1. 安装containerd
k8s1.24不支持docker作为运行时容器,需要采用containerd
k8s1.24可以支持docker的远程镜像
1.1. 安装
apt-get install containerd.io=1.6.6-1
1.2. 生成containerd默认配置文件(所有节点)
mv /etc/containerd/config.toml /etc/containerd/config.toml.orig
containerd config default > /etc/containerd/config.toml
1.3. 修改config.toml文件
- endpoint加速器
[plugins."io.containerd.tracing.processor.v1.otlp"]
endpoint = "https://docker.mirrors.ustc.edu.cn/"
insecure = false
protocol = “"
- 修改sandbox_image
#sandbox_image = "k8s.gcr.io/pause:3.6"
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.7"
- 修改Systemdcgroup
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
IoUid = 0
NoNewKeyring = false
NoPivotRoot = false
Root = ""
ShimCgroup = ""
SystemdCgroup = true
- 修改root和state的路径(看硬盘情况)
required_plugins = []
root = "/home/containerd/root"
state = "/home/containerd/state"
temp = ""
version = 2
1.4. 重启containerd
systemctl restart containerd
1.5. 查看镜像
sudo crictl image ls
1.6. 查看容器
sudo crictl ps
2. 安装kubeadm、kubelet 和 kubectl
- kubeadm:用来初始化集群的指令。
- kubelet:在集群中的每个节点上用来启动 pod 和容器等。
- kubectl:用来与集群通信的命令行工具。
安装1.24.0版本
环境是ubuntu22.04
sudo apt-get update && sudo apt-get install -y apt-transport-https curl
需要能访问google
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
国内的源(此源可以使用,本次搭建使用的是此源):
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main
EOF
sudo apt-get update
sudo apt-get install -y kubelet=1.24.2-00 kubeadm=1.24.2-00 kubectl=1.24.2-00
sudo apt-mark hold kubelet kubeadm kubectl
xxxx@iZ2zeabl8ta0jq1nd850igZ:~/program$ kubectl version WARNING: This version information is deprecated and will be replaced with the output from kubectl version --short. Use --output=yaml|json to get the full version. Client Version: version.Info{Major:"1", Minor:"24", GitVersion:"v1.24.2", GitCommit:"f66044f4361b9f1f96f0053dd46cb7dce5e990a8", GitTreeState:"clean", BuildDate:"2022-06-15T14:22:29Z", GoVersion:"go1.18.3", Compiler:"gc", Platform:"linux/amd64"} Kustomize Version: v4.5.4 The connection to the server localhost:8080 was refused - did you specify the right host or port?
3. 关闭swap
如果不关闭kubernetes运行会出现错误, 即使安装成功了,node重启后也会出现kubernetes server运行错误。
- 暂时关闭
sudo swapoff -a
- 永久关闭
编辑 /etc/fstab 文件
vi /etc/fstab
将 /dev/mapper/centos-swap swap swap default 0 0 这一行前面加个 # 号将其注释掉。
4. master主节点启动
4.1. 清空数据
sudo rm -rf /var/lib/etcd
4.2. 生成默认配置文件
kubeadm config print init-defaults --kubeconfig ClusterConfiguration > kubeadm.yml
4.3. 修改配置文件
name: logic需要是host的name,hostname获取
name也可以随便取,只要/etc/hosts里面有配置地址就可以,
podSubnet的地址需要和flannel一致,因为是通过flannel来分配ip地址的, k8s会在各个子王上面划分对应的ip网段
4.4. 指定配置文件初始化
zhancj@iZ2zeabl8ta0jq1nd850igZ:~/program/k8s$ sudo kubeadm init --config kubeadm.yml
提示这样就初始化成功k8s的master主节点了
4.4. 查看pods:
qiteck@server:~$ sudo kubectl get pods --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE default account-794585bbbb-p927k 1/1 Running 0 29h default account-794585bbbb-xdlt7 1/1 Running 0 29h default advertise-74d996d7dd-qtxzf 1/1 Running 0 2d22h default advertise-74d996d7dd-w7fnh 1/1 Running 1 (46h ago) 2d22h default consul-client-m7jwf 1/1 Running 0 45h default consul-client-vpd94 1/1 Running 0 45h default consul-server-0 1/1 Running 0 45h default consul-server-1 1/1 Running 0 45h default consul-server-2 1/1 Running 0 45h default count-679b5fb4bb-hlqrj 1/1 Running 0 2d22h default count-679b5fb4bb-lfhbl 1/1 Running 1 (46h ago) 2d22h default course-694b96bd8d-6qqmk 1/1 Running 1 (46h ago) 2d22h default course-694b96bd8d-j6lfw 1/1 Running 0 2d22h
4.5. 拷贝授权登陆文件给当前用户:
配置文件设置kubectl的使用,包括连接api服务器,证书权限等等
K8s会用到当前用户的权限,可以拷贝配置文件,或者设置链接
拷贝:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
软连接:
mkdir -p $HOME/.kube
sudo ln -sf /etc/kubernetes/admin.conf ~/.kube/config
否则将报错:The connection to the server localhost:8080 was refused - did you specify the right host or port?
