一、准备

1.集群服务器

建议准备3台或以上服务器组成集群，以下操作以CentOS8.0为例。

#分别查看系统内核版本，确认为8.0
cat /etc/centos-release
#分别查看IP地址，确认为上文地址
ifconfig
复制代码

2.更新源

#删除原始仓库，添加阿里云仓库
rm -rfv /etc/yum.repos.d/*
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo
#更新，安装常用依赖
yum update
yum install vim bash-completion net-tools gcc -y
复制代码

3.修改主机名

#修改主机名，分别改为master、node1、node2
vim /etc/hostname
#添加hosts，需要分别加入master和node
vim /etc/hosts
192.168.1.1 master
192.168.1.2 node1
192.168.1.3 node2
复制代码

4.关闭swap

#关闭swap
swapoff -a
#注释掉swap
vim /etc/fstab
复制代码

5.配置内核

#将桥接的IPv4流量传递到iptables的链
cat>/etc/sysctl.d/k8s.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1 
net.bridge.bridge-nf-call-iptables = 1 
EOF 
sysctl --system
复制代码

二、安装Docker

1.阿里源安装

yum install -y yum-utils device-mapper-persistent-data lvm2 
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum -y install docker-ce
复制代码

2.修改镜像源

mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
 "registry-mirrors":  ["https://otv9pb9m.mirror.aliyuncs.com"]
}
EOF
systemctl daemon-reload
systemctl restart docker
复制代码

如果docker无法启动，reboot重启服务器。

三、安装Kubernetes

1.添加k8s仓库

cat  <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
复制代码

2.安装k8s

yum install -y kubectl kubelet kubeadm
#设置开机启动
systemctl enable kubelet
#查看k8s版本
kubectl version
#version填写版本号
#apiserver填写master地址
kubeadm init --kubernetes-version=1.20.4  \
--apiserver-advertise-address=192.168.1.1   \
--image-repository registry.aliyuncs.com/google_containers  \
--service-cidr=10.10.0.0/16 --pod-network-cidr=10.122.0.0/16
复制代码

执行安装后，留意以下信息。子节点需要通过kubeadm join链接到master节点。

Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
 mkdir -p $HOME/.kube
 sudo  cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
 sudo  chown  $(id -u):$(id -g)  $HOME/.kube/config
Alternatively, if you are the root user, you can run:
 export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
 https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.1.1:6443 --token yis2v6.u5d1xu6v1v0xfnbn \
 --discovery-token-ca-cert-hash sha256:9b4b468a10c257867c14e41e3e9c4c6bacaff477a61d294e6e18b6e39cdec809 
复制代码

#创建kubectl
mkdir -p $HOME/.kube
sudo  cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo  chown  $(id -u):$(id -g)  $HOME/.kube/config
#使kubectl可以自动补充
source  <(kubectl completion bash)
复制代码

3.配置网络

#查看集群内的节点和命名空间
kubectl get node
kubectl get pod --all-namespaces
复制代码

此时，node节点为NotReady，因为corednspod没有启动，缺少网络pod

#安装calico网络
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
复制代码

安装网络环境后，节点就绪。

4.仪表盘

#拉取资源
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-rc7/aio/deploy/recommended.yaml
复制代码

vim recommended.yaml

kind: Service
apiVersion: v1
metadata:
 labels:
 k8s-app: kubernetes-dashboard
 name: kubernetes-dashboard
 namespace: kubernetes-dashboard
spec:
 type: NodePort
 ports:
 - port: 443
 targetPort: 8443
 nodePort: 30000
 selector:
 k8s-app: kubernetes-dashboard
复制代码

将yaml文件下载到本地后，在service里添加type和nodeport

#安装仪表盘
kubectl create -f recommended.yaml
复制代码

#创建一个dashboard的管理用户
kubectl create serviceaccount dashboard-admin -n kube-system
#将创建的dashboard用户绑定为管理用户
kubectl create clusterrolebinding dashboard-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
#获取刚刚创建的用户对应的token名称
kubectl get secrets -n kube-system |  grep dashboard
#输出：dashboard-admin-token-88gxw
#参考上面的输出内容
kubectl describe secrets -n kube-system dashboard-admin-token-88gxw
#输出token
复制代码

上文配置了映射端口30000，通过https://IP:30000登录，选择token登录

#token
eyJhbGciOiJSUzI1NiIsImtpZCI6Ik1YU183MUtramZLYWw4d1dzRm9pTlU3akMwRmlOQlFxaE1GWmppam12b1UifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tajI4bGQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMWYwODhhODctNjA2Ny00MTM2LWE5YmQtODA2MTkxYWY5N2M1Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.J9Zn5hrzCg119D4o-o3BNVFGpkiq3TtYQG05ScoNHMCuihiOAOEfb8ADs6OzOvmRBkc0zgA3YpaBoWuiW1VTV5Lh5Vix3MvhpM4kLc0fCS0QUcPvLUtZcPEf6GrYnO06tfilWD5V-zm90v7cNhZoasw6T1G-SmbFRo-GpKad3Par_MejQuOmd4VlqGexfb58OXWEB9GTjq7_FPL4hut6E5LzN_CmouI3dkw97dmbZo8ZTV7k0uUoiodwUJ9mzdOEaHG4G3yZt7_6FSkbUP8_rBncPe5OlN7dd6AKeC_RJCkj-I1_dd70RXKjz3iw15M-jbNcUJWySEArQjJWo6tXNg
复制代码

5.加入节点

将master机器的/etc/kubernetes/admin.conf文件传到到node1和node2

mkdir -p $HOME/.kube
sudo  cp -i $HOME/admin.conf $HOME/.kube/config
sudo  chown  $(id -u):$(id -g)  $HOME/.kube/config
复制代码

输入上文的kubeadm join指令完成链接

www.kubernetes.org.cn/7189.html