kubeadm搭建k8s集群

发表于

master节点

关闭防火墙

1
2
systemctl disable firewalld.service 
systemctl stop firewalld.service

安装docker

添加docker源
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

安装指定版本docker-ce
yum install -y --setopt=obsoletes=0 docker-ce-17.03.1.ce-1.el7.centos docker-ce-selinux-17.03.1.ce-1.el7.centos

安装kubeadm kubelet kubectl

1
2
3
4
5
6
7
cat>>/etc/yum.repos.d/kubrenetes.repo<<EOF
[kubernetes]
name=Kubernetes Repo
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
EOF

这里先添加aliyun的源

yum install -y kubelet kubeadm kubectl systemctl enable kubelet && systemctl start kubelet

安装kubelet,kubeadm,kubectl

注: 在node节点也许要安装上述程序

拉取镜像

国内环境需要单独拉取镜像

执行kubeadm config images list ,查看有哪些镜像
然后执行

1
for i in `kubeadm config images list`; do    imageName=${i#k8s.gcr.io/};   docker pull registry.aliyuncs.com/google_containers/$imageName;   docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName;   docker rmi registry.aliyuncs.com/google_containers/$imageName; done;

拉取所需镜像

设置主机名,hosts

1
2
hostnamectl --static set-hostname  k8s-master
hostnamectl --static set-hostname  k8s-node-1
1
2
192.168.33.11 k8s-master
192.168.33.10 k8s-node-1

开始配置master节点

在master上执行

1
kubeadm init --kubernetes-version=v1.14.1 --apiserver-advertise-address=192.168.33.11 --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=NumCPU

这一步的preflight check中会提示一些错误,按照提示解决即可,比如关闭swap, 执行swapoff -a

安装完成后的正确输出

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
o start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube


  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.33.11:6443 --token 4wjdcu.rbbhnqo3v0u7wvnk \
    --discovery-token-ca-cert-hash sha256:f91ad7efecc53b99556025ef4ed60c1a72697fd4fcd8ed8e4d30dc5e5f04ad68

安装pod网络

使用flannel安装pod网络
执行kubectl apply -f kube-flannel.yaml

检查

kubectl get nodes

安装woker节点

worker节点需要安装docker kubelet kubeadm kubectl
和master同理

加入node节点

1
kubeadm join 192.168.33.11:6443 --token wuys8z.b6c8f95c5ig7yuz0 --discovery-token-ca-cert-hash sha256:f91ad7efecc53b99556025ef4ed60c1a72697fd4fcd8ed8e4d30dc5e5f04ad68

注: token我看到的是23小时过期。在master上执行kubeadm token create 创建新的token