目录

• • 1.准备工作（所有服务器）
  • • • 官方文档
      • 关闭swap分区
      • 允许 iptables 检查桥接流量
      • 将 SELinux 设置为 permissive 模式（相当于将其禁用）
      • 安装docker
      • harbor镜像仓库
      • 容器运行时需要操作
  • 2.安装kubernetes
  • • • 配置源
      • 下载安装k8s
  • 3.服务器主机配置
  • • • （1）harbor仓库上传镜像
      • （2）k8s初始化控制平面节点
      • （3）Kube-flannel.yml下载
    • 加入节点
    • • 在主机监控

1.准备工作（所有服务器）

官方文档

https://kubernetes.io/zh/docs/setup/production-environment/tools/kubeadm/install-kubeadm/

关闭swap分区

swapoff -a

并注释# vim /etc/fstab中swap内容

允许 iptables 检查桥接流量

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
# 开启网桥流量
sysctl –system

将 SELinux 设置为 permissive 模式（相当于将其禁用）

sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
sudo systemctl enable --now kubelet

安装docker

daocker安装步骤

dnf install docker-ce --allowerasing -y
systemctl enable --now docker

harbor镜像仓库

harbor仓库搭建

容器运行时需要操作

cat <<EOF | sudo tee /etc/docker/daemon.json
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2"
}
EOF

# 重启docker
systemctl restart docker

2.安装kubernetes

阿里云kubernetes镜像

配置源

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
#repo_gpgcheck=1
#gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg #https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

下载安装k8s

# yum install -y kubelet kubeadm kubectl
# systemctl enable --now kubelet

3.服务器主机配置

查看默认配置信息
# kubeadm config print init-defaults
列出所需镜像
# kubeadm config images list --image-repository  registry.aliyuncs.com/google_containers

拉取镜像
# kubeadm config images pull --image-repository registry.aliyuncs.com/google_containers

（1）harbor仓库上传镜像

harbor仓库搭建

复制harbor服务器证书到server1，server2，server3

# scp -r /etc/docker/certs.d/ server[1-3]:/etc/docker/

在主机（server1）登录到harbor用来上传镜像

修改名称

# docker images | grep ^registry
# docker images | grep ^registry | awk '{print $1":"$2}' | awk -F/ '{system(" docker tag "$0" reg.westos.org/k8s/"$3"")}' 

上传镜像

# docker images | grep k8s | awk '{system("docker push "$1":"$2"")}'

下载并上传镜像

# docker pull rancher/mirrored-flannelcni-flannel-cni-plugin:v1.0.0
# docker pull quay.io/coreos/flannel:v0.15.1
# docker tag rancher/mirrored-flannelcni-flannel-cni-plugin:v1.0.0 reg.westos.org/k8s/mirrored-flannelcni-flannel-cni-plugin:v1.0.0
# docker push reg.westos.org/k8s/mirrored-flannelcni-flannel-cni-plugin:v1.0.0 
# docker tag quay.io/coreos/flannel:v0.15.1 reg.westos.org/k8s/flannel:v0.15.1
# docker push reg.westos.org/k8s/flannel:v0.15.1

（2）k8s初始化控制平面节点

# kubeadm init --pod-network-cidr=10.244.0.0/16 --image-repository reg.westos.org/k8s
# 执行完，自动生成内容
Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:
# sudo其他用户操作命令 #
  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:
# root用户操作命令 #
  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:
# 其他服务器配置命令
kubeadm join 172.25.0.1:6443 --token swkaho.943glefqq9gwqpiu \
	--discovery-token-ca-cert-hash sha256:492e0a69345cd640d5904a77c0eb4f26c2e68c7b0ba67105f133e0219c65bc94

root用户操作命令，并放在用户主目录下的.bash_profile

export KUBECONFIG=/etc/kubernetes/admin.conf

配置kubectl命令补全功能：

# echo "source<(kubectl completion bash )" >> ~/.bashrc
# source .bashrc

（3）Kube-flannel.yml下载

在/etc/hosts文件添加199.232.68.133 raw.githubusercontent.com

wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

下载并上传镜像

# docker pull rancher/mirrored-flannelcni-flannel-cni-plugin:v1.0.0
# docker pull quay.io/coreos/flannel:v0.15.1
# docker tag rancher/mirrored-flannelcni-flannel-cni-plugin:v1.0.0 reg.westos.org/k8s/mirrored-flannelcni-flannel-cni-plugin:v1.0.0
# docker push reg.westos.org/k8s/mirrored-flannelcni-flannel-cni-plugin:v1.0.0 
# docker tag quay.io/coreos/flannel:v0.15.1 reg.westos.org/k8s/flannel:v0.15.1
# docker push reg.westos.org/k8s/flannel:v0.15.1

修改kube-flannel.yml指向reg.westos.org/k8s/

# kubectl apply -f kube-flannel.yml

查看节点是否生效

# kubectl get pod -n kube-system

加入节点

控制平面初始化最后的内容
使用命令，创建两个节点（内存2G）server2,server3

# 在server2，3添加内容
# vim /etc/docker/daemon.json
  "registry-mirrors":["https://reg.westos.org"],

kubeadm join 172.25.0.1:6443 --token swkaho.943glefqq9gwqpiu \
	--discovery-token-ca-cert-hash sha256:492e0a69345cd640d5904a77c0eb4f26c2e68c7b0ba67105f133e0219c65bc94

在主机监控

列出节点

# kubectl get nodes

# 删除节点
# kubectl delete node name

负载检测

# kubectl create deployment my-dep --image=nginx --replicas=3
# kubectl get pod -o wide