【Kubernetes】CentOS 7 安装 Kubernetes 1.30.1-EW帮帮网

欢迎来到这份超详细的文档！这里将引导你在 CentOS 7 上轻松部署 Kubernetes 1.30.1，希望通过这份指南，让你的 Kubernetes 之旅充满乐趣与收获，快来一起探索吧！

操作系统：CentOS Linux 7 (Core)
Containerd：1.6.33
Kubernetes：1.30.1
下方仅一个主节点为例（其中主节点 hostname 为 node1，可根据实际情况修改）

1. 更换阿里云的 YUM 源

1.1. 无法使用 yum update

yum update

1.2. 备份原来的 yum 源，添加阿里云 yum 源

# 备份原来的源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak
# 创建文件 vi /etc/yum.repos.d/CentOS-Base.repo，输入虚线以下内容
----------------------------------------------------------------------------
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client.  You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the 
# remarked out baseurl= line instead.
#
#
 
[base]
name=CentOS-$releasever - Base - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/os/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/os/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
 
#released updates 
[updates]
name=CentOS-$releasever - Updates - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/updates/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/updates/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
 
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/extras/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/extras/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
 
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/centosplus/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/centosplus/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
 
#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/contrib/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/contrib/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7

# 清理缓存
yum clean all
# 重新生成新缓存
yum makecache

2. 升级 Linux 内核

2.1. 查看当前内核版本并下载升级版本的内核文件

# 查看当前内核版本
uname -r
# 下载升级版本的内核文件
wget https://mirrors.coreix.net/elrepo-archive-archive/kernel/el7/x86_64/RPMS/kernel-lt-5.4.257-1.el7.elrepo.x86_64.rpm
wget https://mirrors.coreix.net/elrepo-archive-archive/kernel/el7/x86_64/RPMS/kernel-lt-devel-5.4.257-1.el7.elrepo.x86_64.rpm
wget https://mirrors.coreix.net/elrepo-archive-archive/kernel/el7/x86_64/RPMS/kernel-lt-doc-5.4.257-1.el7.elrepo.noarch.rpm
wget https://mirrors.coreix.net/elrepo-archive-archive/kernel/el7/x86_64/RPMS/kernel-lt-headers-5.4.257-1.el7.elrepo.x86_64.rpm
wget https://mirrors.coreix.net/elrepo-archive-archive/kernel/el7/x86_64/RPMS/kernel-lt-tools-5.4.257-1.el7.elrepo.x86_64.rpm
wget https://mirrors.coreix.net/elrepo-archive-archive/kernel/el7/x86_64/RPMS/kernel-lt-tools-libs-5.4.257-1.el7.elrepo.x86_64.rpm
wget https://mirrors.coreix.net/elrepo-archive-archive/kernel/el7/x86_64/RPMS/kernel-lt-tools-libs-devel-5.4.257-1.el7.elrepo.x86_64.rpm

2.2. 卸载低版本内核的 kernel-tools 和 kernel-headers

yum remove -y kernel-tools* kernel-headers*

2.3. 安装下载的安装包

yum install -y kernel*.rpm

2.4. 设置默认启动内核为安装的最新版本

# 在 CentOS 系统中，/etc/default/grub 文件用于配置 GRUB 引导加载程序的参数和选项
cat /etc/default/grub
# 将默认内核设置为第一个 (0) 条目
sed -i 's/^GRUB_DEFAULT=saved$/GRUB_DEFAULT=0/' /etc/default/grub
# 验证设置成功
cat /etc/default/grub
# 生成新的 GRUB 配置文件
grub2-mkconfig -o /boot/grub2/grub.cfg

2.5. 重启，查看升级后的内核版本

# 重启
reboot
# 验证内核升级成功
uname -r

3. 安装 k8s 前的准备工作

3.1. 关闭防火墙

# 禁用防火墙
systemctl disable --now firewalld
systemctl stop firewalld
systemctl status firewalld

3.2. 关闭 SELinux

# 查看 SELinux 是否开启
getenforce
# 永久关闭 SELinux ，需重启
sed -i 's/enforcing/disabled/' /etc/selinux/config
# 验证修改完成
cat /etc/selinux/config
# 关闭当前会话的 SELinux ，重启后无效
setenforce 0
# 查看 SELinux 已关闭
getenforce

3.3. 关闭 swap 分区

# 查看 swap 分区是否存在
free -h
# 关闭当前会话的 swap，重启后无效
swapoff -a
# 永久关闭 swap ，需重启
sed -ri 's/.*swap.*/#&/' /etc/fstab
# 查看 swap 分区已关闭
free -h

3.4. 将桥接的 IPv4 流量传递到 iptables 的链

# vi /etc/sysctl.conf，添加以下内容
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.all.forwarding = 1
# 加载 br_netfilter 模块
modprobe br_netfilter
# 持久化修改
sysctl -p

4. 安装 conatinerd

4.1. 配置 docker 源

wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo

4.2. 安装 containerd

yum install -y yum-utils device-mapper-persistent-data lvm2
yum install -y containerd.io containerd

4.3. 配置 containerd 文件

# 查看 containerd 状态
systemctl status containerd
# 输出 containerd 配置文件
containerd config default > /etc/containerd/config.toml
# 替换为阿里云的镜像地址
sed -i "s#registry.k8s.io/pause#registry.cn-hangzhou.aliyuncs.com/google_containers/pause#g" /etc/containerd/config.toml
# 备份配置文件
cp /etc/containerd/config.toml   /etc/containerd/config.toml.bak
# 删除 /etc/containerd/config.toml 文件中 disabled_plugins 中的 cri
vi /etc/containerd/config.toml

