「 ~ 」- jnan806's blog
jnan806
jnan806
文章18
标签27
分类7
首 页
时间轴
关 于
© 2016 - 2023 jnan806
Powered by Hexo & Nexmoe

kubernetes
2018年11月25日 CNCF 云原生

cd /etc/yum.repos.d/

vim kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

yum install -y bash-completion

卸载旧版本

yum remove -y kubelet kubeadm kubectl

yum install -y kubelet-1.14.0 && yum install -y kubeadm-1.14.0 kubectl-1.14.0

vim ~/.bashrc
alias v=vim
alias k=kubectl
alias kdp=‘kubectl delete pod –force –grace-period=0’
alias kn=‘kubectl config set-context —current –namespace’
source < (kubectl completion bash)
completion -F __start_kubectl k

systemctl enable kubelet

vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
#net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-arptables = 1
net.ipv4.ip_forward = 1

vm.swappiness=0

sudo sysctl -p /etc/sysctl.d/k8s.conf

vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS=”–fail-swap-on=false”

systemctl daemon-reload && systemctl restart docker && systemctl restart kubelet

cd ~
kubeadm config print init-defaults > /root/kubeadm-config.yaml

vim /root/kubeadm-master.config
–advertiseAddress: 192.168.86.11
–name: node51
–controlPlaneEndpoint: k8s.apiserver.com:6443(只有master需要)
–image-repository registry.aliyuncs.com/google_containers
– podSubnet: 10.88.0.0/16
–pod-network-cidr=10.244.0.0/16 –service-cidr=10.96.0.0/12

提前拉取镜像

kubeadm config images pull –config /root/kubeadm-config.yaml

master 初始化集群

kubeadm init –config /root/kubeadm-config.yaml –ignore-preflight-errors=Swap
#或者直接以参数形式
kubeadm init –image-repository registry.aliyuncs.com/google_containers –kubernetes-version=v1.14.0 –pod-network-cidr=10.244.0.0/16 –service-cidr=10.96.0.0/12 –advertiseAddress: 192.168.86.11

#失败后的处理方式
journalctl -xefu kubelet
kubeadm reset -f

#配置
cd /root
rm -rf $HOME/.kube
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
echo “export KUBECONFIG=/etc/kubernetes/admin.conf” >> ~/.bash_profile
source ~/.bash_profile

网络方案一、calico
cd ~
mkdir calico
cd calicao
wget https://kuboard.cn/install-script/v1.20.x/calico-operator.yaml
wget https://kuboard.cn/install-script/v1.20.x/calico-custom-resources.yaml
kubectl apply -f calico-operator.yaml
sed -i “s#192.168.0.0/16#${POD_SUBNET}#” calico-custom-resources.yaml
kubectl apply -f calico-custom-resources.yaml

网络方案二、flannel
cd ~
mkdir flannel
cd flannel
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

kube-flannel.yml 的 data.net-conf.json.Network 需要与 kubeadm-config.yaml 中的 networking.pod-network-cidr 保持一致

kubectl apply -f kube-flannel.yml
#若卡住不动,可以查看pod信息,然后下载相关镜像
docker pull quay.io/coreos/flannel:v0.11.0-amd64
#如果多网卡则修改yaml文件
args:

  • –masq
  • –kube-subnet-mgr
  • –iface=enp0s8(网卡名)

#执行
kubectl apply -f kube-flannel.yml
kubectl get pods -n kube-system

node节点

mkdir -p /etc/kubernetes
mkdir -p /etc/kubernetes/pki/etcd

#token有效期是有限的(默认24h),如果旧的token过期,可以使用命令重新创建一条token
kubeadm token create –print-join-command

#加入node节点
kubeadm join k8s.apiserver.com:6443 –token 05eoyj.6x9dhm9q86u2xfmc –discovery-token-ca-cert-hash sha256:c6bd85e6c2b3ce88b9764e3462d4d0cbaab091a32522f685310ec3501683a756 –ignore-preflight-errors=Swap

#加入master节点
scp -r [master]/etc/kubernetes/pki/ca.* /etc/kubernetes/pki/
scp -r [master]/etc/kubernetes/pki/sa.* /etc/kubernetes/pki/
scp -r [master]/etc/kubernetes/pki/front-proxy-ca.* /etc/kubernetes/pki/
scp -r [master]/etc/kubernetes/pki/etcd/ca.* /etc/kubernetes/pki/etcd/
scp -r [master]/etc/kubernetes/admin.conf /etc/kubernetes/
kubeadm join k8s.apiserver.com:6443 –token 05eoyj.6x9dhm9q86u2xfmc –discovery-token-ca-cert-hash sha256:c6bd85e6c2b3ce88b9764e3462d4d0cbaab091a32522f685310ec3501683a756 –ignore-preflight-errors=Swap –experimental-control-plane

#移除ndoe节点
#master上执行
kubectl delete node node13
#node上执行
kubeadm reset -f
ifconfig cni0 down && ip link delete cni0
ifconfig flannel.1 down && ip link delete flannel.1
rm -rf /var/lib/cni/
rm -rf /etc/kubernetes
rm -rf /root/.kube/config
rm -rf /var/lib/etcd

更新证书时间
kubeadm alpha certs renew all

查看证书时间
kubeadm alpha certs check-expiration

vi /etc/kubernetes/manifests/kube-apiserver.yaml
添加到如下位置就行了

  • command:
    • kube-apiserver
    • –service-node-port-range=1-65535

1.21之后,get cs (ComponentStatus) 报错
vi /etc/kubernetes/manifests/kube-scheduler.yaml
注释掉 port=0
vi /etc/kubernetes/manifests/kube-controller-manager.yaml
注释掉 port=0

本文作者:jnan806
本文链接:http://jnan806.panpan.cloud/2018/11/25/cncf/kubernetes/kubernetes/
版权声明:本文采用 CC BY-NC-SA 3.0 CN 协议进行许可
×