更新 kubernetes-集群.md

2025-04-22 20:23:40 +08:00 · 2025-04-22 20:23:40 +08:00 · c031b441e0
commit c031b441e0
parent 8268cbb3a3
1 changed files with 261 additions and 261 deletions
--- a/kubernetes-集群.md
+++ b/kubernetes-集群.md
@ -1,261 +1,261 @@
-<h2><center>Kubernetes 集群</center></h2>
+<h2><center>Kubernetes 集群</center></h2>
-
+
------
+------
-
+
-## 一：部署kubernetes 集群
+## 一：部署kubernetes 集群
-
+
-### 1. 前置知识点
+### 1. 前置知识点
-
+
-目前生产部署`Kubernetes`集群主要有两种方式：
+目前生产部署`Kubernetes`集群主要有两种方式：
-
+
- `kubeadm`
+- `kubeadm`
-
+
-  `Kubeadm`是一个`K8s`部署工具，提供`kubeadm init`和`kubeadm join`，用于快速部署`Kubernetes`集群。
+  `Kubeadm`是一个`K8s`部署工具，提供`kubeadm init`和`kubeadm join`，用于快速部署`Kubernetes`集群。
-
+
-  官方地址：https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm/
+  官方地址：https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm/
-
+
- 二进制包
+- 二进制包
-
+
-  从`github`下载发行版的二进制包，手动部署每个组件，组成`Kubernetes`集群。
+  从`github`下载发行版的二进制包，手动部署每个组件，组成`Kubernetes`集群。
-
+
-  `Kubeadm`降低部署门槛，但屏蔽了很多细节，遇到问题很难排查。如果想更容易可控，推荐使用二进制包部署`Kubernetes`集群，虽然手动部署麻烦点，期间可以学习很多工作原理，也利于后期维护。
+  `Kubeadm`降低部署门槛，但屏蔽了很多细节，遇到问题很难排查。如果想更容易可控，推荐使用二进制包部署`Kubernetes`集群，虽然手动部署麻烦点，期间可以学习很多工作原理，也利于后期维护。
-
+
-![](accents\images-202504120001.png)
+![](http://182.92.143.66:40072/directlink/img/kubernetes/images-202504120001.png)
-
+
-### 2. kubeadm 部署方式介绍
+### 2. kubeadm 部署方式介绍
-
+
-`kubeadm`是官方社区推出的一个用于快速部署`kubernetes`集群的工具，这个工具能通过两条指令完成一个`kubernetes`集群的部署：
+`kubeadm`是官方社区推出的一个用于快速部署`kubernetes`集群的工具，这个工具能通过两条指令完成一个`kubernetes`集群的部署：
-
+
- 创建一个`Master`节点`kubeadm init`
+- 创建一个`Master`节点`kubeadm init`
- 将`Node`节点加入到当前集群中`$ kubeadm join <Master节点的IP 和端口>`
+- 将`Node`节点加入到当前集群中`$ kubeadm join <Master节点的IP 和端口>`
-
+
-### 3. 安装要求
+### 3. 安装要求
-
+
-在开始之前，部署`Kubernetes`集群机器需要满足以下几个条件：
+在开始之前，部署`Kubernetes`集群机器需要满足以下几个条件：
-
+
- 一台或多台机器，操作系统`CentOS7.x-86_x64`
+- 一台或多台机器，操作系统`CentOS7.x-86_x64`
- 硬件配置：`2GB`或更多`RAM`，2 个`CPU`或更多`CPU`，硬盘30GB 或更多
+- 硬件配置：`2GB`或更多`RAM`，2 个`CPU`或更多`CPU`，硬盘30GB 或更多
- 集群中所有机器之间网络互通
+- 集群中所有机器之间网络互通
- 可以访问外网，需要拉取镜像
+- 可以访问外网，需要拉取镜像
- 禁止`swap`分区
+- 禁止`swap`分区
-
+
-### 4. 最终目标
+### 4. 最终目标
-
+
- 在所有节点上安装`Docker`和`kubeadm`
+- 在所有节点上安装`Docker`和`kubeadm`
- 部署`Kubernetes Master`
+- 部署`Kubernetes Master`
- 部署容器网络插件
+- 部署容器网络插件
- 部署`Kubernetes Node`，将节点加入`Kubernetes`集群中
+- 部署`Kubernetes Node`，将节点加入`Kubernetes`集群中
- 部署`Dashboard Web`页面，可视化查看`Kubernetes`资源
+- 部署`Dashboard Web`页面，可视化查看`Kubernetes`资源
-
+
-### 5. 准备环境
+### 5. 准备环境
-
+
-![](accents\images-202504120002.png)
+![](http://182.92.143.66:40072/directlink/img/kubernetes/images-202504120002.png)
-
+
-|  节点  |     IP地址      |               组件                |
+|  节点  |     IP地址      |               组件                |
-| :----: | :-------------: | :-------------------------------: |
+| :----: | :-------------: | :-------------------------------: |
-| master | 192.168.159.130 | docker，kubectl，kubeadm，kubelet |
+| master | 192.168.159.130 | docker，kubectl，kubeadm，kubelet |
-| node1  | 192.168.159.131 | docker，kubectl，kubeadm，kubelet |
+| node1  | 192.168.159.131 | docker，kubectl，kubeadm，kubelet |
-| node2  | 192.168.159.132 | docker，kubectl，kubeadm，kubelet |
+| node2  | 192.168.159.132 | docker，kubectl，kubeadm，kubelet |
-
+
-### 6. 环境初始化
