-
基于KubeAdm搭建多节点K8S集群
基于KubeAdm搭建多节点K8S集群
1、基本流程(注意 docker 版本和kubeadm、kubelet、kubectl的关系)
k8s 搭建 流程 : CentOs => utils依赖 => docker =>kubeadm, kubelet , kubectl => master init => node join => 调配网络
2、安装utils依赖(安装范围:主节点+工作节点)
yum install -y yum-utils device-mapper-persistent-data lvm2- 1
3、安装docker (安装范围:主节点+工作节点)
1、设置阿里云镜像 sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo 2、安装docker yum -y install docker-ce-24.0.6 3、查看docker版本 docker -v 4、配置开机自启动 systemctl enable docker.service 5、启动docker systemctl start docker 6、查看docker 启动状态 systemctl status docker- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
4、配置阿里云镜像源(主节点+工作节点)
cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
5、安装kubelet kubeadm kubectl(主节点+工作节点)
yum install -y kubelet-1.23.6 kubeadm-1.23.6 kubectl-1.23.6 systemctl enable kubelet- 1
- 2
6、主节点初始化(主节点)
kubeadm init \ --apiserver-advertise-address=172.31.149.123 \ --image-repository registry.aliyuncs.com/google_containers \ --kubernetes-version v1.23.6 \ --service-cidr=10.96.0.0/12 \ --pod-network-cidr=10.244.0.0/16 \ --ignore-preflight-errors=all- 1
- 2
- 3
- 4
- 5
- 6
- 7
–apiserver-advertise-address 主节点的内网ip地址
–image-repository 由于默认拉取镜像地址k8s.gcr.io国内无法访问,这里指定阿里云镜像仓库地址
–kubernetes-version K8s版本,与上面安装的一致
–service-cidr 集群内部虚拟网络,Pod统一访问入口
–pod-network-cidr Pod网络,与下面部署的CNI网络组件yaml中保持一致a、初始化之后,会输出一个join命令,先复制出来,node节点加入master会使用。
b、拷贝k8s认证文件
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config- 1
- 2
- 3
c、查看工作节点:
kubectl get nodes- 1
注:由于网络插件还没有部署,还没有准备就绪 NotReady,继续操作。
d、配置k8s的node节点【node节点操作】
向集群添加新节点,执行在kubeadm init输出的kubeadm join命令
默认token有效期为24小时,当过期之后,该token就不可用了。这时就需要重新创建token,可以直接使用命令快捷生成:kubeadm token create --print-join-command- 1
7、安装网络插件
kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml- 1
8、查看节点状态
kubectl get node- 1
9、查看系统pod状态
kubectl get pods -n kube-system- 1
遇到的坑
[kubelet-check] It seems like the kubelet isn't running or healthy. [kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get "http://localhost:10248/healthz": dial tcp 127.0.0.1:10248: connect: connection refused. [kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get "http://localhost:10248/healthz": dial tcp 127.0.0.1:10248: connect: connection refused. Unfortunately, an error has occurred: timed out waiting for the condition This error is likely caused by: - The kubelet is not running - The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled) If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands: - 'systemctl status kubelet' - 'journalctl -xeu kubelet' Additionally, a control plane component may have crashed or exited when started by the container runtime. To troubleshoot, list all containers using your preferred container runtimes CLI. Here is one example how you may list all Kubernetes containers running in docker: - 'docker ps -a | grep kube | grep -v pause' Once you have found the failing container, you can inspect its logs with: - 'docker logs CONTAINERID'- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
解决方式
vim /etc/docker/daemon.json docker 默认驱动为 cgroupfs ,只需要添加 "exec-opts": [ "native.cgroupdriver=systemd" ],- 1
- 2
- 3
- 4
- 5
-
相关阅读:
jumpserver如何录入web资产
Codeforces Round 900 (Div. 3)
ArcMap向SDE(PostgreSQL)导入数据出错 000210
软件测试培训之十个无脚本测试方案
HTTP协议详细总结
第十四届蓝桥杯模拟赛(第二期)
Golang 在 Mac、Linux、Windows 下如何交叉编译
网络安全(黑客)自学
Datawhale 2024 年 AI 夏令营第二期——基于术语词典干预的机器翻译挑战赛
Python进阶系列 - 18讲 伟大的*号
- 原文地址:https://blog.csdn.net/OnlyoneFrist/article/details/133690305
