1. 安装containerd

  k8s1.24不支持docker作为运行时容器,需要采用containerd

  k8s1.24可以支持docker的远程镜像

1.1. 安装

  apt-get install containerd.io=1.6.6-1

1.2. 生成containerd默认配置文件(所有节点)

  mv /etc/containerd/config.toml /etc/containerd/config.toml.orig

  containerd config default > /etc/containerd/config.toml

1.3. 修改config.toml文件

  • endpoint加速器

    [plugins."io.containerd.tracing.processor.v1.otlp"]

        endpoint = "https://docker.mirrors.ustc.edu.cn/"

          insecure = false

          protocol = “"

  • 修改sandbox_image

    #sandbox_image = "k8s.gcr.io/pause:3.6"

        sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.7"

  • 修改Systemdcgroup

    [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]

              IoUid = 0

              NoNewKeyring = false

              NoPivotRoot = false

              Root = ""

              ShimCgroup = ""

              SystemdCgroup = true

  • 修改root和state的路径(看硬盘情况)

    required_plugins = []

    root = "/home/containerd/root"

    state = "/home/containerd/state"

    temp = ""

    version = 2

1.4. 重启containerd

  systemctl restart containerd

1.5. 查看镜像

  sudo crictl image ls

   kubernetes1.24+containerd搭建-LMLPHP

1.6. 查看容器

  sudo crictl ps

      kubernetes1.24+containerd搭建-LMLPHP

  

2. 安装kubeadm、kubelet 和 kubectl

kubernetes1.24+containerd搭建-LMLPHP
  • kubeadm:用来初始化集群的指令。
  • kubelet:在集群中的每个节点上用来启动 pod 和容器等。
  • kubectl:用来与集群通信的命令行工具。

  安装1.24.0版本

  环境是ubuntu22.04

  sudo apt-get update && sudo apt-get install -y apt-transport-https curl

  需要能访问google

  curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -

  国内的源(此源可以使用,本次搭建使用的是此源):

  cat <<EOF >/etc/apt/sources.list.d/kubernetes.list

  deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main

  EOF

  sudo apt-get update

  sudo apt-get install -y kubelet=1.24.2-00 kubeadm=1.24.2-00 kubectl=1.24.2-00

  sudo apt-mark hold kubelet kubeadm kubectl

 
  安装完,看下版本:
kubernetes1.24+containerd搭建-LMLPHP
xxxx@iZ2zeabl8ta0jq1nd850igZ:~/program$ kubectl version

WARNING: This version information is deprecated and will be replaced with the output from kubectl version --short.  Use --output=yaml|json to get the full version.

Client Version: version.Info{Major:"1", Minor:"24", GitVersion:"v1.24.2", GitCommit:"f66044f4361b9f1f96f0053dd46cb7dce5e990a8", GitTreeState:"clean", BuildDate:"2022-06-15T14:22:29Z", GoVersion:"go1.18.3", Compiler:"gc", Platform:"linux/amd64"}

Kustomize Version: v4.5.4

The connection to the server localhost:8080 was refused - did you specify the right host or port?

3. 关闭swap

  如果不关闭kubernetes运行会出现错误, 即使安装成功了,node重启后也会出现kubernetes server运行错误。

  • 暂时关闭

   sudo swapoff -a 

  • 永久关闭

   编辑 /etc/fstab 文件

   vi /etc/fstab

     将 /dev/mapper/centos-swap swap swap default 0 0 这一行前面加个 # 号将其注释掉。

4. master主节点启动

4.1. 清空数据

  sudo rm -rf /var/lib/etcd

4.2. 生成默认配置文件

  kubeadm config print init-defaults --kubeconfig ClusterConfiguration > kubeadm.yml

4.3. 修改配置文件

  kubernetes1.24+containerd搭建-LMLPHP

  name: logic需要是host的name,hostname获取

  name也可以随便取,只要/etc/hosts里面有配置地址就可以,

  podSubnet的地址需要和flannel一致,因为是通过flannel来分配ip地址的, k8s会在各个子王上面划分对应的ip网段

 

4.4. 指定配置文件初始化

  

zhancj@iZ2zeabl8ta0jq1nd850igZ:~/program/k8s$ sudo kubeadm init --config kubeadm.yml 

  kubernetes1.24+containerd搭建-LMLPHP

  提示这样就初始化成功k8s的master主节点了

4.4. 查看pods:

qiteck@server:~$ sudo kubectl get pods --all-namespaces
NAMESPACE     NAME                                         READY   STATUS    RESTARTS        AGE
default       account-794585bbbb-p927k                     1/1     Running   0               29h
default       account-794585bbbb-xdlt7                     1/1     Running   0               29h
default       advertise-74d996d7dd-qtxzf                   1/1     Running   0               2d22h
default       advertise-74d996d7dd-w7fnh                   1/1     Running   1 (46h ago)     2d22h
default       consul-client-m7jwf                          1/1     Running   0               45h
default       consul-client-vpd94                          1/1     Running   0               45h
default       consul-server-0                              1/1     Running   0               45h
default       consul-server-1                              1/1     Running   0               45h
default       consul-server-2                              1/1     Running   0               45h
default       count-679b5fb4bb-hlqrj                       1/1     Running   0               2d22h
default       count-679b5fb4bb-lfhbl                       1/1     Running   1 (46h ago)     2d22h
default       course-694b96bd8d-6qqmk                      1/1     Running   1 (46h ago)     2d22h
default       course-694b96bd8d-j6lfw                      1/1     Running   0               2d22h

