centos7 部署 k8s 1m2n

news2024/9/24 2:23:11

1 系统环境准备

1.1 安装所需工具

yum -y install vim
yum -y install wget

# 设置yum源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo

1.2 修改主机名

#master
hostnamectl set-hostname master
#node1
hostnamectl set-hostname node1
#node2
hostnamectl set-hostname node2

1.3 编辑hosts

[root@localhost ~]# vim /etc/hosts

# 增加以下内容
192.168.19.128 master
192.168.19.129 node1
192.168.19.130 node2

1.4 安装ntpdate并同步时间

yum -y install ntpdate
ntpdate ntp1.aliyun.com
systemctl start ntpdate
sustemctl enable ntpdate
systemctl status ntpdate

1.5 安装并配置 bash-completion，添加命令自动补充

yum -y install bash-completion
source /etc/profile

1.6 关闭防火墙

systemctl stop firewalld.service 
systemctl disable firewalld.service

1.7 关闭selinux

sed -i 's/enforcing/disabled/' /etc/selinux/config  # 永久关闭

1.8 关闭 swap

free -h
sudo swapoff -a
sudo sed -i 's/.*swap.*/#&/' /etc/fstab
free -h

二：安装k8s 1.26.x

2.1 安装 Containerd

yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo 
sudo yum install -y containerd.io

systemctl stop containerd.service

cp /etc/containerd/config.toml /etc/containerd/config.toml.bak
sudo containerd config default > $HOME/config.toml
sudo cp $HOME/config.toml /etc/containerd/config.toml
# 修改 /etc/containerd/config.toml 文件后，要将 docker、containerd 停止后，再启动
sudo sed -i "s#registry.k8s.io/pause#registry.cn-hangzhou.aliyuncs.com/google_containers/pause#g" /etc/containerd/config.toml
# https://kubernetes.io/zh-cn/docs/setup/production-environment/container-runtimes/#containerd-systemd
# 确保 /etc/containerd/config.toml 中的 disabled_plugins 内不存在 cri
sudo sed -i "s#SystemdCgroup = false#SystemdCgroup = true#g" /etc/containerd/config.toml

#启动containerd
systemctl start containerd.service
systemctl status containerd.service

2.2 添加阿里云 k8s 镜像仓库

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
# 是否开启本仓库
enabled=1
# 是否检查 gpg 签名文件
gpgcheck=0
# 是否检查 gpg 签名文件
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

2.3 将桥接的 IPv4 流量传递到 iptables 的链

# 设置所需的 sysctl 参数，参数在重新启动后保持不变
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
EOF

# 应用 sysctl 参数而不重新启动
sudo sysctl --system

# 启动br_netfilter
modprobe br_netfilter
echo 1 > /proc/sys/net/ipv4/ip_forward

2.4 安装k8s

# 可以安装1.24.0-1.26.3版本,本文使用1.26.0
# sudo yum install -y kubelet-1.24.0-0 kubeadm-1.24.0-0 kubectl-1.24.0-0 --disableexcludes=kubernetes --nogpgcheck


#sudo yum install -y kubelet-1.25.3-0 kubeadm-1.25.3-0 kubectl-1.25.3-0 --disableexcludes=kubernetes --nogpgcheck

# 2022-11-18，经过测试，版本号：1.25.4
# sudo yum install -y kubelet-1.25.4-0 kubeadm-1.25.4-0 kubectl-1.25.4-0 --disableexcludes=kubernetes --nogpgcheck

# 2023-02-07，经过测试，版本号：1.25.5，
# sudo yum install -y kubelet-1.25.5-0 kubeadm-1.25.5-0 kubectl-1.25.5-0 --disableexcludes=kubernetes --nogpgcheck

# 2023-02-07，经过测试，版本号：1.25.6，
# sudo yum install -y kubelet-1.25.6-0 kubeadm-1.25.6-0 kubectl-1.25.6-0 --disableexcludes=kubernetes --nogpgcheck

