关闭交换分区

swapoff -a
vim /etc/fstab(注释swap挂载信息)

修改 /etc/sysctl.conf

如果有配置,则修改

sed -i "s#^net.ipv4.ip_forward.*#net.ipv4.ip_forward=1#g" /etc/sysctl.conf
sed -i "s#^net.bridge.bridge-nf-call-ip6tables.*#net.bridge.bridge-nf-call-ip6tables=1#g" /etc/sysctl.conf
sed -i "s#^net.bridge.bridge-nf-call-iptables.*#net.bridge.bridge-nf-call-iptables=1#g" /etc/sysctl.conf
sed -i "s#^net.ipv6.conf.all.disable_ipv6.*#net.ipv6.conf.all.disable_ipv6=1#g" /etc/sysctl.conf
sed -i "s#^net.ipv6.conf.default.disable_ipv6.*#net.ipv6.conf.default.disable_ipv6=1#g" /etc/sysctl.conf
sed -i "s#^net.ipv6.conf.lo.disable_ipv6.*#net.ipv6.conf.lo.disable_ipv6=1#g" /etc/sysctl.conf sed -i "s#^net.ipv6.conf.all.forwarding.*#net.ipv6.conf.all.forwarding=1#g" /etc/sysctl.conf

如果原本没有配置,则追加

echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf
echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.forwarding = 1" >> /etc/sysctl.conf

应用

sysctl -p

安装docker

yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager \
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install docker-ce docker-ce-cli containerd.io -y
systemctl start docker && systemctl enable docker
vim /etc/docker/daemon.json

{
    "exec-opts": ["native.cgroupdriver=systemd"],
    "log-driver": "json-file",
    "log-opts": {
    "max-size": "100m"
    },
    "registry-mirrors": [
        "https://1nj0zren.mirror.aliyuncs.com",
        "https://docker.mirrors.ustc.edu.cn",
        "http://f1361db2.m.daocloud.io",
        "https://registry.docker-cn.com",
        "https://reg-mirror.qiniu.com"
    ]
}

systemctl daemon-reload && systemctl restart docker

安装Kubernetes

添加源

cat > /etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

yum install -y kubelet kubeadm kubectl

systemctl enable kubelet

初始化管理节点

kubeadm init \
--apiserver-advertise-address=
主节点IP \
--image-repository registry.aliyuncs.com/google_containers \
--service-cidr=10.10.0.0/16 --pod-network-cidr=10.122.0.0/16

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

红框命令行为工作节点加入集群时执行信息,可以在运行tee命令将前端输出存入文件

查看状态

kubectl get node

安装calicao网络

kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

查看状态

kubectl get pod --all-namespaces

kubectl get node

管理节点也处于准备状态

安装仪表板

wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml

vim recommended.yaml

kubectl create -f recommended.yaml

kubectl get svc -n kubernetes-dashboard

浏览器访问https://管理节点IP:30000

创建管理员账户

kubectl create serviceaccount admin

绑定组

kubectl create clusterrolebinding dash-admin --clusterrole=cluster-admin --serviceaccount=default:admin

创建密钥

secret=$(kubectl get sa admin -o jsonpath='{.secrets[0].name}')

获得token登录dashboard

kubectl get secret $secret -o go-template='{{ .data.token | base64decode }}'

master可调度Pod(意思就是master当作node使用,单机学习可用)

kubectl taint node master主机名 node-role.kubernetes.io/master-

取消调度

kubectl taint node master主机名 node-role.kubernetes.io/master="":NoSchedule

其他工作节点加入集群

配置环境

安装docker

安装kubernetes

执行管理节点初始化时获取到的命令加入集群

TIPs:
国内拉取kubernetes镜像方法(镜像源替代)
k8s.gcr.io--》registry.cn-hangzhou.aliyuncs.com/google_containers
k8s.gcr.io--》ooglecontainersmirrors
quay.io--》quay-mirror.qiniu.com
实在不行的只能通过docker search 镜像民,然后从docker hub上拉去下来修改tag