1.k8s集群環境準備
推薦閱讀:
https://kubernetes.io/zh/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
1.1 環境準備
環境準備:硬件配置: 2core 4GB磁盤: 50GB+操作系統: Ubuntu 22.04.04 LTSIP和主機名:10.0.0.231 master23110.0.0.232 worker23210.0.0.233 worker233
1.2 關閉swap分區
swapoff -a && sysctl -w vm.swappiness=0 # 臨時關閉
sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab # 基于配置文件關閉
1.3 確保各個節點MAC地址或product_uuid唯一
ifconfig eth0 | grep ether | awk '{print $2}'
cat /sys/class/dmi/id/product_uuid
1.4 檢查網絡節點是否互通
ping baidu.com -c 10
1.5.允許iptable檢查橋接流量
modprobe bridge
modprobe br_netfilter
cat <<EOF | tee /etc/modules-load.d/k8s.conf
bridge
br_netfilter
EOFcat <<EOF | tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl --system
1.6 檢查端口是否被占用
參考鏈接: https://kubernetes.io/zh-cn/docs/reference/networking/ports-and-protocols/檢查master節點和worker節點的各組件端口是否被占用。
1.7 安裝Containerd
略
[root@master241 ~]# ctr version
Client:Version: v1.6.36Revision: 88c3d9bc5b5a193f40b7c14fa996d23532d6f956Go version: go1.22.7Server:Version: v1.6.36Revision: 88c3d9bc5b5a193f40b7c14fa996d23532d6f956UUID: 40e0c4d0-7d11-45af-bcd4-e390d85c9954
[root@master241 ~]#
[root@master241 ~]# ctr ns ls
NAME LABELS
1.8 所有節點安裝kubeadm,kubelet,kubectl
1.8.1 K8S所有節點配置軟件源
apt-get update && apt-get install -y apt-transport-https
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update
1.8.2 查看一下當前環境支持的k8s版本
[root@master241 ~]# apt-cache madison kubeadmkubeadm | 1.28.2-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packageskubeadm | 1.28.1-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packageskubeadm | 1.28.0-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages...kubeadm | 1.23.17-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packageskubeadm | 1.23.16-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packageskubeadm | 1.23.15-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packageskubeadm | 1.23.14-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages...
1.8.3 所有節點安裝 kubelet kubeadm kubectl
apt-get -y install kubelet=1.24.17-00 kubeadm=1.24.17-00 kubectl=1.24.17-00
1.8.4 檢查各組件版本
[root@worker242 ~]# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.17", GitCommit:"953be8927218ec8067e1af2641e540238ffd7576", GitTreeState:"clean", BuildDate:"2023-02-22T13:33:14Z", GoVersion:"go1.19.6", Compiler:"gc", Platform:"linux/amd64"}
[root@worker242 ~]#
[root@worker242 ~]# kubectl version
Client Version: version.Info{Major:"1", Minor:"23", GitVersion:"v1.23.17", GitCommit:"953be8927218ec8067e1af2641e540238ffd7576", GitTreeState:"clean", BuildDate:"2023-02-22T13:34:27Z", GoVersion:"go1.19.6", Compiler:"gc", Platform:"linux/amd64"}
The connection to the server localhost:8080 was refused - did you specify the right host or port?
[root@worker242 ~]#
[root@worker242 ~]# kubelet --version
Kubernetes v1.23.17
[root@worker242 ~]# 溫馨提示:其他兩個節點都要檢查下,避免你安裝的版本和我不一致!參考鏈接:
https://kubernetes.io/zh/docs/tasks/tools/install-kubectl-linux/
1.9 檢查時區
[root@master241 ~]# ln -svf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
'/etc/localtime' -> '/usr/share/zoneinfo/Asia/Shanghai'
[root@master241 ~]#
[root@master241 ~]# ll /etc/localtime
lrwxrwxrwx 1 root root 33 Apr 7 17:34 /etc/localtime -> /usr/share/zoneinfo/Asia/Shanghai
[root@master241 ~]#
[root@master241 ~]# date -R
Mon, 07 Apr 2025 17:34:34 +0800
2.基于kubeadm組件初始化K8S的master組件
2.1.提前導入鏡像
[root@master241 ~]# ctr -n k8s.io i ls | awk 'NR>=1{print $1}' | grep google_containers | grep -v sha256
registry.aliyuncs.com/google_containers/coredns:v1.8.6
registry.aliyuncs.com/google_containers/etcd:3.5.6-0
registry.aliyuncs.com/google_containers/kube-apiserver:v1.24.17
registry.aliyuncs.com/google_containers/kube-controller-manager:v1.24.17
registry.aliyuncs.com/google_containers/kube-proxy:v1.24.17
registry.aliyuncs.com/google_containers/kube-scheduler:v1.24.17
registry.aliyuncs.com/google_containers/pause:3.7
registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6
如何導出鏡像?
