k8s单节点安装部署
说明
- 本次安装版本为v1.16.3
- 集群模式为单master节点
- 服务器信息如下:
| IP | 主机名 | 配置 |
|---|
| 172.16.100.30 | k8s-master01 | 4vCPU-8G-100G |
| 172.16.100.31 | k8s-worker01 | 8vCPU-16G-100G |
| 172.16.100.32 | k8s-worker02 | 8vCPU-16G-100G |
| 172.16.100.33 | k8s-worker03 | 8vCPU-16G-100G |
一、服务器基础配置(所有节点)
1、主机名配置(各节点分别执行对应命令)
hostnamectl set-hostname k8s-master01
hostnamectl set-hostname k8s-worker01
hostnamectl set-hostname k8s-worker02
hostnamectl set-hostname k8s-worker03
2、主机解析配置
cat >> /etc/hosts <<EOF
172.16.100.30 k8s-master01
172.16.100.31 k8s-worker01
172.16.100.32 k8s-worker02
172.16.100.33 k8s-worker03
EOF
3、挂载数据文件系统
pvcreate /dev/xvdb
vgs
vgextend centos /dev/xvdb
lvcreate -l 100%FREE -n lv_data centos
lvs
mkfs.xfs /dev/centos/lv_data
mkdir /data
echo '/dev/mapper/centos-lv_data /data xfs defaults 0 0' >> /etc/fstab
mount -a
df -h
4、关闭selinux和iptables
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config
systemctl stop firewalld && systemctl disable firewalld
5、设置内网DNS
cat > /etc/resolv.conf <<EOF
nameserver 172.16.100.210
nameserver 172.16.100.209
EOF
6、加载ipvs相关模块
cat << EOF > /etc/sysconfig/modules/ipvs.modules
\
ipvs_modules_dir="/usr/lib/modules/\`uname -r\`/kernel/net/netfilter/ipvs"
for i in \`ls \$ipvs_modules_dir | sed -r 's#(.*).ko.*#\1#'\`; do
/sbin/modinfo -F filename \$i &> /dev/null
if [ \$? -eq 0 ]; then
/sbin/modprobe \$i
fi
done
EOF
chmod +x /etc/sysconfig/modules/ipvs.modules
bash /etc/sysconfig/modules/ipvs.modules
lsmod | grep ip_vs
7、配置yum源
mkdir -p /etc/yum.repos.d/bak/
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak/
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
yum makecache fast
8、安装必要软件包
yum install -y yum-utils device-mapper-persistent-data lvm2 ntpdate bash-completion ipvsadm ipset
9、配置定时更新系统时间
echo '5 * * * * /usr/sbin/ntpdate ntp.aliyun.com > /dev/null 2>&1' > /var/spool/cron/root
10、安装docker-ce
yum-config-manager --add-repo http:
yum makecache fast
yum -y install docker-ce
11、修改docker配置
mkdir /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
"log-driver": "json-file",
"log-opts": {"max-size": "100m"},
"storage-driver": "overlay2",
"graph":"/data/docker",
"insecure-registries": ["harbor.db-inc.com"],
"registry-mirrors": ["https://wehjutsh.mirror.aliyuncs.com"]
}
EOF
sed -i '/^ExecStart/a ExecStartPost=/usr/sbin/iptables -P FORWARD ACCEPT' /usr/lib/systemd/system/docker.service
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
systemctl daemon-reload
systemctl restart docker
systemctl enable docker
rm -rf /var/lib/docker
docker info
二、k8s环境准备(所有节点)
1、安装kubeadm/kubectl/kubelet
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet-1.16.3-0 kubeadm-1.16.3-0 kubectl-1.16.3-0 --disableexcludes=kubernetes
kubectl completion bash > /etc/bash_completion.d/kubectl
systemctl enable kubelet && systemctl start kubelet
2、k8s相关镜像准备
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.16.3
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.16.3
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.16.3
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.16.3
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.15-0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.16.3 harbor.db-inc.com/dbops/kube-apiserver:v1.16.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.16.3 harbor.db-inc.com/dbops/kube-proxy:v1.16.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.16.3 harbor.db-inc.com/dbops/kube-controller-manager:v1.16.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.16.3 harbor.db-inc.com/dbops/kube-scheduler:v1.16.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 harbor.db-inc.com/dbops/pause:3.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.3.15-0 harbor.db-inc.com/dbops/etcd:3.3.15-0
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.2 harbor.db-inc.com/dbops/coredns:1.6.2
docker push harbor.db-inc.com/dbops/kube-proxy:v1.16.3
docker push harbor.db-inc.com/dbops/kube-apiserver:v1.16.3
docker push harbor.db-inc.com/dbops/kube-scheduler:v1.16.3
docker push harbor.db-inc.com/dbops/kube-controller-manager:v1.16.3
docker push harbor.db-inc.com/dbops/pause:3.1
docker push harbor.db-inc.com/dbops/etcd:3.3.15-0
docker push harbor.db-inc.com/dbops/coredns:1.6.2
三、k8s初始化安装
1、在master节点上执行kubeadm init
kubeadm init --kubernetes-version=v1.16.3 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --image-repository=harbor.db-inc.com/dbops
2、根据提示配置config文件
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
3、安装flannel网络插件
docker pull akinlau/flannel-v0.11.0:v0.11.0
docker tag akinlau/flannel-v0.11.0:v0.11.0 harbor.db-inc.com/dbops/flannel:v0.11.0
docker push harbor.db-inc.com/dbops/flannel:v0.11.0
mkdir /data/kubeadm
curl -o /data/kubeadm/kube-flannel.yml https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
sed -i 's#quay.io/coreos/flannel:v0.11.0-amd64#harbor.db-inc.com/dbops/flannel:v0.11.0#g' /data/kubeadm/kube-flannel.yml
kubectl apply -f /data/kubeadm/kube-flannel.yml
4、修改kube-proxy为IPVS
kubectl get cm kube-proxy -n kube-system -o yaml | grep mode
kubectl edit cm kube-proxy -n kube-system
kubectl get pod -n kube-system | grep kube-proxy | awk '{system("kubectl delete pod "$1" -n kube-system")}'
5、在worker节点上依次加入集群
kubeadm join 172.16.100.30:6443 --token 4suvzg.g9vs95tte62w4pbz --discovery-token-ca-cert-hash sha256:2f2016a57ad5ff907991cb226ab062d92f829a7e3781474f3ceb76ff4f262fdc
四、检查k8s集群状态
#获取节点状态,NotReady状态可能是网络插件未安装
kubectl get nodes
#获取组件状态
kubectl get cs
#获取名称空间
kubect get ns
#获取支持的API资源
kubectl api-resources
#获取支持的API版本
kubectl api-versions
#获取kube-system空间中的pod信息
kubectl get pods -n kube-system -o wide
#查看节点的详细信息
kubectl describe node k8s-worker01
