ubuntu22.04安装Kubernetes1.25.0(k8s1.25.0)高可用集群

为了更好的浏览体验，欢迎光顾勤奋的凯尔森同学个人博客http://www.huerpu.cc:7000

1.总体概览

目前网络上的大部分教程都是基于centos系统，但个人特别喜欢ubuntu，我想也一定有一波人和我一样，钟情于ubuntu，所以动手操作了一下，希望可以分享给大家。

1台VIP节点、3台master主节点(4C8G)、4台(4C8G)worker node，对应的 IP如下：

hostname	IP	function	Version
hep-k8s-lb-nginx	192.168.31.200	VIP	Ubuntu22.04
hep-k8s-master01	192.168.31.201	Control plane	Ubuntu22.04
hep-k8s-master02	192.168.31.202	Control plane	Ubuntu22.04
hep-k8s-master03	192.168.31.203	Control plane	Ubuntu22.04
hep-k8s-worker01	192.168.31.204	worker node	Ubuntu22.04
hep-k8s-worker02	192.168.31.205	worker node	Ubuntu22.04
hep-k8s-worker03	192.168.31.206	worker node	Ubuntu22.04

机器准备就绪，安装了必要的vim、ssh等，并开启了ssh自启动等最基础的操作，并且每台机器都进行了固定IP的设置。如果有需要请参考这里。

hep-k8s-lb-nginx为nginx反向代理的负载均衡机器，hep-k8s-master01、hep-k8s-master02、hep-k8s-master03为三台master节点，hep-k8s-worker01、hep-k8s-worker02、hep-k8s-worker03为三台worker节点。

2.负载均衡机器

hep-k8s-lb-nginx机器上执行

#切换到root用户
sudo su -

#设置hep-k8s-lb-nginx的hostname
systemctl set-hostname hep-k8s-lb-nginx

#安装Nginx
apt install nginx -y

cd /etc/nginx

#配置nginx
vim nginx.conf
#在http选项大口号后面添加

stream {
    include stream.conf;
}


vim stream.conf
#增加新内容，这三台的IP就是我们的三台master的IP，端口都设置了6443
upstream k8s-apiserver {
    server 192.168.31.201:6443;
    server 192.168.31.202:6443;
    server 192.168.31.203:6443;
}
server {
    listen 6443;
    proxy_connect_timeout 1s;
    proxy_pass k8s-apiserver;
}

upstream ingress-http {
    server 10.0.0.21:30080;   # 这里需要更改成ingress的NodePort
    server 10.0.0.22:30080;   # 这里需要更改成ingress的NodePort
}
server {
    listen 80;
    proxy_connect_timeout 1s;
    proxy_pass ingress-http;
}

upstream ingress-https {
    server 10.0.0.21:30443;   # 这里需要更改成ingress的NodePort
    server 10.0.0.22:30443;   # 这里需要更改成ingress的NodePort
}
server {
    listen 443;
    proxy_connect_timeout 1s;
    proxy_pass ingress-https;
}


#检验Nginx
nginx -t

#重启Nginx
systemctl restart nginx

#这里是为了解决报错
cd sites-enabled
rm -rf default

#重启Nginx
systemctl restart nginx

#查看Nginx的运行状态
ps -ef | grep nginx 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

3.hep-k8s-master01

hep-k8s-master01上执行下面操作

#切换root用户
sudo su -

#检查更新
apt update

#更新安装
apt upgrade -y

#设置hostname
hostnamectl set-hostname hep-k8s-master01

#设置hosts
vim /etc/hosts
# 增加下面内容
192.168.31.201 hep-k8s-master01
192.168.31.202 hep-k8s-master02
192.168.31.203 hep-k8s-master03
192.168.31.204 hep-k8s-worker01
192.168.31.205 hep-k8s-worker02
192.168.31.206 hep-k8s-worker03
192.168.31.207 hep-k8s-worker04

#关闭swap
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

#添加加载的内核模块
tee /etc/modules-load.d/containerd.conf<<EOF
overlay
br_netfilter
EOF

#加载内核模块
modprobe overlay
modprobe br_netfilter

#设置内核参数
tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

#应用内核参数
sysctl --system

#安装curl gnupg2 software-properties-common apt-transport-https ca-certificates
apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates

