原文地址: https://www.opstour.cn/2020/03/23/k8s-ji-qun-v1-17-4-bu-shu-kubeadm-fang-shi/

目录

• 系统初始化
• kubeadm部署安装

kube-proxy开启ipvs的前置条件

modprobe br_netfilter 
cat > /etc/sysconfig/modules/ipvs.modules <<EOF 
#!/bin/bash 
modprobe -- ip_vs 
modprobe -- ip_vs_rr 
modprobe -- ip_vs_wrr 
modprobe -- ip_vs_sh 
modprobe -- nf_conntrack_ipv4 
EOF 
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4

安装 Docker 软件

yum install -y yum-utils device-mapper-persistent-data lvm2 
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo 
yum update -y && yum install -y docker-ce 
## 创建 /etc/docker 目录 
mkdir /etc/docker 
# 配置 daemon. 
cat > /etc/docker/daemon.json <<EOF 
{ 
    "registry-mirrors": ["https://2265lxi0.mirror.aliyuncs.com"],
    "exec-opts": ["native.cgroupdriver=systemd"], 
    "log-driver": "json-file", 
    "log-opts": { 
        "max-size": "100m" 
    } 
}
EOF 
mkdir -p /etc/systemd/system/docker.service.d 
# 重启docker服务 
systemctl daemon-reload && systemctl restart docker && systemctl enable docker

安装 Kubeadm （主从配置）

cat > /etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes] 
name=Kubernetes 
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 
enabled=1 
gpgcheck=0 
repo_gpgcheck=0 
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg 
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg 
EOF 
# 安装时版本为1.17.4
yum -y install kubeadm kubectl kubelet
# 如需指定版本
# yum -y install kubeadm-1.17.4 kubectl-1.17.4 kubelet1.17.4
systemctl enable kubelet.service

初始化主节点

查看需要下载的组件

kubeadm config images list

以下为返回结果

[root@k8s-master01 kubernetes]# kubeadm config images list
W0323 14:43:03.262039   32041 validation.go:28] Cannot validate kube-proxy config - no validator is available
W0323 14:43:03.262383   32041 validation.go:28] Cannot validate kubelet config - no validator is available
k8s.gcr.io/kube-apiserver:v1.17.4
k8s.gcr.io/kube-controller-manager:v1.17.4
k8s.gcr.io/kube-scheduler:v1.17.4
k8s.gcr.io/kube-proxy:v1.17.4
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.4.3-0
k8s.gcr.io/coredns:1.6.5

创建批量拉取镜像脚本

#!/bin/bash

images=(
k8s.gcr.io/kube-apiserver:v1.17.4
k8s.gcr.io/kube-controller-manager:v1.17.4
k8s.gcr.io/kube-scheduler:v1.17.4
k8s.gcr.io/kube-proxy:v1.17.4
k8s.gcr.io/pause:3.1
k8s.gcr.io/etcd:3.4.3-0
k8s.gcr.io/coredns:1.6.5
)

for imageName in ${images[@]} ; do
    docker pull $imageName
done

如果下载有困难的也可以用离线的镜像包进行load

#!/bin/bash
tar -xvf kubeadm-basic-images-1.17.4.tar
ls /root/kubeadm-basic-images-1.17.4 > /tmp/image-list.txt

cd /root/kubeadm-basic-images-1.17.4

for i in $(cat /tmp/image-list.txt )
do
        docker load -i $i
done

kubeadm config print init-defaults > kubeadm-config.yaml 
localAPIEndpoint: 
  advertiseAddress: 192.168.66.10 
kubernetesVersion: v1.15.1 
networking: 
  podSubnet: "10.244.0.0/16" 
  serviceSubnet: 10.96.0.0/12 
--- 
apiVersion: kubeproxy.config.k8s.io/v1alpha1 
kind: KubeProxyConfiguration 
featureGates: 
  SupportIPVSProxyMode: true 
mode: ipvs 

kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log

加入主节点以及其余工作节点

执行安装日志中的加入命令即可
kubeadm join 192.168.66.10:6443 --token abcdef.0123456789abcdef \
    --discovery-token-ca-cert-hash sha256:e8562df7dad57a5d6a70fb39e29c0d4e20b6d99a941d339f41c90b2514ce3fbb

部署网络

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube- flannel.yml