#机器规划:
192.168.94.198 k8s-master
192.168.94.199 k8s-node1
192.168.94.200 k8s-node2
##机器初始化,关闭防火墙,selinux,关闭swap分区,设置免密登录、时间同步
#关闭防火墙和selinux
systemctl stop firewalld && systemctl disable firewalld
#关闭SELiunx和swap分区
swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
#设置时间同步
#调整系统时区为中国/上海
timedatectl set-timezone Asia/Shanghai
#或者
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
# 将当前的 UTC 时间写入硬件时钟
timedatectl set-local-rtc 0
# 重启依赖于系统时间的服务
systemctl restart rsyslog
systemctl restart crond
#//date 查看系统时间 hwclock --show 查看硬件时间
#修改主机名
hostnamectl set-hostname k8s-master-1
#配置hosts文件
cat >> /etc/hosts <<EOF
192.168.94.247 k8s-master-1
192.168.94.248 k8s-node-1
192.168.94.249 k8s-node-2
EOFssh
#设置免密登录
ssh-keygen #一路回车即可
ssh-copy-id k8s-node-1
ssh-copy-id k8s-node-2
#添加docker-ce仓库
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#添加yum仓库
cat > /etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes Repo
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
enabled=1
EOF
#安装docker和kubeadm
yum install docker-ce kubelet kubeadm kubectl -y
#启动docker和kubelet
systemctl start docker && systemctl enable docker &&systemctl status docker
systemctl start kubelet && systemctl enable kubelet &&systemctl status kubelet
#注意,此时kubelet是无法正常启动的,可以查看/var/log/messages有报错信息,等待master节点初始化之后即可正常运行。
#提前下载所需镜像
vim k8s-image-download.sh
#---------------------------------------------------------
#!/bin/bash
#download k8s 1.20.1 images
#get image-list by 'kubeadm config images list --kubernetes-version=v1.20.1'
#gcr.azk8s.cn/google-containers == k8s.gcr.io
if [ $# -ne 1 ];then
echo "USAGE: bash `basename $0` KUBERNETES-VERSION"
exit 1
fi
version=$1
images=`kubeadm config images list --kubernetes-version=${version} |awk -F'/' '{print $2}'`
for imageName in ${images[@]};do
docker pull registry.aliyuncs.com/google_containers/$imageName
# docker pull gcr.azk8s.cn/google-containers/$imageName
# docker tag gcr.azk8s.cn/google-containers/$imageName k8s.gcr.io/$imageName
# docker rmi gcr.azk8s.cn/google-containers/$imageName
done
#-----------------------------------------------
#查看版本
kubelet --version
#集群搭建
#master节点执行
kubeadm init --kubernetes-version=v1.20.1 \
--pod-network-cidr=10.244.0.0/16 \
--service-cidr=10.96.0.0/12 \
--apiserver-advertise-address=192.168.94.198 \
--ignore-preflight-errors=Swap \
--ignore-preflight-errors=NumCPU \
--image-repository registry.aliyuncs.com/google_containers
#--kubernetes-version=v1.20.1:指定要安装的版本号。这个版本号可以通过kubelet --version查看
#--apiserver-advertise-address:指定用 Master 的哪个IP地址与 Cluster的其他节点通信。
#--service-cidr:指定Service网络的范围,即负载均衡VIP使用的IP地址段。
#--pod-network-cidr:指定Pod网络的范围,即Pod的IP地址段。
#--ignore-preflight-errors=:忽略运行时的错误,例如执行时存在[ERROR NumCPU]和[ERROR Swap],忽略这两个报错就是增加--ignore-preflight-errors=NumCPU 和--ignore-preflight-errors=Swap的配置即可。
#--image-repository:Kubenetes默认Registries地址是 k8s.gcr.io,一般在国内并不能访问 gcr.io,可以将其指定为阿里云镜像地址:registry.aliyuncs.com/google_containers。
#------------------------保存输出的该加入内容----------------------------------------------
kubeadm join 192.168.94.198:6443 --token xdtfmh.4vk8hiw8lyviu76w \
--discovery-token-ca-cert-hash sha256:3c6e9295f148dff2fd80ca75f4278afa8656bcba08b1770b46712c618a40e4dd
#----------------------------------------------------------------------------------------
#注意:如果安装失败,可以执行 kubeadm reset 命令将主机恢复原状,重新执行 kubeadm init 命令再次进行安装
#kubectl默认会在执行的用户家目录下面的.kube目录下寻找config文件。这里是将在初始化时[kubeconfig]步骤生成的admin.conf拷贝到.kube/config。
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
#安装网络插件flannel
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
#-----------------------以下为输出-----------------------------------
#podsecuritypolicy.policy/psp.flannel.unprivileged created
#clusterrole.rbac.authorization.k8s.io/flannel created
#clusterrolebinding.rbac.authorization.k8s.io/flannel created
#serviceaccount/flannel created
#configmap/kube-flannel-cfg created
#daemonset.apps/kube-flannel-ds-amd64 created
#daemonset.apps/kube-flannel-ds-arm64 created
#daemonset.apps/kube-flannel-ds-arm created
#daemonset.apps/kube-flannel-ds-ppc64le created
#daemonset.apps/kube-flannel-ds-s390x created
#--------------------------------------------------------------------
#node节点加入集群
kubeadm join 192.168.94.198:6443 --token xdtfmh.4vk8hiw8lyviu76w \
--discovery-token-ca-cert-hash sha256:3c6e9295f148dff2fd80ca75f4278afa8656bcba08b1770b46712c618a40e4dd
#在master机器上执行
kubectl get nodes #所有机器均为ready即可
kubectl get pod -owide --all-namespaces #所有pod均为running即可
#配置kubectl子命令补全
yum install -y bash-completion
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
kubectl completion bash > ~/.kube/completion.bash.inc
source '/root/.kube/completion.bash.inc'
source $HOME/.bash_profile
#测试DNS是否能够正常解析
kubectl run -it busybox --image=radial/busyboxplus:curl
#----------------------#以下是进入容器内----------------------------
[ root@busybox:/ ]$ nslookup kubernetes
Server: 10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
Name: kubernetes
Address 1: 10.96.0.1 kubernetes.default.svc.cluster.local
[ root@busybox:/ ]$ nslookup kubernetes.default
Server: 10.96.0.10
Address 1: 10.96.0.10 kube-dns.kube-system.svc.cluster.local
Name: kubernetes.default
Address 1: 10.96.0.1 kubernetes.default.svc.cluster.local
#------------------------------------------------------------------
#exit退出 kubectl get pod 查看pod
kubectl get pod
kubectl delete pod busybox #删除刚测试的DNS的pod
#测试集群
#在kubernetes集群中创建一个pod,然后暴露端口,验证是否正常访问:
kubectl create deployment nginx-deploy --image=nginx
kubectl expose deployment nginx-deploy --port=80 --type=NodePort
kubectl get pod,svc
#然后浏览器访问 ip+端口
kubectl delete deployments nginx-deploy #删除对应的pod以及svc
kubectl delete svc nginx-deploy #删除对应的pod以及svc