kubernetes安装部署集群版

0.初始化机器K8S 节点优化

关闭swap,修改后手动打开/etc/fstab检查 避免因修改错误 导致服务器不能开机

swapoff -a

sed -i'/swap/s/^/#/g' /etc/fstab

查看内核模块是否加载

lsmod|grep ip_vs

如果没有加载，使用如下命令加载ipvs相关模块

modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4

sysctl -w net.ipv4.ip_forward=1
echo 1 > /proc/sys/net/ipv4/ip_forward
echo -e "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
echo -e "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf
echo -e "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
echo -e "vm.swappiness = 0" >> /etc/sysctl.conf
sysctl -p 

cat > /etc/sysconfig/kubelet << EOF
KUBELETEXTRAARGS="--fail-swa-on=false"
KUBEPROXYMODE=ipvs
EOF

1.下载docker-repo

wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

2.写入kubernetes-repo

cat > /etc/yum.repo.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

3.安装docker-ce kubernetes

yum -y install docker-ce kubelet-1.21.5 kubeadm-1.21.5 kubectl-1.21.5

4.修改docker配置and启动

mkdir -p /etc/docker

cat > /etc/docker/daemon.json << EOF
{
        "exec-opts": ["native.cgroupdriver=systemd"],
        "graph": "/data/docker",
        "log-driver": "json-file",
        "log-opts": {
                "max-size": "256m",
                "max-file": "3"
        }
}
EOF
systemctl enable kubelet
systemctl enable docker --now

5.负载均衡

cat >> /etc/hosts << EOF
127.0.0.1 lb.local.kube k8s-master01
EOF

6.kubeadm配置文件

cat >> /~/kubeadm-init.yaml << EOF
apiServer:
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: lb.local.kube:6443
controllerManager: {}
dns:
  type: CoreDNS
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: v1.21.5
networking:
  dnsDomain: cluster.local
  podSubnet: 10.244.0.0/16
scheduler: {}
EOF

7.部署集群kubernetes

7.1 初始化

kubeadm init --config=/~/kubeadm-init.yaml

7.2 拷贝令牌

mkdir -p ~/.kube/
cp /etc/kubernetes/admin.conf  ~/.kube/config

8.查看结果

kubectl get nodes

9.控制节点加入

将第一台初始化完成的master节点证书拷贝至 第2、3台

在第 2、3个master上执行

mkdir -p /etc/kubernetes/pki/etcd/
cd /etc/kubernetes/pki/

在第一台机器上执行

scp ca.* front-proxy-ca.* sa.* k8s-master02:/etc/kubernetes/pki/
scp ca.* front-proxy-ca.* sa.* k8s-master03:/etc/kubernetes/pki/

scp etcd/ca.*  k8s-master02:/etc/kubernetes/pki/etcd/
scp etcd/ca.*  k8s-master03:/etc/kubernetes/pki/etcd/

在k8s-master01上执行

echo "$(kubeadm token create --print-join-command) --control-plane"

将执行结果粘贴到k8s-master02 k8s-master03上执行

10.k8s worker节点加入

在k8s-master01上执行

echo "$(kubeadm token create --print-join-command)"

将执行结果粘贴到k8s-worker-001 k8s-worker-002 ...上执行

11.查看集群节点

kubectl get node

12. 自动补齐

yum install -y bash-completion
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc

13. Bug修复

执行以下命令

kubectl get cs     # 发现kube-scheduler  kube-manager 俩个组件故障

sed -i  "/- --port=0/s/^/#/g" /etc/kubernetes/manifests/kube-controller-manager.yaml 

kubectl get cs     # 30s后发现kube-scheduler  kube-manager 俩个组件正常

14. CronJob 需要本地时

kube-controller-manager Yaml文件增加以下配置

    volumeMounts:
    - mountPath: /etc/localtime
      name: date-config
      readOnly: true
....
 volumes:
  - hostPath:
      path: /etc/localtime
    name: date-config