当前位置:网站首页>Kubedm builds kubenetes cluster (Personal Learning version)

Kubedm builds kubenetes cluster (Personal Learning version)

2022-07-01 06:09:00 The profound meaning of Tai Chi Sword

Basic configuration requirements

  1. Three stations linux machine , Be able to visit each other
  2. Be able to access the Internet

Not three linux machine , Virtual machines are available , Each virtual machine requires 2 nucleus 2G Memory , If the configuration requirements cannot be met , It can be reduced to two linux machine , One action master, One action worker

Version arrangement

Software / Mirror image edition
Docker18.09.0
kubeadm1.14.0
kubelet1.14.0
kubectl1.14.0
k8s.gcr.io/kube-apiserverv1.14.0
k8s.gcr.io/kube-controller-managerv1.14.0
k8s.gcr.io/kube-schedulerv1.14.0
k8s.gcr.io/kube-proxyv1.14.0
k8s.gcr.io/pause3.1
k8s.gcr.io/etcd3.3.10
k8s.gcr.io/coredns1.3.1
calicov3.9

install docker

  • All three machines need to be installed docker

  • Update and install basic software 

yum -y update
yum install -y conntrack ipvsadm ipset jq sysstat curl iptables libseccomp
  • docker Start installation 
1.  Install necessary dependencies 
	sudo yum install -y yum-utils device-mapper-persistent-data lvm2
2.  Set up docker Warehouse 
	sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

	sudo mkdir -p /etc/docker
	sudo tee /etc/docker/daemon.json <<-'EOF'
	{
	"registry-mirrors": [" Replace this with your actual address "]
	}
	EOF
	sudo systemctl daemon-reload
3.  install docker
	yum install -y docker-ce-18.09.0 docker-ce-cli-18.09.0 containerd.io
4.  Start and set docker Boot up 
	systemctl start docker 
	systemctl enable docker

hosts File modification

  • master Master node 
sudo hostnamectl set-hostname m

vi /etc/hosts
192.168.31.10 m
192.168.31.11 w1
192.168.31.12 w2
  • other worker node
    worker1
sudo hostnamectl set-hostname w1

vi /etc/hosts
192.168.31.10 m
192.168.31.11 w1
192.168.31.12 w2

worker2

sudo hostnamectl set-hostname w2

vi /etc/hosts
192.168.31.10 m
192.168.31.11 w1
192.168.31.12 w2

Other environment configurations 

#  Turn off firewall 
systemctl stop firewalld && systemctl disable firewalld
#  close selinux
setenforce 0 
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
#  close swap
swapoff -a
sed -i '/swap/s/^\(.*\)$/#\1/g' /etc/fstab
#  To configure iptables Of accept The rules 
iptables -F && iptables -X && iptables -F -t nat && iptables -X -t nat && iptables -P FORWARD ACCEPT
#  Set system parameters 
cat << EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net bridge.bridge-nf-call-iptables = 1
EOF

sysctl --system

install kubeadm,kubelet,kubectl

  • To configure yum Source 
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
       http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
  • install 
yum install -y kubectl-1.14.0-0 
yum install -y kubelet-1.14.0-0
yum install -y kubeadm-1.14.0-0
  • docker and k8s Set the same cgroup
# docker
vi /etc/docker/daemon.json
    "exec-opts": ["native.cgroupdriver=systemd"],
    
systemctl restart docker
    
# kubelet
sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
# sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g" /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf	
systemctl enable kubelet && systemctl start kubelet

proxy/pause/scheduler And so on

  • see kubeadm Image required 
kubeadm config images list

k8s.gcr.io/kube-apiserver:v1.14.0
k8s.gcr.io/kube-controller-manager:v1.14.0
k8s.gcr.io/kube-scheduler:v1.14.0
k8s.gcr.io/kube-proxy:v1.14.0
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.3.10
k8s.gcr.io/coredns:1.3.1
  • It needs scientific Internet access to access , Using domestic mirror images
    The domestic image name is inconsistent with the source image name , need docker In the play tag, Using script one click tag

