Master01初始化

1集群初始化之前一行要先重启一下containerd，由于没用重启这个报错整整折腾了我一天，报错内容如下：

[root@k8s-master01 ~]#kubeadm config images pull --config /root/new.yaml
fail to pull "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:1.23.1":outout: time="20220-2-27T08:26:"fatal msg="pulling image: rpc error: code=Unimplemented desc= undown service runtime.v1aloha2.ImageService",error: exit status 1

解决办法就是重启containerd

#systemctl restart containerd

2编写master01初始化yaml文件

[root@k8s-master01 ~]#vim kubeadm-config.yaml
[root@k8s-master01 ~]#systemctl restart containerd #如果前面重启了，那么这一步可以省略
[root@k8s-master01 ~]#cat kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
  - system:bootstrappers:kubeadm:default-node-token
  token: 7t2weq.bjbawausm0jaxury
  ttl: 24h0m0s
  usages:
  - signing
  - authentication
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: 10.0.0.201
  bindPort: 6443
nodeRegistration:
  criSocket: /run/containerd/containerd.sock
  name: k8s-master01
  taints:
  - effect: NoSchedule
    key: node-role.kubernetes.io/master
---
apiServer:
  certSANs:
  - 10.0.0.236
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: 10.0.0.236:16443
controllerManager: {}
dns:
  type: CoreDNS
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: v1.23.4 # 更改此处的版本号和kubeadm version一致
networking:
  dnsDomain: cluster.local
  podSubnet: 172.16.0.0/12
  serviceSubnet: 192.168.0.0/16
scheduler: {}

 更新kubeadm文件：

[root@k8s-master01 ~]#kubeadm config migrate --old-config kubeadm-config.yaml --new-config new.yaml

将new.yaml文件复制到其他master节点：

[root@k8s-master01 ~]#for i in k8s-master02 k8s-master03; do scp new.yaml $i:/root/; done

所有Master节点提前下载镜像：

[root@k8s-master01 ~]#kubeadm config images pull --config /root/new.yaml 

 查看下载的镜像

[root@k8s-master01 ~]#vim new.yaml 
[root@k8s-master01 ~]#kubeadm config images pull --config /root/new.yaml
[config/images] Pulled registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.23.4
[config/images] Pulled registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.23.4
[config/images] Pulled registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.23.4
[config/images] Pulled registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.23.4
[config/images] Pulled registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6
[config/images] Pulled registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.1-0
[config/images] Pulled registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:v1.8.6

Master01节点初始化：

kubeadm init --config /root/new.yaml  --upload-certs

初始化成功后信息如下：

You can now join any number of the control-plane node running the following command on each as root:

#添加Master节点的命令

kubeadm join 10.0.0.236:16443 --token 7t2weq.bjbawausm0jaxury \
--discovery-token-ca-cert-hash sha256:b20ac598b92b2f80d27b267af12ee18c0c3d10801edfbf98f1788b5cde9da0d9 \
--control-plane --certificate-key 017a5fac657642a30389649bcbf3ccbbdc27ecb43a4c100435cc5230dc173f11

Please note that the certificate-key gives access to cluster sensitive data, keep it secret!
As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use
"kubeadm init phase upload-certs --upload-certs" to reload certs afterward.

Then you can join any number of worker nodes by running the following on each as root:

#添加node节点的命令

kubeadm join 10.0.0.236:16443 --token 7t2weq.bjbawausm0jaxury \
--discovery-token-ca-cert-hash sha256:b20ac598b92b2f80d27b267af12ee18c0c3d10801edfbf98f1788b5cde9da0d9

 Master01节点配置环境变量，用于访问Kubernetes集群：

cat <<EOF >> /root/.bashrc
export KUBECONFIG=/etc/kubernetes/admin.conf
EOF
source /root/.bashrc

添加master节点和node节点

使用上述初始化命令生产的join命令添加即可：

 1）在master02上执行下面的命令即可将master02加入到集群

[root@k8s-master02 ~]#kubeadm join 10.0.0.236:16443 --token 7t2weq.bjbawausm0jaxury \
> --discovery-token-ca-cert-hash sha256:b20ac598b92b2f80d27b267af12ee18c0c3d10801edfbf98f1788b5cde9da0d9 \
> --control-plane --certificate-key 017a5fac657642a30389649bcbf3ccbbdc27ecb43a4c100435cc5230dc173f11

2）在node01上执行下面的命令即可将node01加入到集群

[root@k8s-node1 ~]#kubeadm join 10.0.0.236:16443 --token 7t2weq.bjbawausm0jaxury \
> --discovery-token-ca-cert-hash sha256:b20ac598b92b2f80d27b267af12ee18c0c3d10801edfbf98f1788b5cde9da0d9

 3)在master中查看是否添加成功

[root@k8s-master01 ~]#kubectl get node
NAME           STATUS     ROLES                  AGE   VERSION
k8s-master01   NotReady   control-plane,master   84m   v1.23.4
k8s-master02   NotReady   control-plane,master   33m   v1.23.4
k8s-node1      NotReady   <none>                 94s   v1.23.4
k8s-node2      NotReady   <none>                 94s   v1.23.4
[root@k8s-master01 ~]#