标签:kubernetes -- 192.168 centos7 etc yum kubeadm kube
系统安装
- 下载阿里centos7 mini镜像(自带yum阿里镜像源)
- 制作vmware安装模板
- 集群规划,利用模板安装节点
安装前准备
禁用swap做准备(每个节点)
//注释swap那一行
vi /etc/fstab
#
# /etc/fstab
# Created by anaconda on Wed Nov 4 21:00:49 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=df8ce01c-e0dd-44c9-ae3f-bb051a66a1d6 /boot xfs defaults 0 0
#/dev/mapper/centos-swap swap swap defaults 0 0
规划集群(在192.168.16.131执行)
vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.16.131 k8s-master
192.168.16.136 k8s-node1
192.168.16.137 k8s-node2
scp /etc/hosts 192.168.16.136:/etc/hosts
scp /etc/hosts 192.168.16.137:/etc/hosts
依赖安装前置配置(每个节点)
注:镜像加速使用自己的地址
vi run.sh
chmod +x run.sh
scp run.sh 192.168.16.136:~/
scp run.sh 192.168.16.137:~/
//copy到自己的run.sh,注意替换镜像加速地址
#!/bin/bash
systemctl stop firewalld
systemctl disable firewalld
sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0
echo vm.swappiness=0 >> /etc/sysctl.conf
swapoff -a
yum install -y ntpdate
ntpdate 0.rhel.pool.ntp.org
yum install -y ntpdath
yum -y install yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum -y install docker-ce
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["docker镜像加速"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
sudo systemctl enable docker
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum makecache -y
yum -y install kubelet kubeadm kubectl
systemctl enable kubelet
reboot
使用kubeadm安装kubernetes
- 初始化master
–kubernetes-version #指定Kubernetes版本
–image-repository #由于kubeadm默认是从官网k8s.grc.io下载所需镜像,国内无法访问,所以这里通过–image-repository指定为阿里云镜像仓库地址
–pod-network-cidr #指定pod网络段
–service-cidr #指定service网络段
–ignore-preflight-errors=Swap #忽略swap报错信息
kubeadm init --kubernetes-version=v1.20.0 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap
- 记录自己的kubeadm join命令
kubeadm join 192.168.16.131:6443 --token xxxx --discovery-token-ca-cert-hash sha256:xxx
- 等待第一步执行成功
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
scp -r ~/.kube 192.168.16.136:~/
scp -r ~/.kube 192.168.16.137:~/
- 安装网络组件(192.168.16.131)
方法1(不需要梯子):
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
方法2(自备梯子下载):
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
- 加入node节点(分别在192.168.16.136(137)执行)
kubeadm join 192.168.16.131:6443 --token xxxx --discovery-token-ca-cert-hash sha256:xxx
- 安装dashboard(可自行改为NodePort暴露)
kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-rc7/aio/deploy/recommended.yam
//授权
vi admin-user-sa-rbac.yaml
kubectl apply -f admin-user-sa-rbac.yaml
//获取token
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
admin-user-sa-rbac.yaml 内容
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system
标签:kubernetes,--,192.168,centos7,etc,yum,kubeadm,kube 来源: https://blog.csdn.net/weixin_40814867/article/details/111031110
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。