Kubernetes cluster setup

Prerequisite

k8s Need a containerized operating environment , So we first need to install Docker, Please refer to the previous articles for details .

Docker install , Environment configuration description

kubeadm Build a cluster in this way

kubeadm It's an official community launch for rapid deployment kubernetes Clustering tools , This tool can complete one by two instructions kubernetes Cluster deployment .

• First of all 、 Create a Master node

kubeadm init

• second 、 take Node Nodes join the current cluster

kubeadm join <Master Node IP And port >

1. Initialization work

Two virtual machines are prepared for demonstration .

• Turn off firewall

systemctl stop firewalld
systemctl disable firewalld

• Each machine sets its own domain name

hostnamectl set-hostname xxxx

• take SELinux Set to permissive Pattern （ It's equivalent to disabling ）

sudo setenforce 0  #  temporary 
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config  #  permanent 

• close swap

swapoff -a   #  temporary 
sed -ri 's/.*swap.*/#&/' /etc/fstab  #  permanent 

• allow iptables Check bridge flow

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

• Make configuration effective

sudo sysctl --system

These commands need to be executed on each machine .

2. install kubelet、kubeadm、kubectl

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo-gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

yum install -y kubelet-1.20.9 kubeadm-1.20.9 kubectl-1.20.9  #  Specify the version , Select as needed 

systemctl enable kubelet   #  Set boot up 
systemctl enable kubelet --now kubelet #  restart now 

These commands need to be executed on each machine .

adopt systemctl status kubelet You can see kubelet Now it will restart every few seconds , Because it fell into a wait kubeadm Dead loop of instructions .（ Normal condition , Because waiting for instructions ）

3. Use kubeadm Boot the cluster installation

• Download the images required by each machine

sudo tee ./images.sh <<-'EOF'
#!/bin/bash
images=(
kube-apiserver:v1.20.9
kube-proxy:v1.20.9
kube-controller-manager:v1.20.9
kube-scheduler:v1.20.9
coredns:1.7.0
etcd:3.4.13-0
pause:3.2
)
for imageName in ${images[@]} ; do
docker pull registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/$imageName
done
EOF

Generate images.sh file , It contains the images we need .

chmod +x ./images.sh && ./images.sh #  Give permission and execute .

These commands need to be executed on each machine .

You can see that the image we need has been downloaded .

[[email protected] ~]# docker images
REPOSITORY                                                                 TAG        IMAGE ID       CREATED         SIZE
registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/kube-proxy                v1.20.9    8dbf9a6aa186   10 months ago   99.7MB
registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/kube-apiserver            v1.20.9    0d0d57e4f64c   10 months ago   122MB
registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/kube-controller-manager   v1.20.9    eb07fd4ad3b4   10 months ago   116MB
registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/kube-scheduler            v1.20.9    295014c114b3   10 months ago   47.3MB
registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/etcd                      3.4.13-0   0369cf4303ff   20 months ago   253MB
registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/coredns                   1.7.0      bfe3a36ebd25   23 months ago   45.2MB
registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/pause                     3.2        80d28bedfe5d   2 years ago     683kB
[[email protected] ~]# 

4. Initialize the master node

• Add... To all machines master Domain mapping , The following needs to be modified as your own

echo "192.168.237.149 cluster-endpoint" >> /etc/hosts

This is equivalent to telling each node which is the primary node （ Each node needs to execute ）.

After this step, we found that through the domain name in node Nodes can ping through master Node .

[[email protected] ~]# ping cluster-endpoint
PING cluster-endpoint (192.168.237.149) 56(84) bytes of data.
64 bytes from cluster-endpoint (192.168.237.149): icmp_seq=1 ttl=64 time=0.435 ms
64 bytes from cluster-endpoint (192.168.237.149): icmp_seq=2 ttl=64 time=0.449 ms
^C
--- cluster-endpoint ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 0.373/0.419/0.449/0.033 ms
[[email protected] ~]# 

• Master initialization

kubeadm init \
--apiserver-advertise-address=192.168.237.149 \
--control-plane-endpoint=cluster-endpoint \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.20.9 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=192.168.0.0/16


kubeadm init \
--apiserver-advertise-address=192.168.237.149 \
--control-plane-endpoint=cluster-endpoint \
--image-repository registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images \
--kubernetes-version v1.20.9 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=192.168.0.0/16

This command is only executed on the primary node .

192.168.237.149 Modify the primary node ip.10.96.0.0/12 yes server ip paragraph ,10.244.0.0/16 yes pod ip paragraph . It should be noted that server and pod Of ip Segments cannot overlap , At the same time, it cannot be connected with the machine ip Segment overlap （ All network ranges do not overlap ）.