# 2023-02-07，经过测试，版本号：1.26.0，
# sudo yum install -y kubelet-1.26.0-0 kubeadm-1.26.0-0 kubectl-1.26.0-0 --disableexcludes=kubernetes --nogpgcheck

# 2023-02-07，经过测试，版本号：1.26.1，
# sudo yum install -y kubelet-1.26.1-0 kubeadm-1.26.1-0 kubectl-1.26.1-0 --disableexcludes=kubernetes --nogpgcheck

# 2023-03-02，经过测试，版本号：1.26.2，
# sudo yum install -y kubelet-1.26.2-0 kubeadm-1.26.2-0 kubectl-1.26.2-0 --disableexcludes=kubernetes --nogpgcheck

sudo yum install -y kubelet-1.26.3-0 kubeadm-1.26.3-0 kubectl-1.26.3-0 --disableexcludes=kubernetes --nogpgcheck

systemctl daemon-reload
sudo systemctl restart kubelet
sudo systemctl enable kubelet

2.5 初始化,只需要在master节点

kubeadm init \
 --apiserver-advertise-address=192.168.19.135 \
 --image-repository registry.aliyuncs.com/google_containers

执行完成

# master节点执行
export KUBECONFIG=/etc/kubernetes/admin.conf

# 从节点执行
kubeadm join 192.168.19.135:6443 --token i7w5xr.u3t483h07aksnzg6 \
	--discovery-token-ca-cert-hash sha256:04defa4d856cb5bcfe7ad0c3f2d71aa7d48e6c27e4e5821336db00c1e4bf7464

将 export KUBECONFIG=/etc/kubernetes/admin.conf 写入到 .bashrc 中，防止终端重启后报错

cd ~
vim .bashrc
# 新增以下内容
export KUBECONFIG=/etc/kubernetes/admin.conf

如果清屏可以在master执行以下命令,查看master节点初始化token

kubeadm token create --print-join-command

2.6 master查看状态

# 查看节点：
kubectl get node

2.7 maste节点配置网络,使用Calico

# 下载
wget --no-check-certificate https://projectcalico.docs.tigera.io/archive/v3.25/manifests/calico.yaml
# 修改 calico.yaml 文件
vim calico.yaml

# 在 - name: CLUSTER_TYPE 下方添加如下内容
- name: CLUSTER_TYPE
  value: "k8s,bgp"
  # 下方为新增内容
- name: IP_AUTODETECTION_METHOD
  value: "interface=网卡名称"
  # INTERFACE_NAME=ens33

# 配置网络
kubectl apply -f calico.yaml

需要等待几分钟,再次查看pods,nodes,如下图状态为 Ready

三、创建nginx服务

创建命名空间

kubectl create namespace fz-k8s

cat > nginx.yaml << EOF
# 创建命名空间  ：kubectl create namespace zlm-k8s
# 创建 pod    ：kubectl apply -f nginx-deployment.yaml
# 查看 pod    ：kubectl -n zlm-k8s get pod -o wide
# 查看 pod    ：kubectl -n zlm-k8s get pod -o wide
# 进入 pod    ：kubectl -n zlm-k8s exec -it pod名称 bash
# 编辑 pod    ：kubectl -n zlm-k8s edit deployment nginx-deployment
# 删除 pod    ：kubectl -n zlm-k8s delete deployment nginx-deployment
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  namespace: zlm-k8s
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.23.2
        ports:
        - containerPort: 80
---
# 创建 Service（不能指定 nodePort） ：kubectl -n zlm-k8s expose deployment nginx-deployment --type=NodePort --name=nginx-service
# 编辑 Service                    ：kubectl -n zlm-k8s edit service nginx-service
# 删除 Service                    ：kubectl -n zlm-k8s delete service nginx-service
# 查看 pod、Service               ：kubectl -n 命名空间 get pod,svc -o wide

# https://kubernetes.io/zh-cn/docs/concepts/services-networking/service/
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
  namespace: zlm-k8s
spec:
  ports:
    - nodePort: 30080
      port: 80
      protocol: TCP
      targetPort: 80
  selector:
    app: nginx
  type: NodePort
EOF