+### 6. 环境初始化
-
+
-**主机名解析**
+**主机名解析**
-
+
-```bash
+```bash
-[root@master ~]# vim /etc/hosts
+[root@master ~]# vim /etc/hosts
-192.168.159.130 master
+192.168.159.130 master
-192.168.159.131 node1
+192.168.159.131 node1
-192.168.159.132 node2
+192.168.159.132 node2
-
+
-注意：
+注意：
-	所有节点
+	所有节点
-```
+```
-
+
-**禁用`iptable`和`firewalld`**
+**禁用`iptable`和`firewalld`**
-
+
-```bash
+```bash
-[root@master ~]# systemctl stop firewalld
+[root@master ~]# systemctl stop firewalld
-[root@master ~]# systemctl disable firewalld
+[root@master ~]# systemctl disable firewalld
-
+
-[root@master ~]# systemctl stop iptables
+[root@master ~]# systemctl stop iptables
-[root@master ~]# systemctl disable iptables
+[root@master ~]# systemctl disable iptables
-
+
-注意：
+注意：
-	所有节点
+	所有节点
-```
+```
-
+
-**禁止`selinux`**
+**禁止`selinux`**
-
+
-```bash
+```bash
-[root@master ~]# setenforce 0
+[root@master ~]# setenforce 0
-[root@master ~]# vim /etc/selinux/config
+[root@master ~]# vim /etc/selinux/config
-SELINUX=disabled
+SELINUX=disabled
-
+
-注意：
+注意：
-	所有节点
+	所有节点
-```
+```
-
+
-**禁用`swap`分区**
+**禁用`swap`分区**
-
+
-```bash
+```bash
-[root@master ~]# swapoff -a
+[root@master ~]# swapoff -a
-[root@master ~]# sed -i 's/.*swap.*/#&/' /etc/fstab
+[root@master ~]# sed -i 's/.*swap.*/#&/' /etc/fstab
-
+
-注意：
+注意：
-	所有节点
+	所有节点
-```
+```
-
+
-**加载内核模块**
+**加载内核模块**
-
+
-```bash
+```bash
-[root@master ~]# modprobe br_netfilter
+[root@master ~]# modprobe br_netfilter
-
+
-[root@master ~]# vim /etc/sysctl.conf
+[root@master ~]# vim /etc/sysctl.conf
-net.bridge.bridge-nf-call-ip6tables = 1
+net.bridge.bridge-nf-call-ip6tables = 1
-net.bridge.bridge-nf-call-iptables = 1
+net.bridge.bridge-nf-call-iptables = 1
-vm.swappiness=0
+vm.swappiness=0
-net.ipv4.ip_forward = 1
+net.ipv4.ip_forward = 1
-
+
-注意：
+注意：
-	所有节点
+	所有节点
-```
+```
-
+
-### 7. 安装`docker`
+### 7. 安装`docker`
-
+
-```bash
+```bash
-[root@master ~]# yum install -y yum-utils
+[root@master ~]# yum install -y yum-utils
-[root@master ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
+[root@master ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
-[root@master ~]# yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
+[root@master ~]# yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
-
+
-[root@master ~]# systemctl start docker
+[root@master ~]# systemctl start docker
-[root@master ~]# systemctl enable docker
+[root@master ~]# systemctl enable docker
-
+
-注意：
+注意：
-	所有节点
+	所有节点
-```
+```
-
+
-### 8. 安装`kubeadm kubelet kubectl`
+### 8. 安装`kubeadm kubelet kubectl`
-
+
-**配置`yum`仓库**
+**配置`yum`仓库**
-
+
-```bash
+```bash
-[root@master ~]# vim /etc/yum.repos.d/kubernetes.repo
+[root@master ~]# vim /etc/yum.repos.d/kubernetes.repo
-
+
-[kubernetes]
+[kubernetes]
-name=Kubernetes
+name=Kubernetes
-baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
+baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
-enabled=1
+enabled=1
-gpgcheck=0
+gpgcheck=0
-repo_gpgcheck=0
+repo_gpgcheck=0
-gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
+gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
-
+
-注意：
+注意：
-	所有节点
+	所有节点
-```
+```
-
+
-**安装**
+**安装**
-
+
-```bash
+```bash
