1-3 基于kubeadm和containerd部署K8s master节点

发布于:2023-02-19 ⋅ 阅读:(684) ⋅ 点赞:(0)

目录

前言

在这里插入图片描述

本文使用Ubuntu20.04部署K8s,请保持系统环境一致。在安装K8s之前,必须先安装containerd。详情参考containerd的安装与使用


环境准备

修改主机名,K8s对主机要求严格,每个节点都不一样:

sudo hostnamectl set-hostname master1 ; bash

永久关闭swap分区,以提高性能:

sudo swapoff -a
sudo sed -i '/ swap / s/^/#/' /etc/fstab

起飞前检查,首先保证开机自启动网桥br_netfilter模块。再将网桥与流量转发开启,最后加载系统配置:

cat << EOF >> /etc/rc.local
#!/bin/bash
modprobe br_netfilter
EOF

chmod og+x /etc/rc.local
sudo systemctl restart rc-local

cat << EOF >> /etc/sysctl.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

sudo sysctl -p

安装3大件 (kubelet kubeadm kubectl)

更新 apt 包索引并安装使用 Kubernetes apt 仓库所需要的包:

sudo apt-get update && apt-get install -y apt-transport-https

下载阿里云公开签名秘钥:

sudo curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -

添加 Kubernetes apt 仓库:

cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF

更新 apt 包索引,查看可安装版本:

sudo apt-get update
sudo apt-cache madison kubeadm
   kubeadm |  1.24.3-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
   kubeadm |  1.24.2-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
   kubeadm |  1.24.1-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
   kubeadm |  1.24.0-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
   kubeadm |  1.23.9-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
   kubeadm |  1.23.8-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
   kubeadm |  1.23.7-00 | https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial/main amd64 Packages
   ...

安装指定版本的 kubelet、kubeadm 和 kubectl:

sudo apt-get install -y kubelet=1.24.3-00 kubeadm=1.24.3-00 kubectl=1.24.3-00

安装完成,查看kubeadm安装情况:

sudo apt list kubelet kubeadm kubectl
Listing... Done
kubeadm/kubernetes-xenial,now 1.24.3-00 amd64 [installed]
kubectl/kubernetes-xenial,now 1.24.3-00 amd64 [installed]
kubelet/kubernetes-xenial,now 1.24.3-00 amd64 [installed]

下载组件镜像

列出安装K8s所需的组件镜像地址,可指定版本号:

sudo kubeadm config images list --kubernetes-version v1.24.3
k8s.gcr.io/kube-apiserver:v1.24.3
k8s.gcr.io/kube-controller-manager:v1.24.3
k8s.gcr.io/kube-scheduler:v1.24.3
k8s.gcr.io/kube-proxy:v1.24.3
k8s.gcr.io/pause:3.7
k8s.gcr.io/etcd:3.5.3-0
k8s.gcr.io/coredns/coredns:v1.8.6

将k8s.gcr.io改成阿里云地址,然后7个拉取镜像:

nerdctl pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.24.3
nerdctl pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.24.3
nerdctl pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.24.3
nerdctl pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.24.3
nerdctl pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.7
nerdctl pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.3-0
nerdctl pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:v1.8.6

创建集群master节点

初始化kubeadm,创建master管理节点,具体参数如下:

–apiserver-advertise-address  本机IP
–apiserver-bind-port          API端口
–kubernetes-version          K8s版本
–pod-network-cidr            pod网络
–service-cidr                 服务网络
–service-dns-domain          dns域名
–image-repository            镜像源
–ignore-preflight-errors        忽略有swap

sudo kubeadm  init \
--apiserver-advertise-address=192.168.100.145 \
--apiserver-bind-port=6443 \
--kubernetes-version=v1.24.3 \
--pod-network-cidr=10.100.0.0/16 \
--service-cidr=10.200.0.0/16 \
--service-dns-domain=cluster.local \
--image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers \
--ignore-preflight-errors=swap

初始化会从下载好的镜像创建容器,显示下列语句则master节点部署成功。如有报错可参考文章末排错部分:

...
Your Kubernetes control-plane has initialized successfully!
...

查看集群节点

以root身份配置kubectl的秘钥文件,用于连接K8s:

echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> /root/.profile
source /root/.profile

查看已安装的节点:

root@master1:~# kubectl get node
NAME      STATUS     ROLES           AGE   VERSION
master1   NotReady   control-plane   53m   v1.24.3


排错:The kubelet is not running

如果在kubeadm init创建master时出现以下报错,可从这两点排错。

[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[kubelet-check] Initial timeout of 40s passed.

Unfortunately, an error has occurred:
	timed out waiting for the condition

This error is likely caused by:
	- The kubelet is not running
	- The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled)

查看kubelet错误日志:

sudo journalctl -xefu kubelet

报错信息:无法从k8s.gcr.io拉取镜像。

... failed to get sandbox image \"k8s.gcr.io/pause:3.5\": failed to pull image ...

解决方案:换个地址拉取,在/etc/containerd/config.toml修改。注意路径的左斜线需要转义:

sed -i 's/sandbox_image = "k8s.gcr.io\/pause:3.5"/sandbox_image = "registry.cn-hangzhou.aliyuncs.com\/google_containers\/pause:3.7"/' /etc/containerd/config.toml
systemctl daemon-reload
systemctl restart containerd.service

cat  /etc/containerd/config.toml | grep sandbox
	sandbox_image = "registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.7"

如果kubelet还是不运行,把containerd的cgroup driver改成systemd,保持与kubelet一致。

sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
systemctl daemon-reload
systemctl restart containerd.service

cat /etc/containerd/config.toml | grep SystemdCgroup
			SystemdCgroup = true
cat /var/lib/kubelet/config.yaml | grep cgroupDriver
cgroupDriver: systemd


网站公告

今日签到

点亮在社区的每一天
去签到

热门文章

最新发布