4.5. 拷贝授权登陆文件给当前用户:

   配置文件设置kubectl的使用,包括连接api服务器,证书权限等等

  K8s会用到当前用户的权限,可以拷贝配置文件,或者设置链接

  拷贝:

    mkdir -p $HOME/.kube

        sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

        sudo chown $(id -u):$(id -g) $HOME/.kube/config

  软连接:

    mkdir -p $HOME/.kube

    sudo ln -sf /etc/kubernetes/admin.conf ~/.kube/config

  否则将报错:The connection to the server localhost:8080 was refused - did you specify the right host or port?

  如果按照前面这么配置还有问题的话,需要注意区分sudo和非sudo的情况,非sudo的情况下要保证对/etc/kubernetes/admin.conf的权限,

  8080端口是kubectl默认请求的端口,这个是不安全的端口,安全的访问方式是https://localhost:6443

 

4.6. 修改nodeport端口范围:

  Nodeport的默认端口范围是30000-32767

  很影响使用,把它改成1-65535

  编辑 kube-apiserver.yaml文件

  vim /etc/kubernetes/manifests/kube-apiserver.yaml

  找到 --service-cluster-ip-range 这一行,在这一行的下一行增加 如下内容

  - --service-node-port-range=1-65535

  实际内容如下:

kubernetes1.24+containerd搭建-LMLPHP

  

  最后 重启 kubelet
  sudo systemctl daemon-reload
  sudo systemctl restart kubelet

4.7. 设置master节点可以部署pod

这是因为kubernetes出于安全考虑默认情况下无法在master节点上部署pod,

  • 1 node(s) had taint {node-role.kubernetes.io/master: } that the pod didn't tolerate.:

    kubectl taint nodes --all node-role.kubernetes.io/master-

    执行后将输出如下信息(其中报错可忽略):

    

  • 1 node(s) had untolerated taint {node-role.kubernetes.io/control-plane: }. preemption: 0/1 nodes are available:

    kubectl taint nodes --all node-role.kubernetes.io/control-plane-

4.8. 日志查看

    

  systemctl status kubelet

  journalctl -xefu kubelet

  vim /var/log/pods/kube-system_kube-apiserver

4.9. POD网络差距flannel安装

  用来部署pod的地址

  •  下载配置:

    wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

  •  修改配置文件:

    确保kube-flannel.yml的这个字段“Network”: “10.244.0.0/16" 与kubeadm.conf的podSubnet地址一致

  •  部署:

    kubectl apply -f kube-flannel.yml

  •  检测flannel进程是否启动:

    qiteck@logic:~/program/k8s_1.24.2$ ps -ef|grep flannel

    root        4673    4326  0 09:16 ?        00:00:00 /opt/bin/flanneld --ip-masq --kube-subnet-mgr

  • 检测flannel进程是否启动:
iteck@server:~$ sudo kubectl get pods -n kube-system
NAME                                         READY   STATUS    RESTARTS        AGE
coredns-74586cf9b6-8mbqz                     1/1     Running   3 (6d23h ago)   6d23h
coredns-74586cf9b6-hz48p                     1/1     Running   3 (6d23h ago)   6d23h
etcd-master.cluster.k8s                      1/1     Running   5 (6d23h ago)   6d23h
kube-apiserver-master.cluster.k8s            1/1     Running   0               3d1h
kube-controller-manager-master.cluster.k8s   1/1     Running   7 (2d23h ago)   6d23h
kube-flannel-ds-rt8z5                        1/1     Running   5 (46h ago)     3d
kube-flannel-ds-t6nrc                        1/1     Running   1 (6d23h ago)   6d23h
kube-proxy-ngnrv                             1/1     Running   5 (46h ago)     3d
kube-proxy-tjh8h                             1/1     Running   4 (6d23h ago)   6d23h
kube-scheduler-master.cluster.k8s            1/1     Running   7 (2d23h ago)   6d23h
  • 看下cni0网卡是否有了:
qiteck@server:~$ ifconfig
br-0480d1b7cefb: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.18.0.1  netmask 255.255.0.0  broadcast 172.18.255.255
        inet6 fe80::42:e1ff:fe6e:8e3c  prefixlen 64  scopeid 0x20<link>
        ether 02:42:e1:6e:8e:3c  txqueuelen 0  (Ethernet)
        RX packets 84662  bytes 119261797 (119.2 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 83663  bytes 121420317 (121.4 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

cni0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 10.244.1.1  netmask 255.255.255.0  broadcast 10.244.1.255
        inet6 fe80::b821:f2ff:fe1d:809a  prefixlen 64  scopeid 0x20<link>
        ether ba:21:f2:1d:80:9a  txqueuelen 1000  (Ethernet)
        RX packets 9016802  bytes 993361285 (993.3 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6600536  bytes 1003467886 (1.0 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
  • 看下是否有生成/run/flannel/subnet.env文件:

    设置flannel插件的信息, 一旦flanneld启动,它会自动将一些数据写入/run/flannel/subnet.env

至此,k8s主节点已经搭建起来了。

07-15 16:42