-[root@master ~]# yum -y install kubeadm-1.23.5  kubelet-1.23.5  kubectl-1.23.5 ipvsadm
+[root@master ~]# yum -y install kubeadm-1.23.5  kubelet-1.23.5  kubectl-1.23.5 ipvsadm
-
+
-注意：
+注意：
-	所有节点
+	所有节点
-```
+```
-
+
-**配置`kubelet`的`cgroups`**
+**配置`kubelet`的`cgroups`**
-
+
-```bash
+```bash
-[root@master ~]# vim /etc/sysconfig/kubelet
+[root@master ~]# vim /etc/sysconfig/kubelet
-
+
-KUBELET_EXTRA_ARGS="--cgroup-driver=cgroupfs --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64:3.1"
+KUBELET_EXTRA_ARGS="--cgroup-driver=cgroupfs --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64:3.1"
-
+
-注意：
+注意：
-	所有节点
+	所有节点
-```
+```
-
+
-### 9. 部署镜像
+### 9. 部署镜像
-
+
-**下载镜像**
+**下载镜像**
-
+
-```bash
+```bash
-[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/coredns-v1.8.6.tar
+[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/coredns-v1.8.6.tar
-[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/etcd-3.5.1-0.tar
+[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/etcd-3.5.1-0.tar
-[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/flannel-cni.tar
+[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/flannel-cni.tar
-[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/flannel-v0.14.0-amd64.tar
+[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/flannel-v0.14.0-amd64.tar
-[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/flannel.tar
+[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/flannel.tar
-[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-apiserver-v1.23.5.tar
+[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-apiserver-v1.23.5.tar
-[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-controller-manager-v1.23.5.tar
+[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-controller-manager-v1.23.5.tar
-[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-proxy-v1.23.5.tar
+[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-proxy-v1.23.5.tar
-[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-scheduler-v1.23.5.tar
+[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-scheduler-v1.23.5.tar
-[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/pause-3.6.tar
+[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/pause-3.6.tar
-[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-flannel-2402.yml
+[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-flannel-2402.yml
-
+
-注意：
+注意：
-	所有节点
+	所有节点
-```
+```
-
+
-**镜像导入**
+**镜像导入**
-
+
-```bash
+```bash
-[root@master ~]# vim image_load.sh
+[root@master ~]# vim image_load.sh
-#!/bin/bash
+#!/bin/bash
-image_path=`pwd`
+image_path=`pwd`
-for i in `ls "${image_path}"`; do
+for i in `ls "${image_path}"`; do
-	docker load < $i
+	docker load < $i
-done
+done
-
+
-[root@master ~]# bash image_load.sh
+[root@master ~]# bash image_load.sh
-注意：
+注意：
-	所有节点
+	所有节点
-```
+```
-
+
-### 10. `master`节点初始化
+### 10. `master`节点初始化
-
+
-```bash
+```bash
-[root@master ~]# kubeadm init --kubernetes-version=1.23.5 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.159.130
+[root@master ~]# kubeadm init --kubernetes-version=1.23.5 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.159.130
-
+
-Your Kubernetes control-plane has initialized successfully!