#安装GPG证书
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

#写入软件源信息
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

#检查更新
apt update

#安装containerd
apt install -y containerd.io

#生成containetd的配置文件
containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1

#修改cgroup Driver为systemd
sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml

#将镜像源设置为阿里云 google_containers 镜像源
sed -i 's/k8s.gcr.io/registry.aliyuncs.com\/google_containers/g' /etc/containerd/config.toml

#重新启动containerd
systemctl restart containerd

#启动containerd服务
systemctl enable containerd

#添加 apt key
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -

#添加Kubernetes的apt源为阿里云的源
apt-add-repository "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"

#检查更新
apt update

#kubelet kubeadm kubectl
apt install -y kubelet kubeadm kubectl

#锁定版本，不随 apt upgrade 更新
apt-mark hold kubelet kubeadm kubectl

#查看
kubeadm version

#开启路由功能
sysctl -w net.ipv4.ip_forward=1

#初始化kubernetes，指定版本号为最新版1.25.0，192.168.31.200为hep-k8s-lb-nginx负载均衡机器的IP
sudo kubeadm init \
--kubernetes-version=v1.25.0  \
--image-repository registry.aliyuncs.com/google_containers --v=5 \
--control-plane-endpoint "192.168.31.200:6443" \
--upload-certs \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16

#执行成功之后会打印以下信息，记得复制出来
#-------------------------------------------------------------------------------------------
[bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
I0904 00:06:45.041744    7446 clusterinfo.go:47] [bootstrap-token] loading admin kubeconfig
I0904 00:06:45.042651    7446 clusterinfo.go:58] [bootstrap-token] copying the cluster from admin.conf to the bootstrap kubeconfig
I0904 00:06:45.043146    7446 clusterinfo.go:70] [bootstrap-token] creating/updating ConfigMap in kube-public namespace
I0904 00:06:45.047066    7446 clusterinfo.go:84] creating the RBAC rules for exposing the cluster-info ConfigMap in the kube-public namespace
I0904 00:06:45.054296    7446 kubeletfinalize.go:90] [kubelet-finalize] Assuming that kubelet client certificate rotation is enabled: found "/var/lib/kubelet/pki/kubelet-client-current.pem"
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
I0904 00:06:45.055558    7446 kubeletfinalize.go:134] [kubelet-finalize] Restarting the kubelet to enable client certificate rotation
[addons] Applied essential addon: CoreDNS
I0904 00:06:45.865514    7446 request.go:533] Waited for 181.250352ms due to client-side throttling, not priority and fairness, request: POST:https://192.168.31.200:6443/api/v1/namespaces/kube-system/serviceaccounts?timeout=10s
[addons] Applied essential addon: kube-proxy

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of the control-plane node running the following command on each as root:

  kubeadm join 192.168.31.200:6443 --token xxcbh2.xdulqkbvvrup3b90 \
        --discovery-token-ca-cert-hash sha256:0e10422cacb321985e26077bbaf608cc04e773ff25df3ca9bea85b6fe3146ef1 \
        --control-plane --certificate-key 130aea3340faf2ee2c4d4fe73f10d4523c3e9c87fb3a761b080ffae75559fd06

Please note that the certificate-key gives access to cluster sensitive data, keep it secret!
As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use
"kubeadm init phase upload-certs --upload-certs" to reload certs afterward.

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.31.200:6443 --token xxcbh2.xdulqkbvvrup3b90 \
        --discovery-token-ca-cert-hash sha256:0e10422cacb321985e26077bbaf608cc04e773ff25df3ca9bea85b6fe3146ef1
root@hep:~#
#-------------------------------------------------------------------------------------------

#执行成功之后，执行下面操作
#To start using your cluster, you need to run the following as a regular user
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

#Alternatively, if you are the root user, you can run
export KUBECONFIG=/etc/kubernetes/admin.conf

#查看cluster-info
kubectl cluster-info

#查看node信息
kubectl get nodes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169

执行成功界面如下：

3.hep-k8s-master02

hep-k8s-master02上执行：

#切换root用户
sudo su -

#检查更新
apt update

#更新安装
apt upgrade -y

#设置hostname
hostnamectl set-hostname hep-k8s-master02

#设置hosts
vim /etc/hosts
# 增加下面内容
192.168.31.201 hep-k8s-master01
192.168.31.202 hep-k8s-master02
192.168.31.203 hep-k8s-master03
192.168.31.204 hep-k8s-worker01
192.168.31.205 hep-k8s-worker02
192.168.31.206 hep-k8s-worker03
192.168.31.207 hep-k8s-worker04

