搭建Kubernetes
Kubernetes v1.31.x + Docker CE 28.0.4+安装步骤(已适配 Ubuntu 24.04 系统)
master节点和node节点执行(使用root用户)
cri-dockerd_0.3.14.3-0.ubuntu-jammy_amd64.deb
vim /etc/hosts
192.168.3.29 k8smaster
192.168.3.24 czyy24
192.168.3.25 czyy25
192.168.3.26 czyy26
timedatectl set-timezone Asia/Shanghai
sudo apt install -y ntpsec-ntpdate
ntpdate ntp.aliyun.com
crontab -e
0 0 * * * ntpdate ntp.aliyun.com
cat << EOF | tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
modprobe overlay
modprobe br_netfilter
cat << EOF | tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sysctl --system
apt install -y ipset ipvsadm
cat << EOF | tee /etc/modules-load.d/ipvs.conf
ip_vs
ip_vs_rr
ip_VS_wrr
ip_vs_sh
nf_conntrack
EOF
cat << EOF | tee ipvs.sh
#!/bin/sh
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack
EOF
sh ipvs.sh
lsmod | grep ip_vs
sudo swapon --show
sudo swapoff -a
vim /etc/fstab
#/swap.img none swap sw 0 0
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
# 不使用安装默认版本命令
# sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
# 使用安装指定版本
sudo apt-get install docker-ce=5:28.0.4-1~ubuntu.24.04~noble docker-ce-cli=5:28.0.4-1~ubuntu.24.04~noble containerd.io docker-buildx-plugin docker-compose-plugin
sudo apt-mark hold docker-ce docker-ce-cli containerd.io
docker --version
vim /etc/docker/daemon.json
{
"registry-mirrors": [
"https://docker.1ms.run",
"https://doublezonline.cloud",
"https://dislabaiot.xyz",
"https://docker.fxxk.dedyn.io",
"https://dockerpull.org",
"https://docker.unsee.tech",
"https://hub.rat.dev",
"https://docker.1panel.live",
"https://docker.nastool.de",
"https://docker.zhai.cm",
"https://docker.5z5f.com",
"https://a.ussh.net",
"https://docker.udayun.com",
"https://hub.geekery.cn"
],
"insecure-registries": ["kubernetes-register.sswang.com"],
"exec-opts": [
"native.cgroupdriver=systemd"
]
}
systemctl daemon-reload
systemctl restart docker
systemctl enable docker
apt-get install lrzsz
rz -E cri-dockerd_0.3.14.3-0.ubuntu-jammy_amd64.deb
dpkg -i cri-dockerd_0.3.14.3-0.ubuntu-jammy_amd64.deb
vim /lib/systemd/system/cri-docker.service
修改服务配置文件 /lib/systemd/system/cri-docker.service,关键参数如下:
[Service]
ExecStart=/usr/bin/cri-dockerd \
--container-runtime-endpoint fd:// --network-plugin=cni --cni-bin-dir=/opt/cni/bin --cni-conf-dir=/etc/cni/net.d --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9
sudo systemctl daemon-reload
sudo systemctl enable cri-docker --now
systemctl restart cri-docker
systemctl status cri-docker
ls -l /var/run/cri-dockerd.sock
cri-dockerd --version
sudo ufw disable
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.31/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.31/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt update
sudo apt-get install -y kubelet=1.31.7-1.1 kubeadm=1.31.7-1.1 kubectl=1.31.7-1.1
sudo apt-mark hold kubelet kubeadm kubectl
echo 'KUBELET_EXTRA_ARGS="--cgroup-driver=systemd"' | sudo tee /etc/default/kubelet
systemctl enable kubelet
master节点执行
仅主节点执行
sudo kubeadm init --apiserver-advertise-address=192.168.3.29 --image-repository=registry.aliyuncs.com/google_containers --kubernetes-version=v1.31.1 --cri-socket=unix:///var/run/cri-dockerd.sock
执行完成后的提示
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
要开始使用集群,您需要以普通用户身份运行以下命令:
普通用户执行
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
或者,如果您是root用户,可以运行:
export KUBECONFIG=/etc/kubernetes/admin.conf
如果token过期了,可以执行下面命令生成一个永不过期的toekn
sudo kubeadm token create --ttl 0 --print-join-command
You should now deploy a pod network to the cluster.
执行完上面的后
CNI 网络插件安装(以 Calico 为例)
1. 部署 Calico 3.29.1
kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.29.1/manifests/calico.yaml
验证:
kubectl get pods -n kube-system -l k8s-app=calico-node
其他node节点执行
Worker 节点加入集群
在 Worker 节点执行以下命令(从 Master 节点初始化输出中获取 Token):
现在,您应该将pod网络部署到集群。
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
然后,您可以通过以root身份在每个工作节点上运行以下命令来加入任意数量的工作节点:
kubeadm join 192.168.3.29:6443 --token 1s40nt.m7mpceejc41uazna \
--discovery-token-ca-cert-hash sha256:cb0c57da1ffb49799ab16c8da6af3beb471a7c7ba2f9e5272c075918df41a908
仅node节点执行 - root 用户执行
⚠️注意:记得加上--cri-socket=unix:///var/run/cri-dockerd.sock
sudo systemctl restart kubelet
kubeadm join 192.168.3.29:6443 --token 1s40nt.m7mpceejc41uazna --discovery-token-ca-cert-hash sha256:cb0c57da1ffb49799ab16c8da6af3beb471a7c7ba2f9e5272c075918df41a908 --cri-socket=unix:///var/run/cri-dockerd.sock
kubeadm join 192.168.3.29:6443 --token nrknep.6e647ooztzddkpez --discovery-token-ca-cert-hash sha256:cb0c57da1ffb49799ab16c8da6af3beb471a7c7ba2f9e5272c075918df41a908 --cri-socket=unix:///var/run/cri-dockerd.sock
© 版权声明
THE END
暂无评论内容