1.26.3版本,本文使用1.26.0
# sudo yum install -y kubelet-1.24.0-0 kubeadm-1.24.0-0 kubectl-1.24.0-0 --disableexcludes=kubernetes --nogpgcheck
#sudo yum install -y kubelet-1.25.3-0 kubeadm-1.25.3-0 kubectl-1.25.3-0 --disableexcludes=kubernetes --nogpgcheck
# 2022-11-18,经过测试,版本号:1.25.4
# sudo yum install -y kubelet-1.25.4-0 kubeadm-1.25.4-0 kubectl-1.25.4-0 --disableexcludes=kubernetes --nogpgcheck
# 2023-02-07,经过测试,版本号:1.25.5,
# sudo yum install -y kubelet-1.25.5-0 kubeadm-1.25.5-0 kubectl-1.25.5-0 --disableexcludes=kubernetes --nogpgcheck
# 2023-02-07,经过测试,版本号:1.25.6,
# sudo yum install -y kubelet-1.25.6-0 kubeadm-1.25.6-0 kubectl-1.25.6-0 --disableexcludes=kubernetes --nogpgcheck
# 2023-02-07,经过测试,版本号:1.26.0,
# sudo yum install -y kubelet-1.26.0-0 kubeadm-1.26.0-0 kubectl-1.26.0-0 --disableexcludes=kubernetes --nogpgcheck
# 2023-02-07,经过测试,版本号:1.26.1,
# sudo yum install -y kubelet-1.26.1-0 kubeadm-1.26.1-0 kubectl-1.26.1-0 --disableexcludes=kubernetes --nogpgcheck
# 2023-03-02,经过测试,版本号:1.26.2,
# sudo yum install -y kubelet-1.26.2-0 kubeadm-1.26.2-0 kubectl-1.26.2-0 --disableexcludes=kubernetes --nogpgcheck
sudo yum install -y kubelet-1.26.3-0 kubeadm-1.26.3-0 kubectl-1.26.3-0 --disableexcludes=kubernetes --nogpgcheck
systemctl daemon-reload
sudo systemctl restart kubelet
sudo systemctl enable kubelet
2.5 初始化,只需要在master节点
kubeadm init \
--apiserver-advertise-address=192.168.19.135 \
--image-repository registry.aliyuncs.com/google_containers
执行完成
# master节点执行
export KUBECONFIG=/etc/kubernetes/admin.conf
# 从节点执行
kubeadm join 192.168.19.135:6443 --token i7w5xr.u3t483h07aksnzg6 \
--discovery-token-ca-cert-hash sha256:04defa4d856cb5bcfe7ad0c3f2d71aa7d48e6c27e4e5821336db00c1e4bf7464
将 export KUBECONFIG=/etc/kubernetes/admin.conf 写入到 .bashrc 中,防止终端重启后报错
cd ~
vim .bashrc
# 新增以下内容
export KUBECONFIG=/etc/kubernetes/admin.conf
如果清屏可以在master执行以下命令,查看master节点初始化token
kubeadm token create --print-join-command
2.6 master查看状态
# 查看节点:
kubectl get node
2.7 maste节点配置网络,使用Calico
# 下载
wget --no-check-certificate https://projectcalico.docs.tigera.io/archive/v3.25/manifests/calico.yaml
# 修改 calico.yaml 文件
vim calico.yaml
# 在 - name: CLUSTER_TYPE 下方添加如下内容
- name: CLUSTER_TYPE
value: "k8s,bgp"
# 下方为新增内容
- name: IP_AUTODETECTION_METHOD
value: "interface=网卡名称"
# INTERFACE_NAME=ens33
# 配置网络
kubectl apply -f calico.yaml
需要等待几分钟,再次查看pods,nodes,如下图状态为 Ready
三、创建nginx服务
创建命名空间
kubectl create namespace fz-k8s
cat > nginx.yaml << EOF
# 创建命名空间 :kubectl create namespace zlm-k8s
# 创建 pod :kubectl apply -f nginx-deployment.yaml
# 查看 pod :kubectl -n zlm-k8s get pod -o wide
# 查看 pod :kubectl -n zlm-k8s get pod -o wide
# 进入 pod :kubectl -n zlm-k8s exec -it pod名称 bash
# 编辑 pod :kubectl -n zlm-k8s edit deployment nginx-deployment
# 删除 pod :kubectl -n zlm-k8s delete deployment nginx-deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
namespace: zlm-k8s
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.23.2
ports:
- containerPort: 80
---
# 创建 Service(不能指定 nodePort) :kubectl -n zlm-k8s expose deployment nginx-deployment --type=NodePort --name=nginx-service
# 编辑 Service :kubectl -n zlm-k8s edit service nginx-service
# 删除 Service :kubectl -n zlm-k8s delete service nginx-service
# 查看 pod、Service :kubectl -n 命名空间 get pod,svc -o wide
# https://kubernetes.io/zh-cn/docs/concepts/services-networking/service/
apiVersion: v1
kind: Service
metadata:
name: nginx-service
namespace: zlm-k8s
spec:
ports:
- nodePort: 30080
port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx
type: NodePort
EOF
kubectl apply -f nginx.yaml
查看nginx状态
kubectl get pods -o wide -n fz-k8s
访问192.168.19.135:30080