#关闭swap
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

#添加加载的内核模块
tee /etc/modules-load.d/containerd.conf<<EOF
overlay
br_netfilter
EOF

#加载内核模块
modprobe overlay
modprobe br_netfilter

#设置内核参数
tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

#应用内核参数
sysctl --system

#安装curl gnupg2 software-properties-common apt-transport-https ca-certificates
apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates

#安装GPG证书
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

#写入软件源信息
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

#检查更新
apt update

#安装containerd
apt install -y containerd.io

#生成containetd的配置文件
containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1

#修改cgroup Driver为systemd
sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml

#将镜像源设置为阿里云 google_containers 镜像源
sed -i 's/k8s.gcr.io/registry.aliyuncs.com\/google_containers/g' /etc/containerd/config.toml

#重新启动containerd
systemctl restart containerd

#启动containerd服务
systemctl enable containerd

#添加 apt key
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -

#添加Kubernetes的apt源为阿里云的源
apt-add-repository "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"

#检查更新
apt update

#kubelet kubeadm kubectl
apt install -y kubelet kubeadm kubectl

#锁定版本，不随 apt upgrade 更新
apt-mark hold kubelet kubeadm kubectl

#查看
kubeadm version

#开启路由功能
sysctl -w net.ipv4.ip_forward=1

#这条命令在master01上执行成功后拷贝的命令，完成hep-k8s-master02的安装，并加入到master集群
#You can now join any number of the control-plane node running the following command on each as root
kubeadm join 192.168.31.200:6443 --token xxcbh2.xdulqkbvvrup3b90 \
        --discovery-token-ca-cert-hash sha256:0e10422cacb321985e26077bbaf608cc04e773ff25df3ca9bea85b6fe3146ef1 \
        --control-plane --certificate-key 130aea3340faf2ee2c4d4fe73f10d4523c3e9c87fb3a761b080ffae75559fd06

#执行成功之后，执行下面操作
#To start using your cluster, you need to run the following as a regular user
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109

4.hep-k8s-master03

hep-k8s-master03上执行：

#切换root用户
sudo su -

#检查更新
apt update

#更新安装
apt upgrade -y

#设置hostname
hostnamectl set-hostname hep-k8s-master02

#设置hosts
vim /etc/hosts
# 增加下面内容
192.168.31.201 hep-k8s-master01
192.168.31.202 hep-k8s-master02
192.168.31.203 hep-k8s-master03
192.168.31.204 hep-k8s-worker01
192.168.31.205 hep-k8s-worker02
192.168.31.206 hep-k8s-worker03
192.168.31.207 hep-k8s-worker04

#关闭swap
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

#添加加载的内核模块
tee /etc/modules-load.d/containerd.conf<<EOF
overlay
br_netfilter
EOF

#加载内核模块
modprobe overlay
modprobe br_netfilter

#设置内核参数
tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

#应用内核参数
sysctl --system

#安装curl gnupg2 software-properties-common apt-transport-https ca-certificates
apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates

#安装GPG证书
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

#写入软件源信息
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

#检查更新
apt update

#安装containerd
apt install -y containerd.io

#生成containetd的配置文件
containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1

#修改cgroup Driver为systemd
sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml

#将镜像源设置为阿里云 google_containers 镜像源
sed -i 's/k8s.gcr.io/registry.aliyuncs.com\/google_containers/g' /etc/containerd/config.toml

#重新启动containerd
systemctl restart containerd

#启动containerd服务
systemctl enable containerd

#添加 apt key
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -

#添加Kubernetes的apt源为阿里云的源
apt-add-repository "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"

#检查更新
apt update

#kubelet kubeadm kubectl
apt install -y kubelet kubeadm kubectl

#锁定版本，不随 apt upgrade 更新
apt-mark hold kubelet kubeadm kubectl

#查看
kubeadm version

#开启路由功能
sysctl -w net.ipv4.ip_forward=1

#这条命令在master01上执行成功后拷贝的命令，完成hep-k8s-master03的安装，并加入到master集群
#You can now join any number of the control-plane node running the following command on each as root
kubeadm join 192.168.31.200:6443 --token xxcbh2.xdulqkbvvrup3b90 \
        --discovery-token-ca-cert-hash sha256:0e10422cacb321985e26077bbaf608cc04e773ff25df3ca9bea85b6fe3146ef1 \
        --control-plane --certificate-key 130aea3340faf2ee2c4d4fe73f10d4523c3e9c87fb3a761b080ffae75559fd06

