[TOC]
# 安装k8s
主要是搭建kubernetes单节点版,配置:
* 内存:4g
* 系统版本:centos7
* docker:20.10.8
* kubernetes:v1.22.2
# 一、关闭防火墙等
## 关闭防火墙
```
$ systemctl stop firewalld
$ systemctl disable firewalld
```
### 关闭SE
```
$ setenforce 0
$ vi /etc/selinux/config
# 设置SELINUX=disabled
```
### 关闭SWAP
1.8开始要求关闭系统的Swap,如果不关闭,默认配置下kubelet将无法启动
```
$ swapoff -a
```
## 二、安装常用软件
### 安装 epel 源
~~~
$ yum -y install epel-release
~~~
修改为国内源
~~~
$ sed -e 's!^metalink=!#metalink=!g' \
-e 's!^#baseurl=!baseurl=!g' \
-e 's!//download\.fedoraproject\.org/pub!//mirrors.tuna.tsinghua.edu.cn!g' \
-e 's!http://mirrors!https://mirrors!g' \
-i /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel-testing.repo
~~~
### 常用软件
~~~
$ yum -y install net-tools \
nmap-ncat \
sysstat \
git \
ipset \
ipvsadm \
bash-completion \
wget \
unzip \
lrzsz \
lsof \
vim
~~~
### 配置系统参数
将桥接的IPv4流量传递到iptables的链
~~~
$ cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
$ sysctl --system
~~~
## 三、安装docker
### 配置docker-ce源
~~~
$ wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo \
-O /etc/yum.repos.d/docker-ce.repo
$ yum -y install docker-ce-20.10.8 docker-ce-cli-20.10.8
$ systemctl enable docker.service
~~~
### 配置阿里云镜像加速
~~~
$ sudo mkdir -p /etc/docker
$ sudo tee /etc/docker/daemon.json <<-'EOF'
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": ["https://tdbwnfa3.mirror.aliyuncs.com"]
}
EOF
$ sudo systemctl daemon-reload
$ sudo systemctl restart docker
~~~
## 四、安装kubernetes
### 配置kubernetes源
~~~
$ tee /etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name = kubernetes
baseurl = https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled = 1
gpgcheck =1
gpgkey = https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg \
https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
EOF
~~~
安装指定版本,本次安装`1.22.2`
~~~
$ yum install -y kubelet-1.22.2 kubectl-1.22.2 kubeadm-1.22.2
$ systemctl enable kubelet
~~~
### 初始化k8s集群
~~~
$ kubeadm init --kubernetes-version=1.22.2 --apiserver-advertise-address=172.22.78.27 --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.10.0.0/16 --pod-network-cidr=10.122.0.0/16 --v=5
~~~
成功后输出
初始化成功后根据提示创建 kubectl
~~~
$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
~~~
查看 node 及 pod
~~~
$ kubectl get node
~~~
如果是NotReady状态,则修改以下配置:
~~~
$ vi /var/lib/kubelet/kubeadm-flags.env
# 去掉 --network-plugin=cni,重启集群
$ systemctl daemon-reload
$ systemctl restart kubelet
~~~
允许 master 节点执行 pod (单节点必备)
~~~
$ kubectl taint nodes --all node-role.kubernetes.io/master-
~~~
配置网络
~~~
$ kubectl create -f https://docs.projectcalico.org/manifests/tigera-operator.yaml
~~~
其它注意事项:
重新执行kubeadm init 后一定要执行以下命令:
~~~
$ rm -rf $HOME/.kube
$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
~~~
## 其它
如果需要Kubernetes Dashboard,见`安装Kubernetes Dashboard`章节
### 常用命令
```
systemctl start etcd
systemctl start docker
systemctl start kube-apiserver.service
systemctl start kube-controller-manager.service
systemctl start kube-scheduler.service
systemctl start kubelet.service
systemctl start kube-proxy.service
kubectl describe node iz2vcj8euuplnrxp4bjrmvz
journalctl -f -u kubelet
systemctl daemon-reload
systemctl restart kubelet
kubectl logs --tail 200 -f kubernetes-dashboard-78c79f97b4-ht6j2 -n kubernetes-dashboard
```
## 常见问题
* [kubeadm init超时](https://blog.csdn.net/kavie2333/article/details/113401395)
* [kubeadm init .yaml already exists](https://blog.csdn.net/u013288190/article/details/109028046)
* [如何解决kubeadm init初始化时dial tcp 127.0.0.1:10248: connect: connection refused](https://www.myfreax.com/how-to-solve-dial-tcp-127-0-0-1-10248-connect-connection-refused-during-kubeadm-init-initialization/)
