K8s集群搭建

Docker 的安装以下过程经历了漫长的痛苦，主要是网络镜像问题带来的！以及排查日志！还有1.27.1版本的坑啊！前提多台机器要能ping得通，这

Docker 的安装

以下过程经历了漫长的痛苦，主要是网络镜像问题带来的！以及排查日志！还有1.27.1版本的坑啊！

前提多台机器要能ping得通，这个设置根据自己环境不同而不同，我用的是NAT模式的虚拟机！接着在各个机器做以下相同步骤！kubeadm init 仅在主节点，join在node节点！

1.修改本机host

sudo vim /etc/hostname

2.修改 /etc/hosts 文件

3.关闭交换

sudo sed -ri 's/.*swap.*/#&/' /etc/fstab

4. 防火墙设置

sudo ufw allow 6643

5.

sudo vim /etc/containerd/config.tomln#这行注释掉#disabled_plugins = ["cri"]

6.设置Docker cgroup驱动 :

sudo vi /etc/docker/daemon.jsonnnt{nnt"registry-mirrors":["https://docker.mirrors.ustc.edu.cn"],n #这一步修改docker cgroup 驱动nt"exec-opts":["native.cgroupdriver=systemd"]nnt}nntsudo systemctl daemon-reload && sudo systemctl restart docker && sudo docker info | grep Cgroup

7.安装依赖：

sudo apt-get install -y apt-transport-https ca-certificates curlnnsudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpgnnsudo echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] http://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.listnnsudo apt-get updatennsudo apt-get install -y kubelet kubeadm kubectlnn#固定版本nsudo apt-mark hold kubelet kubeadm kubectl

8.列出所需要的images：

执行：sudo kubeadm config images listn将会打印类似于下面的镜像列表：n registry.k8s.io/kube-apiserver:v1.27.1n registry.k8s.io/kube-controller-manager:v1.27.1n registry.k8s.io/kube-scheduler:v1.27.1n registry.k8s.io/kube-proxy:v1.27.1n registry.k8s.io/pause:3.9n registry.k8s.io/etcd:3.5.7-0n registry.k8s.io/coredns/coredns:v1.10.1n**************************************************************************************************n#下载docker image：n#pause:3.6 这里要下载3.6，不要下载3.9 有坑！！！n sudo docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.27.1 n && sudo docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6 n && sudo docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.27.1 n && sudo docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.27.1 n && sudo docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.27.1 n && sudo docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.7-0 n && sudo docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:v1.10.1 nn#重新给镜像打tagnsudo docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:v1.10.1 registry.k8s.io/coredns/coredns:v1.10.1 n sudo docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.5.7-0 registry.k8s.io/etcd:3.5.7-0 n sudo docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.27.1 registry.k8s.io/kube-proxy:v1.27.1 n sudo docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.27.1 registry.k8s.io/kube-scheduler:v1.27.1 n sudo docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.27.1 registry.k8s.io/kube-controller-manager:v1.27.1 n sudo docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6 registry.k8s.io/pause:3.6 n sudo docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.27.1 registry.k8s.io/kube-apiserver:v1.27.1

9.网络转发设置

sudo cat <<EOF | sudo tee /etc/modules-load.d/k8s.confnoverlaynbr_netfilternEOFnnmodprobe overlay && modprobe br_netfilternnsudo cat <<EOF | sudo tee /etc/sysctl.d/k8s.confnnet.bridge.bridge-nf-call-iptables = 1nnet.bridge.bridge-nf-call-ip6tables = 1nnet.ipv4.ip_forward = 1nEOFnnsudo sysctl --system

10.安装cri-docker

#下载地址：https://github.com/Mirantis/cri-dockerd/releasesnsudo dpkg -i cri-dockerd_0.2.6.3-0.ubuntu-bionic_amd64.deb nsudo systemctl daemon-reload && sudo systemctl enable cri-docker && sudo systemctl status cri-docker

11.kubeadm init

sudo kubeadm init --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16 --cri-socket=unix:///var/run/cri-dockerd.sock n#打印join密钥：并加入，注意这里需要把master节点的admin文件复制过来，按照init的时候的步骤去设置，否则kubectl将不能启用，会报8080端口错误！加入的时候需要带上—cri-socket=unix:///var/run/cri-dockerd.socknkubeadm token create --print-join-command

12.安装网络组件

kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml

13.打印日志：

journalctl -u kubelet -fnkubectl get pods --all-namespaces