# 开启 SystemdCgroup
sed -i "s#SystemdCgroup = false#SystemdCgroup = true#g" /etc/containerd/config.toml
# 设置 containerd 开机自启动
systemctl enable --now containerd
systemctl status containerd

4.4. 查看 containerd 版本

ctr version
containerd --version

4.5. 安装 crictl 命令


# 下载 crictl_v1.30.0 版本的包
wget https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.30.0/crictl-v1.30.0-linux-amd64.tar.gz
# 解压到 /usr/local/bin 目录
tar zxvf crictl-v1.30.0-linux-amd64.tar.gz -C /usr/local/bin
# 生成配置文件
cat << EOF | sudo tee /etc/crictl.yaml
> runtime-endpoint: "unix:///run/containerd/containerd.sock"
> image-endpoint: "unix:///run/containerd/containerd.sock"
> debug: false
> pull-image-on-create: true
> disable-pull-on-run: false
> EOF
# 验证 crictl 命令安装成功
crictl ps

4.6. 配置 Containerd 运行时镜像加速器（可选）

# 修改 vi /etc/containerd/config.toml，追加以下内容
[plugins."io.containerd.grpc.v1.cri".registry]
   config_path = "/etc/containerd/certs.d"

# docker hub 镜像加速
mkdir -p /etc/containerd/certs.d/docker.io
cat > /etc/containerd/certs.d/docker.io/hosts.toml << EOF
server = "https://docker.io"
[host."https://dockerpull.com"]
  capabilities = ["pull", "resolve"]
[host."https://register.liberx.info"]
  capabilities = ["pull", "resolve"]
[host."https://docker.m.daocloud.io"]
  capabilities = ["pull", "resolve"]
[host."https://dockerproxy.cn"]
  capabilities = ["pull", "resolve"]
EOF

# registry.k8s.io 镜像加速
mkdir -p /etc/containerd/certs.d/registry.k8s.io
tee /etc/containerd/certs.d/registry.k8s.io/hosts.toml << 'EOF'
server = "https://registry.k8s.io"
[host."https://k8s.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# 拉取镜像方式
# ctr 命令
ctr i pull --hosts-dir=/etc/containerd/certs.d docker.io/nginx:latest
# crictl 命令
crictl pull docker.io/nginx:latest

5. 安装 Kubernetes

5.1. 添加阿里云的 Kubernetes 的 YUM 源

cat <<EOF | tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/rpm/
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/rpm/repodata/repomd.xml.key
EOF

5.2. 安装 kubelet、kubeadm、kubectl

yum install -y kubelet-1.30.1 kubeadm-1.30.1 kubectl-1.30.1

5.3. 下载所需的镜像

kubeadm config images pull --kubernetes-version=v1.30.1 --image-repository registry.cn-hangzhou.aliyuncs.com/google_containers

5.4. 初始化 master 节点

kubeadm init --apiserver-advertise-address=172.16.14.132 --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers --kubernetes-version=v1.30.1 --service-cidr=10.96.0.0/16 --pod-network-cidr=10.244.0.0/16

5.5. 根据日志信息提示操作，执行下方命令

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
export KUBECONFIG=/etc/kubernetes/admin.conf

5.6. 部署 Calico 网络插件

kubectl apply -f https://projectcalico.docs.tigera.io/v3.25/manifests/calico.yaml

5.7. 查看节点状态变为 Ready

# 查看所有命名空间的 pod
kubectl get pod -A
# 查看所有节点
kubectl get node

5.8. 工作节点

工作节点部署和主节点类似，步骤 5.3 及以后无需执行，使用 “kubeadm join xxx” 命令加入主节点即可

【Kubernetes】CentOS 7 安装 Kubernetes 1.30.1

1. 更换阿里云的 YUM 源

1.1. 无法使用 yum update

1.2. 备份原来的 yum 源，添加阿里云 yum 源

2. 升级 Linux 内核

2.1. 查看当前内核版本并下载升级版本的内核文件

2.2. 卸载低版本内核的 kernel-tools 和 kernel-headers

2.3. 安装下载的安装包

2.4. 设置默认启动内核为安装的最新版本

2.5. 重启，查看升级后的内核版本

3. 安装 k8s 前的准备工作

3.1. 关闭防火墙

3.2. 关闭 SELinux

3.3. 关闭 swap 分区

3.4. 将桥接的 IPv4 流量传递到 iptables 的链

4. 安装 conatinerd

4.1. 配置 docker 源

4.2. 安装 containerd

4.3. 配置 containerd 文件

4.4. 查看 containerd 版本

4.5. 安装 crictl 命令

4.6. 配置 Containerd 运行时镜像加速器（可选）

5. 安装 Kubernetes

5.1. 添加阿里云的 Kubernetes 的 YUM 源

5.2. 安装 kubelet、kubeadm、kubectl

5.3. 下载所需的镜像

5.4. 初始化 master 节点

5.5. 根据日志信息提示操作，执行下方命令

5.6. 部署 Calico 网络插件

5.7. 查看节点状态变为 Ready

5.8. 工作节点

网站公告

今日签到

热门文章

最新发布