环境准备

本文服务器的公网IP:192.168.56.101
本文一共使用三台 CentOS7 虚拟机

  • OS version: CentOS 7
  • CPU Architecture: x86_64/amd64
  • K8s version: v1.23.17
  • Docker version: 20.10.23

CentOS7 虚拟机配置网络

  1. 先检查是否开启了网络

    1
    2
    ping bilibili.com
    ip addr show
  2. 设置网关
    修改对应配置文件里的内容 ONBOOT=yes

    1
    2
    3
    cd /etc/sysconfig/network-scripts
    vi ipcfg-enp0s3
    vi ipcfg-enp0s8
  3. 配置 DNS
    先修改主机名

    1
    2
    3
    hostnamectl set-hostname k8s-master
    hostnamectl set-hostname k8s-node1
    hostnamectl set-hostname k8s-node2

    修改 DNS 里的映射关系

    1
    2
    3
    4
    5
    cat >/etc/hosts <<EOF
    192.168.56.101 k8s-master
    192.168.56.102 k8s-node1
    192.168.56.103 k8s-node2
    EOF

安装软件

以下内容需要在所有主机上操作

所需工具包

1
yum install -y vim ssh curl wget systemd bash-completion lrzsz

同步服务器时间

1
2
3
timedatectl set-timezone Asia/Shanghai && timedatectl set-local-rtc 0
systemctl restart rsyslog
systemctl restart crond

开放端口/关闭防火墙

1
systemctl disable firewalld.service && systemctl stop firewalld.service

转发IPv4并让iptables看到桥接流量

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
cat >/etc/modules-load.d/k8s.conf <<EOF
overlay
br_netfilter
EOF
modprobe overlay
modprobe br_netfilter

cat >/etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
EOF
sysctl --system

lsmod | egrep 'overlay|br_netfilter'
sysctl net.bridge.bridge-nf-call-iptables net.bridge.bridge-nf-call-ip6tables net.ipv4.ip_forward

安装 Docker

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
yum install -y yum-utils
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
mkdir -p /etc/docker
cat >/etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"registry-mirrors":["https://hub-mirror.c.163.com","https://docker.mirrors.ustc.edu.cn","https://registry.docker-cn.com"]
}
EOF
yum makecache fast
yum install -y docker-ce-20.10.23 docker-ce-cli-20.10.23 containerd.io
systemctl daemon-reload
systemctl enable docker && systemctl restart docker

安装 k8s

  1. 关闭swap分区或者禁用swap文件

    1
    swapoff -a && sed -ri 's/.*swap.*/#&/' /etc/fstab
  2. 关闭selinux

    1
    setenforce 0 && sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
  3. 安装k8s

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    cat >/etc/yum.repos.d/kubernetes.repo <<EOF
    [kubernetes]
    name=Kubernetes
    baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
    enabled=1
    gpgcheck=0
    repo_gpgcheck=0
    gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
    EOF

    yum install -y kubelet-1.23.17 kubeadm-1.23.17 kubectl-1.23.17 --disableexcludes=kubernetes
    cat >/etc/sysconfig/kubelet <<EOF
    KUBELET_EXTRA_ARGS="--cgroup-driver=systemd"
    EOF

    crictl config runtime-endpoint unix:///var/run/containerd/containerd.sock
    crictl config image-endpoint unix:///var/run/containerd/containerd.sock
    sed -i '/KUBELET_KUBEADM_ARGS/s/"$/ --container-runtime=remote --container-runtime-endpoint=unix:\/\/\/run\/containerd\/containerd.sock"/' /var/lib/kubelet/kubeadm-flags.env

    systemctl enable --now kubelet
    systemctl status kubelet

创建 k8s-master

以下操作仅在 master 主机上运行

  1. 初始化集群 master 节点

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    mkdir -p /k8sdata/log/
    kubeadm init \
    --apiserver-advertise-address=192.168.56.101 \
    --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers \
    --kubernetes-version=v1.23.17 \
    --service-cidr=10.96.0.0/12 \
    --pod-network-cidr=10.244.0.0/16 | tee /k8sdata/log/kubeadm-init.log

    mkdir -p "$HOME"/.kube
    cp -i /etc/kubernetes/admin.conf "$HOME"/.kube/config
    chown "$(id -u)":"$(id -g)" "$HOME"/.kube/config
  2. 安装网络插件

    1
    kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
  3. k8s 命令行补全

    1
    2
    3
    4
    5
    ! grep -q kubectl "$HOME/.bashrc" && echo "source /usr/share/bash-completion/bash_completion" >>"$HOME/.bashrc"
    ! grep -q kubectl "$HOME/.bashrc" && echo "source <(kubectl completion bash)" >>"$HOME/.bashrc"
    ! grep -q kubeadm "$HOME/.bashrc" && echo "source <(kubeadm completion bash)" >>"$HOME/.bashrc"
    ! grep -q crictl "$HOME/.bashrc" && echo "source <(crictl completion bash)" >>"$HOME/.bashrc"
    source "$HOME/.bashrc"
  4. k8s 常用命令

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    # 获取节点
    kubectl get nodes -o wide
    # 实时查询nodes状态
    watch kubectl get nodes -o wide
    # 获取pod
    kubectl get pods --all-namespaces -o wide
    # 查看镜像列表
    kubeadm config images list
    # 节点加入集群
    kubeadm token create --print-join-command
    # 描述node
    kubectl describe node k8s-master
    # 描述pod
    kubectl describe pod kube-flannel-ds-hs8bq --namespace=kube-flannel

添加集群子节点

以下操作仅在 node 主机上运行

1
kubeadm join 192.168.56.101:6443 --token xxx --discovery-token-ca-cert-hash xxx

在 lens 上添加集群

  1. 先查询 k8s 集群的配置信息

    1
    cat ~/.kube/config
  2. 在 lens 上添加集群
    在 lens 的对应界面将上步操作的内容复制粘贴输入即可

写在后面

k8s 真烦,我这几天学的很想死,经历了不知道多少的报错才有了这篇总结性博客(