文章目錄
- 阿里云三臺ECS使用kubeadm快速部署最新版本K8sv1.21.3
- 環境準備
- 環境初始化
- 開始安裝
- 安裝docker
- 添加kubernetes的yum軟體源
- 安裝kubeadm,kubelet和kubectl
- 部署Kubernetes Master
- 安裝網路插件
- 節點加入集群
- 查看結果
- 測驗Kubernetes集群
- 在從節點上也可以使用kubectl
阿里云三臺ECS使用kubeadm快速部署最新版本K8sv1.21.3
我只能說虛擬機太難用,經常掛掉,一氣之下,怒租三臺ECS,肉痛,不過倒是省心很多,不需要經常去維護環境 拉,
環境準備
三臺阿里云Centos7.2
最低配置要求:2C/4G/20G
彈性網卡也買了吧,還要用公網ip進行xshell連接,不然管理起來太麻煩,
一定要同一個賬戶下購買同一個地域的ECS,這樣能夠保證三臺機器在同一個內網中,否則不在一個內網中很難組集群(我已經嘗試過,公網ip很難組成功),
該開的埠還是開一下吧,不開好像也沒問題,常用的還是打開吧,
80 8080 肯定要開的
環境初始化
Centos7.2初始化環境
三臺機器全部執行,后續所有ip全部為內網ip,切記不要用公網ip.
內網ip 用 ip add查看 eth0的ipv4就是
~]# setenforce 0
~]# getenforce
Disabled
# 設定主機名
~]# hostnamectl set-hostname k8s-master
~]# hostnamectl set-hostname k8s-node1
~]# hostnamectl set-hostname k8s-node2
# 關閉swap磁區
~]# swapoff -a # 臨時
~]# sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab #永久
# 三臺機器上執行
~]# vi /etc/hosts
master內網ip k8s-master
node01內網ip k8s-node01
node02內網ip k8s-node02
~]# systemctl stop firewalld
~]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo
~]# yum clean all
~]# yum makecache
~]# yum install wget net-tools telnet tree nmap sysstat lrzsz dos2unix bind-utils -y
# 橋接ipv4
cat > /etc/sysctl.d/k8s.conf << EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF
sysctl --system
開始安裝
安裝docker
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum install docker-ce -y
daemon.json
{
"graph": "/data/docker",
"storage-driver": "overlay2",
"insecure-registries": ["registry.access.redhat.com", "quay.io"],
"registry-mirrors": ["https://q2gr04ke.mirror.aliyuncs.com/"],
"bip": "10.244.10.1/24", # 后邊分配的ip要對應,這個ip設定最好中間兩段取本機ip的最后兩段
"exec-opts": ["native.cgroupdriver=systemd"],
"live-restore":true
}
systemctl start docker
systemctl enable docker
# 卸載docker,備用
yum remove docker-ce.x86_64 ddocker-ce-cli.x86_64 -y
rm -rf /var/lib/docker
添加kubernetes的yum軟體源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
安裝kubeadm,kubelet和kubectl
三臺機器上執行,這里指定了版本v1.15.0
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet
部署Kubernetes Master
選擇國內的源先docker拉取,然后打上對應的標簽,因為默認谷歌鏡像根本拉不到的
kubeadm config images list # 查看鏡像的標簽版本
[root@k8s-master ~]# kubeadm config images list
k8s.gcr.io/kube-apiserver:v1.21.3
k8s.gcr.io/kube-controller-manager:v1.21.3
k8s.gcr.io/kube-scheduler:v1.21.3
k8s.gcr.io/kube-proxy:v1.21.3
k8s.gcr.io/pause:3.4.1
k8s.gcr.io/etcd:3.4.13-0
k8s.gcr.io/coredns/coredns:v1.8.0
# 拉去國內相應的版本 和kubeadm config查看的標簽要一致
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.21.3
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.21.3
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.21.3
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.21.3
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.4.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.13-0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.8.0
# 打標簽,和kubeadm config查看的標簽要一致
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.21.3 k8s.gcr.io/kube-apiserver:v1.21.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.21.3 k8s.gcr.io/kube-controller-manager:v1.21.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.21.3 k8s.gcr.io/kube-scheduler:v1.21.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.21.3 k8s.gcr.io/kube-proxy:v1.21.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.4.1 k8s.gcr.io/pause:3.4.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.13-0 k8s.gcr.io/etcd:3.4.13-0
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.8.0 k8s.gcr.io/coredns/coredns:v1.8.0
在Master 節點執行,這里的apiserve需要修改成自己的master地址
kubeadm init \
--apiserver-advertise-address=master節點內網ip \
--service-cidr=10.10.0.0/16 \
