kubernetes 1.15.1安装部署
2021-04-14 04:28
标签:物理 each -o version recycle The panic install address 节点四台:master、node01、node02、harbor 安装依赖包 设置防火墙为iptables规则并设置空规则 关闭SElinux 调整内核参数 开机调用kubernetes.conf,并生效 调整系统时区-安装系统时选择上海,这步跳过 关闭系统邮件服务 设置系统日志服务rsyslogd和systemd journald #cat > /etc/systemd/journal.conf.d/99-prophet.conf [ Journal ] #压缩历史日志 SyncIntervalSec=5m #最大占用空间 #单日志文件最大 200M #日志保存时间 #不讲日志转发到 syslog EOF 升级系统内核为4.44版本 查看 /boot/grub2/grub.cfg是否存在menuentry 中是否包含 initrd16配置,如果没有重新安装 #yum --enablerepo=elrepo-kernel install -y kernel-lt 设置开几重启内核 检查下三台节点内核版本是否为4.44 Kube-proxy开启ipvs前置条件 #chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod |grep -e ip_vs -e nf_conntrack_ipv4 安装docker #yum-config-manager \ # yum update -y && yum install -y docker-ce 创建 /etc/docker 目录 #grub2-set-default ‘CentOS Linux (4.4.214-1.el7.elrepo.x86_64) 7 (core)‘&&reboot 创建 daemon.json 配置文件,将存储日志的方式改为为 json file 格式存储,方便日后从 /var/log/container/ 下查找容器日志,之后就可以从 efk 中搜索索引信息了 #systemctl daemon-reload && systemctl restart docker && systemctl enable docker 安装kubeadm #yum -y install kubeadm-1.15.1 kubectl-1.15.1 kubelet-1.15.1 导入kubernetes系统镜像,本地资料中 ls /root/rpm/kubeadm-basic.images > /root/docker-load-list.txt cd /root/rpm/kubeadm-basic.images for i in $(cat /root/docker-load-list.txt) 初始化master Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube You should now deploy a pod network to the cluster. Then you can join any number of worker nodes by running the following on each as root: kubeadm join 192.168.1.11:6443 --token abcdef.0123456789abcdef \ # mkdir -p $HOME/.kube 保留安装文件 master安装flannel 没有镜像可以下载国内镜像,然后重新打标签,将镜像scp到node01和node02节点上,docker load即可 Node01和Node02节点加入k8s集群 kubernetes 1.15.1安装部署 标签:物理 each -o version recycle The panic install address 原文地址:https://www.cnblogs.com/houjunjun437416/p/12378425.html
设置系统主机名及host文件解析
#hostnamectl set-hostname k8s-master hostnamectl set-hostname k8s-node01 hostnamectl set-hostname k8s-node02
#yum -y install conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget vim net-tools git
#systemctl stop firewalld&&systemctl disable firewalld
#yum -y install iptables-services && systemctl start iptables && systemctl enable iptables && iptables -F && service iptables save
# swapoff -a && sed -i ‘/ swap / s/^\(.*\)$/#\1/g‘ /etc/fstab
#setenforce 0 && sed -I ‘s/^SELINUX=.*/SELINUX=disabled/‘ /etc/selinux/config
#cat > kubernetes.conf net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
net.ipv4.tcp_tw_recycle=0
vm.swappiness=0 #禁止使用swap空间
vm.overcommit_memory=1 #不检查物理内存
vm.panic_on_oom=0
fs.inotify.max_user_instances=8192
fs.inotify.max_user_watches=1048576
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720
EOF
#cp kubernetes.conf /etc/sysctl.d/kubernetes.conf
#sysctl -p /etc/sysctl.d/kubernetes.conf
设置时区 中国/上海
#timedatectl set-timezone Asia/Shanghai
将当前UTC时间写入硬件时钟
#timedatectl set-local-rtc 0
重启依赖于系统时间的服务
#systemctl restart rsyslog
#systemctl restart crond
#systemctl stop postfix&&systemctl disable postfix
创建持久化目录
# mkdir /var/log/journal
创建journald配置文件
# mkdir /etc/systemd/journal.conf.d
#持久化保存到磁盘
Storage=persistent
Compress=yes
RateLimitInterval=30s
RateLimitBurst=1000
SystemMaxUse=10G
SystemMaxFileSize=200M
MaxRetentionSec=2week
ForwardToSyslog=no
#systemctl restart systemd-journald
#rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
#cat /boot/grub2/grub.cfg|grep initrd16
#grub2-set-default ‘CentOS Linux (4.4.214-1.el7.elrepo.x86_64) 7 (core)‘
#reboot
#uname -r
4.4.214-1.el7.elrepo.x86_64
#modprobe br_netfilter
#cat > /etc/sysconfig/modules/ipvs.modules #!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
#yum -y install yum-utils device-mapper-persistent-data lvm2
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#mkdir /etc/docker
设置docker启动,开机自启
# systemctl start docker && systemctl enable docker
#cat > /etc/docker/daemon.json {
"registry-mirrors": ["https://registry.docker-cn.com"],
"exec-opts": ["native.cgroupdriver=systemd"], #centos7中有两种cgroup组(cgroupfx, cgroupdriver)是由systemd做隔离
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
}
}
EOF
#mkdir -p /etc/systemd/system/docker.service.d
#cat /etc/yum.repos.d/kubernetes.repo
[kubernetes]
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
EOF
#systemctl enable kubelet
# tar xf kubeadm-basic.images.tar.gz
批量导入镜像脚本
# vim docker-load.sh
#!/bin/bash
do
docker load -i $i
done
#chmod a+x docker-load.sh
#./docker-load.sh
在master节点操作,导出kubeadm-config.yaml配置文件
#kubeadm config print init-defaults > /etc/kubernetes/kubeadm-config.yaml
#vim kubeadm-config.yaml
第12行:advertiseAddress:192.168.1.11
第34行:kubernetesVersion: v1.15.1
第36行下增加:podSubnet: "10.244.0.0/16" #pod网段
#kubeadm init --config=/etc/kubernetes/kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
--discovery-token-ca-cert-hash sha256:69540b24d9d2eaa4fd9a9d533bfde8c6520ce7586366fa9e35474e94553532ba
# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# chown $(id -u):$(id -g) $HOME/.kube/config
# echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
#source ~/.bash_profile
#mkdir install-k8s
# mv /etc/kubernetes/kubeadm-config.yaml /etc/kubernetes/kubeadm-init.log /usr/local/kubernetes/install-k8s/
#wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
# kubectl create -f kube-flannel.yml
#docker pull lizhenliang/flannel:v0.11.0-amd64
#docker tag lizhenliang/flannel:v0.11.0-amd64 quay.io/coreos/flannel:v0.11.0-amd64
#tail -5 /usr/local/kubernetes/install-k8s/kubeadm-init.log
#kubeadm join 192.168.1.11:6443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:69540b24d9d2eaa4fd9a9d533bfde8c6520ce7586366fa9e35474e94553532ba
文章标题:kubernetes 1.15.1安装部署
文章链接:http://soscw.com/index.php/essay/75512.html