1：k8s集群的安装
1.1 k8s的架构

截屏2021-04-05 上午11.09.20.png

1.2:修改IP地址，主机和host解析

172.16.80.22 k8s-master
172.16.80.7 k8s-node-1
172.16.80.8 k8s-node-2
所有节点需要做hosts解析

1.3:master节点安装etcd

yum install etcd -y
vim /etc/etcd/etcd.conf
6行：ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379"       #监听的地址
21行：ETCD_ADVERTISE_CLIENT_URLS="http://172.16.80.22:2379"  #master的地址
systemctl enable etcd.service
systemctl  start etcd.service

测试etcd是否安装成功
etcdctl set testdir/testkey0 0 
etcdctl get testdir/testkey0
查看集群健康状态
etcdctl -C http://172.16.80.22:2379 cluster-healt

etcd原生支持做集群

1.4:master节点安装kubernetes

yum install kubernetes-master.x86_64 -y
vim /etc/kubernetes/apiserver
8行: KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0" 
11行：KUBE_API_PORT="--port=8080"
17行：KUBE_ETCD_SERVERS="--etcd-servers=http://172.16.80.22:2379" 
23行：KUBE_ADMISSION_CONTROL="--admission- control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"         
#取消23行的 `AerviceAccount`
vim /etc/kubernetes/config 
22行：KUBE_MASTER="--master=http://172.16.80.22:8080"

设置为开机启动并重启服务
systemctl enable kube-apiserver.service
systemctl restart kube-apiserver.service
systemctl enable kube-controller-manager.service
systemctl restart kube-controller-manager.service
systemctl enable kube-scheduler.service
systemctl restart kube-scheduler.service

检查服务是否正常安装

[root@k8s-master ~]# kubectl get componentstatus
NAME                 STATUS    MESSAGE             ERROR
etcd-0               Healthy   {"health":"true"}
scheduler            Healthy   ok
controller-manager   Healthy   ok

1.5:node节点安装kubernetes

[root@k8s-node-1 ~]# yum install kubernetes-node.x86_64 -y
vim /etc/kubernetes/config
22行：KUBE_MASTER="--master=http://172.16.80.22:8080"

vim /etc/kubernetes/kubelet 
5行：KUBELET_ADDRESS="--address=0.0.0.0"                                     #监听的地址
8行：KUBELET_PORT="--port=10250" 
11行：KUBELET_HOSTNAME="--hostname-override=172.16.80.7"      #本机的地址，唯一性
14行：KUBELET_API_SERVER="--api-servers=http://172.16.80.22:8080"   #通过什么来连接api-server

重启服务
systemctl enable kubelet.service 
systemctl start kubelet.service 
systemctl enable kube-proxy.service 
systemctl start kube-proxy.service

在master节点检查

[root@k8s-master ~]# kubectl get nodes
NAME          STATUS    AGE
172.16.80.7   Ready     4s
172.16.80.8   Ready     1d
#注意，一定要关闭防火墙。

6:所有节点配置flanne网络

yum install flannel -y 
sed -i 's#http://127.0.0.1:2379#http://172.16.80.22:2379#g' /etc/sysconfig/flanneld   #etcd所在的IP地址，我所在的节点为master

master节点：

在etcd里面创建key值
etcdctl mk /atomic.io/network/config '{ "Network": "172.17.0.0/16" }'    #不要和现有网卡冲突

创建docker私有仓库，方便其他节点下载，为了简化，现在装在master节点
yum install docker -y
systemctl enable flanneld.service 
systemctl restart flanneld.service
systemctl restart  docker 
systemctl restart kube-apiserver.service 
systemctl restart kube-controller-manager.service 
systemctl restart kube-scheduler.service

node节点：

systemctl enable flanneld.service 
systemctl restart flanneld.service 
systemctl restart  docker 
systemctl restart kubelet.service 
systemctl restart kube-proxy.service

永久解决flanne网络ping不通问题,全部节点修改

[root@k8s-master ~]# vim /usr/lib/systemd/system/docker.service
ExecStartPost=/usr/sbin/iptables  -P FORWARD ACCEPT        #增加一行数据
重启docker
systemctl daemon-reload
systemctl restart docker

node network：承载kubernetes集群中各个“物理”Node(master和minion)通信的网络；
service network：由kubernetes集群中的Services所组成的“网络”；
flannel network： 即Pod网络，集群中承载各个Pod相互通信的网络。

7:配置master为镜像仓库

#所有节点
vim /etc/sysconfig/docker
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false
--registry-mirror=https://registry.docker-cn.com --insecure-registry=172.16.80.22
2:5000'   #替换options行
systemctl restart docker

#master节点
docker run -d -p 5000:5000 --restart=always --name registry -v /opt/myregistry:/var/lib/registry registry