本機環境:centos8
參考博客:https://blog.csdn.net/witton/article/details/107085155
1. 環境准備
-
卸載podman
centos8默認安裝了podman容器,它和docker可能存在沖突,最好卸載掉
sudo yum remove podman -
關閉交換區
sudo swapoff -a #臨時關閉 sudo sed -i 's/.*swap.*/#&/' /etc/fstab #永久關閉交換區 -
禁用selinux
setenforce 0 #臨時關閉 sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config #永久關閉 -
關閉防火牆
sudo systemctl stop firewalld.service sudo systemctl disable firewalld.service
2. k8s安裝
-
配置系統基本安裝源
sudo curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo -
添加K8s安裝源
將以下內容保存到/etc/yum.repos.d/kubernetes.repo
[kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg -
安裝docker
sudo yum install -y yum-utils device-mapper-persistent-data lvm2 net-tools sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo yum -y install docker-ce使用docker加速
mkdir -p /etc/docker vim /etc/docker/daemon.json { "registry-mirrors" : ["https://mj9kvemk.mirror.aliyuncs.com"] } -
安裝kubectl、kubelet、kubeadm
sudo yum install -y kubectl kubelet kubeadm sudo systemctl enable kubelet sudo systemctl start kubelet kubeadm version kubectl version --client kubelet --version -
初始化kubernetes集群
kubeadm init --apiserver-advertise-address=0.0.0.0 \ --apiserver-cert-extra-sans=127.0.0.1 \ --image-repository=registry.aliyuncs.com/google_containers \ --ignore-preflight-errors=all \ --kubernetes-version=v1.21.1 \ --service-cidr=10.10.0.0/16 \ --pod-network-cidr=10.18.0.0/16可能會報如下錯誤
detected “cgroupfs” as the Docker cgroup driver查看docker信息
docker info | grep Cgroup修改驅動
/usr/lib/systemd/system/docker.service # 在ExecStart命令中添加 --exec-opt native.cgroupdriver=systemd重啟服務
systemctl daemon-reload systemctl restart docker docker info | grep Cgroup重新執行初始化工作
kubeadm init --apiserver-advertise-address=0.0.0.0 \ --apiserver-cert-extra-sans=127.0.0.1 \ --image-repository=registry.aliyuncs.com/google_containers \ --ignore-preflight-errors=all \ --kubernetes-version=v1.21.1 \ --service-cidr=10.10.0.0/16 \ --pod-network-cidr=10.18.0.0/16 -
部署后續
如果出現錯誤可以根據提示自行修復
創建目錄:
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config獲取節點信息
kubectl get node kubectl get pod --all-namespaces -
安裝calico網絡
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml -
安裝kubernetes-dashboard
wget https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended.yaml # 修改文件 vi recommended.yaml kind: Service apiVersion: v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboard spec: type: NodePort #添加這行 ports: - port: 443 targetPort: 8443 nodePort: 30000 #添加這行 selector: k8s-app: kubernetes-dashboard創建pod
kubectl create -f recommended.yaml kubectl get svc -n kubernetes-dashboard
3.web創建pod
web頁面登錄 https://ip:30000/#/login
3.1 token登錄
-
創建Token
kubectl create sa dashboard-admin -n kube-system -
授權Token訪問權限
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin -
獲取Token
ADMIN_SECRET=$(kubectl get secrets -n kube-system | grep dashboard-admin | awk '{print $1}') DASHBOARD_LOGIN_TOKEN=$(kubectl describe secret -n kube-system ${ADMIN_SECRET} | grep -E '^token' | awk '{print $2}') echo ${DASHBOARD_LOGIN_TOKEN}
3.2 部署服務
kubectl taint nodes --all node-role.kubernetes.io/master-
3.3常用Token命
kubeadm token list #查看Token
kubeadm token create #創建Token
kubeadm token delete TokenXXX #刪除 Token
kubeadm token create --print-join-command #初始化master節點時,node節點加入集群命令
token=$(kubeadm token generate)
kubeadm token create $token --print-join-command --ttl=0
kubeadm token list | awk -F" " '{print $1}' |tail -n 1 # 打印第一行
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')