[TOC]
1: Hardware environment preparation
Three machines, planned for one master, two node s
| Sequence Number | ip | System Version | hostname | To configure | Node type |
|---|---|---|---|---|---|
| 1 | 192.168.159.210 | CentOS 7.7.1908 (Core) | vm210 | 2-core 2G | Master |
| 2 | 192.168.159.211 | CentOS 7.7.1908 (Core) | vm211 | 2-core 2G | node |
| 3 | 192.168.159.212 | CentOS 7.7.1908 (Core) | vm212 | 2-core 2G | node |
2: System Software Environment Preset
1. Set up hosts
vi /etc/hosts Add the following 127.0.0.1 vm210
2. Close the firewall
[root@vm210 ~]# systemctl stop firewalld [root@vm210 ~]# systemctl disable firewalld [root@vm210 ~]# systemctl status firewalld ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Docs: man:firewalld(1) [root@vm210 ~]#
3. Install docker
Install using yum, skip if installed
yum -y install docker
4. Configure yum source
vi /etc/yum.repos.d/kubernetes.repo //Add the following [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=0
5. Set up SELinux
vi /etc/selinux/config Add the following SELINUX=disabled Comment out SELINUX=enforcing,SELINUXTYPE=targeted
# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. #SELINUX=enforcing # SELINUXTYPE= can take one of three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. #SELINUXTYPE=targeted SELINUX=disabled
6. Turn off swap memory
Using swap can affect performance.kubelet disables swap
1) System level zero off
Swapoff-a, invalid after restart
2) System level shutdown
Vi/etc/fstab, comment out the swap line
A reboot is required.Not invalidated after restart
# # /etc/fstab # Created by anaconda on Mon Dec 2 21:02:22 2019 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/mapper/centos-root / xfs defaults 0 0 UUID=b232659c-bd84-46f0-928b-a46d55500934 /boot xfs defaults 0 0 #/dev/mapper/centos-swap swap
7. Set up iptables
Solve the problem of iptables causing traffic to be routed incorrectly
cat <<EOF > /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF sysctl --system
Three: Master node installs kubeadm
1. Install kubelet and kubeadm and kubectl
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes systemctl enable --now kubelet
2. Start docker
systemctl enable docker && systemctl start docker
3. Download the required mirror
for i in `kubeadm config images list`; do imageName=${i#k8s.gcr.io/} docker pull registry.aliyuncs.com/google_containers/$imageName docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName docker rmi registry.aliyuncs.com/google_containers/$imageName done;
4. Changing the parameters of kubelet
vi /etc/sysconfig/kubelet Change to the following parameters KUBELET_EXTRA_ARGS=--cgroup-driver=systemd
5.kubeadm initialization
kubeadm init //When completed, the following results are available To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root: kubeadm join 192.168.159.210:6443 --token ct4248.2egr8dv9k4avqul7 \ --discovery-token-ca-cert-hash sha256:4ca4f6835e9cd70b43be16b81d8340876dca0e064c6168342c140140d17f449b //The last command needs to be executed in the node to join the k8s cluster
Follow the prompt to execute the following command mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
Four: node node installs kubeadm
1. Install kubeadm kubelet
yum -y install kubeadm kubelet
2. Start docker
systemctl enable docker && systemctl start docker
3. Download the required mirror
for i in `kubeadm config images list`; do imageName=${i#k8s.gcr.io/} docker pull registry.aliyuncs.com/google_containers/$imageName docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName docker rmi registry.aliyuncs.com/google_containers/$imageName done;
4. Changing the parameters of kubelet
vi /etc/sysconfig/kubelet Change to the following parameters KUBELET_EXTRA_ARGS=--cgroup-driver=systed
5) Join master
token Come from master Node Execution kubeinit Results kubeadm join 192.168.159.210:6443 --token ct4248.2egr8dv9k4avqul7 \ --discovery-token-ca-cert-hash sha256:4ca4f6835e9cd70b43be16b81d8340876dca0e064c6168342c140140d17f449b
Five: Install network plug-ins
kubectl apply -f https://docs.projectcalico.org/v3.8/manifests/calico.yaml
Six: Query k8s cluster status
1. Query node
[root@vm210 k8s]# kubectl get nodes NAME STATUS ROLES AGE VERSION vm210 Ready master 58m v1.16.3 vm211 Ready <none> 21m v1.16.3 vm212 Ready <none> 6m29s v1.16.3
2. Query pods status
root@vm210 k8s]# kubectl get pods --namespace=kube-system NAME READY STATUS RESTARTS AGE calico-kube-controllers-55754f75c-7wvrb 1/1 Running 0 6m20s calico-node-9x82m 1/1 Running 0 6m20s calico-node-gn5qh 1/1 Running 0 6m20s calico-node-h8kvz 0/1 PodInitializing 0 6m20s coredns-5644d7b6d9-h9sn2 1/1 Running 0 59m coredns-5644d7b6d9-pwfl5 1/1 Running 0 59m etcd-vm210 1/1 Running 0 58m kube-apiserver-vm210 1/1 Running 0 58m kube-controller-manager-vm210 1/1 Running 0 58m kube-proxy-6hjk2 1/1 Running 0 22m kube-proxy-bcmhh 1/1 Running 0 7m31s kube-proxy-bt9rn 1/1 Running 0 59m kube-scheduler-vm210 1/1 Running 0 58m
3. Query the specific state of the pod
kubectl --namespace=kube-system describe pod <pod_name> kubectl --namespace=kube-system describe pod calico-node-h8kvz
4. The master node can also schedule pod s like the node node node
kubectl taint nodes --all node-role.kubernetes.io/master- [root@vm210 k8s]# kubectl taint nodes --all node-role.kubernetes.io/master- node/vm210 untainted taint "node-role.kubernetes.io/master" not found taint "node-role.kubernetes.io/master" not found
5. Query k8s version
[root@vm210 k8s]# kubectl version Client Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.3", GitCommit:"b3cbbae08ec52a7fc73d334838e18d17e8512749", GitTreeState:"clean", BuildDate:"2019-11-13T11:23:11Z", GoVersion:"go1.12.12", Compiler:"gc", Platform:"linux/amd64"} Server Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.3", GitCommit:"b3cbbae08ec52a7fc73d334838e18d17e8512749", GitTreeState:"clean", BuildDate:"2019-11-13T11:13:49Z", GoVersion:"go1.12.12", Compiler:"gc", Platform:"linux/amd64"}
So far, the Kubernetes cluster has been rapidly set up using the kubeadm tool.If the installation fails, you can execute the kubeadm reset command to restore the host, re-execute the kubeadm init, or the kubeadm join command to install again.
If you have any questions during the installation, you are welcome to add vx:xydjun.Discuss and communicate with each other