kubernetes——快速部署

2. Kubernetes快速部署

kubeadm是官方社区推出的一个用于快速部署kubernetes集群的工具。

这个工具能通过两条指令完成一个kubernetes集群的部署：

# 创建一个 Master 节点
$ kubeadm init
 
# 将一个 Node 节点加入到当前集群中
$ kubeadm join 

 k8s部署方式：

•         二进制部署
•         kubeadm部署

2.1 安装要求

在开始之前，部署Kubernetes集群机器需要满足以下几个条件：

-至少3台机器，操作系统 CentOS7+

• 硬件配置：2GB或更多RAM，2个CPU或更多CPU，硬盘20GB或更多
• 集群中所有机器之间网络互通
• 可以访问外网，需要拉取镜像
• 禁止swap分区

2.2 学习目标

1. 在所有节点上安装Docker和kubeadm
2. 部署Kubernetes Master
3. 部署容器网络插件
4. 部署 Kubernetes Node，将节点加入Kubernetes集群中
5. 部署Dashboard Web页面，可视化查看Kubernetes资源

2.3  准备环境

 master

 node1，node2

 master

//配置yum源
//设置主机名：
[root@localhost ~]# hostnamectl set-hostname k8s-master
[root@localhost ~]# bash
 
//关闭防火墙：
[root@k8s-master ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@k8s-master ~]# vi /etc/selinux/config 
 
//关闭swap：
[root@k8s-master ~]# free -m
              total        used        free      shared  buff/cache   available
Mem:           3709         235        3251           8         222        3247
Swap:          2047           0        2047
[root@k8s-master ~]# vi /etc/fstab 
#/dev/mapper/rhel-swap   none                    swap    defaults        0 0   
//这一行注释掉，或者删掉，#代表注释
 
//在master添加hosts：
[root@k8s-master ~]# cat >> /etc/hosts << EOF
> 192.168.122.131 master master.example.com
> 192.168.122.132 node1 node1.example.com
> 192.168.122.133 node2 node2.example.com
> EOF
[root@k8s-master ~]# vi /etc/hosts
[root@k8s-master ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.2.129 k8s-master 
192.168.2.128 k8s-node1
192.168.2.131 k8s-node2
 
//将桥接的IPv4流量传递到iptables的链：
[root@k8s-master ~]# cat > /etc/sysctl.d/k8s.conf << EOF
> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> EOF
[root@k8s-master ~]# sysctl --system      //使其生效
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-coredump.conf ...
kernel.core_pattern = |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h %e
kernel.core_pipe_limit = 16
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
kernel.kptr_restrict = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.promote_secondaries = 1
net.core.default_qdisc = fq_codel
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /usr/lib/sysctl.d/50-libkcapi-optmem_max.conf ...
net.core.optmem_max = 81920
* Applying /usr/lib/sysctl.d/50-pid-max.conf ...
kernel.pid_max = 4194304
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/k8s.conf ...
* Applying /etc/sysctl.conf ...
[root@k8s-master ~]# 
 
//安装chrony，时间同步：
[root@k8s-master ~]# yum -y install chrony
[root@k8s-master ~]# vi /etc/chrony.conf 
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
pool time1.aliyun.com iburst     //这里修改成这样
[root@k8s-master ~]# systemctl enable chronyd
[root@k8s-master ~]# systemctl restart chronyd
[root@k8s-master ~]# systemctl status chronyd
● chronyd.service - NTP client/server
   Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor prese>
   Active: active (running) since Tue 2022-09-06 19:24:19 CST; 10s ago
     Docs: man:chronyd(8)
           man:chrony.conf(5)
  Process: 10368 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exi>
  Process: 10364 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCC>
 Main PID: 10366 (chronyd)
    Tasks: 1 (limit: 23502)
   Memory: 928.0K
   CGroup: /system.slice/chronyd.service
           └─10366 /usr/sbin/chronyd
 
Sep 06 19:24:19 k8s-master systemd[1]: Starting NTP client/server...
Sep 06 19:24:19 k8s-master chronyd[10366]: chronyd version 4.1 starting (+CMDMON >
Sep 06 19:24:19 k8s-master chronyd[10366]: Using right/UTC timezone to obtain lea>
Sep 06 19:24:19 k8s-master systemd[1]: Started NTP client/server.
Sep 06 19:24:23 k8s-master chronyd[10366]: Selected source 203.107.6.88 (time1.al>
Sep 06 19:24:23 k8s-master chronyd[10366]: System clock TAI offset set to 37 seco>
[root@k8s-master ~]# 
 
//ping通
[root@k8s-master ~]# ping k8s-master
PING k8s-master (192.168.2.129) 56(84) bytes of data.
64 bytes from k8s-master (192.168.2.129): icmp_seq=1 ttl=64 time=0.022 ms
64 bytes from k8s-master (192.168.2.129): icmp_seq=2 ttl=64 time=0.025 ms
64 bytes from k8s-master (192.168.2.129): icmp_seq=3 ttl=64 time=0.026 ms
^C
--- k8s-master ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2067ms
rtt min/avg/max/mdev = 0.022/0.024/0.026/0.004 ms
[root@k8s-master ~]# ping k8s-node1
PING k8s-node1 (192.168.2.128) 56(84) bytes of data.
64 bytes from k8s-node1 (192.168.2.128): icmp_seq=1 ttl=64 time=0.513 ms
^C
--- k8s-node1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.513/0.513/0.513/0.000 ms
[root@k8s-master ~]# ping k8s-node2
PING k8s-node2 (192.168.2.131) 56(84) bytes of data.
64 bytes from k8s-node2 (192.168.2.131): icmp_seq=1 ttl=64 time=0.382 ms
64 bytes from k8s-node2 (192.168.2.131): icmp_seq=2 tt