欢迎关注公众号与我交流
 博主目前就职于一家工业互联网公司担任架构师,曾供职于阿里、康佳、电商与移动社交等公司,技术能力、架构能力过硬

kubeadm方式安装k8s集群

本文阅读量:   

一 为什么选择用kubeadm部署集群

方便快捷,易于维护。

二 集群机器规划

该环境是我们的开发环境,如果是生产环境部署,k8s的master节点正常部署2个以上做高可用

hostname 机器IP 系统 机器配置 用途
dev-k8s-master 192.168.90.220 CentOS7.2 2核4G k8s的master节点
dev-k8s-worker01 192.168.90.221 CentOS7.2 4核16G k8s的worker节点1
dev-k8s-worker02 192.168.90.222 CentOS7.2 4核16G k8s的worker节点2
dev-k8s-worker03 192.168.90.223 CentOS7.2 4核16G k8s的worker节点3

三 每台机器相同的操作

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
# ntp时钟一致
yum install -y ntpdate
ntpdate cn.pool.ntp.org

# 设置hostname 对于master
hostnamectl set-hostname dev-k8s-master
# 设置hostname 对于worker01
hostnamectl set-hostname dev-k8s-worker01
# 设置hostname 对于worker02
hostnamectl set-hostname dev-k8s-worker02
# 设置hostname 对于worker03
hostnamectl set-hostname dev-k8s-worker03

# 修改/etc/hosts
cat > /etc/hosts << EOF
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.90.220       dev-k8s-master
192.168.90.221       dev-k8s-worker01
192.168.90.222       dev-k8s-worker02
192.168.90.223       dev-k8s-worker03
EOF

更换yaml源

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# 1.备份当前yum源(可选)
cd /etc/yum.repos.d/
cp /CentOS-Base.repo /CentOS-Base-repo.bak

# 2.使用wget下载阿里yum源repo文件
wget http://mirrors.aliyun.com/repo/Centos-7.repo

# 3.清理默认缓存包
yum clean all

# 4.把下载下来的阿里云repo文件设置成为默认源
mv Centos-7.repo CentOS-Base.repo

# 5.生成阿里云yum源缓存并更新yum源
yum makecache
# yum update

k8s的yum源配置

1
2
3
4
5
6
7
8
9
10
11
12
13
yum -y install yum-utils

cat << EOF > kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

yum-config-manager --add-repo kubernetes.repo

安装docker

1
2
3
4
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 指定版本 先 docker-ce-cli 否则 docker-ce-cli 会是最新版本
yum install docker-ce-cli-18.09.9-3.el7
yum install docker-ce-18.09.9-3.el7

安装kube

1
2
3
4
5
6
7
# 安装指定版本
yum install -y kubelet-1.15.12
yum install -y kubectl-1.15.12 kubeadm-1.15.12

systemctl daemon-reload
systemctl enable docker
systemctl enable kubelet

如果是私有仓库并且无ssl则配置docker daemon

1
2
3
4
5
6
7
8
9
10
mkdir /etc/docker

cat << EOF > /etc/docker/daemon.json 
{
  "registry-mirrors": ["https://79txu54u.mirror.aliyuncs.com"],
  "insecure-registries": ["192.168.90.244"]
}
EOF

systemctl start docker

四 k8s的master的初始化

1
2
3
4
5
6
7
8
9
10
11
$ kubeadm init --image-repository registry.cn-hangzhou.aliyuncs.com/google_containers --kubernetes-version=v1.15.12 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/16

$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config

$ kubectl  get  cs
NAME                 STATUS    MESSAGE             ERROR
scheduler            Healthy   ok                  
controller-manager   Healthy   ok                  
etcd-0               Healthy   {"health":"true"}

证书说明
kubeadm证书只有一年,证书到期前通过以下操作更新证书

1
2
3
4
5
6
7
# 证书有效期查询 -- 在master节点
kubeadm alpha certs check-expiration

# 直接通过以下命令更新证书
kubeadm alpha certs renew all
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

安装flannel

1
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

五 部署ingress-nginx

参考以下文档即可
https://kubernetes.io/zh/docs/concepts/services-networking/ingress/

六 删除或新增节点

三个worker节点都是通过这里所指的方式添加

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
kubectl delete node [节点名]

添加节点

1 在之前删除的节点执行以下命令

kubeadm reset

2 down掉之前的cni网络

ifconfig cni0 down  
ip link delete cni0

3 到master节点生成token

kubeadm token create --print-join-command

4 copy token 在node节点执行

kubeadm join 192.168.90.220:6443 --token o2nsll.nnpibjw8tv0vems7 --discovery-token-ca-cert-hash sha256:9aa23632d2df872181f5df5497ff84233623f9688fb3456214bf6d24fd15e0ff

如果执行kubeadm join ...时报以下错误则安装一下ipset,命令:yum install ipset

1
2
3
4
5
6
7
[preflight] Running pre-flight checks  
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/  
[preflight] Reading configuration from the cluster...  
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'  
error execution phase preflight: [preflight] Some fatal errors occurred:  
[ERROR IPVSProxierCheck]: error getting ipset version, error: executable file not found in $PATH  
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`

tag:

    缺失模块。
    1、请确保node版本大于6.2
    2、在博客根目录(注意不是yilia根目录)执行以下命令:
    npm i hexo-generator-json-content --save

    3、在根目录_config.yml里添加配置: 

      jsonContent:
    meta: false
    pages: false
    posts:
      title: true
      date: true
      path: true
      text: false
      raw: false
      content: false
      slug: false
      updated: false
      comments: false
      link: false
      permalink: false
      excerpt: false
      categories: false
      tags: true

曾供职于<br>大厂(阿里)、<br>国企(康佳)、<br>电商与移动社交<br>等互联网公司,<br>技术能力、架构能力过硬。<br><br>我的个人微信:qicoding,<br>请注明来自码蜂窝技术博客,<br>非常欢迎加微信沟通交流<br>(包含但不限于源码、技术点、设<br>计与生产实践中遇到的问题等)