kubeadm 搭建k8s集群

时间 2019-12-29

原文原文链接

kubeadm 搭建k8s集群

搭建环境，下面三台机器都是centos7.5，内核版本为3.10.0node

master:192.168.157.21
node1:192.168.157.22
node2:192.168.157.23

搭建master

1.关闭防火墙linux

systemctl stop firewalld

systemctl stop firewalld
systemctl disable firewalldsystemctl stop firewalld
systemctl disable firewalld

setenforce 0

sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config

swapoff -a
sed -i '/^.*swap.*/d' /etc/fstab

2.建立本地解析git

cat << EOF >> /etc/hosts
192.168.157.22 node01
192.168.157.23 node02
192.168.157.23 master
EOF

安装docker

#安装必要的一些系统工具
yum install -y yum-utils device-mapper-persistent-data lvm2
#yum源添加软件源信息
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#更新yum源
yum makecache fast
#安装docker
yum -y install docker-ce || yum -y install docker-ce-[VERSION]

#开机启动
systemctl start docker && systemctl enable docker

#查看是否安装成功
docker version

安装kubernetes

1.yum 安装相关软件github

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum repolist
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet

2.使用kubeadm进行master初始化docker

#生成kubeadm配置文件
kubeadm config print init-defaults > kubeadm.conf
kubeadm config print-default > kubeadm.conf # 老版本能够使用这个命令

#换kubeadm的镜像仓库
sed -i "s/imageRepository: .*/imageRepository: registry.aliyuncs.com\/google_containers/g" kubeadm.conf

#下载k8s master 节点中的镜像到本地
kubeadm config images pull --config kubeadm.conf

#修改kubeadm.conf中advertiseAddress参数指定master的ip地址
sed -i "s/advertiseAddress: .*/advertiseAddress: 192.168.157.21/g" kubeadm.conf

#我使用的是Canal网络插件，所以须要将--pod-network-cid设置为10.244.0.0/16
sed -i "s/podSubnet: .*/podSubnet: \"10.244.0.0\/16\"/g" kubeadm.conf

#进行master初始化
kubeadm init --config kubeadm.conf

报错处理

此报错是因为cpu核数不足，k8s最低须要2核才能够运行shell

没有禁用swap致使安装异常，能够禁用掉，或者使用 “--ignore-preflight-errors=Swap”忽略次报错json

安装完毕

1.初始化成功
centos

# 保存这条命令在node上使用
kubeadm join 192.168.157.21:6443 --token g1eojw.rwjv5t18d32hjbro --discovery-token-ca-cert-hash sha256:bcf361414fb2b51387930ea0c2f902e876e52858b5ec6874281cd0b6b8f4ab4a

2.查看镜像是否拉取完整网络

docker image ls

3.查看服务是否健康app

kubectl get cs
#查看配置信息
kubectl get configmap kube-flannel-cfg -o json -n kube-system
#查看dns地址
kubectl get svc kube-dns -n kube-system

安装flannel

安装

wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml

处理问题

kubectl get pods -n kube-system

查看具体问题

kubectl describe pod kube-flannel-ds-amd64-2dqlf -n kube-system

经过上面的报错能够知道容器pull失败是因为网络异常

增长指定网卡“- --iface=ens33”

containers:
      - name: kube-flannel
        image: quay.io/coreos/flannel:v0.10.0-amd64
        command:
        - /opt/bin/flanneld
        args:
        - --ip-masq
        - --kube-subnet-mgr
        - --iface=ens33

kubectl delete -f kube-flannel.yml

#修改yml文件改变镜像仓库
sed -i 's#quay.io/coreos/flannel:v0.11.0#registry.cn-hangzhou.aliyuncs.com/rsq_kubeadm/flannel:v0.10.0#g' kube-flannel.yml

#从新安装
kubectl apply -f kube-flannel.yml

搭建node

关闭firewalld,selinux,swap
依次安装docker,kubelet,kubeadm,kubectl
执行初始化是生成的命令行

kubeadm join 192.168.157.21:6443 --token g1eojw.rwjv5t18d32hjbro --discovery-token-ca-cert-hash sha256:bcf361414fb2b51387930ea0c2f902e876e52858b5ec6874281cd0b6b8f4ab4a

若是忘记上面那条命令能够中心生成

#从新生成token
kubeadm token create
#查看takenlist
kubeadm token list
#获取加密
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'

查看集群状态

kubectl get nodes -o wide