如果按照前面这么配置还有问题的话,需要注意区分sudo和非sudo的情况,非sudo的情况下要保证对/etc/kubernetes/admin.conf的权限,
8080端口是kubectl默认请求的端口,这个是不安全的端口,安全的访问方式是https://localhost:6443
4.6. 修改nodeport端口范围:
Nodeport的默认端口范围是30000-32767
很影响使用,把它改成1-65535
编辑 kube-apiserver.yaml文件
vim /etc/kubernetes/manifests/kube-apiserver.yaml
找到 --service-cluster-ip-range 这一行,在这一行的下一行增加 如下内容
- --service-node-port-range=1-65535
实际内容如下:
最后 重启 kubelet
sudo systemctl daemon-reload
sudo systemctl restart kubelet
4.7. 设置master节点可以部署pod
这是因为kubernetes出于安全考虑默认情况下无法在master节点上部署pod,
- 1 node(s) had taint {node-role.kubernetes.io/master: } that the pod didn't tolerate.:
kubectl taint nodes --all node-role.kubernetes.io/master-
执行后将输出如下信息(其中报错可忽略):
- 1 node(s) had untolerated taint {node-role.kubernetes.io/control-plane: }. preemption: 0/1 nodes are available:
kubectl taint nodes --all node-role.kubernetes.io/control-plane-
4.8. 日志查看
systemctl status kubelet
journalctl -xefu kubelet
vim /var/log/pods/kube-system_kube-apiserver
4.9. POD网络差距flannel安装
用来部署pod的地址
- 下载配置:
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
- 修改配置文件:
确保kube-flannel.yml的这个字段“Network”: “10.244.0.0/16" 与kubeadm.conf的podSubnet地址一致
- 部署:
kubectl apply -f kube-flannel.yml
- 检测flannel进程是否启动:
qiteck@logic:~/program/k8s_1.24.2$ ps -ef|grep flannel
root 4673 4326 0 09:16 ? 00:00:00 /opt/bin/flanneld --ip-masq --kube-subnet-mgr
- 检测flannel进程是否启动:
iteck@server:~$ sudo kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE coredns-74586cf9b6-8mbqz 1/1 Running 3 (6d23h ago) 6d23h coredns-74586cf9b6-hz48p 1/1 Running 3 (6d23h ago) 6d23h etcd-master.cluster.k8s 1/1 Running 5 (6d23h ago) 6d23h kube-apiserver-master.cluster.k8s 1/1 Running 0 3d1h kube-controller-manager-master.cluster.k8s 1/1 Running 7 (2d23h ago) 6d23h kube-flannel-ds-rt8z5 1/1 Running 5 (46h ago) 3d kube-flannel-ds-t6nrc 1/1 Running 1 (6d23h ago) 6d23h kube-proxy-ngnrv 1/1 Running 5 (46h ago) 3d kube-proxy-tjh8h 1/1 Running 4 (6d23h ago) 6d23h kube-scheduler-master.cluster.k8s 1/1 Running 7 (2d23h ago) 6d23h
- 看下cni0网卡是否有了:
qiteck@server:~$ ifconfig br-0480d1b7cefb: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255 inet6 fe80::42:e1ff:fe6e:8e3c prefixlen 64 scopeid 0x20<link> ether 02:42:e1:6e:8e:3c txqueuelen 0 (Ethernet) RX packets 84662 bytes 119261797 (119.2 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 83663 bytes 121420317 (121.4 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 cni0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450 inet 10.244.1.1 netmask 255.255.255.0 broadcast 10.244.1.255 inet6 fe80::b821:f2ff:fe1d:809a prefixlen 64 scopeid 0x20<link> ether ba:21:f2:1d:80:9a txqueuelen 1000 (Ethernet) RX packets 9016802 bytes 993361285 (993.3 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6600536 bytes 1003467886 (1.0 GB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- 看下是否有生成/run/flannel/subnet.env文件:
设置flannel插件的信息, 一旦flanneld启动,它会自动将一些数据写入/run/flannel/subnet.env
至此,k8s主节点已经搭建起来了。