ubuntu22.04搭建k8s平台
一 k8s集群主机准备
1 安装系统
虚拟机安装3个系统
1master(192.168.60.128)
2follow(192.168.60.130-- follow1)(192.168.60.131-- follow2)
2 修改主机hostname
sudo hostnamectl set-hostname k8s-master
3 服务器同步时间设置相同时区
# 设置服务器使用utc+8时区/上海时区
timedatectl set-timezone Asia/Shanghai
# 查看服务器时间
date
# 安装ntpdate
apt install ntpdate
# 同步时间
ntpdate time1.aliyun.com
# 设置corn自动同步时间
crontab -e
# 选择编辑器nano 编辑文件在最下行添加以下corn表达式
0 */6 * * * ntpdate time1.aliyun.com
4 固定主机ip
如果为图形界面可以直接设置
如server版本可以修改下列文件
nano /etc/netplan/01-network-manager-all.yaml
netplan apply
# Let NetworkManager manage all devices on this system
network:
version: 2
renderer: networkd
ethernets:
ens33:
dhcp4: no
addresses:
- 192.168.60.130/24
routes:
- to: default
via: 192.168.60.2
nameservers:
addresses: [119.29.29.29,114.114.114.114,8.8.8.8]5 主机名IP映射
# 执行即可添加到文件
cat >> /etc/hosts << EOF
192.168.60.128 k8s-master
192.168.60.130 k8s-follow1
192.168.60.131 k8s-follow2
EOF
6配置内核转发及网桥过滤
cat << EOF | tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
#加载模块
modprobe overlay
modprobe br_netfilter
#查看已加载模块
lsmod | egrep "overlay"
# 添加网桥过滤及内核转发配置文件
cat << EOF | tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
#添加之后配置生效
sysctl -p /etc/sysctl.d/k8s.conf
#或
sysctl --system
7安装ipset及ipvsadm
apt install ipset ipvsadm
#配置ipvsadm模块加载
cat << EOF | tee /etc/modules-load.d/ipvs.conf
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack
EOF
#创建加载模块脚本文件
cat << EOF | tee ipvs.sh
#!/bin/sh
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack
EOF
#运行脚本
sh ipvs.sh
lsmod | grep ip_vs8 关闭SWAP交换分区
#查看物理内存和交换内存
free
#如果有交换内存 需要关闭
swapoff -a
#编辑文件注释挂在交换空间永久关闭交换空间
nano /etc/fstab
#注释挂在交换空间的命令
#/swapfile ....
二 安装k8s集群运行时Containerd准备
#下载Containerd文件安装
#服务器无法直连github 采取下载到我的服务器 在让k8s运行时服务器从我的服务器下载
wget https://xiaogao6.top:8888/api/alien/download/b5d75589-bfa8-4850-7aef-dcfb2b01c07f/cri-containerd-1.7.13-linux-amd64.tar.gz
--2024-03-13 22:49:40-- https://xiaogao6.top:8888/api/alien/download/b5d75589-bfa8-4850-7aef-dcfb2b01c07f/cri-containerd-1.7.13-linux-amd64.tar.gz
#解压安装到/bin
tar xf cri-containerd-1.7.13-linux-amd64.tar.gz -C /
#生成配置文件
mkdir /etc/containerd
containerd config default > /etc/containerd/config.toml
#修改配置(1.29.0 prod版本问题)
nano /etc/containerd/config.toml
#修改第65行
sandbox_image = "registry.k8s.io/pause:3.9" 由3.8修改为3.9
#修改第137行
SystemdCgroup = true 由false修改为true
#设置自启动并现在就启动
systemctl enable --now containerd
containerd --version
三 部署k8s
1安装k8s
#下载用于 Kubernetes 软件包仓库的公共签名密钥所有仓库都使用相同的签名密钥
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
ls /etc/apt/keyrings/
#添加 Kubernetes apt 仓库,请注意,此仓库仅包含适用于 Kubernetes 1.29 的软件包;对于其他 Kubernetes 次要版本,则需要更改 URL 中的Kubernete本以匹配你所需的次要版本(你还应该检查正在阅读的安装文档是否为你计划安装的 Kubernetes 版本的文档)此操作会覆盖 /etc/apt/sources.list.d/kubernetes.ist 中现存的所有配置,如果有的情况下。
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
cat /etc/apt/sources.list.d/kubernetes.list
#更新安装源
apt update
#查看版本
apt-cache policy kubeadm
apt-cache showpkg kubeadm
apt-cache madison kubeadm
#默认安装最新版本和 安装指定版本
apt install -y kubelet kubeadm kubectl
apt install -y kubelet=1.29.1-1.1 kubeadm=1.29.1-1.1 kubectl=1.29.1-1.1
