几个关键点:
- 把 k8s 部署需要的镜像从 mirrorgooglecontainers 下下来,并打上
k8s.gcr.io的 tag - 注意部署网段,不要和宿主机的网段冲突
- 注意更改 hostname,防止一些不合法的字符如下划线
echo "关闭 docker 可能要花一点时间"
systemctl stop docker
echo "关闭缓存"
swapoff -a
# 编辑 /etf/fstab
sed -e '/swap/ s/^#*/#/' -i /etc/fstab
mount -a
# 查看输出
free -h
echo "关闭防火墙"
# 关闭防火墙
systemctl disable firewalld
systemctl stop firewalld
systemctl status firewalld
echo "关闭防火墙成功"
sleep 1
cat << EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
sleep 1
# 添加一条规则
cat << EOF > /etc/sysctl.conf
net.ipv4.ip_forward = 1
EOF
# 生效配置
sysctl -p
##################################### 安装 docker
# 前置需求
#yum install -y yum-utils device-mapper-persistent-data lvm2
## Add docker repository.
#yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
## Install docker.
#yum update && yum install docker-ce-17.06.0.ce-1.el7.centos
## Create /etc/docker directory.
#mkdir -p /etc/docker
#
#cat > /etc/docker/daemon.json <<EOF
#{
#"log-driver":"json-file",
#"log-opts":{"max-size":"1024m","max-file":"2"}
#}
#EOF
##################################### 安装 docker
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
# 修改主机名,主机名中不能含有下划线,否则会报错。hn=`hostname`
# 将原来主机名中的下划线改为 -
new_hn="${hn//_/-}"
hostnamectl set-hostname $new_hn
#sed -i "s/$/ $new_hn/" /etc/hosts
sed -e "s/$/ $new_hn/" -i /etc/hosts
# 启动 docker 服务
echo "启动 docker 服务,可能花费较长时间"
systemctl start docker.service
# 从镜像拉去 Image,并改 tag
docker pull mirrorgooglecontainers/kube-apiserver:v1.14.2
docker tag mirrorgooglecontainers/kube-apiserver:v1.14.2 k8s.gcr.io/kube-apiserver:v1.14.2
docker pull mirrorgooglecontainers/kube-controller-manager:v1.14.2 k8s.gcr.io/kube-controller-manager:v1.14.2
docker pull mirrorgooglecontainers/kube-controller-manager:v1.14.2
docker tag mirrorgooglecontainers/kube-controller-manager:v1.14.2 k8s.gcr.io/kube-controller-manager:v1.14.2
docker pull mirrorgooglecontainers/kube-scheduler:v1.14.2
docker tag mirrorgooglecontainers/kube-scheduler:v1.14.2 k8s.gcr.io/kube-scheduler:v1.14.2
docker pull mirrorgooglecontainers/kube-proxy:v1.14.2
docker tag mirrorgooglecontainers/kube-proxy:v1.14.2 k8s.gcr.io/kube-proxy:v1.14.2
docker pull mirrorgooglecontainers/pause:3.1
docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.3.10
docker tag mirrorgooglecontainers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10
docker pull coredns/coredns:1.3.1
docker tag coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1
# Set SELinux in permissive mode (effectively disabling it)
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
systemctl enable kubelet && systemctl start kubelet
############################# 如果是 master 结点 #######################################
kubeadm init --pod-network-cidr=10.20.0.0/16 --apiserver-advertise-address=Your_host_address
# 设置 kubeconfig 地址
export KUBECONFIG=/etc/kubernetes/admin.conf
# 设置 rbac
kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml
# 下载 calico.yaml
curl -O https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml
# 修改 calico.yaml
#!!!!这里很关键,要把原来的 CIDR 换成一个和宿主机局域网不同的网段!!!!!# - name: CALICO_IPV4POOL_CIDR
# value: "192.168.0.0/16" ------------> 10.20.0.0/16
# 安装网络组件
kubectl apply -f calico.yaml
############################# 如果是 worker 节点 #######################################
kubeadm join 192.168.130.212:6443 --token 3csntd.vebwbj6pcy5nx6uw \
--discovery-token-ca-cert-hash sha256:XXXXX