程序员经验分享-hwhale

k8s1.26安装(kubeadm containerd)

2023-05-16

环境背景:

k8s-1、k8s-2、k8s3三台主机,1台master节点 ,2台node节点

准备环境

修改主机名(3台分别修改主机名)


hostnamectl set-hostname k8s-1
hostnamectl set-hostname k8s-2
hostnamectl set-hostname k8s-3

防火墙关闭


systemctl stop firewalld
systemctl disable firewalld

关闭selinux


setenforce 0 # 临时关闭
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config # 永久关闭

关闭swap


swapoff -a # 临时关闭;关闭swap主要是为了性能考虑
sed -ri 's/.*swap.*/#&/' /etc/fstab

free # 可以通过这个命令查看swap是否关闭了

添加主机名与IP对应的关系

vim /etc/hosts


192.168.2.250 k8s-1
192.168.2.251 k8s-2
192.168.2.251 k8s-3

时间同步


timedatectl set-timezone Asia/Shanghai
yum install ntpdate -y
ntpdate time.windows.com

将桥接的IPv4流量传递到iptables的链

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

sysctl --systm

安装Contained

1、Contained、runc下载

wget https://github.com/containerd/containerd/releases/download/v1.7.0/cri-containerd-cni-1.7.0-linux-amd64.tar.gz

tar xvf cri-containerd-cni-1.7.0-linux-amd64.tar.gz -C /

wget https://github.com/opencontainers/runc/releases/download/v1.1.5/runc.amd64
scp runc.amd64 192.168.2.251:/usr/local/sbin/runc
scp runc.amd64 192.168.2.252:/usr/local/sbin/runc

mkdir -p /etc/containerd
containerd config default > /etc/containerd/config.toml

    修改前面生成的配置文件/etc/containerd/config.toml:   

 [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
          ...
          [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
            SystemdCgroup = true


        再修改/etc/containerd/config.toml中的

        [plugins."io.containerd.grpc.v1.cri"]
          ...
          # sandbox_image = "k8s.gcr.io/pause:3.6"
          sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"


    配置containerd开机启动,并启动containerd

    

systemctl enable containerd --now


    使用crictl测试一下,确保可以打印出版本信息并且没有错误信息输出:

    crictl version

    Version:  0.1.0
    RuntimeName:  containerd
    RuntimeVersion:  v1.7.0
    RuntimeApiVersion:  v1

安装kubeadm、kubelet、kubectl

配置kubernetes的yum源

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
        http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

[root@k8s-1 ~]# yum install -y kubeadm kubelet kubectl

[root@k8s-1 ~]# kubeadm config print init-defaults --component-configs KubeletConfiguration > init.yaml

[root@k8s-1 ~]# cat init.yaml 
 

apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
  - system:bootstrappers:kubeadm:default-node-token
  token: abcdef.0123456789abcdef
  ttl: 24h0m0s
  usages:
  - signing
  - authentication
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: 192.168.2.250  #master节点IP地址
  bindPort: 6443
nodeRegistration:
  criSocket: unix:///var/run/containerd/containerd.sock   #containerd sock文件位置
  imagePullPolicy: IfNotPresent
  name: k8s-1             #master节点主机名
  taints: null
---
apiServer:
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: 1.26.3
networking:
  dnsDomain: cluster.local
  serviceSubnet: 10.96.0.0/12   #配置service地址网段
  podSubnet: 10.244.0.0/16      #配置pod地址网段
scheduler: {}
---
apiVersion: kubelet.config.k8s.io/v1beta1
authentication:
  anonymous:
    enabled: false
  webhook:
    cacheTTL: 0s
    enabled: true
  x509:
    clientCAFile: /etc/kubernetes/pki/ca.crt
authorization:
  mode: Webhook
  webhook:
    cacheAuthorizedTTL: 0s
    cacheUnauthorizedTTL: 0s
cgroupDriver: systemd
clusterDNS:
- 10.96.0.10
clusterDomain: cluster.local            #配置域名
cpuManagerReconcilePeriod: 0s
evictionPressureTransitionPeriod: 0s
fileCheckFrequency: 0s
healthzBindAddress: 127.0.0.1
healthzPort: 10248
httpCheckFrequency: 0s
imageMinimumGCAge: 0s
kind: KubeletConfiguration
logging:
  flushFrequency: 0
  options:
    json:
      infoBufferSize: "0"
  verbosity: 0
memorySwap: {}
nodeStatusReportFrequency: 0s
nodeStatusUpdateFrequency: 0s
rotateCertificates: true
runtimeRequestTimeout: 0s
shutdownGracePeriod: 0s
shutdownGracePeriodCriticalPods: 0s
staticPodPath: /etc/kubernetes/manifests
streamingConnectionIdleTimeout: 0s
syncFrequency: 0s
volumeStatsAggPeriod: 0s

正安装kubernetes

kubeadm init --config init.yaml


修改ipvs

yum -y install ipvsadm ipset
cat > /etc/sysconfig/modules/ipvs.modules << EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
 
chmod 755 /etc/sysconfig/modules/ipvs.modules
source /etc/sysconfig/modules/ipvs.modules


kubectl edit -n kube-system cm kube-proxy
将mode: " "修改为mode: “ipvs”,:wq保存退出

重启kube-proxy pod 后生效
kubectl get pod -n kube-system |grep kube-proxy |awk '{system("kubectl delete pod "$1" -n kube-system")}'

calico网络插件安装
 

wget https://docs.projectcalico.org/v3.25/manifests/calico.yaml --no-check-certificate
kubectl apply -f  calico.yaml 


kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/cloud/deploy.yaml

metrics-server安装

wget https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml

- --kubelet-insecure-tls

 image: registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-server:v0.6.2

本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)

k8s1

kubeadm

containerd

k8s1.26安装(kubeadm containerd) 的相关文章

随机推荐

热门标签