#锁定版本防止自动更新
apt-mark hold kubeadm kubelet kubectl
#解锁
apt-mark unhold kubeadm kubelet kubectl
2生成部署配置文件
#查看版本
kubeadm version
#
kubeadm config print init-defaults > kubeadm-config.yaml
nano kubeadm-config.yaml
#更改地址名称
advertiseAddress: 192.168.60.128
name: k8s-master
serviceSubnet: 10.96.0.0/12
podSubnet: 10.244.0.0/16
#增加
---
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
cgroupDriver: systemd
#修改后查看所使用的镜像
kubeadm config images list
#(拉取失败就使用其他国内源,使用魔法也没有下载下来不知道为啥)
kubeadm config images pull
kubeadm config images pull --image-repository registry.aliyuncs.com/google_containers
#查看镜像
crictl images
kubeadm init --config kubeadm-config.yaml
#启动成功后执行
#1复制文件夹
#2 其他节点加入
kubectl get pods -n kube-system
#网络插件
ls /etc/cni/net.d
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.4/manifests/tigera-operator.yaml
kubectl get ns
kubectl get pod -n tigera-operator
#等待运行起来
#如果没有启动可以查看原因
kubectl describe pod tigera-operator-7f8cd97876-hvrvc -n tigera-operator
#安装插件2
wget https://raw.githubusercontent.com/projectcalico/calico/v3.27.2/manifests/custom-resources.yaml
nano custom-resources.yaml
#更改地址
cidr: 10.244.0.0/16
kubectl create -f custom-resources.yaml
kubectl get ns
#出现calico-system命名空间 等待全部下载运行
watch kubectl get pod -n calico-system
#检查是否全部运行
kubectl get pod -n kube-system -o wide
touch nginx.yaml
nano nginx
-------------------
---
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
selector:
app: nginx
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: web
spec:
selector:
matchLabels:
app: nginx
replicas: 1
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
name: web
-------------------------------
kubectl apply -f nginx.yaml
kubectl get pods -o wide
kubectl get svc
curl 访问成功!!
#重新初始化
#######
sudo rm /etc/kubernetes/manifests/kube-apiserver.yaml
sudo rm /etc/kubernetes/manifests/kube-controller-manager.yaml
sudo rm /etc/kubernetes/manifests/kube-scheduler.yaml
sudo rm /etc/kubernetes/manifests/etcd.yaml
sudo rm -rf /var/lib/etcd
lsof -t -i:10250 | xargs kill -9
kubeadm init --config kubeadm-config.yaml
#######
#重新加入节点
######
sudo systemctl stop kubelet
sudo mv /etc/kubernetes/kubelet.conf /etc/kubernetes/kubelet.conf.bak
sudo rm /etc/kubernetes/pki/ca.crt
sudo systemctl start kubelet
######
#阿里云改k8s tag
##########
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/coredns:v1.11.1 registry.k8s.io/coredns/coredns:v1.11.1
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/etcd:3.5.10-0 registry.k8s.io/etcd:3.5.10-0
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/kube-apiserver:v1.29.2 registry.k8s.io/kube-apiserver:v1.29.2
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/kube-controller-manager:v1.29.2 registry.k8s.io/kube-controller-manager:v1.29.2
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/kube-proxy:v1.29.2 registry.k8s.io/kube-proxy:v1.29.2
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/kube-scheduler:v1.29.2 registry.k8s.io/kube-scheduler:v1.29.2
ctr -n k8s.io image tag registry.aliyuncs.com/google_containers/pause:3.9 registry.k8s.io/pause:3.9
#####################