ubuntu: 22.04
Kubernetes: 1.24.3 kubeadm: 1.24.3
kubectl: 1.24.3
kubelet: 1.24.3
containerd: 1.6.8
cni: 1.1.1
runc: 1.1.3
| 角色 | hostname | ip |
|---|---|---|
| master | ubuntu1 | 192.168.127.31 |
| node | ubuntu2 | 192.168.127.32 |
| node | ubuntu3 | 192.168.127.33 |
需关闭防火墙,禁用交换分区
# 关闭防火墙
ufw disable
# 禁用交换分区, 用vi修改/etc/fstab文件,在swap分区这行前加 # 禁用掉,保存退出
vi /etc/fstab
操作位置:master,node
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
# 设置所需的 sysctl 参数,参数在重新启动后保持不变
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
# 应用 sysctl 参数而不重新启动
sudo sysctl --system
操作位置:master,node
# 1. 生成容器运行时默认配置
containerd config default > /etc/containerd/config.toml
# 2. 结合 runc 使用 systemd cgroup 驱动,在 /etc/containerd/config.toml 中设置
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
...
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true
# 3. 指定socket端点
crictl config runtime-endpoint unix:///run/containerd/containerd.sock
crictl config image-endpoint unix:///run/containerd/containerd.sock
# 4. 替换沙箱镜像
vi /etc/containerd/config.toml
[plugins]
.....
[plugins."io.containerd.grpc.v1.cri"]
...
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.5"
操作位置:master,node
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl
sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
# kubernetes源
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
# 清华源
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://mirrors.tuna.tsinghua.edu.cn/kubernetes/apt kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
操作位置:master
# 初始化
kubeadm init --kubernetes-version=v1.24.3 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16
成功时输出如下:
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a Pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each node
as root:
kubeadm join <control-plane-host>:<control-plane-port> --token <token> --discovery-token-ca-cert-hash sha256:<hash>
要使非 root 用户可以运行 kubectl,请运行以下命令
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
操作位置:master
本例中使用kube-flannel
配置文件见: https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
使用文档:https://github.com/flannel-io/flannel
kubectl apply -f kube-flannel.yml
操作位置:node
运行初始化成功输出的命令,如下:
kubeadm join --token <token> <control-plane-host>:<control-plane-port> --discovery-token-ca-cert-hash sha256:<hash>
操作位置:master
运行 kubectl get nodes 查看节点状态,成功如下
NAME STATUS ROLES AGE VERSION
ubuntu1 Ready control-plane 25h v1.24.3
ubuntu2 Ready <none> 25h v1.24.3
ubuntu3 Ready <none> 25h v1.24.3
评论(0)