Kube.NETes下载K8S官网下载最新版本即可
Kubernetes前期准备工作
关闭防火墙
systemctl disable --now firewalld关闭selinux和开机自启动
setenforce 0# vi /etc/sysconfig/selinux # 修改内容SELINUX=disabled关闭swap
swapoff -a && sysctl -w vm.swAppiness=0vi /etc/fstab
文章插图
如果感觉centos8使用的同步时间不习惯,可安装ntpdate
yum install -y ntpdate服务器同步时间
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtimeecho 'Asia/Shanghai' > /etc/timezonentpdate time2.aliyun.com# 开机自启动# crontab -e */5 * * * * ntpdate time2.aliyun.com# vi /etc/rc.localntpdate time2.aliyun.com配置limit
# 临时设置ulimit -SHn 65535# 永久设置#vi /etc/sercurity/limit.conf* soft nofile 65535* hard nofile 65535选一台Master节点设置免钥登录其他节点且需要单独一台kubectl服务器
ssh-keygen -t rsafor i in k8s-master01 k8s-master02 k8s-master03 k8s-node01 k8s-node02;do ssh-copy-id -i .ssh/id_rsa.pub $i;done配置使用的是国内仓库源,将其复制到所有节点
git clone https://github.com/dotbalo/k8s-ha-install.gitcat <<EOF > /etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64enabled=1gpgcheck=0repo_gpgcheck=0gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpghttp://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF安装ipvsadmyum install ipvsadm ipset sysstat conntrack libseccomp -y所有节点配置ipv模块
modprobe -- ip_vsmodprobe -- ip_vs_rrmodprobe -- ip_vs_wrrmodprobe -- ip_vs_shmodprobe -- nf_conntrack_ipv4IPVS开机自启动
# vi /etc/modules-load.d/ipvs.confip_vsip_vs_rrip_vs_wrrip_vs_shnf_conntrack_ipv4ip_tablesip_setxt_setipt_setipt_rpfilteript_REJECTipipsystemctl enable --now systemd-modules-load.service验证ipvs是否加载
lsmod | grep -e ip_vs -e nf_conntrack_ipv4创建k8s.conf文件$ cd /etc/sysctl.d$ vim k8s.conf>>net.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1net.ipv4.ip_forward = 1vm.swappiness=0# 使得配置文件生效$ modprobe br_netfilter$ sysctl -p /etc/sysctl.d/k8s.confKubernetes高可用集群的环境要求 IP地址
说明
k8s-master01
192.168.2.XX0
master节点
k8s-master02
192.168.2.XX1
master节点
k8s-master03
192.168.2.XX2
master节点
k8s-master-lb
192.168.2.XX5
keepalived虚拟IP
k8s-node01
192.168.2.XX3
worker节点
k8s-node02
192.168.2.XX4
worker节点
kubeadm组件安装
# 查看kubeadm、kubectl、kubelet版本$ yum list kubeadm --showduplicates$ yum list kubectl --showduplicates$ yum list kubelet --showduplicates$ yum install kubeadm -y # 安装最新版本且依赖的组件也会安装修改pause默认镜像$ Docker_CGROUPS=$(docker info | grep 'Cgroup Driver' | cut -d' ' -f4)$ cat >/etc/sysconfig/kubelet <<EOFKUBELET_KUBEADM_ARGS="--cgroup-driver=$DOCKER_CGROUPS --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1"EOFkubelet开机自启动
systemctl daemon-reloadsystemctl enable --now kubelet高可用组件安装# k8s-master01、k8s-master02、k8s-master03安装即可yum install -y keepalived haproxy$ vi /etc/haproxy/haproxy.cfg >>globalmaxconn2000ulimit-n16384log127.0.0.1 local0 errstats timeout 30sdefaultslog globalmodehttpoptionhttplogtimeout connect 5000timeout client50000timeout server50000timeout http-request 15stimeout http-keep-alive 15sfrontend monitor-inbind *:33305mode httpoption httplogmonitor-uri /monitorlisten statsbind*:8006modehttpstats enablestats hide-versionstats uri/statsstats refresh 30sstats realmHaproxy Statisticsstats authadmin:adminfrontend k8s-masterbind 0.0.0.0:16443bind 127.0.0.1:16443mode tcpoption tcplogtcp-request inspect-delay 5sdefault_backend k8s-masterbackend k8s-mastermode tcpoption tcplogoption tcp-checkbalance roundrobindefault-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100server k8s-master01192.168.2.200:6443checkserver k8s-master02192.168.2.201:6443checkserver k8s-master03192.168.2.202:6443check
推荐阅读
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- 5 个重要的 Kubernetes 概念让学习变得简单
- kubernetes之基于ServiceAccount拉取私有镜像
- Redis集群原理与容器化部署
- minio集群将一切访问都交给nginx
- 「开源精品」 C# im 聊天通讯架构 FreeIM 支持集群、职责分明、高性能
- kubernetes-traefik的安装和部署
- 扩展你的KUBECTL功能
- 集群效应是什么意思 集群效应
- 为什么有人认为现在正处于第六次生物集群灭绝?
