RockyLinux9.3 部署K8S

Celia 字数: 6888 阅读耗时: 17 分钟 2024/02/22 2024/02/22 博客独享热度: 21 评论: 0

Rocky liunx9.3部署K8s

主机配置

环境

软件	软件版本
Docker	20.10.3
Kubernetes	1.23.0

服务器规划

服务器主机名	服务器公网IP
master	10.0.0.1
node1	192.168.0.1
node2	172.16.0.1

配置环境

预装软件包

dnf install -y   dnf-utils  ipvsadm  telnet  wget  net-tools  conntrack  ipset  jq  iptables  curl  sysstat  libseccomp  socat  nfs-utils  fuse

配置模块

yum install -y ipset ipvsadm vim wget curl net-tools
# 关闭防火墙，PS：如果使用云服务器，还需要在云服务器的控制台中把防火墙关闭了或者允许所有端口。

systemctl stop firewalld
systemctl disable firewalld

# 永久关闭swap分区交换，kubeadm规定，一定要关闭
swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab
#关闭selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config #重启后生效
# iptables配置
for i in $(ls /usr/lib/modules/$(uname -r)/kernel/net/netfilter/ipvs|grep -o "^[^.]*");do echo $i; /sbin/modinfo -F filename $i >/dev/null 2>&1 && /sbin/modprobe $i;done
#加载内核模块
cat <<EOF | tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
nf_conntrack
EOF
 
cat <<EOF | tee /etc/modules-load.d/ipvs.conf
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
EOF
#内核预检
modprobe overlay
modprobe br_netfilter
#网桥转发
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
# 将读取该文件中的参数设置，并将其应用到系统的当前运行状态中
sysctl -p /etc/sysctl.d/k8s.conf
# iptables生效参数
sysctl --system

安装Docker

导入软件源

yum install -y yum-utils 
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum list docker-ce --showduplicates | sort -r

可以先给版本变量

VERSION_STRING=3:20.10.24-3.el9 
sudo yum install docker-ce-VERSION_STRING docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

配置systmed

cat <<EOF > /etc/docker/daemon.json
{
    "registry-mirrors": [
        "http://hub-mirror.c.163.com",
        "https://docker.mirrors.ustc.edu.cn",
        "https://registry.docker-cn.com"
    ],
    "exec-opts": ["native.cgroupdriver=systemd"]
}
EOF

重启服务

systemctl daemon-reload && systemctl restart docker && systemctl enable docker && systemctl status docker

K8S安装

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

yum list kubeadm --showduplicates | sort -r

安装指定版本

dnf install kubeadm-1.23.0 kubectl-1.23.0 kubelet-1.23.0

拉取镜像

kubeadm config images pull --image-repository registry.aliyuncs.com/google_containers

初始化

在Master上操作
使用配置文件初始化

kubeadm config print init-defaults > kubeadm-config.yaml

配置修改

apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
  - system:bootstrappers:kubeadm:default-node-token
  token: abcdef.0123456789abcdef
  ttl: 24h0m0s
  usages:
  - signing
  - authentication
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: 149.104.23.134 #这样改成master的公网ip
  bindPort: 6443
nodeRegistration:
  criSocket: /var/run/dockershim.sock
  imagePullPolicy: IfNotPresent
  name: master  #这样要改成解析的主机名
  taints: null
---
apiServer:
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers #一定要改
kind: ClusterConfiguration
kubernetesVersion: 1.23.6 #确认版本号
networking:
  dnsDomain: cluster.local
  serviceSubnet: 10.96.0.0/12
  podSubnet: 10.244.0.0/16  #方便安装网络插件
scheduler: {}

初始化完成后

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

安装网络插件

kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml