kubernetes v1.18.2 二进制双栈 kubelet 部署

标签：SHA256   tier   http   部署   mirror   required   basic   ddr   ide   

cat 

node 节点依赖安装

# 每个node 节点执行
# centos8 
dnf install -y epel-release
sed -i "s/enabled=0/enabled=1/" /etc/yum.repos.d/CentOS-PowerTools.repo
dnf  -y update
 dnf install -y dnf-utils ipvsadm telnet wget net-tools                 conntrack ipset jq iptables curl sysstat                 libseccomp socat nfs-utils fuse lvm2 device-mapper-persistent-data fuse-devel
# ubuntu 
apt update 
apt upgrade -y
apt install -y ipvsadm telnet wget net-tools conntrack ipset  jq iptables curl sysstat libltdl7 libseccomp2 socat nfs-common  fuse ceph-common software-properties-common

docker 部署

# 每个node 节点执行
# centos 
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# 添加docker配置
mkdir -p /etc/docker
cat 

cni 部署

# 下载cni
mkdir cni
cd cni
wget https://github.com/containernetworking/plugins/releases/download/v0.8.5/cni-plugins-linux-amd64-v0.8.5.tgz
tar -xvf cni-plugins-linux-amd64-v0.8.5.tgz
rm -rf cni-plugins-linux-amd64-v0.8.5.tgz
#  创建二进制远程存放文件夹
ssh 192.168.2.175 mkdir -p /apps/cni/bin
ssh 192.168.2.176 mkdir -p /apps/cni/bin
ssh 192.168.2.177 mkdir -p /apps/cni/bin
ssh 192.168.2.185 mkdir -p /apps/cni/bin
ssh 192.168.2.187 mkdir -p /apps/cni/bin
#  上传解压二进制文件
scp -r * 192.168.2.175:/apps/cni/bin/
scp -r * 192.168.2.176:/apps/cni/bin/
scp -r * 192.168.2.177:/apps/cni/bin/
scp -r * 192.168.2.185:/apps/cni/bin/
scp -r * 192.168.2.187:/apps/cni/bin/

bootstrap-kubeconfig 配置

# 生效环境变量 部署etcd 时已经配置好
source  ./environment.sh
cd ${HOST_PATH}
# 创建bootstrap  kubeconfig 配置
# 设置集群参数
kubectl config set-cluster ${CLUSTER_NAME}   --certificate-authority=${HOST_PATH}/cfssl/pki/k8s/k8s-ca.pem   --embed-certs=true   --server=${KUBE_API_KUBELET}   --kubeconfig=${HOST_PATH}/kubeconfig/bootstrap.kubeconfig
# 设置客户端认证参数
kubectl config set-credentials system:bootstrap:${TOKEN_ID}   --token=${BOOTSTRAP_TOKEN}   --kubeconfig=${HOST_PATH}/kubeconfig/bootstrap.kubeconfig
# 设置上下文参数
kubectl config set-context default   --cluster=${CLUSTER_NAME}   --user=system:bootstrap:${TOKEN_ID}   --kubeconfig=${HOST_PATH}/kubeconfig/bootstrap.kubeconfig
# 设置默认上下文
kubectl config use-context default --kubeconfig=${HOST_PATH}/kubeconfig/bootstrap.kubeconfig
#  创建远程目录
ssh 192.168.2.175  mkdir -p /apps/k8s/{log,kubelet-plugins,conf} && mkdir -p /apps/work/kubernetes/manifests
ssh 192.168.2.176  mkdir -p /apps/k8s/{log,kubelet-plugins,conf} && mkdir -p /apps/work/kubernetes/manifests
ssh 192.168.2.177  mkdir -p /apps/k8s/{log,kubelet-plugins,conf} && mkdir -p /apps/work/kubernetes/manifests
ssh 192.168.2.185  mkdir -p /apps/k8s/{log,kubelet-plugins,conf} && mkdir -p /apps/work/kubernetes/manifests
ssh 192.168.2.187  mkdir -p /apps/k8s/{log,kubelet-plugins,conf} && mkdir -p /apps/work/kubernetes/manifests
# 分发bootstrap.kubeconfig
scp -r kubeconfig/bootstrap.kubeconfig 192.168.2.175:/apps/k8s/conf/
scp -r kubeconfig/bootstrap.kubeconfig 192.168.2.176:/apps/k8s/conf/
scp -r kubeconfig/bootstrap.kubeconfig 192.168.2.177:/apps/k8s/conf/
scp -r kubeconfig/bootstrap.kubeconfig 192.168.2.185:/apps/k8s/conf/
scp -r kubeconfig/bootstrap.kubeconfig 192.168.2.187:/apps/k8s/conf/

kubelet bootstrap 相关配置

# 创建bootstrap secret yaml
mkdir yaml
cat "
  name: bootstrap-token-${TOKEN_ID}
  namespace: kube-system

# Type MUST be ‘bootstrap.kubernetes.io/token‘
type: bootstrap.kubernetes.io/token
stringData:
  # Human readable description. Optional.
  description: "The default bootstrap token generated by ‘kubelet ‘."

  # Token ID and secret. Required.
  token-id: ${TOKEN_ID}
  token-secret: ${TOKEN_SECRET}

  # Allowed usages.
  usage-bootstrap-authentication: "true"
  usage-bootstrap-signing: "true"

  # Extra groups to authenticate the token as. Must start with "system:bootstrappers:"
  auth-extra-groups: system:bootstrappers:worker,system:bootstrappers:ingress
EOF
# 生成集群授权yaml
cat 

kubelet 二进制文件准备

# 进入二进制所在文件夹
cd ${HOST_PATH}/kubernetes/server/bin
scp -r kubelet 192.168.2.175:/apps/k8s/bin
scp -r kubelet 192.168.2.176:/apps/k8s/bin
scp -r kubelet 192.168.2.177:/apps/k8s/bin
scp -r kubelet 192.168.2.187:/apps/k8s/bin
scp -r kubelet 192.168.2.185:/apps/k8s/bin

kubelet 配置文件

# 192.168.2.175 节点配置
cat 

配置k8s-ha-master

# 项目地址： https://github.com/qist/k8s/tree/master/dockerfile/k8s-ha-master
# CP_HOSTS masterIP 加端口 默认监听端口6443 不能在master 监听端口重复不然启动不了
# 每个节点部署
cat 

创建 kubelet systemd文件

cat 

启动 kubelet

# 刷新service
ssh  192.168.2.175 systemctl daemon-reload
ssh  192.168.2.176 systemctl daemon-reload
ssh  192.168.2.177 systemctl daemon-reload
ssh  192.168.2.185 systemctl daemon-reload
ssh  192.168.2.187 systemctl daemon-reload
# 设置开机启动
ssh  192.168.2.175 systemctl enable kubelet.service
ssh  192.168.2.176 systemctl enable kubelet.service
ssh  192.168.2.177 systemctl enable kubelet.service
ssh  192.168.2.185 systemctl enable kubelet.service
ssh  192.168.2.187 systemctl enable kubelet.service
# 启动 kubelet
ssh  192.168.2.175 systemctl  start kubelet.service
ssh  192.168.2.176 systemctl  start kubelet.service
ssh  192.168.2.177 systemctl  start kubelet.service
ssh  192.168.2.185 systemctl  start kubelet.service
ssh  192.168.2.187 systemctl  start kubelet.service
# 查看启动状态
ssh  192.168.2.175 systemctl  status kubelet.service
ssh  192.168.2.176 systemctl  status kubelet.service
ssh  192.168.2.177 systemctl  status kubelet.service
ssh  192.168.2.185 systemctl  status kubelet.service
ssh  192.168.2.187 systemctl  status kubelet.service
# 这里会出现不断重启 请等待 k8s-ha-master  pod 正常启动 kubelet  进程恢复正常
[root@k8s-master-1 ~]# ps -ef | grep nginx
root       67368   67351  0 May07 ?        00:00:00 /bin/sh /usr/bin/nginx-proxy CP_HOSTS=[fc00:bd4:efa8:1001:5054:ff:fe49:9888]:5443,[fc00:bd4:efa8:1001:5054:ff:fe47:357b]:5443,[fc00:bd4:efa8:1001:5054:ff:fec6:74fb]:5443
root       67388   67368  0 May07 ?        00:00:00 nginx: master process nginx -g daemon off;
100        67389   67388  0 May07 ?        00:00:09 nginx: worker process
100        67390   67388  0 May07 ?        00:00:00 nginx: worker process
100        67391   67388  0 May07 ?        00:00:00 nginx: worker process
100        67392   67388  0 May07 ?        00:00:00 nginx: worker process
[root@k8s-master-1 ~]# docker ps| grep nginx-prox
c81fc90b5fda        juestnow/k8s-ha-master        "/usr/bin/nginx-prox…"   17 hours ago        Up 17 hours                             k8s_k8s-ha-master_k8s-ha-master-k8s-master-1_kube-system_1d8831b1fdf32d5c2df16b1e20cbeac2_0

验证kubelet 是否部署成功

root@Qist:/mnt/g/work/ipv6/1/yaml# kubectl get node
NAME           STATUS     ROLES    AGE   VERSION
k8s-master-1   NotReady      21m   v1.18.2
k8s-master-2   NotReady      21m   v1.18.2
k8s-master-3   NotReady      21m   v1.18.2
k8s-node-1     NotReady      21m   v1.18.2
k8s-node-2     NotReady      21m   v1.18.2
# 没部署网络插件 cni 就会出现这样的装
root@Qist:/mnt/g/work/ipv6/1/yaml# kubectl get node -o wide
NAME           STATUS     ROLES    AGE   VERSION   INTERNAL-IP                            EXTERNAL-IP   OS-IMAGE                KERNEL-VERSION                CONTAINER-RUNTIME
k8s-master-1   NotReady      21m   v1.18.2   fc00:bd4:efa8:1001:5054:ff:fe49:9888           CentOS Linux 8 (Core)   4.18.0-147.8.1.el8_1.x86_64   docker://19.3.8
k8s-master-2   NotReady      21m   v1.18.2   fc00:bd4:efa8:1001:5054:ff:fe47:357b           CentOS Linux 8 (Core)   4.18.0-147.8.1.el8_1.x86_64   docker://19.3.8
k8s-master-3   NotReady      21m   v1.18.2   fc00:bd4:efa8:1001:5054:ff:fec6:74fb           CentOS Linux 8 (Core)   4.18.0-147.8.1.el8_1.x86_64   docker://19.3.8
k8s-node-1     NotReady      21m   v1.18.2   fc00:bd4:efa8:1001:5054:ff:fe7f:7551           CentOS Linux 8 (Core)   4.18.0-147.8.1.el8_1.x86_64   docker://19.3.8
k8s-node-2     NotReady      21m   v1.18.2   fc00:bd4:efa8:1001:5054:ff:fedc:9845           CentOS Linux 8 (Core)   4.18.0-147.8.1.el8_1.x86_64   docker://19.3.8
# 所有部署节点已经注册到K8S 集群

kubernetes v1.18.2 二进制双栈 kubelet 部署

标签：SHA256   tier   http   部署   mirror   required   basic   ddr   ide   

原文地址：https://blog.51cto.com/juestnow/2493339