kubeadm-image-tag.sh

#!/bin/bash

set -e

KUBE_VERSION=v1.14.0
KUBE_PAUSE_VERSION=3.1
ETCD_VERSION=3.3.10
CORE_DNS_VERSION=1.3.1

GCR_URL=k8s.gcr.io
ALIYUN_URL=registry.cn-hangzhou.aliyuncs.com/google_containers

images=(kube-proxy:${KUBE_VERSION}
kube-scheduler:${KUBE_VERSION}
kube-controller-manager:${KUBE_VERSION}
kube-apiserver:${KUBE_VERSION}
pause:${KUBE_PAUSE_VERSION}
etcd:${ETCD_VERSION}
coredns:${CORE_DNS_VERSION})

for imageName in ${images[@]} ; do
  docker pull $ALIYUN_URL/$imageName
  docker tag  $ALIYUN_URL/$imageName $GCR_URL/$imageName
  docker rmi $ALIYUN_URL/$imageName
done
  • Run script

master Node initialization

  • Initialize process preview 
01- Do a series of checks , To make sure that this machine can be deployed kubernetes

02- Generate kubernetes All kinds of certificates required for external services can correspond to the directory 
/etc/kubernetes/pki/*

03- Generate access for other components kube-ApiServer Required profile 
    ls /etc/kubernetes/
    admin.conf  controller-manager.conf  kubelet.conf  scheduler.conf
    
04- by  Master Component generation Pod The configuration file .
    ls /etc/kubernetes/manifests/*.yaml
    kube-apiserver.yaml 
    kube-controller-manager.yaml
    kube-scheduler.yaml
    
05- Generate etcd Of Pod YAML file .
    ls /etc/kubernetes/manifests/*.yaml
    kube-apiserver.yaml 
    kube-controller-manager.yaml
    kube-scheduler.yaml
	etcd.yaml
	
06- Once that happens  YAML  The file appears in the  kubelet  Monitored /etc/kubernetes/manifests/ Under the table of contents ,kubelet It will automatically create these yaml File defined pod, namely master Component's container .master After the container starts ,kubeadm Will pass the inspection localhost:6443/healthz This master Component health check URL, wait for master The component is fully operational 

07- Generate a bootstrap token

08- take ca.crt etc.  Master Important information nodes , adopt ConfigMap The way to save in etcd in , Follow up deployment node Node usage 

09- The final step is to install the default plug-in ,kubernetes Default kube-proxy and DNS Two plug-ins must be installed
  • The master node executes the initialization command 
kubeadm init --kubernetes-version=1.14.0 --apiserver-advertise-address=192.168.31.10 --pod-network-cidr=10.244.0.0/16
  • preservation kubeadm join Information
    There will be information about joining the master node during initialization
  • Follow the prompts in the initialization log 
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
  • Verify success

kubectl get pods -n kube-system

  • health examination

curl -k https://localhost:6443/healthz

  • Join node 
kubeadm join 192.168.31.10:6443 --token ptm08e.betx3psa0v3kfbr0 \
    --discovery-token-ca-cert-hash sha256:184a72fcd7859f93b5ed16ae89c710bfc35c88cecadae184b02199b7ca990471

Deploy network plug-in calico

Choose a network plug-in :https://kubernetes.io/docs/concepts/cluster-administration/addons/

calico The network plugin :https://docs.projectcalico.org/v3.9/getting-started/kubernetes/

#  stay k8s Install in calico
kubectl apply -f https://docs.projectcalico.org/v3.9/manifests/calico.yaml

#  Make sure calico Is the installation successful 
kubectl get pods --all-namespaces -w

worker The master node joins

  • stay worker1 worker2 Execute the script in the node
    Execute the script to save the contents for the above log 
kubeadm join 192.168.31.10:6443 --token ptm08e.betx3psa0v3kfbr0 \
    --discovery-token-ca-cert-hash sha256:184a72fcd7859f93b5ed16ae89c710bfc35c88cecadae184b02199b7ca990471
原网站

版权声明
本文为[The profound meaning of Tai Chi Sword]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/182/202207010604219730.html

边栏推荐

猜你喜欢

随机推荐