Docker K8s 02 环境部署(kubeadm)

发表于 | 分类于 | |

本文基本是对 https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/ 的翻译精减.

安装前准备

各自独立的 hostname, MAC 地址, product_uuid, 关闭 Swap.

  • Hostname: hostname
  • MAC 地址: ip link or ifconfig -a
  • Product UUID: sudo cat /sys/class/dmi/id/product_uuid
  • Swap: free

检查端口 TCP 协议占用情况

Master Port 范围

  • 6443 Kubernetes API 服务器端口
  • 2379-2380 etcd 端口, kube-apiserver, etcd 使用
  • 10250 Kubelet API 端口, 控制面板使用
  • 10251 kube-scheduler 端口
  • 10252 kube-controller-manager 端口

Worker Port 范围

  • 10250 Kubelet API 端口, 控制面板使用
  • 30000-32767 NodePort 服务对外端口

安装依赖环境

kubernetes.repo

1
2
3
4
5
6
7
8
# /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

k8s.conf

1
2
3
# /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

install_prepare.sh

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# 禁用 SELinux
sudo sed -i -e "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config
sudo setenforce 0

# 关闭 swap
sudo sed -ri 's/(^\/.*swap.*)/#\1/g' /etc/fstab
sudo swapoff -a

# 禁用防火墙
sudo systemctl stop firewalld
sudo systemctl disable firewalld

sudo cp -f k8s.conf /etc/sysctl.d/k8s.conf
sudo sysctl --system

# 更新软件包
sudo yum update -y

# 同步系统时间
sudo ntpdate -u cn.pool.ntp.org

安装 Docker

install_docker.sh

1
2
3
4
5
6
7
8
9
10
11
12
13
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce

sudo bash ./start_docker.sh

docker version

sudo curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

docker-compose version

start_docker.sh

1
2
3
4
sudo usermod -aG docker $(whoami)
sudo systemctl enable docker.service
sudo systemctl start docker.service
sudo systemctl status docker.service

安装 Kubeadm

install_kubeadm.sh

1
2
3
4
5
sudo cp -f kubernetes.repo /etc/yum.repos.d/kubernetes.repo
sudo yum install -y kubelet kubeadm kubectl ipvsadm --disableexcludes=kubernetes
sudo systemctl enable --now kubelet

sudo bash ./start_kubelet.sh

start_kubelet.sh

1
2
3
4
sudo systemctl daemon-reload
sudo systemctl enable kubelet
sudo systemctl restart kubelet
sudo systemctl status kubelet

分装 Master 节点 和 Node 节点

Master 节点安装 Helm

install_helm.sh

1
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash

初始化 Master 节点

start_master.sh

1
2
3
4
5
sudo kubeadm init

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

安装完成后, 可以看到类似如下的内容:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.254.7:6443 --token m88iap.q2pa76z019f9nmza \
    --discovery-token-ca-cert-hash sha256:9e54d1f159163be0badd65d1951f4d49d5fcdfe2146eff116a305611a7f59061

其中主要内容分为 3 步骤:

  1. 拷贝授权文件
1
2
3
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
  1. 在 Master Node 下载安装 flannel
1
2
wget "https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml" -O kube-flannel.yaml
kubectl apply -f kube-flannel.yaml
  1. 在 Worker Node 加入集群
1
2
sudo kubeadm join 192.168.254.7:6443 --token m88iap.q2pa76z019f9nmza \
    --discovery-token-ca-cert-hash sha256:9e54d1f159163be0badd65d1951f4d49d5fcdfe2146eff116a305611a7f59061

其中最后一句, 即为初始化 Node 节点.

初始化 Node 节点

start_node.sh

1
2
sudo kubeadm join 192.168.254.7:6443 --token m88iap.q2pa76z019f9nmza \
    --discovery-token-ca-cert-hash sha256:9e54d1f159163be0badd65d1951f4d49d5fcdfe2146eff116a305611a7f59061

卸载全部 一切归零

uninstall_k8s.sh

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
# 删除旧版
sudo yum remove docker \
  docker-client \
  docker-client-latest \
  docker-common \
  docker-latest \
  docker-latest-logrotate \
  docker-logrotate \
  docker-engine -y

# 删除 Community 版本
sudo yum remove docker-ce docker-ce-cli containerd.io -y
sudo rm -rf /var/lib/docker

# 删除 centos 官方版
sudo yum remove kubernetes-master kubernetes-client kubernetes-node flannel docker -y

# 删除 kubenetes 官方版
yum list installed | grep kube | awk '{print $1}' | cut -d\. -f 1 | xargs -n 1 sudo yum remove -y
Donate - Support to make this site better.
捐助 - 支持我让我做得更好.