kubernetes 1.30部署
kubernetes 1.30版本集群部署
·
0.前言
- 本次安装先在一个节点上执行下面的安装过程,随后克隆三个节点这是最简单的办法,一台一台按照下面的步骤执行也行
- 安装完步骤5之后执行克隆,克隆完成后进行集群初始化
1.系统初始化
1.1.主机名配置
$ hostnamectl hostname k8s-master-01.leepongmin.com
$ cat <<eof>> /etc/hosts
10.10.50.31 k8s-master-01.leepongmin.com master-01
10.10.50.32 k8s-node-01.leepongmin.com node-01
10.10.50.33 k8s-node-02.leepongmin.com node-02
10.10.50.34 k8s-node-03.leepongmin.com node-03
eof
1.2.系统优化
$ cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
$ sysctl --system
$ cat >> /etc/security/limits.conf <<EOF
* soft nofile 65536
* hard nofile 131072
* soft nproc 65535
* hard nproc 655350
* soft memlock unlimited
* hard memlock unlimited
EOF
1.3.swap
$ sed -ri 's/.*swap.*/#&/' /etc/fstab
$ swapoff -a
1.4.dns ntp
$ resolvectl dns enp1s0 8.8.8.8 114.114.114.114
# ntp配置
$ apt install -y chrony
$ timedatectl set-timezone Asia/Shanghai
$ sed -i -e '/^pool.*/d' -e '/^# See http:.*/a\server 'ntp.aliyun.com' iburst' /etc/chrony/chrony.conf
$ systemctl restart chronyd
$ date
$ systemctl enable --now chronyd.service
1.5.ipvs
$ cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
$ tee /etc/modules-load.d/ipvs.conf << EOF
overlay
br_netfilter
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack
EOF
$ systemctl restart systemd-modules-load.service
2.containerd部署
2.1.下载containerd
$ wget https://mirror.ghproxy.com/https://github.com/containerd/containerd/releases/download/v1.7.16/containerd-1.7.16-linux-amd64.tar.gz
2.2.拷贝到全部节点进行安装
$ hosts=("root@master-01" "root@node-01" "root@node-02" "root@node-03")
$ for host in "${hosts[@]}"; do scp "/opt/containerd-1.7.16-linux-amd64.tar.gz" "$host:/opt/" ;done
$ tar xzf /opt/containerd-1.7.16-linux-amd64.tar.gz -C /usr/local/
$ cat > /lib/systemd/system/containerd.service << EOF
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target
[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/bin/containerd
Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5
LimitNPROC=infinity
LimitCORE=infinity
LimitNOFILE=infinity
TasksMax=infinity
OOMScoreAdjust=-999
[Install]
WantedBy=multi-user.target
EOF
3.runc安装
$ wget https://mirror.ghproxy.com/https://github.com/opencontainers/runc/releases/download/v1.1.12/runc.amd64
$ chmod +x runc.amd64
$ for host in root@master-01 root@node-01 root@node-02 root@node-03; do scp runc.amd64 "$host:/usr/local/bin/runc"; done
$ mkdir -p /etc/containerd
$ containerd config default | tee /etc/containerd/config.toml
$ sed -ri -e 's/(.*SystemdCgroup = ).*/\1true/' -e 's@(.*sandbox_image = ).*@\1\"registry.aliyuncs.com/google_containers/pause:3.9\"@' /etc/containerd/config.toml
$ sed -i 's#SystemdCgroup = false#SystemdCgroup = true#g' /etc/containerd/config.toml
$ systemctl daemon-reload && systemctl start containerd
$ systemctl enable containerd.service
4.proxy配置
- 在我们使用kubernetes的时候会下载镜像,有时候我们需要的镜像可能因为网络原因无法下载,因此可以配置个代理这样镜像下载就没问题了
$ sed -i '5a Environment=HTTP_PROXY="http://10.10.50.2:7890"' /lib/systemd/system/containerd.service
$ sed -i '5a Environment=HTTPS_PROXY="http://10.10.50.2:7890"' /lib/systemd/system/containerd.service
$ sed -i '5a Environment="NO_PROXY=localhost,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local"' /lib/systemd/system/containerd.service
$ systemctl daemon-reload && systemctl start containerd
5.kubeadm部署
$ apt-get update && apt-get install -y apt-transport-https
$ curl -fsSL https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb/Release.key |
gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb/ /" |
tee /etc/apt/sources.list.d/kubernetes.list
$ apt-get update
$ apt-get install -y kubelet kubeadm kubectl
6.集群初始化
$ kubeadm init --apiserver-advertise-address=10.10.50.31 --pod-network-cidr=10.100.0.0/16 --service-cidr=10.200.0.0/16 --token-ttl=0 --image-repository registry.aliyuncs.com/google_containers --upload-certs
腾讯云面向开发者汇聚海量精品云计算使用和开发经验,营造开放的云计算技术生态圈。
更多推荐
15
0- 0
已为社区贡献1条内容
所有评论(0)