[最新]ubuntu22.04安装kubernetes1.25 k8s1.25

条件

1. 2G内存
2. 2 CPU
3. 网络连接（内网公网都可以）
4. 唯一的主机名，mac地址
5. 6443，10650等端口
6. 禁用Swap
7. 20 GB /var目录磁盘空间
8. Sudo 用户权限

主机准备
Master Node: 192.168.132.77 – k8smaster.example.net
First Worker Node: 192.168.1.174 – k8sworker1.example.net
Second Worker Node: 192.168.1.175 – k8sworker2.example.net

设置hostname，和/etc/hosts

master Node

sudo hostnamectl set-hostname "k8smaster.example.net"
exec bash
1
2

WorkerNode:

sudo hostnamectl set-hostname "k8sworker1.example.net"   // 1st worker node
sudo hostnamectl set-hostname "k8sworker2.example.net"   // 2nd worker node
exec bash
1
2
3

node主机

192.168.1.173 k8smaster.example.net k8smaster
192.168.1.174 k8sworker1.example.net k8sworker1
192.168.1.175 k8sworker2.example.net k8sworker2

升级系统

sudo apt update
sudo apt -y full-upgrade
[ -f /var/run/reboot-required ] && sudo reboot -f
1
2
3

禁用swap

master 和所有worker

sudo swapoff -a
sudo sed -i '/swap/ s/^\(.*\)$/#\1/g' /etc/fstab
# -i 插入修改模式，g 标识符表示全局查找替换,表示注释掉swap的那一行。
free -h

1
2
3
4
5

打开一些内核功能：
[主机：master 和所有worker]

# Enable kernel modules
sudo tee /etc/modules-load.d/containerd.conf <<EOF
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter



# Add some settings to sysctl
sudo tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

# 重新加载 sysctl
sudo sysctl --system
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

安装 containerd run time

[主机：master 和所有worker]

自 Kubernetes v1.24 起，Dockershim 已被删除

配置ubuntu系统国内源：
sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak​
vi /etc/apt/sources.list 替换成如下：

deb http://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse
1
2
3
4
5
6
7
8
9
10

​​sudo apt-get update​​
​​sudo apt-get upgrade​

安装关联软件

sudo apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates
1

安装docker仓库，国内用户可以用下面的。

sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/docker.gpg
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
1
2

使用阿里云的仓库

#  安装GPG证书
sudo curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/docker.gpg
sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
1
2
3

安装containnerd:

sudo apt update
sudo apt install -y containerd.io
1
2

配置 containerd 用systemdcgroup启动.

containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1
sudo sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml
1
2

重启和启用：

sudo systemctl restart containerd
sudo systemctl enable containerd
1
2

添加apt repository for Kubernetes

curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
sudo apt-add-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main"
1
2

使用阿里云

curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add - 
sudo apt-add-repository "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"

apt-get update
1
2
3
4

Note: At time of writing this guide, Xenial is the latest Kubernetes repository but when repository is available for Ubuntu 22.04 (Jammy Jellyfish) then you need replace xenial word with ‘jammy’ in ‘apt-add-repository’ command.

安装kubernetes组件Kubectl, kubeadm & kubelet

sudo apt update
sudo apt install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
#apt-mark 用于将软件包标记/取消标记为自动安装。 hold 选项用于将软件包标记为保留，以防止软件包被自动安装、升级或删除。
1
2
3
4

复制出来自节点worker1,worker2，

这样可以无需重复在worker机器上重复上面的步骤。

初始化kubernetes集群：
在master上运行

sudo kubeadm init --control-plane-endpoint=k8smaster.example.net
1

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
1
2
3

在master上运行

kubectl cluster-info
kubectl get nodes
1
2

worker 加入

kubeadm join k8smaster.example.net:6443 --token h8dlio.fbiccpki1epoz65x \
	--discovery-token-ca-cert-hash sha256:419f76c17be7c21de41227767fce5a6fdf0cced2fa18d2e7fc335ea1a215e904 
1
2

如果上面语句中带了–control-panel，则需要手动复制ca, key文件。

kubectl get nodes
1

显示notReady， 因为需要安装 CNI (Container Network Interface) ，或者插件类似： Calico, Flannel and Weave-net.
Calico的性能更强，Flannel更加简单方便

安装calico

查看支持的k8s版本：
https://projectcalico.docs.tigera.io/archive/v3.24/getting-started/kubernetes/requirements#cni-plug-in-enabled

curl https://projectcalico.docs.tigera.io/manifests/calico.yaml -O
sed -i "s#192\.168\.0\.0/16#10\.244\.0\.0/16#" calico.yaml

kubectl apply -f calico.yaml
1
2
3
4

查看：

kubectl get pods -n kube-system
1

都处于RUNNING后，查看nodes状态：

kubectl get nodes
1

安装完毕

测试：

$ kubectl create deployment nginx-app --image=nginx --replicas=2
$ kubectl get deployment nginx-app
1
2

暴露服务

kubectl expose deployment nginx-app --type=NodePort --port=80
1

$ kubectl get svc nginx-app
$ kubectl describe svc nginx-app

获取到svc的端口映射和主机名：80:32336/TCP

##验证

curl k8sworker1.example.net:32336
1

成功
技术支持weixin：quchaoxingfu
本文的github仓库文档和代码：
https://github.com/shelutai/cnk8s