自己手工安装了k8s花费了不少时间,后来发现在kuboard.cn上有安装手册,今天测试一下

环境:

host主机:ubuntu 18.04, 192.168.10.8,虚拟网络 192.168.122.1

kvm虚拟机三台,centos7.8, 192.168.122.10: master,kvm名字 centos7v1

kvm虚拟机三台,centos7.8 ,192.168.122.51: work1,kvm名字 centos7v2

kvm虚拟机三台,centos7.8 ,192.168.122.52: work2,,kvm名字 centos7v3

步骤:准备master的环境并检查

master目前能够上网,已经配置好了。但还没有安装net-tools.否则网络工具不能使用

$ yum install net-tools -y
----- 省略 ----
net-tools-2.0-0.25.20131004git.el7.x86_64.rpm              | 306 kB   00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  正在安装    : net-tools-2.0-0.25.20131004git.el7.x86_64                   1/1 
  验证中      : net-tools-2.0-0.25.20131004git.el7.x86_64                   1/1 

已安装:
  net-tools.x86_64 0:2.0-0.25.20131004git.el7                                   

完毕!

使用命令看该机器的IP地址,马上需要使用.

[root@localhost ~]# ifconfig 
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.122.10  netmask 255.255.255.0  broadcast 192.168.122.255
        inet6 fe80::5054:ff:feb8:ad60  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:b8:ad:60  txqueuelen 1000  (Ethernet)
        RX packets 4337  bytes 5325748 (5.0 MiB)
        RX errors 0  dropped 18  overruns 0  frame 0
        TX packets 1772  bytes 127104 (124.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

 ip地址为192.168.122.10,将来作为master的地址使用.

设置机器的名称为k8s-master,将来为了识别比较方便,同时,在/etc/hosts文件尾部添加 127.0.0.1  k8s-master .

[root@localhost ~]# hostnamectl set-hostname k8s-master

 使用lscpu命令看看cpu个数是不是大于2,如果小于2的话,使用virsh edit centos8v1 修改cpu的个数,重启虚拟机。

[root@localhost ~]# lscpu
lscpu
Architecture:          x86_64
CPU op-mode(s):        32-bit, 64-bit
Byte Order:            Little Endian
CPU(s):                2
On-line CPU(s) list:   0,1
Thread(s) per core:    1
Core(s) per socket:    1
座:                 2
NUMA 节点:         1
厂商 ID:           GenuineIntel
CPU 系列:          6
型号:              42
型号名称:        Intel Xeon E312xx (Sandy Bridge, IBRS update)
步进:              1
CPU MHz:             1396.827
BogoMIPS:            2793.65
超管理器厂商:  KVM
虚拟化类型:     完全
L1d 缓存:          32K
L1i 缓存:          32K
L2 缓存:           4096K
L3 缓存:           16384K
NUMA 节点0 CPU:    0,1
Flags:                 fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx rdtscp lm constant_tsc rep_good nopl xtopology eagerfpu pni pclmulqdq ssse3 cx16 sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx hypervisor lahf_lm ibrs ibpb xsaveopt arat spec_ctrl

步骤:安装docker及kubelet

设置环境变量,并利用kuboard安装脚本进行安装

[root@localhost ~]# export REGISTRY_MIRROR=https://registry.cn-hangzhou.aliyuncs.com
[root@localhost ~]# curl -sSL https://kuboard.cn/install-script/v1.19.x/install_kubelet.sh | sh -s 1.19.2
已加载插件:fastestmirror
参数 docker 没有匹配
参数 docker-client 没有匹配
参数 docker-client-latest 没有匹配
参数 docker-ce-cli 没有匹配
参数 docker-common 没有匹配
参数 docker-latest 没有匹配
参数 docker-latest-logrotate 没有匹配
参数 docker-logrotate 没有匹配
参数 docker-selinux 没有匹配
参数 docker-engine-selinux 没有匹配
参数 docker-engine 没有匹配
不删除任何软件包
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.163.com
 * extras: mirrors.163.com
 * updates: mirrors.163.com
软件包 device-mapper-persistent-data-0.8.5-2.el7.x86_64 已安装并且是最新版本
软件包 7:lvm2-2.02.186-7.el7_8.2.x86_64 已安装并且是最新版本
正在解决依赖关系
--> 正在检查事务
---> 软件包 yum-utils.noarch.0.1.1.31-54.el7_8 将被 安装
--> 正在处理依赖关系 python-kitchen,它被软件包 yum-utils-1.1.31-54.el7_8.noarch 需要
--> 正在处理依赖关系 libxml2-python,它被软件包 yum-utils-1.1.31-54.el7_8.noarch 需要
--> 正在检查事务
---> 软件包 libxml2-python.x86_64.0.2.9.1-6.el7.4 将被 安装
---> 软件包 python-kitchen.noarch.0.1.1.1-5.el7 将被 安装
--> 正在处理依赖关系 python-chardet,它被软件包 python-kitchen-1.1.1-5.el7.noarch 需要
--> 正在检查事务
---> 软件包 python-chardet.noarch.0.2.2.1-3.el7 将被 安装
--> 解决依赖关系完成

依赖关系解决

================================================================================
 Package              架构         版本                     源             大小
================================================================================
正在安装:
 yum-utils            noarch       1.1.31-54.el7_8          updates       122 k
为依赖而安装:
 libxml2-python       x86_64       2.9.1-6.el7.4            base          247 k
 python-chardet       noarch       2.2.1-3.el7              base          227 k
 python-kitchen       noarch       1.1.1-5.el7              base          267 k

