乐趣区

私有云k8s一键部署

几个关键点:

  1. 把 k8s 部署需要的镜像从 mirrorgooglecontainers 下下来,并打上 k8s.gcr.io 的 tag
  2. 注意部署网段,不要和宿主机的网段冲突
  3. 注意更改 hostname,防止一些不合法的字符如下划线
echo "关闭 docker 可能要花一点时间"
systemctl stop docker


echo "关闭缓存"
swapoff -a
# 编辑 /etf/fstab
sed -e '/swap/ s/^#*/#/' -i /etc/fstab
mount -a
# 查看输出
free -h

echo "关闭防火墙"
# 关闭防火墙
systemctl disable firewalld
systemctl stop firewalld
systemctl status firewalld

echo "关闭防火墙成功"

sleep 1

cat << EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

sysctl --system

sleep 1

# 添加一条规则
cat << EOF > /etc/sysctl.conf
net.ipv4.ip_forward = 1
EOF

# 生效配置
sysctl -p

##################################### 安装 docker
# 前置需求
#yum install -y  yum-utils device-mapper-persistent-data lvm2

## Add docker repository.
#yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

## Install docker.
#yum update && yum install docker-ce-17.06.0.ce-1.el7.centos

## Create /etc/docker directory.
#mkdir -p /etc/docker
#
#cat > /etc/docker/daemon.json <<EOF
#{
#"log-driver":"json-file",
#"log-opts":{"max-size":"1024m","max-file":"2"}
#}
#EOF
##################################### 安装 docker

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF


# 修改主机名,主机名中不能含有下划线,否则会报错。hn=`hostname`
# 将原来主机名中的下划线改为 -
new_hn="${hn//_/-}"
hostnamectl set-hostname $new_hn
#sed -i "s/$/ $new_hn/" /etc/hosts
sed -e  "s/$/ $new_hn/" -i  /etc/hosts

# 启动 docker 服务
echo "启动 docker 服务,可能花费较长时间"
systemctl start docker.service

# 从镜像拉去 Image,并改 tag

docker pull mirrorgooglecontainers/kube-apiserver:v1.14.2
docker tag mirrorgooglecontainers/kube-apiserver:v1.14.2 k8s.gcr.io/kube-apiserver:v1.14.2
docker pull mirrorgooglecontainers/kube-controller-manager:v1.14.2  k8s.gcr.io/kube-controller-manager:v1.14.2
docker pull mirrorgooglecontainers/kube-controller-manager:v1.14.2
docker tag  mirrorgooglecontainers/kube-controller-manager:v1.14.2  k8s.gcr.io/kube-controller-manager:v1.14.2
docker pull mirrorgooglecontainers/kube-scheduler:v1.14.2
docker tag mirrorgooglecontainers/kube-scheduler:v1.14.2 k8s.gcr.io/kube-scheduler:v1.14.2
docker pull mirrorgooglecontainers/kube-proxy:v1.14.2
docker tag mirrorgooglecontainers/kube-proxy:v1.14.2 k8s.gcr.io/kube-proxy:v1.14.2
docker pull mirrorgooglecontainers/pause:3.1
docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.3.10
docker tag mirrorgooglecontainers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10
docker pull coredns/coredns:1.3.1
docker tag coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1

# Set SELinux in permissive mode (effectively disabling it)
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

systemctl enable kubelet && systemctl start kubelet

############################# 如果是 master 结点 #######################################
kubeadm init --pod-network-cidr=10.20.0.0/16 --apiserver-advertise-address=Your_host_address

# 设置 kubeconfig 地址
export KUBECONFIG=/etc/kubernetes/admin.conf

# 设置 rbac
kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml

# 下载 calico.yaml
curl -O https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml

# 修改 calico.yaml
#!!!!这里很关键,要把原来的 CIDR 换成一个和宿主机局域网不同的网段!!!!!#            - name: CALICO_IPV4POOL_CIDR
#               value: "192.168.0.0/16"           ------------> 10.20.0.0/16

# 安装网络组件
kubectl apply -f calico.yaml


############################# 如果是 worker 节点 #######################################

kubeadm join 192.168.130.212:6443 --token 3csntd.vebwbj6pcy5nx6uw \
    --discovery-token-ca-cert-hash sha256:XXXXX
退出移动版