KubeKey搭建Kubernetes、KubeSphere

本文轉載自查看原文 2021-08-24 22:46 173 集群搭建/ Kubernetes

准備一台有網的Linux虛擬機

環境准備

yum源配置

curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

同步時間

yum install ntpdate
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
echo 'Asia/Shanghai' >/etc/timezone
ntpdate time2.aliyun.com

關閉防火牆、swap、selinux、dnsmasq

# 關閉防火牆
systemctl stop firewalld && systemctl disable firewalld

# 關閉swap 在所有的節點上 包括主節點和woker節點
# 切記一定要關閉 不然 kubelet啟動失敗 血的教訓
swapoff -a
# 禁止swap開機啟動
sed -i '/swap/s/^\(.*\)$/#\1/g' /etc/fstab

# 關閉selinux
setenforce 0
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/sysconfig/selinux
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
getenforce ##檢查selinux狀態

# 關閉dnsmasq(否則可能導致docker容器無法解析域名)
systemctl stop dnsmasq && systemctl disable dnsmasq

安裝必備組件

yum install wget jq psmisc vim net-tools telnet yum-utils device-mapper-persistent-data lvm2 git ntpdate keepalived haproxy conntrack socat  -y

配置參數

vim /etc/security/limits.conf
* soft nofile 655360
* hard nofile 131072
* soft nproc 655350
* hard nproc 655350
* soft memlock unlimited
* hard memlock unlimited

vim /etc/modules-load.d/ipvs.conf
ip_vs
ip_vs_lc
ip_vs_wlc
ip_vs_rr
ip_vs_wrr
ip_vs_lblc
ip_vs_lblcr
ip_vs_dh
ip_vs_sh
ip_vs_fo
ip_vs_nq
ip_vs_sed
ip_vs_ftp
ip_vs_sh
nf_conntrack
ip_tables
ip_set
xt_set
ipt_set
ipt_rpfilter
ipt_REJECT
ipip

cat <<EOF > /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
fs.may_detach_mounts = 1
vm.overcommit_memory=1
vm.panic_on_oom=0
fs.inotify.max_user_watches=89100
fs.file-max=52706963
fs.nr_open=52706963
net.netfilter.nf_conntrack_max=2310720
 
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl =15
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_orphans = 327680
net.ipv4.tcp_orphan_retries = 3
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.ip_conntrack_max = 65536
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_timestamps = 0
net.core.somaxconn = 16384
EOF

CentOS7.x系統自帶的3.10.x內核存在一些Bugs，導致運行的Docker、kubernetes不穩定，建議升級內核，容器使用的坑會少很多，升級內核到4.19.12

wget http://193.49.22.109/elrepo/kernel/el7/x86_64/RPMS/kernel-ml-devel-4.19.12-1.el7.elrepo.x86_64.rpm
wget http://193.49.22.109/elrepo/kernel/el7/x86_64/RPMS/kernel-ml-4.19.12-1.el7.elrepo.x86_64.rpm
yum localinstall -y kernel-ml*

grub2-set-default  0 && grub2-mkconfig -o /etc/grub2.cfg
grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-kernel)"

# 設置完成 執行重啟
reboot

安裝Docker-ce 19.03，鏡像加速地址去自己的阿里雲帳號申請

yum install docker-ce-19.03.15-3.el7  docker-ce-cli-19.03.15-3.el7 -y

cat > /etc/docker/daemon.json <<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "registry-mirrors": ["https://******.mirror.aliyuncs.com"]
}
EOF

systemctl enable docker && systemctl restart docker

KubeKey

curl -sfL https://get-kk.kubesphere.io | VERSION=v1.1.1 sh -

為 kk 添加可執行權限：

chmod +x kk

指定k8s和kubesphere版本

./kk create cluster --with-kubernetes v1.19.9 --with-kubesphere v3.1.1

KubeKey 將檢查安裝環境，結果顯示在一張表格中。輸入 yes 繼續安裝流程。

出現以下，表示安裝已經完成

#####################################################
###              Welcome to KubeSphere!           ###
#####################################################

Console: http://192.168.80.51:30880
Account: admin
Password: P@88w0rd

NOTES：
  1. After you log into the console, please check the
     monitoring status of service components in
     "Cluster Management". If any service is not
     ready, please wait patiently until all components 
     are up and running.
  2. Please change the default password after login.

#####################################################
https://kubesphere.io             2021-08-24 22:20:31
#####################################################
INFO[22:20:40 CST] Installation is complete.

檢查安裝結果

kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') -f

通過Web控制台地址登錄

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 用 KubeKey 快速離線部署 K8s 與 KubeSphere Kubernetes上安裝KubeSphere 在 Kubernetes 上部署 KubeSphere Kubernetes Dashboard 終結者：KubeSphere 使用 KubeKey 安裝部署 Kubernetes 與 Kube-OVN kubesphere集群搭建(多節點) 在 Kubernetes 集群快速部署 KubeSphere 容器平台 Kubernetes可視化界面kubesphere KubeSphere 開源 KubeEye：Kubernetes 集群自動巡檢工具 Docker Kubernetes 環境搭建