一、检查操作系统版本信息、内核版本
[root@k8s-master1 /root]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)
[root@k8s-master1 /root]# uname -r
3.10.0-957.1.3.el7.x86_64
二、配置selinux和firewalld
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
systemctl disable firewalld --now
三、内核参数修改、加载内核模块
- 修改内核参数
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system - 加载内核模块
modprobe br_netfilter
lsmod | grep br_netfilter
四、yum源配置
- Base repo
cd /etc/yum.repos.d
mv CentOS-Base.repo CentOS-Base.repo.bak
curl -o CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
sed -i 's/gpgcheck=1/gpgcheck=0/g' /etc/yum.repos.d/CentOS-Base.repo - docker repo
curl -o docker-ce.repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo - kubernetes repo
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF - makecache
yum clean all
yum makecache
yum repolist
[root@k8s-master1 /root]# yum repolist
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
*base: mirrors.aliyun.com
*epel: mirrors.tuna.tsinghua.edu.cn
*extras: mirrors.aliyun.com
*updates: mirrors.aliyun.com
repo id repo name status
base/7/x86_64 CentOS-7 - Base - mirrors.aliyun.com 10,019
docker-ce-stable/x86_64 Docker CE Stable - x86_64 36
*epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,016
extras/7/x86_64 CentOS-7 - Extras - mirrors.aliyun.com 382
kubernetes Kubernetes 336
updates/7/x86_64 CentOS-7 - Updates - mirrors.aliyun.com 1,477
repolist: 25,266
五、禁用Swap
- 禁用Swap
swapoff -a
echo "vm.swappiness = 0">> /etc/sysctl.conf - 生效
sysctl -p
六、docker安装
yum list docker-ce --showduplicates | sort -r
image.png
yum install docker-ce或者yum install docker-ce-18.09.3(此处不指定版本默认为最高版本)
- 启动docker
systemctl enable docker --now - 查看服务状态
systemctl status docker
image.png
七、安装kubeadm、kubelet、kubectl
- 安装kubeadm、kubelet、kubectl
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes - 启动kubelet
systemctl enable --now kubelet
八、镜像
- 国内访问不到k8s.gcr.io,所以通过从可以下载的国内镜像源拉取镜像(比如mirrorgooglecontainers),重新打成k8s.gcr.io格式的tag名来解决这个问题
docker pull docker.io/mirrorgooglecontainers/kube-apiserver-amd64:v1.13.3
docker tag docker.io/mirrorgooglecontainers/kube-apiserver-amd64:v1.13.3 k8s.gcr.io/kube-apiserver:v1.13.3
docker pull docker.io/mirrorgooglecontainers/kube-controller-manager-amd64:v1.13.3
docker tag docker.io/mirrorgooglecontainers/kube-controller-manager-amd64:v1.13.3 k8s.gcr.io/kube-controller-manager:v1.13.3
docker pull docker.io/mirrorgooglecontainers/kube-scheduler-amd64:v1.13.3
docker tag docker.io/mirrorgooglecontainers/kube-scheduler-amd64:v1.13.3 k8s.gcr.io/kube-scheduler:v1.13.3
docker pull docker.io/mirrorgooglecontainers/kube-proxy-amd64:v1.13.3
docker tag docker.io/mirrorgooglecontainers/kube-proxy-amd64:v1.13.3 k8s.gcr.io/kube-proxy:v1.13.3
docker pull docker.io/mirrorgooglecontainers/pause-amd64:3.1
docker tag docker.io/mirrorgooglecontainers/pause-amd64:3.1 k8s.gcr.io/pause:3.1
docker pull docker.io/mirrorgooglecontainers/etcd-amd64:3.2.24
docker tag docker.io/mirrorgooglecontainers/etcd-amd64:3.2.24 k8s.gcr.io/etcd:3.2.24
docker pull docker.io/coredns/coredns:1.2.6
docker tag docker.io/coredns/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6
九、安装k8s master
- 初始化
kubeadm init --pod-network-cidr=10.100.0.0/16 - 创建文件夹
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config - flannel
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml - 检查node状态
kubectl get node(下图是我通过join命令添加工作node节点之后的状态)
image.png - 如果环境始终都是NotReady,检查一下pod状态
kubectl get pod -n kube-system
