centos安裝k8s集羣

一、集羣方式

機器配置：centos 4.4內核以上，cpu大於1核

1.主機配置

配置	規格
內存配置	2G
CPU配置	2核
系統版本	Centos7.7
kubelet版本	1.5.1
docker版本	18.06.3-ce

 

2.節點安裝：2master +2node 1個harbor鏡像倉庫

IP	Hostname	Role
10.10.1.1	k8smaster01	master
10.10.1.2	k8smaster02	master
10.10.1.3	k8snode01	slave
10.10.1.4	K8snode02	slave

 

安裝方式：kuberdm方式安裝

二、機器初始配置

1.安裝依賴包

yum install -y conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget vim net-tools git

2.host名字設置

vim /etc/hosts

10.10.1.1 k8smaster01

10.10.1.2 k8smaster02

10.1.1.3 k8snode01

10.1.1.4 k8snode02

3.設置防火牆爲Iptables並設置空規則

systemctl stop firewalld && systemctl disable firewalld

yum -y install iptables-services && systemctl start iptables && systemctl enable iptables && iptables -F && service iptables save

4.關閉SELINUX

swapoff -a && sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab //取消開機掛載swap

setenforce 0 && sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config

5.對k8s調整內核參數

cat > kubernets.conf <<EOF

net.bridge.bridge-nf-call-iptables=1

net.bridge.bridge-nf-call-ip6tables=1

net.ipv4.ip_forward=1

net.ipv4.tcp_tw_recycle=0

vm.swappiness=0

vm.overcommit_memory=1

fs.inotify.max_user_instances=8192

fs.file-max=52706963

fs.nr_open=52706963

net.ipv6.conf.all.disable_ipv6=1

net.netfilter.nf_conntrack_max=2310720

EOF

cp kubernets.conf /etc/sysctl.d/kubernetes.conf

sysctl -p /etc/sysctl.d/kubernetes.conf

6.調整系統時區

#設置系統時區爲 中國/上海

timedatectl set-timezone Asia/Shanghai

#將當前的UTC時間寫入硬件時鐘

timedatectl set-local-rtc 0

#重啓依賴於系統時間的服務

systemctl restart rsyslog

systemctl restart crond

7.關閉系統不需要服務

systemctl stop postfix && systemctl disable postfix

三、安裝相關軟件

1.Kube-proxy開啓ipvs的前置條件

cat > /etc/sysconfig/modules/ipvs.modules <<EOF

#!/bin/bash

modprobe -- ip_vs

modprobe -- ip_vs_rr

modprobe -- ip_vs_wrr

modprobe -- ip_vs_sh

modprobe -- nf_conntrack_ipv4

EOF

chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4

2.安裝docker

yum install -y yum-utils device-mapper-persistent-data lvm2

yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

yum makecache fast

yum install docker-ce-18.06.3.ce-3.el7

#創建 /etc/docker目錄

mkdir /etc/docker

#配置daemon

cat > /etc/docker/daemon.json<<EOF

{

"exec-opts":["native.cgroupdriver=systemd"],

"log-driver":"json-file",

"log-opts": {"max-size":"500m", "max-file":"3"}

}

EOF

mkdir -p /etc/systemd/system/docker.service.d

#重啓docker服務

systemctl daemon-reload && systemctl restart docker && systemctl enable docker

#添加用戶組

 groupadd docker

usermod -aG docker ${USER}

systemctl restart docker

3.安裝kubeadm

設置阿里源

cat <<EOF > /etc/yum.repos.d/kubernetes.repo

[kubernetes]

name=Kubernetes

baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/

enabled=1

gpgcheck=0

repo_gpgcheck=0

gpgkey=http://mirrors.aliyun.com/kubernets/yum/doc/yum-key.gpg

http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

EOF

安裝

yum -y install kubeadm-1.15.1 kubectl-1.15.1 kubelet-1.15.1

systemctl enable kubelet.service

4.初始化主節點

kubeadm config print init-defaults > kubeadm-config.yaml

apiVersion: kubeadm.k8s.io/v1beta2

kind: ClusterConfiguration

kubernetesVersion: v1.15.1

apiServer:

certSANs: #填寫所有kube-apiserver節點的hostname、IP、VIP

- master01

- master02

- node01

- node02

- 10.10.1.1

- 10.10.1.2

- 10.10.1.3

- 10.10.1.4

controlPlaneEndpoint: "10.10.1.1:6443"

networking:

podSubnet: "172.244.0.0/16"

kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log

若部署失敗執行如下指令恢復重新部署

kubeadm reset

ifconfig cnio down

ip link delete cnio

ifconfig flannel.1 down

ip link delete flannel.1

rm -rf  /var/lib/cni

 

5.加入其餘節點到主節點

master加入：根據log信息

work加入：根據log信息

6.部署網絡

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kub-flannel.yml

四、安裝dashboard

1.安裝helm

tar -zxvf helm-v2.11.0-linux-amd64.tar.gz

 mv linux-amd64/helm usr/local/bin/helm

2.安裝helm服務端tiller

kubectl create -f rbac-config.yaml

helm init --service-account tiller --skip-refresh

3.安裝dashboard

helm install stable/kubernetes-dashboard \

-n kubernetes-dashboard \

--namespace kube-system\

-f kubernetes-dashboard.yaml

設置外網訪問端口模式：

kubectl edit service kubernetes-dasshboard --namespace=kube-system

type爲NodePort

查看dashboard訪問token，使用token登錄

kubectl describe secret kubernetes-dashboard-token --namespace=kube-system