1.基础环境配置
关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
修改hostname
hostnamectl set-hostname k8s-01
#查看修改结果
hostnamectl status
关闭selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0
关闭swap
swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab
允许iptables检测桥接流量
#将桥接的 IPv4 流量传递到 iptables 的链:
# 修改 /etc/sysctl.conf
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf
echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.forwarding = 1" >> /etc/sysctl.conf
# 执行命令以应用
sysctl -p
2.安装docker
# 添加清华镜像源
sudo tee /etc/yum.repos.d/docker-ce.repo <<-'EOF'
[docker-ce-stable]
name=Docker CE Stable
baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/x86_64/stable
enabled=1
gpgcheck=1
gpgkey=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/gpg
EOF
# 安装指定版本
sudo yum install -y docker-ce-19.03.9 docker-ce-cli-19.03.9 containerd.io
#启动服务
systemctl start docker
systemctl enable docker
#配置阿里加速
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://82m9ar63.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
3.安装k8s
##配置k8s阿里云镜像源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
# 卸载旧版本
yum remove -y kubelet kubeadm kubectl
# 查看可以安装的版本
yum list kubelet --showduplicates | sort -r
# 安装kubelet、kubeadm、kubectl 指定版本
yum install -y kubelet-1.21.0 kubeadm-1.21.0 kubectl-1.21.0
# 启动kubelet
systemctl start kubelet
4.初始化k8s
############下载核心镜像 kubeadm config images list:查看需要哪些镜像###########
####封装成images.sh文件
vim images.sh
#!/bin/bash
# 定义需要拉取的镜像列表
images=(
kube-apiserver:v1.21.0
kube-proxy:v1.21.0
kube-controller-manager:v1.21.0
kube-scheduler:v1.21.0
coredns:v1.8.0
etcd:3.4.13-0
pause:3.4.1
)
# 循环拉取每个镜像
for imageName in "${images[@]}" ; do
docker pull registry.cn-hangzhou.aliyuncs.com/hzx_k8s_images/"$imageName"
# 检查拉取是否成功
if [ $? -eq 0 ]; then
echo "成功拉取镜像: $imageName"
else
echo "拉取镜像 $imageName 失败"
fi
done
chmod +x images.sh
sh images.sh
#k8s安装初始化
kubeadm init \
--apiserver-advertise-address=192.168.178.130 \
--image-repository=registry.cn-hangzhou.aliyuncs.com/hzx_k8s_images \
--kubernetes-version=v1.21.0 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=192.168.0.0/16 \
--cri-socket=unix:///var/run/containerd/containerd.sock
# 创建或修改docker配置文件
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
# 重启docker
sudo systemctl daemon-reload
sudo systemctl restart docker
sudo systemctl enable kubelet
# 先确认所有镜像已拉取
kubeadm config images pull --image-repository=registry.cn-hangzhou.aliyuncs.com/hzx_k8s_images
# 然后初始化集群
kubeadm init \
--apiserver-advertise-address=192.168.178.130 \
--image-repository=registry.cn-hangzhou.aliyuncs.com/hzx_k8s_images \
--kubernetes-version=v1.21.0 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=192.168.0.0/16 \
--ignore-preflight-errors=all
#apiserver-advertise-address改成自己ip
## 第一步
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
##第二步
export KUBECONFIG=/etc/kubernetes/admin.conf
##第三步 部署网络插件
curl https://raw.githubusercontent.com/projectcalico/calico/v3.25.0/manifests/calico.yaml -O
kubectl apply -f calico.yaml
查看组件的状态
kubectl get pod -A
创建一个pod进行测试是否Running
kubectl run nginx --image=nginx
命令
# 查看集群状态(健康检查必备)
kubectl get componentstatuses
# 动态查看Pod日志(调试神器!)
kubectl logs -f <pod-name> --tail=50
# 快速进入容器终端(比ssh更方便)
kubectl exec -it <pod-name> -- /bin/bash
# 一键导出全部资源配置(备份必备)
kubectl get all --all-namespaces -o yaml > cluster-backup.yaml
创建 Nginx Pod 的 YAML 文件
cat <<EOF > nginx-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
app: nginx
spec:
containers:
name: nginx-container
image: nginx:1.21-alpine
ports:
containerPort: 80
EOF
2. 部署 Pod
kubectl apply -f nginx-pod.yaml
3. 验证 Pod 状态
kubectl get pods
开启服务
kubectl port-forward nginx-pod 8080:80
解决问题
# 移除 Master 节点的污点
kubectl taint nodes --all node-role.kubernetes.io/master-
# 修改 Deployment 使用可靠镜像源
kubectl set image -n kube-system deployment/coredns \
coredns=registry.aliyuncs.com/google_containers/coredns:1.8.0
# 完全重建
kubectl rollout restart deployment -n kube-system coredns
Kubernetes 需要网络插件(如 Calico、Flannel)才能让 Pod 正常运行:
kubectl get pods -n kube-system | grep -E "calico|flannel|coredns"
如果未安装,可以安装 Calico:
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
开启服务
kubectl port-forward nginx-pod 8080:80
需要外部主机访问
kubectl port-forward --address 0.0.0.0 nginx-pod 8080:80
扫一扫
387
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
