Kubernetes 1.24 单节点安装 _KUBERNETES

弓背霞明剑照霜，秋风走马出咸阳。这篇文章主要讲述Kubernetes 1.24 单节点安装相关的知识，希望能为你提供帮助。

IP	系统
172.16.4.184/16	Rocky Linux release 8.6 (Green Obsidian)

1、环境准备

[root@localhost ~]# hostnamectl set-hostname k8s-master
[root@k8s-master ~]# setenforce 0 & & sed -is/^SELINUX=.*/SELINUX=disabled/ /etc/selinux/config
[root@k8s-master ~]# systemctlstop firewalld& & systemctldisable firewalld
[root@k8s-master ~]# swapoff -a & & sed -i / swap / s/^\$.*\$$/#\\1/g /etc/fstab
[root@k8s-master ~]# cat /etc/hosts
172.16.4.184 k8s-master
[root@k8s-master ~]# yum install ipvsadm ipset -y
[root@k8s-master ~]# cat > /etc/sysconfig/modules/ipvs.modules < < EOF
#!/bin/bash
ipvs_modules="ip_vs ip_vs_lc ip_vs_wlc ip_vs_rr ip_vs_wrr ip_vs_lblc ip_vs_lblcr ip_vs_dh ip_vs_sh ip_vs_fo ip_vs_nq ip_vs_sed ip_vs_ftp nf_conntrack"
for kernel_module in \\$ipvs_modules; do
/sbin/modinfo -F filename \\$kernel_module > /dev/null 2> & 1
if [ $? -eq 0 ]; then
/sbin/modprobe \\$kernel_module
fi
done
EOF
[root@k8s-master ~]# chmod 755 /etc/sysconfig/modules/ipvs.modules & & bash /etc/sysconfig/modules/ipvs.modules & & lsmod | grep ip_vs
[root@k8s-master ~]# modprobe br_netfilter# 开启内核转发
[root@k8s-master ~]# modprobe ip_conntrack# 开启内核转发
[root@k8s-master ~]# cat /etc/sysctl.conf
net.ipv4.ip_forward=1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1

2、安装containerd

# containerd工具包，包含cri runc等
wget

注意：containerd-1.6.6-linux-amd64.tar.gz 只包含containerd ??cri-containerd-cni-1.6.6-linux-amd64.tar.gz?? 包含containerd以及cri runc等相关工具包，建议下载本包

2.1、解压下载好的containerd

[root@k8s-master ~]# tar zxf cri-containerd-cni-1.6.6-linux-amd64.tar.gz -C /
[root@k8s-master ~]# ctr version# 查看containerd版本
Client:
Version:v1.6.6
Revision: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
Go version: go1.17.11

Server:
Version:v1.6.6
Revision: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
UUID: c579af64-e041-4436-bbc3-9674c1189857
[root@k8s-master ~]# systemctl enable containerd --now # 添加开机自启

2.2、配置containerd

[root@k8s-master ~]# mkdir /etc/containerd -p
[root@k8s-master ~]# containerd config default > /etc/containerd/config.toml
#--config,-c可以在启动守护程序时更改此路径
#配置文件的默认路径位于/etc/containerd/config.toml
[root@k8s-master ~]# sed -i s/k8s.gcr.io/registry.cn-beijing.aliyuncs.com\\/abcdocker/ /etc/containerd/config.toml# 替换数据源
[root@k8s-master ~]# sed -i s/SystemdCgroup \\= false/SystemdCgroup \\= true/ /etc/containerd/config.toml# 配置systemd作为容器的cgroup driver
[root@k8s-master ~]# systemctl start containerd
[root@k8s-master ~]# systemctl status containerd

2.3、containerd 基本操作

镜像相关功能	Docker	Containerd
显示本地镜像列表	docker images	crictl images
下载镜像	docker pull	crictl pull
上传镜像	docker push	无
删除本地镜像	docker rmi	crictl rmi
查看镜像详情	docker inspect IMAGE-ID	crictl inspect IMAGE-ID

容器相关功能	Docker	Containerd
显示容器列表	docker ps	crictl ps
创建容器	docker create	crictl create
启动容器	docker start	crictl start
停止容器	docker stop	crictl stop
删除容器	docker rm	crictl rm
查看容器详情	docker inspect	crictl inspect
attach	docker attach	crictl attach
exec	docker exec	crictl exec
logs	docker logs	crictl logs
stats	docker stats	crictl stats

POD 相关功能	Docker	Containerd
显示 POD 列表	无	crictl pods
查看 POD 详情	无	crictl inspectp
运行 POD	无	crictl runp
停止 POD	无	crictl stopp

3、安装Kubernetes3.1、配置kubernetes阿里源

[root@k8s-master ~]# cat < < EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
[root@k8s-master ~]# yum install -y kubelet-1.24.2 kubeadm-1.24.2 kubectl-1.24.2
[root@k8s-master ~]# systemctl enable kubelet --now & & systemctl start kubelet

ps: 由于官网未开放同步方式, 可能会有索引gpg检查失败的情况, 这时请用 ??yum install -y --nogpgcheck kubelet kubeadm kubectl?? 安装

3.2、配置 Kubeadm 文件

[root@k8s-master ~]# kubeadm config print init-defaults > kubeadm-init.yaml
[root@k8s-master ~]# cat kubeadm-init.yaml
apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 172.16.4.184# 注意自己IP的地址
bindPort: 6443
nodeRegistration:
criSocket: /var/run/containerd/containerd.sock
imagePullPolicy: IfNotPresent
name: k8s-master
taints: null
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager:
dns:
type: CoreDNS
etcd:
local:
dataDir: /data/etcd
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: 1.24.2
networking:
dnsDomain: cluster.local
podSubnet: 10.244.0.0/16
serviceSubnet: 10.96.0.0/12
scheduler:

3.3、初始化Kubernetes，并配置

[root@k8s-master ~]# kubeadm init --config kubeadm-config.yaml
[root@k8s-master ~]# mkdir -p $HOME/.kube
[root@k8s-master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config

3.4、配置 Kubernetes需要的网络

[root@k8s-master ~]# wget https://projectcalico.docs.tigera.io/manifests/calico.yaml
修改CALICO_IPV4POOL_CIDR，改成自己设置的pod地址范围
4442- name: CALICO_IPV4POOL_CIDR
4443value: "10.244.0.0/16"
[root@k8s-master ~]# kubectl apply -f calico.yaml

4、验证集群状态是否正常

[root@k8s-master ~]# kubectl get nodes
NAMESTATUSROLESAGEVERSION
k8s-masterReadycontrol-plane28mv1.24.2
[root@k8s-master ~]# kubectl get pods -A
NAMESPACENAMEREADYSTATUSRESTARTSAGE
kube-systemcalico-kube-controllers-6766647d54-bz5hw1/1Running028m
kube-systemcalico-node-5h9np1/1Running028m
kube-systemcoredns-7f74c56694-6pjl41/1Running028m
kube-systemcoredns-7f74c56694-d5wsf1/1Running028m
kube-systemetcd-k8s-master1/1Running028m
kube-systemkube-apiserver-k8s-master1/1Running028m
kube-systemkube-controller-manager-k8s-master1/1Running028m
kube-systemkube-proxy-5z5dj1/1Running028m
kube-systemkube-scheduler-k8s-master1/1Running0