+Your Kubernetes control-plane has initialized successfully!
-
+
-To start using your cluster, you need to run the following as a regular user:
+To start using your cluster, you need to run the following as a regular user:
-
+
-  mkdir -p $HOME/.kube
+  mkdir -p $HOME/.kube
-  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
+  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
-  sudo chown $(id -u):$(id -g) $HOME/.kube/config
+  sudo chown $(id -u):$(id -g) $HOME/.kube/config
-
+
-Alternatively, if you are the root user, you can run:
+Alternatively, if you are the root user, you can run:
-
+
-  export KUBECONFIG=/etc/kubernetes/admin.conf
+  export KUBECONFIG=/etc/kubernetes/admin.conf
-
+
-You should now deploy a pod network to the cluster.
+You should now deploy a pod network to the cluster.
-Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
+Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
-  https://kubernetes.io/docs/concepts/cluster-administration/addons/
+  https://kubernetes.io/docs/concepts/cluster-administration/addons/
-
+
-Then you can join any number of worker nodes by running the following on each as root:
+Then you can join any number of worker nodes by running the following on each as root:
-
+
-kubeadm join 192.168.159.130:6443 --token vxpoqx.jfxg9ae302d2e1j9 \
+kubeadm join 192.168.159.130:6443 --token vxpoqx.jfxg9ae302d2e1j9 \
-	--discovery-token-ca-cert-hash sha256:3b77859462fbcdc312a158e02c77e60e28d41440801fed3cdee1556029a8547a
+	--discovery-token-ca-cert-hash sha256:3b77859462fbcdc312a158e02c77e60e28d41440801fed3cdee1556029a8547a
-
+
-
+
-[root@master ~]# mkdir -p $HOME/.kube
+[root@master ~]# mkdir -p $HOME/.kube
-[root@master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
+[root@master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
-[root@master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
+[root@master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
-[root@master ~]# export KUBECONFIG=/etc/kubernetes/admin.conf
+[root@master ~]# export KUBECONFIG=/etc/kubernetes/admin.conf
-[root@master ~]# kubectl apply -f kube-flannel-2402.yml
+[root@master ~]# kubectl apply -f kube-flannel-2402.yml
-```
+```
-
+
-### 11. 将`node`加入工作节点
+### 11. 将`node`加入工作节点
-
+
-```bash
+```bash
-[root@node1/2/3 ~]# kubeadm join 192.168.159.130:6443 --token vxpoqx.jfxg9ae302d2e1j9 --discovery-token-ca-cert-hash sha256:3b77859462fbcdc312a158e02c77e60e28d41440801fed3cdee1556029a8547a
+[root@node1/2/3 ~]# kubeadm join 192.168.159.130:6443 --token vxpoqx.jfxg9ae302d2e1j9 --discovery-token-ca-cert-hash sha256:3b77859462fbcdc312a158e02c77e60e28d41440801fed3cdee1556029a8547a
-```
+```
-
+
-### 12. `master`节点查看集群状态
+### 12. `master`节点查看集群状态
-
+
-```bash
+```bash
-[root@master ~]# kubectl get nodes
+[root@master ~]# kubectl get nodes
-NAME     STATUS   ROLES                  AGE     VERSION
+NAME     STATUS   ROLES                  AGE     VERSION
-master   Ready    control-plane,master   3m11s   v1.23.5
+master   Ready    control-plane,master   3m11s   v1.23.5
-node1    Ready    <none>                 27s     v1.23.5
+node1    Ready    <none>                 27s     v1.23.5
-node2    Ready    <none>                 43s     v1.23.5
+node2    Ready    <none>                 43s     v1.23.5
-```
+```
-
+