驽马十驾 驽马十驾

驽马十驾,功在不舍

目录
K8S 利用kubeadm进行开发环境下的集群搭建
/      

K8S 利用kubeadm进行开发环境下的集群搭建

开篇

安装k8s,我们首先进行基础的环境设置,然后进行服务器规划

  • 192.168.10.241 - master
  • 192.168.10.242 - worker
  • 192.168.10.243 - worker

基础环境参考:服务器部署-New

当前k8s为:1.19.4,docker版本为:18.09

ssh-keygen
ssh-copy-id host

K8S

前置条件

安装之前需要满足一些条件:

  • hostname不能相同,可以通过:hostnamectl set-hostname xxx 修改
  • k8s集群中的集群,ip和host关系需要映射:
cat <<EOF >>  /etc/hosts
192.168.10.241 master-241
192.168.10.242 node-242
192.168.10.243 node-243
EOF
  • docker和k8s的版本建议对应,当前k8s为:1.19.4,docker版本为:18.09
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache fast
yum install -y yum-utils device-mapper-persistent-data lvm2
yum install -y docker-ce-18.09.8-3.el7

echo "5.3.1 Docker自动启动"
systemctl daemon-reload
systemctl enable docker
systemctl restart docker
  • docker的运行时修改
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "debug":true,
  "experimental":true,
  "registry-mirrors": ["https://ov5ddzj1.mirror.aliyuncs.com"],
  "exec-opts": ["native.cgroupdriver=systemd"]
}
EOF

其中exec-opts就是修改的内容

  • 内核参数调整
cat >> /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness=0
EOF
  • 关闭selinx:
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
  • 关闭swap
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
swapoff -a && sysctl -w vm.swappiness=0

安装开始

安装br_netfilter 模块,本质上只需node节点安装加载模块

# echo "6.3 br_netfilter"
yum install bridge-utils  -y
# 加载内核
modprobe bridge && modprobe br_netfilter

添加阿里云的k8s源

cat <<EOF > /etc/yum.repos.d/mirrors.aliyun.com_kubernetes.repo
[mirrors.aliyun.com_kubernetes]
name=added from: https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
EOF

yum clean all -y && yum makecache -y && yum repolist -y

然后安装kubelet、kubeadm、kubectl

yum install -y kubelet-1.19.14 kubeadm-1.19.14 kubectl-1.19.14

## 启动kublet
systemctl enable   kubelet.service
systemctl restart  kubelet.service

然后在master中运行:

kubeadm init \
--kubernetes-version=v1.19.14 \
--apiserver-advertise-address=192.168.10.241 \ # 此处是你的master的ip
--service-cidr=10.100.0.0/16 \ # service的网段
--pod-network-cidr=10.200.0.0/16 \ # pod的网段
--image-repository registry.aliyuncs.com/google_containers # 源头改为aliyun

这里有一个小细节:Unhealthy

# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME                 STATUS      MESSAGE                                                                                       ERROR
controller-manager   Unhealthy   Get "http://127.0.0.1:10252/healthz": dial tcp 127.0.0.1:10252: connect: connection refused   
scheduler            Unhealthy   Get "http://127.0.0.1:10251/healthz": dial tcp 127.0.0.1:10251: connect: connection refused   
etcd-0               Healthy     {"health":"true"}

通过如下方式进行修改

vim /etc/kubernetes/manifests/kube-scheduler.yaml
vim /etc/kubernetes/manifests/kube-controller-manager.yaml

注释这2个文件中的:- --port=0 即可

完善

时间同步

yum install chrony -y
systemctl enable chronyd
systemctl start chronyd
chronyc sources

自动补全

yum install -y bash-completion
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc

结语

这种方式部署的master只有1个,新版本貌似支持多master部署了,不过还是存在生成的证书只有1年的问题,所以生产线上部署的话,建议采用这个项目进行部署:https://github.com/fanux/sealos

骐骥一跃,不能十步。驽马十驾,功在不舍。