262 lines
7.5 KiB
Markdown
262 lines
7.5 KiB
Markdown
<h2><center>Kubernetes 集群</center></h2>
|
||
|
||
------
|
||
|
||
## 一:部署kubernetes 集群
|
||
|
||
### 1. 前置知识点
|
||
|
||
目前生产部署`Kubernetes`集群主要有两种方式:
|
||
|
||
- `kubeadm`
|
||
|
||
`Kubeadm`是一个`K8s`部署工具,提供`kubeadm init`和`kubeadm join`,用于快速部署`Kubernetes`集群。
|
||
|
||
官方地址:https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm/
|
||
|
||
- 二进制包
|
||
|
||
从`github`下载发行版的二进制包,手动部署每个组件,组成`Kubernetes`集群。
|
||
|
||
`Kubeadm`降低部署门槛,但屏蔽了很多细节,遇到问题很难排查。如果想更容易可控,推荐使用二进制包部署`Kubernetes`集群,虽然手动部署麻烦点,期间可以学习很多工作原理,也利于后期维护。
|
||
|
||
|
||
|
||
### 2. kubeadm 部署方式介绍
|
||
|
||
`kubeadm`是官方社区推出的一个用于快速部署`kubernetes`集群的工具,这个工具能通过两条指令完成一个`kubernetes`集群的部署:
|
||
|
||
- 创建一个`Master`节点`kubeadm init`
|
||
- 将`Node`节点加入到当前集群中`$ kubeadm join <Master节点的IP 和端口>`
|
||
|
||
### 3. 安装要求
|
||
|
||
在开始之前,部署`Kubernetes`集群机器需要满足以下几个条件:
|
||
|
||
- 一台或多台机器,操作系统`CentOS7.x-86_x64`
|
||
- 硬件配置:`2GB`或更多`RAM`,2 个`CPU`或更多`CPU`,硬盘30GB 或更多
|
||
- 集群中所有机器之间网络互通
|
||
- 可以访问外网,需要拉取镜像
|
||
- 禁止`swap`分区
|
||
|
||
### 4. 最终目标
|
||
|
||
- 在所有节点上安装`Docker`和`kubeadm`
|
||
- 部署`Kubernetes Master`
|
||
- 部署容器网络插件
|
||
- 部署`Kubernetes Node`,将节点加入`Kubernetes`集群中
|
||
- 部署`Dashboard Web`页面,可视化查看`Kubernetes`资源
|
||
|
||
### 5. 准备环境
|
||
|
||
|
||
|
||
| 节点 | IP地址 | 组件 |
|
||
| :----: | :-------------: | :-------------------------------: |
|
||
| master | 192.168.159.130 | docker,kubectl,kubeadm,kubelet |
|
||
| node1 | 192.168.159.131 | docker,kubectl,kubeadm,kubelet |
|
||
| node2 | 192.168.159.132 | docker,kubectl,kubeadm,kubelet |
|
||
|
||
### 6. 环境初始化
|
||
|
||
**主机名解析**
|
||
|
||
```bash
|
||
[root@master ~]# vim /etc/hosts
|
||
192.168.159.130 master
|
||
192.168.159.131 node1
|
||
192.168.159.132 node2
|
||
|
||
注意:
|
||
所有节点
|
||
```
|
||
|
||
**禁用`iptable`和`firewalld`**
|
||
|
||
```bash
|
||
[root@master ~]# systemctl stop firewalld
|
||
[root@master ~]# systemctl disable firewalld
|
||
|
||
[root@master ~]# systemctl stop iptables
|
||
[root@master ~]# systemctl disable iptables
|
||
|
||
注意:
|
||
所有节点
|
||
```
|
||
|
||
**禁止`selinux`**
|
||
|
||
```bash
|
||
[root@master ~]# setenforce 0
|
||
[root@master ~]# vim /etc/selinux/config
|
||
SELINUX=disabled
|
||
|
||
注意:
|
||
所有节点
|
||
```
|
||
|
||
**禁用`swap`分区**
|
||
|
||
```bash
|
||
[root@master ~]# swapoff -a
|
||
[root@master ~]# sed -i 's/.*swap.*/#&/' /etc/fstab
|
||
|
||
注意:
|
||
所有节点
|
||
```
|
||
|
||
**加载内核模块**
|
||
|
||
```bash
|
||
[root@master ~]# modprobe br_netfilter
|
||
|
||
[root@master ~]# vim /etc/sysctl.conf
|
||
net.bridge.bridge-nf-call-ip6tables = 1
|
||
net.bridge.bridge-nf-call-iptables = 1
|
||
vm.swappiness=0
|
||
net.ipv4.ip_forward = 1
|
||
|
||
注意:
|
||
所有节点
|
||
```
|
||
|
||
### 7. 安装`docker`
|
||
|
||
```bash
|
||
[root@master ~]# yum install -y yum-utils
|
||
[root@master ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
|
||
[root@master ~]# yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
|
||
|
||
[root@master ~]# systemctl start docker
|
||
[root@master ~]# systemctl enable docker
|
||
|
||
注意:
|
||
所有节点
|
||
```
|
||
|
||
### 8. 安装`kubeadm kubelet kubectl`
|
||
|
||
**配置`yum`仓库**
|
||
|
||
```bash
|
||
[root@master ~]# vim /etc/yum.repos.d/kubernetes.repo
|
||
|
||
[kubernetes]
|
||
name=Kubernetes
|
||
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
|
||
enabled=1
|
||
gpgcheck=0
|
||
repo_gpgcheck=0
|
||
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
|
||
|
||
注意:
|
||
所有节点
|
||
```
|
||
|
||
**安装**
|
||
|
||
```bash
|
||
