sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config && systemctl stop firewalld.service && systemctl disable firewalld
設置hosts
cat <
172.16.1.240 c1-k1
172.16.1.241 c1-k2
172.16.1.242 c1-k3
172.16.1.243 c1-k4
172.16.1.244 c1-k5
EOF
關閉swapoff
swapoff -a ; sed -i '/swap/d' /etc/fstab
docker安裝:
step 1: 安裝必要的一些系統工具
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
Step 2: 添加軟件源信息
sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Step 3
sudo sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
Step 4: 更新並安裝Docker-CE
sudo yum makecache fast
sudo yum -y install docker-ce
Step 4: 開啟Docker服務
systemctl restart docker
setp 5: 開機啟動
systemctl enable docker --now
配置加速器:
配置這個只是為了獲取鏡像更快一些罷了
直接復制下面命令執行即可
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["https://frz7i079.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
EOF
設置內核參數
由於網橋工作於數據鏈路層,在iptables沒有開啟bridge-nf時,數據會直接經過網橋轉發,結果就是對forward的設置失效。
cat <
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
安裝kubernetes
查看可用版本
yum list --showduplicates kubeadm --disableexcludes=kubernetes
配置k8s 阿里雲鏡像源
cat <
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
安裝
yum install -y kubelet kubeadm kubectl
啟動
systemctl enable kubelet --now && systemctl start kubelet
手動安裝初始化環境
(命令記錄不執行):刪除所有docker images:docker rmi -f $(docker images -qa)
docker pull registry.aliyuncs.com/google_containers/coredns:1.8.4
docker tag registry.aliyuncs.com/google_containers/coredns:1.8.4 registry.aliyuncs.com/google_containers/coredns:v1.8.4
刪除:docker rmi registry.aliyuncs.com/google_containers/coredns:1.8.4
kubeadm config images pull --image-repository=registry.aliyuncs.com/google_containers
kubeadm init --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=v1.22.0 --pod-network-cidr=10.244.0.0/16
kubeadm init --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=v1.22.0 --control-plane-endpoint c1-k1 --apiserver-advertise-address 172.16.1.240 --pod-network-cidr 10.244.0.0/16
安裝POD網絡插件
https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
查看kubelet狀態:
[root@c1-k1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
c1-k1 Ready control-plane,master 26m v1.22.0
讓其他節點加入集群
通過kubeadm初始化后,都會提供node加入的token,查看token:
[root@c1-k1 ~]# kubeadm token create --print-join-command
kubeadm join c1-k1:6443 --token tg7aob.f7ydb2h7vc7hxr6a --discovery-token-ca-cert-hash sha256:522c4ccc3da6c00c87d845cf8966b79f3f10631cc592fa8cf95adfbece7257ac
**默認token的有效期為24小時,當過期之后,該token就不可用了。