--pod-network-cidr=10.244.0.0/16
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.12.10:6443 --token p6hvb3.5sln5g4k32wcrvn2 \
--discovery-token-ca-cert-hash sha256:4d96240030c015b2e146c5ee2e4db4a40b2ff5bd55040b2768388a052d6c3613
# 下邊按照提示執行即可
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
安裝網路插件
flannel的鏡像也拉的挺慢的,不過好在可以拉到,嫌慢的可以自己做個加速,這里不再做了,
安裝網路插件:
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
沒有安裝cni插件時node的狀態時NotReady,coredns-bccdc95cf-cgj2m這倆pod是pending狀態,裝上就會ready和running
節點加入集群
在兩臺node上執行
[root@k8s-node01 ~]# kubeadm join 192.168.12.10:6443 --token p6hvb3.5sln5g4k32wcrvn2 \
--discovery-token-ca-cert-hash sha256:4d96240030c015b2e146c5ee2e4db4a40b2ff5bd55040b2768388a052d6c3613
加入集群后兩臺節點也要拉一下鏡像,不然也起不來,谷歌的鏡像你懂的,
只拉kube-proxy和pause即可
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.21.3
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.4.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.21.3 k8s.gcr.io/kube-proxy:v1.21.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.4.1 k8s.gcr.io/pause:3.4.1
查看結果
[root@k8s-master ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane,master 48m v1.21.3
k8s-node01 Ready <none> 4m17s v1.21.3
k8s-node02 Ready <none> 46m v1.21.3
[root@k8s-master ~]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-558bd4d5db-blx27 1/1 Running 0 62m
coredns-558bd4d5db-md5dq 1/1 Running 0 62m
etcd-k8s-master 1/1 Running 0 62m
kube-apiserver-k8s-master 1/1 Running 0 62m
kube-controller-manager-k8s-master 1/1 Running 0 62m
kube-flannel-ds-69djm 1/1 Running 0 18m
kube-flannel-ds-7nv8s 1/1 Running 0 42m
kube-flannel-ds-nttn4 1/1 Running 0 42m
kube-proxy-mkdwg 1/1 Running 0 18m
kube-proxy-pxfvw 1/1 Running 0 62m
kube-proxy-x49br 1/1 Running 0 60m
kube-scheduler-k8s-master 1/1 Running 0 62m
測驗Kubernetes集群
在Kubernetes集群中創建一個pod,然后暴露埠,驗證是否正常訪問:
[root@k8s-master ~]# kubectl create deployment nginx --image=nginx
deployment.apps/nginx created
[root@k8s-master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-554b9c67f9-jbch5 1/1 Running 0 2m26s
# 如果出問題可以查看詳情或者日志
kubectl describe pod nginx-554b9c67f9-jbch5 # 詳情
kubectl logs nginx-554b9c67f9-jbch5 -n namespace # default可以不寫后邊的-n
[root@k8s-master ~]# kubectl expose deployment nginx --port=80 --type=NodePort
service/nginx exposed
kubectl expose deployment polaris-dashboard --port=80 --type=NodePort
[root@k8s-master ~]# kubectl get pods,svc
NAME READY STATUS RESTARTS AGE
pod/nginx-554b9c67f9-jbch5 1/1 Running 0 14m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 52m
service/nginx NodePort 10.1.132.56 <none> 80:30824/TCP 9m48s
http://192.168.12.12:30824
# 如果瀏覽器不能訪問,執行下邊這句話(三臺機器),這是因為新版的docker對iptables做了改動
iptables -P FORWARD ACCEPT
[root@k8s-master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-554b9c67f9-jbch5 1/1 Running 0 28m 172.12.1.2 k8s-node02 <none> <none>
# 直接curl集群內部地址也能看到nginx
curl 172.12.1.2
訪問地址:http://NodeIP:Port ,此例就是
http://192.168.12.10:30824 http://192.168.12.11:30824 http://192.168.12.12:30824 任何一個都能訪問到
在從節點上也可以使用kubectl
在從節點上使用kubectl:
[root@k8s-node01 ~]# kubectl get pod
The connection to the server localhost:8080 was refused - did you specify the right host or port?
解決:
將master節點上的/etc/kubernetes/admin.conf復制到從節點相同目錄下
[root@k8s-node01 kubernetes]# scp k8s-master:/etc/kubernetes/admin.conf .
然后配置環境變數:
[root@k8s-node01 ~]# echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
[root@k8s-node01 kubernetes]# source ~/.bash_profile
[root@k8s-node01 kubernetes]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-554b9c67f9-2w6bf 1/1 Running 0 4d19h
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/290774.html
標籤:其他