[root@master ~]# yum -y install kubeadm-1.23.5 kubelet-1.23.5 kubectl-1.23.5 ipvsadm
|
||
|
||
注意:
|
||
所有节点
|
||
```
|
||
|
||
**配置`kubelet`的`cgroups`**
|
||
|
||
```bash
|
||
[root@master ~]# vim /etc/sysconfig/kubelet
|
||
|
||
KUBELET_EXTRA_ARGS="--cgroup-driver=cgroupfs --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64:3.1"
|
||
|
||
注意:
|
||
所有节点
|
||
```
|
||
|
||
### 9. 部署镜像
|
||
|
||
**下载镜像**
|
||
|
||
```bash
|
||
[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/coredns-v1.8.6.tar
|
||
[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/etcd-3.5.1-0.tar
|
||
[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/flannel-cni.tar
|
||
[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/flannel-v0.14.0-amd64.tar
|
||
[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/flannel.tar
|
||
[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-apiserver-v1.23.5.tar
|
||
[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-controller-manager-v1.23.5.tar
|
||
[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-proxy-v1.23.5.tar
|
||
[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-scheduler-v1.23.5.tar
|
||
[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/pause-3.6.tar
|
||
[root@master ~]# wget http://182.92.143.66:40072/directlink/img/kube_images/kube-flannel-2402.yml
|
||
|
||
注意:
|
||
所有节点
|
||
```
|
||
|
||
**镜像导入**
|
||
|
||
```bash
|
||
[root@master ~]# vim image_load.sh
|
||
#!/bin/bash
|
||
image_path=`pwd`
|
||
for i in `ls "${image_path}"`; do
|
||
docker load < $i
|
||
done
|
||
|
||
[root@master ~]# bash image_load.sh
|
||
注意:
|
||
所有节点
|
||
```
|
||
|
||
### 10. `master`节点初始化
|
||
|
||
```bash
|
||
[root@master ~]# kubeadm init --kubernetes-version=1.23.5 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=192.168.159.130
|
||
|
||
Your Kubernetes control-plane has initialized successfully!
|
||
|
||
To start using your cluster, you need to run the following as a regular user:
|
||
|
||
mkdir -p $HOME/.kube
|
||
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
|
||
sudo chown $(id -u):$(id -g) $HOME/.kube/config
|
||
|
||
Alternatively, if you are the root user, you can run:
|
||
|
||
export KUBECONFIG=/etc/kubernetes/admin.conf
|
||
|
||
You should now deploy a pod network to the cluster.
|
||
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
|
||
https://kubernetes.io/docs/concepts/cluster-administration/addons/
|
||
|
||
Then you can join any number of worker nodes by running the following on each as root:
|
||
|
||
kubeadm join 192.168.159.130:6443 --token vxpoqx.jfxg9ae302d2e1j9 \
|
||
--discovery-token-ca-cert-hash sha256:3b77859462fbcdc312a158e02c77e60e28d41440801fed3cdee1556029a8547a
|
||
|
||
|
||
[root@master ~]# mkdir -p $HOME/.kube
|
||
[root@master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
|
||
[root@master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
|
||
[root@master ~]# export KUBECONFIG=/etc/kubernetes/admin.conf
|
||
[root@master ~]# kubectl apply -f kube-flannel-2402.yml
|
||
```
|
||
|
||
### 11. 将`node`加入工作节点
|
||
|
||
```bash
|
||
[root@node1/2/3 ~]# kubeadm join 192.168.159.130:6443 --token vxpoqx.jfxg9ae302d2e1j9 --discovery-token-ca-cert-hash sha256:3b77859462fbcdc312a158e02c77e60e28d41440801fed3cdee1556029a8547a
|
||
```
|
||
|
||
### 12. `master`节点查看集群状态
|
||
|
||
```bash
|
||
[root@master ~]# kubectl get nodes
|
||
NAME STATUS ROLES AGE VERSION
|
||
master Ready control-plane,master 3m11s v1.23.5
|
||
node1 Ready <none> 27s v1.23.5
|
||
node2 Ready <none> 43s v1.23.5
|
||
```
|
||
|