使用kubeadm安装k8s

编程黑洞

发布于 2023-03-06 19:21:38

9890

文章被收录于专栏：编程黑洞编程黑洞

# 相关链接

kubeadm安装官网 (opens new window)

kubeadm安装k8s完整教程 (opens new window) ‍

# 安装配置

以下操作是每个节点都要执行的步骤

配置hosts

将主节点与子节点分别配置hostname如下：

hostnamectl set-hostname master  # 主节点
hostnamectl set-hostname node1   # 子节点
hostnamectl set-hostname node2   # 子节点

在/etc/hosts中添加本机hostname与ip的映射关系

1.1.1.1 master
1.1.1.2 node1
1.1.1.3 node2

关闭防火墙

需要将主节点与子节点都关闭防火墙

systemctl stop firewalld

配置yum源

在安装kubeadm之前，都需要配置yum源，创建文件/etc/yum.repos.d/kubernetes.repo

[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0

将 SELinux 设置为 permissive 模式（相当于将其禁用）

sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

安装kubeadm、kubelet、kubectl

sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

安装docker并开启

curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
systemctl enable --now docker

开启kubelet

sudo systemctl enable --now kubelet

手动配置containerd的配置

自动生成的文件会使用k8s.gcr.io/pause:3.6镜像，国内无法下载，导致kubeadm初始化失败。

生成 containerd 的配置文件

mkdir -p /etc/containerd
containerd config default > /etc/containerd/config.toml

修改 SystemdCgroup 为 true

# 编辑文件
vi /etc/containerd/config.toml

#更改SystemdCgroup值为true
SystemdCgroup = true

修改 sandbox_image 值

# 更改k8s.gcr.io/pause:3.6为registry.aliyuncs.com/google_containers/pause:3.7
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.7"

重启containerd

systemctl restart containerd

# 主节点执行

使用kubedam init初始化

kubeadm init --image-repository registry.aliyuncs.com/google_containers --v=5 --pod-network-cidr 10.244.0.0/16

kubectl读取k8s授权认证文件

将安全配置文件放在指定目录中，该文件时kubectl需要读取的授权文件，放在指定目录下，kubectl才能读取到并访问到k8s

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

或者放在环境变量中，kubectl会读取该环境变量中的文件

vim /etc/profile
export KUBECONFIG=/etc/kubernetes/admin.conf
source /etc/profile

创建网络flannel

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

‍

# 子节点加入集群

使用kubeadm join加入集群

先在主节点使用kubeadm token create --print-join-command来获取到子节点加入主节点的命令

[root@master ~]# kubeadm token create --print-join-command
kubeadm join 172.16.16.16:6443 --token vnu6yz.4zk8f7hdorb8fpl0 --discovery-token-ca-cert-hash sha256:ca4e1e3e2afe16f592c3623f17a6b0dc9cfebd4ec459755e02f4b8db779e21d4

再在子节点上执行该命令，即可加入集群

将主节点的config移动到子节点

子节点也需要主节点的config文件，才能通过kubectl访问集群

scp ~/.kube/config node1:~/.kube/config

# 测试

在主节点创建deployment.yaml文件如下

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: demoapp
  name: demo-deploy

spec:
  replicas: 10
  selector:
    matchLabels:
      app: demoapp

  template:
    metadata:
      labels:
        app: demoapp
    spec:
      containers:
      - image: ikubernetes/demoapp:v1.0
        name: demoapp

创建控制器

[root@master ~]# kubectl apply -f deployment.yaml 
deployment.apps/demo-deploy created

可以看到创建成功，并且所有的pod已经READY

[root@master ~]# kubectl get deploy -n zwf
NAME          READY   UP-TO-DATE   AVAILABLE   AGE
demo-deploy   10/10   10           10          3m15s

可以看到pod都已经创建成功。

[root@master ~]# kubectl get pods -n zwf 
NAME                           READY   STATUS    RESTARTS   AGE
demo-deploy-55c5f88dcb-2nzbf   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-5kwc9   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-8jd9k   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-b7zjp   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-bs7tm   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-jrbzw   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-lsfff   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-mgqpq   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-wfzzb   1/1     Running   0          4m38s
demo-deploy-55c5f88dcb-wkbv2   1/1     Running   0          4m38s

# 常见错误

kubeadm init 报错 ”unknown service runtime.v1alpha2.RuntimeService”

解决：

rm /etc/containerd/config.toml -f
systemctl restart containerd

如果在kubeadm init中出现了失败，在解决问题后，需要执行kubeadm reset，否则会报错
Failed to create pod sandbox: rpc error: code = Unknown desc = failed to get sandbox image "k8s.gcr.io/pause:3.6": failed to pull image "k8s.gcr.io/pause:3.6": failed to pull and unpack image "k8s.gcr.io/pause:3.6": failed to resolve reference "k8s.gcr.io/pause:3.6": failed to do request: Head "https://k8s.gcr.io/v2/pause/manifests/3.6": dial tcp 74.125.23.82:443: connect: connection refused

是因为拉不到k8s官方的k8s.gcr.io/pause:3.6镜像，使用主节点container配置可以解决。

kube-flannel报错： running-error-CrashLoopBackOff。node“k8s-master-1“podcidr not assigned

https://blog.csdn.net/shm19990131/article/details/107115750/

https://blog.csdn.net/anqixiang/article/details/107715591

plugin type="flannel" failed (add): failed to delegate add: failed to set bridge addr: "cni0" already has an IP address different from

解决办法:

sudo ifconfig cni0 down  
sudo ip link delete cni0