[root@master241 ~]# ctr -n k8s.io i export master-v1.24.17.tar.gz `ctr -n k8s.io i ls | awk 'NR>=1{print $1}' | grep google_containers | grep -v sha256`
[root@master241 ~]#
[root@master241 ~]# ll -h master-v1.24.17.tar.gz
-rw-r--r-- 1 root root 226M Apr 7 17:46 master-v1.24.17.tar.gz
2.2 使用kubeadm初始化master節點
[root@master231 ~]# kubeadm init --kubernetes-version=v1.24.17 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.100.0.0/16 --service-cidr=10.200.0.0/16 --service-dns-domain=dezyan.com
...Your Kubernetes control-plane has initialized successfully!To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/configAlternatively, if you are the root user, you can run:export KUBECONFIG=/etc/kubernetes/admin.confYou should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:https://kubernetes.io/docs/concepts/cluster-administration/addons/Then you can join any number of worker nodes by running the following on each as root:kubeadm join 10.0.0.241:6443 --token 2tw3l6.zoei48h2bawc7t5z \--discovery-token-ca-cert-hash sha256:da5e232386796fa2378189fce4881e7fe5a8a864b8c68b3f74e7859e1cf4fd2c
3.拷貝授權文件,用于管理K8S集群
[root@master241 ~]# mkdir -p $HOME/.kube
[root@master241 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master241 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config 4.查看master組件是否正常工作
[root@master241 ~]# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME STATUS MESSAGE ERROR
controller-manager Healthy ok
scheduler Healthy ok
etcd-0 Healthy {"health":"true","reason":""}
[root@master241 ~]#
5.查看工作節點
[root@master241 ~]# kubectl get no -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
master241 NotReady control-plane 9m14s v1.24.17 10.0.0.241 <none> Ubuntu 22.04.4 LTS 5.15.0-119-generic containerd://1.6.36
6.基于kubeadm部署worker組件
6.1提前導入鏡像
[root@worker242 ~]# ctr -n k8s.io i ls | awk 'NR>=1{print $1}' | grep google_containers | grep -v sha256
registry.aliyuncs.com/google_containers/kube-proxy:v1.24.17
registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6[root@worker243 ~]# ctr -n k8s.io i ls | awk 'NR>=1{print $1}' | grep google_containers | grep -v sha256
registry.aliyuncs.com/google_containers/kube-proxy:v1.24.17
registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6
6.2 將worker節點加入到master集群
[root@worker242 ~]# kubeadm join 10.0.0.241:6443 --token 2tw3l6.zoei48h2bawc7t5z --discovery-token-ca-cert-hash sha256:da5e232386796fa2378189fce4881e7fe5a8a864b8c68b3f74e7859e1cf4fd2c[root@worker243 ~]# kubeadm join 10.0.0.241:6443 --token 2tw3l6.zoei48h2bawc7t5z --discovery-token-ca-cert-hash sha256:da5e232386796fa2378189fce4881e7fe5a8a864b8c68b3f74e7859e1cf4fd2c
6.3 驗證worker節點是否加入成功
[root@master241 ~]# kubectl get no -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
master241 NotReady control-plane 19m v1.24.17 10.0.0.241 <none> Ubuntu 22.04.4 LTS 5.15.0-119-generic containerd://1.6.36
worker242 NotReady <none> 7m58s v1.24.17 10.0.0.242 <none> Ubuntu 22.04.4 LTS 5.15.0-119-generic containerd://1.6.36
worker243 NotReady <none> 7s v1.24.17 10.0.0.243 <none> Ubuntu 22.04.4 LTS 5.15.0-119-generic containerd://1.6.36
7.部署CNI插件之Flannel實戰
7.1 導入鏡像
7.2 下載資源清單并修改自己的網段
wget https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml[root@master241 ~]# sed -i '/16/s#244#100#' kube-flannel.yml
[root@master241 ~]#
[root@master241 ~]# grep 16 kube-flannel.yml "Network": "10.100.0.0/16",
7.3 開始安裝Flannel
[root@master241 ~]# kubectl apply -f kube-flannel.yml
7.4 查看Pod信息
[root@master241 ~]# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-flannel kube-flannel-ds-5g7mw 1/1 Running 0 7m56s
kube-flannel kube-flannel-ds-bxjjq 1/1 Running 0 4s
kube-flannel kube-flannel-ds-rx97h 1/1 Running 0 7m56s
kube-system coredns-74586cf9b6-8rm7n 1/1 Running 0 43m
kube-system coredns-74586cf9b6-zd76c 1/1 Running 0 43m
kube-system etcd-master241 1/1 Running 0 43m
kube-system kube-apiserver-master241 1/1 Running 0 43m
kube-system kube-controller-manager-master241 1/1 Running 0 43m
kube-system kube-proxy-kkqsb 1/1 Running 0 32m
kube-system kube-proxy-njdqc 1/1 Running 0 43m
kube-system kube-proxy-tv98r 1/1 Running 0 24m
kube-system kube-scheduler-master241 1/1 Running 0 43m
[root@master241 ~]#
7.5 創建Pod測試網絡插件是否正常
[root@master241 ~]# cat test-cni.yaml
apiVersion: v1
kind: Pod
metadata:name: xiuxian-v1
spec:nodeName: worker242containers:- image: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v1 name: xiuxian---apiVersion: v1
kind: Pod
metadata:name: xiuxian-v2
spec:nodeName: worker243containers:- image: registry.cn-hangzhou.aliyuncs.com/yinzhengjie-k8s/apps:v2name: xiuxian[root@master241 ~]# kubectl apply -f test-cni.yaml
pod/xiuxian-v1 created
pod/xiuxian-v2 created[root@master241 ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
xiuxian-v1 1/1 Running 0 4m17s 10.100.1.4 worker242 <none> <none>
xiuxian-v2 1/1 Running 0 4s 10.100.2.3 worker243 <none> <none>
[root@master241 ~]#
[root@master241 ~]# curl 10.100.1.4
[root@master241 ~]# curl 10.100.2.3
)
)
)
與重繪(Repaint),寫出高性能 CSS 動畫)
)