#执行成功之后，执行下面操作
#To start using your cluster, you need to run the following as a regular user
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109

5.hep-k8s-worker01

hep-k8s-worker01上执行：

#切换root用户
sudo su -

#检查更新
apt update

#更新安装
apt upgrade -y

#设置hostname
hostnamectl set-hostname hep-k8s-worker01

#设置hosts
vim /etc/hosts
# 增加下面内容
192.168.31.201 hep-k8s-master01
192.168.31.202 hep-k8s-master02
192.168.31.203 hep-k8s-master03
192.168.31.204 hep-k8s-worker01
192.168.31.205 hep-k8s-worker02
192.168.31.206 hep-k8s-worker03
192.168.31.207 hep-k8s-worker04

#关闭swap
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

#添加加载的内核模块
tee /etc/modules-load.d/containerd.conf<<EOF
overlay
br_netfilter
EOF

#加载内核模块
modprobe overlay
modprobe br_netfilter

#设置内核参数
tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

#应用内核参数
sysctl --system

#安装curl gnupg2 software-properties-common apt-transport-https ca-certificates
apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates

#安装GPG证书
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

#写入软件源信息
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

#检查更新
apt update

#安装containerd
apt install -y containerd.io

#生成containetd的配置文件
containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1

#修改cgroup Driver为systemd
sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml

#将镜像源设置为阿里云 google_containers 镜像源
sed -i 's/k8s.gcr.io/registry.aliyuncs.com\/google_containers/g' /etc/containerd/config.toml

#重新启动containerd
systemctl restart containerd

#启动containerd服务
systemctl enable containerd

#添加 apt key
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -

#添加Kubernetes的apt源为阿里云的源
apt-add-repository "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"

#检查更新
apt update

#kubelet kubeadm kubectl
apt install -y kubelet kubeadm kubectl

#锁定版本，不随 apt upgrade 更新
apt-mark hold kubelet kubeadm kubectl

#查看
kubeadm version

#开启路由功能
sysctl -w net.ipv4.ip_forward=1

#这条命令在master01上执行成功后拷贝的命令，完成hep-k8s-worker01的安装，并加入到worker nodes
#Then you can join any number of worker nodes by running the following on each as root
kubeadm join 192.168.31.200:6443 --token xxcbh2.xdulqkbvvrup3b90 \
        --discovery-token-ca-cert-hash sha256:0e10422cacb321985e26077bbaf608cc04e773ff25df3ca9bea85b6fe3146ef1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

6.hep-k8s-worker02

hep-k8s-worker02上执行：

#切换root用户
sudo su -

#检查更新
apt update

#更新安装
apt upgrade -y

#设置hostname
hostnamectl set-hostname hep-k8s-worker02

#设置hosts
vim /etc/hosts
# 增加下面内容
192.168.31.201 hep-k8s-master01
192.168.31.202 hep-k8s-master02
192.168.31.203 hep-k8s-master03
192.168.31.204 hep-k8s-worker01
192.168.31.205 hep-k8s-worker02
192.168.31.206 hep-k8s-worker03
192.168.31.207 hep-k8s-worker04

#关闭swap
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

#添加加载的内核模块
tee /etc/modules-load.d/containerd.conf<<EOF
overlay
br_netfilter
EOF

#加载内核模块
modprobe overlay
modprobe br_netfilter

#设置内核参数
tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

#应用内核参数
sysctl --system

#安装curl gnupg2 software-properties-common apt-transport-https ca-certificates
apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates

#安装GPG证书
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

#写入软件源信息
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

#检查更新
apt update

#安装containerd
apt install -y containerd.io

#生成containetd的配置文件
containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1

#修改cgroup Driver为systemd
sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml

#将镜像源设置为阿里云 google_containers 镜像源
sed -i 's/k8s.gcr.io/registry.aliyuncs.com\/google_containers/g' /etc/containerd/config.toml

#重新启动containerd
systemctl restart containerd

#启动containerd服务
systemctl enable containerd

#添加 apt key
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -

#添加Kubernetes的apt源为阿里云的源
apt-add-repository "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"

