私有云k8s一键部署

几个关键点：

1. 把k8s部署须要的镜像从mirrorgooglecontainers下下来，并打上k8s.gcr.io的tag
2. 注意部署网段，不要和宿主机的网段冲突
3. 注意更改hostname，防止一些不合法的字符以下划线
4. 注意保持版本一直

echo "关闭docker 可能要花一点时间"
systemctl stop docker


echo "关闭缓存"
swapoff -a
# 编辑/etf/fstab
sed -e '/swap/ s/^#*/#/' -i /etc/fstab
mount -a
# 查看输出
free -h

echo "关闭防火墙"
# 关闭防火墙
systemctl disable firewalld
systemctl stop firewalld
systemctl status firewalld

echo "关闭防火墙成功"

sleep 1

cat << EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

sysctl --system

sleep 1

# 添加一条规则
cat << EOF > /etc/sysctl.conf
net.ipv4.ip_forward = 1
EOF

# 生效配置
sysctl -p

##################################### 安装docker
# 前置需求
#yum install -y  yum-utils device-mapper-persistent-data lvm2

## Add docker repository.
#yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

## Install docker.
#yum update && yum install docker-ce-17.06.0.ce-1.el7.centos

## Create /etc/docker directory.
#mkdir -p /etc/docker
#
#cat > /etc/docker/daemon.json <<EOF
#{
#"log-driver":"json-file",
#"log-opts":{"max-size":"1024m","max-file":"2"}
#}
#EOF
##################################### 安装docker

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF


# 修改主机名， 主机名中不能含有下划线，不然会报错。
hn=`hostname`
# 将原来主机名中的下划线改成-
new_hn="${hn//_/-}"
hostnamectl set-hostname $new_hn
#sed -i "s/$/ $new_hn/" /etc/hosts
sed -e  "s/$/ $new_hn/" -i  /etc/hosts

# 启动docker服务
echo "启动docker服务，可能花费较长时间"
systemctl start docker.service

# 从镜像拉去Image，并改tag

docker pull mirrorgooglecontainers/kube-apiserver:v1.14.2
docker tag mirrorgooglecontainers/kube-apiserver:v1.14.2 k8s.gcr.io/kube-apiserver:v1.14.2
docker pull mirrorgooglecontainers/kube-controller-manager:v1.14.2  k8s.gcr.io/kube-controller-manager:v1.14.2
docker pull mirrorgooglecontainers/kube-controller-manager:v1.14.2
docker tag  mirrorgooglecontainers/kube-controller-manager:v1.14.2  k8s.gcr.io/kube-controller-manager:v1.14.2
docker pull mirrorgooglecontainers/kube-scheduler:v1.14.2
docker tag mirrorgooglecontainers/kube-scheduler:v1.14.2 k8s.gcr.io/kube-scheduler:v1.14.2
docker pull mirrorgooglecontainers/kube-proxy:v1.14.2
docker tag mirrorgooglecontainers/kube-proxy:v1.14.2 k8s.gcr.io/kube-proxy:v1.14.2
docker pull mirrorgooglecontainers/pause:3.1
docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.3.10
docker tag mirrorgooglecontainers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10
docker pull coredns/coredns:1.3.1
docker tag coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1

# Set SELinux in permissive mode (effectively disabling it)
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

# 这里增长了对版本的控制
version=1.14.2
yum install -y kubelet-${version} kubeadm-${version} kubectl-${version} --disableexcludes=kubernetes

systemctl enable kubelet && systemctl start kubelet

#############################若是是master结点#######################################
kubeadm init --pod-network-cidr=10.20.0.0/16 --apiserver-advertise-address=Your_host_address

# 设置kubeconfig地址
export KUBECONFIG=/etc/kubernetes/admin.conf

# 设置rbac
kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml

# 下载calico.yaml
curl -O https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml

# 修改calico.yaml
# ！！！！这里很关键，要把原来的CIDR换成一个和宿主机局域网不一样的网段！！！！！
#            - name: CALICO_IPV4POOL_CIDR
#               value: "192.168.0.0/16"           ------------> 10.20.0.0/16

# 安装网络组件
kubectl apply -f calico.yaml


#############################若是是worker节点#######################################

kubeadm join 192.168.130.212:6443 --token 3csntd.vebwbj6pcy5nx6uw \
    --discovery-token-ca-cert-hash sha256:XXXXX