事务概要
================================================================================
安装  1 软件包 (+3 依赖软件包)

总下载量:862 k
安装大小:4.3 M
Downloading packages:
(1/4): libxml2-python-2.9.1-6.el7.4.x86_64.rpm             | 247 kB   00:00
===================省略=======================================================

作为依赖被安装:
  conntrack-tools.x86_64 0:1.4.4-7.el7                                          
  cri-tools.x86_64 0:1.13.0-0                                                   
  kubernetes-cni.x86_64 0:0.8.7-0                                               
  libnetfilter_cthelper.x86_64 0:1.0.0-11.el7                                   
  libnetfilter_cttimeout.x86_64 0:1.0.0-7.el7                                   
  libnetfilter_queue.x86_64 0:1.0.2-2.el7_2                                     
  socat.x86_64 0:1.7.3.2-2.el7                                                  

完毕!
[ 1979.111957] ip_tables: (C) 2000-2006 Netfilter Core Team
[ 1979.151006] nf_conntrack version 0.5.0 (16384 buckets, 65536 max)
[ 1979.333307] ctnetlink v0.93: registering with nfnetlink.

Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.
Client: Docker Engine - Community
 Version:           19.03.11
 API version:       1.40
 Go version:        go1.13.10
 Git commit:        42e35e61f3
 Built:             Mon Jun  1 09:13:48 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.11
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.13.10
  Git commit:       42e35e61f3
  Built:            Mon Jun  1 09:12:26 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.13
  GitCommit:        7ad184331fa3e55e52b890ea95e65ba581ae3429
 runc:
  Version:          1.0.0-rc10
  GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683
[root@localhost ~]#

步骤:初始化master节点

关于初始化时用到的环境变量

  • APISERVER_NAME 不能是 master 的 hostname
  • APISERVER_NAME 必须全为小写字母、数字、小数点,不能包含减号
  • POD_SUBNET 所使用的网段不能与 master节点/worker节点 所在的网段重叠。该字段的取值为一个 CIDR 值,如果您对 CIDR 这个概念还不熟悉,请仍然执行 export POD_SUBNET=10.100.0.1/16 命令,不做修改
[root@localhost ~]# export MASTER_IP=192.168.122.10
[root@localhost ~]# export APISERVER_NAME=apiserver.demo
[root@localhost ~]# export POD_SUBNET=10.100.0.1/16
[root@localhost ~]# echo "${MASTER_IP}    ${APISERVER_NAME}" >> /etc/hosts
[root@localhost ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
127.0.0.1 k8s-master
192.168.122.10    apiserver.demo

确认hosts文件修改正确,然后利用kuboard脚本直接执行,可能需要几分钟的时间。

[root@localhost ~]# curl -sSL https://kuboard.cn/install-script/v1.19.x/init_master.sh | sh -s 1.19.2
W0922 11:51:37.529458   10616 configset.go:348] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
[init] Using Kubernetes version: v1.19.2
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
==================省略  ====================================================================
clusterrole.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrolebinding.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrole.rbac.authorization.k8s.io/calico-node created
clusterrolebinding.rbac.authorization.k8s.io/calico-node created
daemonset.apps/calico-node created
serviceaccount/calico-node created
deployment.apps/calico-kube-controllers created
serviceaccount/calico-kube-controllers created
[root@localhost ~]#

至此,master 初始化完成。测试master节点是否成功

# watch kubectl get node   
Every 2.0s: kubectl get node                            Tue Sep 22 11:56:05 2020

NAME         STATUS     ROLES    AGE     VERSION
k8s-master   NotReady   master   2m29s   v1.19.2

#最后如下
Every 2.0s: kubectl get node                            Tue Sep 22 11:59:10 2020

NAME         STATUS   ROLES    AGE     VERSION
k8s-master   Ready    master   5m34s   v1.19.2

安装和初始化完毕

步骤:初始化工作节点

在工作节点上,安装步骤和master节点一样,只是初始化过程不一样。work节点.

首先,在master节点上获取 token以便加入master

[root@k8s-master ~]# kubeadm token create --print-join-command
W0922 14:17:40.774697   24193 configset.go:348] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
kubeadm join apiserver.demo:6443 --token v5e4ul.yj7bukqa10lmimv9     --discovery-token-ca-cert-hash sha256:2d4f2273fe696436cfbb883d19d73c8f644ed161676f06548d7952f038aa5f

在安装好的work机器上,执行如下命令,其中token, --discovery-token-ca-cert-hash等全部需要。

[root@k8s-work2 ~]# kubeadm join apiserver.demo:6443   --token v5e4ul.yj7bukqa10lmimv9     --discovery-token-ca-cert-hash sha256:2d4f2273fe696436cfbb883d19d73c8f644ed161676f06548d7952f038aa5f0d 
[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

 到master节点查询. ALL IS DONE

[root@k8s-master ~]# kubectl get node
NAME         STATUS   ROLES    AGE     VERSION
k8s-master   Ready    master   156m    v1.19.2
k8s-work1    Ready    <none>   47m     v1.19.2
k8s-work2    Ready    <none>   2m52s   v1.19.2
[root@k8s-master ~]#