#检查更新
apt update

#kubelet kubeadm kubectl
apt install -y kubelet kubeadm kubectl

#锁定版本，不随 apt upgrade 更新
apt-mark hold kubelet kubeadm kubectl

#查看
kubeadm version

#开启路由功能
sysctl -w net.ipv4.ip_forward=1

#这条命令在master01上执行成功后拷贝的命令，完成hep-k8s-worker02的安装，并加入到worker nodes
#Then you can join any number of worker nodes by running the following on each as root
kubeadm join 192.168.31.200:6443 --token xxcbh2.xdulqkbvvrup3b90 \
        --discovery-token-ca-cert-hash sha256:0e10422cacb321985e26077bbaf608cc04e773ff25df3ca9bea85b6fe3146ef1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103

7.hep-k8s-worker03

hep-k8s-worker03上执行：

#切换root用户
sudo su -

#检查更新
apt update

#更新安装
apt upgrade -y

#设置hostname
hostnamectl set-hostname hep-k8s-worker03

#设置hosts
vim /etc/hosts
# 增加下面内容
192.168.31.201 hep-k8s-master01
192.168.31.202 hep-k8s-master02
192.168.31.203 hep-k8s-master03
192.168.31.204 hep-k8s-worker01
192.168.31.205 hep-k8s-worker02
192.168.31.206 hep-k8s-worker03
192.168.31.207 hep-k8s-worker04

#关闭swap
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

#添加加载的内核模块
tee /etc/modules-load.d/containerd.conf<<EOF
overlay
br_netfilter
EOF

#加载内核模块
modprobe overlay
modprobe br_netfilter

#设置内核参数
tee /etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

#应用内核参数
sysctl --system

#安装curl gnupg2 software-properties-common apt-transport-https ca-certificates
apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates

#安装GPG证书
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

#写入软件源信息
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

#检查更新
apt update

#安装containerd
apt install -y containerd.io

#生成containetd的配置文件
containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1

#修改cgroup Driver为systemd
sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml

#将镜像源设置为阿里云 google_containers 镜像源
sed -i 's/k8s.gcr.io/registry.aliyuncs.com\/google_containers/g' /etc/containerd/config.toml

#重新启动containerd
systemctl restart containerd

#启动containerd服务
systemctl enable containerd

#添加 apt key
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -

#添加Kubernetes的apt源为阿里云的源
apt-add-repository "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main"

#检查更新
apt update

#kubelet kubeadm kubectl
apt install -y kubelet kubeadm kubectl

#锁定版本，不随 apt upgrade 更新
apt-mark hold kubelet kubeadm kubectl

#查看
kubeadm version

#开启路由功能
sysctl -w net.ipv4.ip_forward=1

#这条命令在master01上执行成功后拷贝的命令，完成hep-k8s-worker03的安装，并加入到worker nodes
#Then you can join any number of worker nodes by running the following on each as root
kubeadm join 192.168.31.200:6443 --token xxcbh2.xdulqkbvvrup3b90 \
        --discovery-token-ca-cert-hash sha256:0e10422cacb321985e26077bbaf608cc04e773ff25df3ca9bea85b6fe3146ef1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

8.安装calico网络插件

当然你还可以接着添加更多的master node或者worker node节点，操作和上面一样。现在执行命令kubectl get node -A显示节点状态为NotReady，因为网络还没准备好。

#安装calico网络插件
kubectl apply -f "https://docs.projectcalico.org/manifests/calico.yaml"

#获得pod节点信息
kubectl get pod -A

#获得node节点信息
kubectl get node -A
1
2
3
4
5
6
7
8

此时node节点和pod节点都已经处于Ready，如果没有处于Ready状态需要稍等几分钟。

相关阅读:
卡尔曼滤波的推导
 【发表案例】IF6.5+，中科院2区，2个月录用，6天见刊！
防止鱼叉式网络钓鱼的4个步骤
 PostgreSQL索引篇 | GIN索引 (倒排索引)
国密浏览器是什么？有哪些？有什么特点？
华清 c++ day3 9月10
抖音矩阵系统，抖音矩阵系统源码。抖音SEO源码。
数据结构之美：如何优化内存和性能
 Element-UI el-select下拉框多选实现全选
 Docker Desktop Windows 无法启动
原文地址：https://blog.csdn.net/JingLisen/article/details/126690217