kubeadm配置虚拟机k8s集群

kubeadm配置虚拟机k8s集群 环境

centos7、vm pro、windows terminal、termius

虚拟机

1. 硬件配置
   2核2G，实验用，具体可根据电脑调整，配置3台，master01、node01、node02。通过克隆虚拟机直接复制，配置通一项以后建议快照保存
   
2. 网络[重点]
   NAT模式
   编辑 -> 虚拟网络编辑器
   修改下列选项

• 网关 你想设置的网段 xxx.xxx.xxx.xxx
• 子网IP 你想设置的网段 xxx.xxx.xxx.0
• 子网掩码 都为255.255.255.0
• 取消使用DHCP服务将IP地址分配给虚拟机
• 修改VM8网卡信息 你想设置的网段 xxx.xxx.xxx.xxx
• 虚拟机中改静态IP切记不要与网关、网卡冲突

3.网络环境配置完后记住，接下来进centos配置网络

CentOS

1. 系统环境搭建&k8s基础搭建

yum update -y
#1.所有节点selinux永久关闭
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config  

#2.所有防火墙关闭
systemctl stop firewalld && systemctl disable firewalld

#3.所有节点swap永久关闭
sed -i 's/.*swap.*/#&/' /etc/fstab 永久关闭

#4.将桥接的IPv4流量传递到iptables的链
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables

#5.yum添加阿里源
cd /etc/yum.repos.d
curl -o /etc/yum.repos.d/CentOS-base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

#6.配置主机名
hostnamectl set-hostname master01
hostname

#7.基础包安装
yum install yum-utils device-mapper-persistent-data lvm2 vim bash-completion net-tools gcc -y

#8.docker安装
mkdir -p /etc/docker
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo 
yum -y install docker-ce
systemctl enable docker&&systemctl start docker
#添加aliyun的docker仓库加速
tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://fl791z1h.mirror.aliyuncs.com"]
}
EOF
systemctl daemon-reload

#9.所有节点获取docker的cgroups
DOCKER_CGROUPS=$(docker info | grep 'Cgroup' | cut -d':' -f2)
echo $DOCKER_CGROUPS

#10.kubeadm kubelet kubectl(node节点可不装)安装
cat >> /etc/yum.repos.d/kubernetes.repo </etc/sysconfig/kubelet<> /etc/sysctl.conf <> kubernetes.sh << eof
#!/bin/bash
K8S_VERSION=v1.19.7
ETCD_VERSION=3.4.13-0
DASHBOARD_VERSION=v1.8.3
FLANNEL_VERSION=v0.10.0-amd64
DNS_VERSION=1.7.0
PAUSE_VERSION=3.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:$K8S_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:$K8S_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:$K8S_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:$K8S_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:$ETCD_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:$PAUSE_VERSION
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:$DNS_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:$K8S_VERSION k8s.gcr.io/kube-apiserver:$K8S_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:$K8S_VERSION k8s.gcr.io/kube-controller-manager:$K8S_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:$K8S_VERSION k8s.gcr.io/kube-scheduler:$K8S_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:$K8S_VERSION k8s.gcr.io/kube-proxy:$K8S_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:$PAUSE_VERSION k8s.gcr.io/pause:$PAUSE_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:$DNS_VERSION k8s.gcr.io/coredns:$DNS_VERSION
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:$ETCD_VERSION k8s.gcr.io/etcd:$ETCD_VERSION
eof

chmod 777 kubernetes.sh
./kubernetes.sh
systemctl enable kubelet && systemctl start kubelet

#12.初始化master节点
kubeadm config print init-defaults > kubeadm-config.yaml
vim  kubeadm-config.yaml
#12.1 修改nodeRegistration:name为hostname
#12.2 修改imageRepository: registry.aliyuncs.com/google_containers
#12.3 修改localAPIEndpoint:advertiseAddress: #本机IP
#详情参考下图

#13.添加 本机IP 本机hostname
vim /etc/hosts

#14.初始化
kubeadm init --config=kubeadm-config.yaml

#15.复制配置文件到用户HOME目录
export KUBECONFIG=/etc/kubernetes/admin.conf

#16.查看集群状态
kubectl get nodes

2. 集群联通
2.1 cni在master01上安装

//官网执行命令
https://projectcalico.docs.tigera.io/getting-started/kubernetes/self-managed-onprem/onpremises#install-calico-with-kubernetes-api-datastore-50-nodes-or-less

#检查master是否Ready
kubectl get nodes
#如果没有就reset重新init
kubeadm reset

2.2 生成master无过期时间的token

kubeadm init phase upload-certs --upload-certs

成功示例（如果节点notready等一会即可）