二. k8s安装过程

目录

• k8s安装过程
  • 关掉selinux firewalld iptables
  • 修改hosts文件主机名解析
  • 修改docker参数
  • 编辑kubelet的配置文件/etc/sysconfig/kubelet
  • 修改内核参数
  • 设置docker和kubelet为自启动
  • 集群初始化以及加入新节点
  • 安装网络组件flannel

k8s安装过程

关掉selinux firewalld iptables

yum install docker-ce kubelet kubeadm kubectl #kubectl在node端可以不装

source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc

修改hosts文件主机名解析

10.0.0.50 master
10.0.0.51 node01
10.0.0.52 node02

修改docker参数

cat > /etc/docker/daemon.json << EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "registry-mirrors": ["https://wxarz6o9.mirror.aliyuncs.com"]
}
EOF

systemctl daemon-reload
systemctl restart docker

编辑kubelet的配置文件/etc/sysconfig/kubelet

KUBELET_EXTRA_ARGS="--fail-swap-on=false"
KUBE_PROXY_MODE=ipvs

cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules
bash /etc/sysconfig/modules/ipvs.modules
lsmod|egrep "ip_vs|nf_conntrack_ipv4"

修改内核参数

[root@master ~]# tail -3 /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1

modprobe br_netfilter
sysctl -p 

设置docker和kubelet为自启动

systemctl enable kubelet #初始化工作完成前 kubelet不能启动
systemctl enable docker.service

images=(
kube-apiserver:v1.15.3
kube-controller-manager:v1.15.3
kube-scheduler:v1.15.3
kube-proxy:v1.15.3
pause:3.1
etcd:3.3.10
coredns:1.3.1
)

for imageName in ${images[@]} ; do
    docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
    docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
done


# kubeadm config images list 命令执行输出结果
# I0822 07:35:50.276507   11371 version.go:240] remote version is much newer: v1.15.3; falling back to: stable-1.14
# k8s.gcr.io/kube-apiserver:v1.14.6
# k8s.gcr.io/kube-controller-manager:v1.14.6
# k8s.gcr.io/kube-scheduler:v1.14.6
# k8s.gcr.io/kube-proxy:v1.14.6
# k8s.gcr.io/pause:3.1
# k8s.gcr.io/etcd:3.3.10
# k8s.gcr.io/coredns:1.3.1

集群初始化以及加入新节点

# 初始化k8s集群, 同时初始化pod网络和集群网络. 在master执行
kubeadm init --kubernetes-version=v1.15.3 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap
# node节点加入集群, 在node节点执行
 kubeadm join 10.0.0.50:6443 --token l8niuw.wbgf792esxrslffi     --discovery-token-ca-cert-hash sha256:bc1c330ec3618d5424e404b6e458a462ad44fc61b70883102f4dc8cd56043cc0  --ignore-preflight-errors=Swap
 
# master节点执行
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

安装网络组件flannel

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

# node节点执行
systemctl enable docker.service kubelet.service
systemctl start docker.service

# node节点需要pause kube-proxy和flannel三个镜像

kubectl get pods -n kube-system -o wide

# 如果发现不能正常拉取flannel，可以参考以下方法
docker pull quay-mirror.qiniu.com/coreos/flannel:v0.11.0-amd64
docker tag quay-mirror.qiniu.com/coreos/flannel:v0.11.0-amd64 quay.io/coreos/flannel:v0.11.0-amd64
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

需要保证每个节点都有pause和kube-proxy镜像