官方文档：安装 kubeadm

1. 多台Linux机器 CentOS7
2. 2G以上RAM，2个以上CPU
3. 集群网络互通，可访问外网
4. 关闭防火墙，关闭swap分区

node

IP

k8s-master

192.168.43.111

k8s-node1

192.168.43.112

k8s-node2

192.168.43.113

以下命令在三个主机上运行

关闭防火墙

systemctl stop firewalld && systemctl disable firewalld

关闭selinux

sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 临时

关闭swap

swapoff -a # 临时
vi /etc/fstab # 永久

设置主机名

hostnamectl set-hostname

添加hosts

cat >> /etc/hosts << EOF
192.168.43.111 k8s-master
192.168.43.112 k8s-node1
192.168.43.113 k8s-node2
EOF

允许 iptables 检查桥接流量

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

sudo sysctl --system

安装Docker

yum install wget -y
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum -y install docker-ce
systemctl enable docker && systemctl start docker

配置Docker

cat > /etc/docker/daemon.json << EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"registry-mirrors": ["https://vydiw6v2.mirror.aliyuncs.com"]
}
EOF

systemctl restart docker

安装kubeadm，kubelet和kubectl

添加阿里yum源

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

sudo yum install -y kubelet-1.23.0 kubeadm-1.23.0 kubectl-1.23.0 --disableexcludes=kubernetes

sudo systemctl enable --now kubelet

以下命令在master主机上运行

初始化master

https://kubernetes.io/zh/docs/reference/setup-tools/kubeadm/kubeadm-init/
kubeadm init \
--apiserver-advertise-address=192.168.43.111 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.23.0 \
--service-cidr=10.96.0.0/12 \
--pod-network-cidr=10.244.0.0/16 \
--ignore-preflight-errors=all
vi /etc/profile
export KUBECONFIG=/etc/kubernetes/admin.conf
source /etc/profile

kubectl get nodes

以下命令在node主机上运行

执行master init之后的join命令

kubeadm join 192.16………..

重新获取join命令

kubeadm token create --print-join-command

master上安装容器网络

https://kubernetes.io/zh/docs/concepts/cluster-administration/networking/#how-to-implement-the-kubernetes-networking-model

wget https://projectcalico.docs.tigera.io/manifests/tigera-operator.yaml --no-check-certificate
wget https://projectcalico.docs.tigera.io/manifests/custom-resources.yaml --no-check-certificate

修改pod网络calicoNetwork

kubectl create -f tigera-operator.yaml
kubectl create -f custom-resources.yaml

验证

kubectl get pods -n kube-system

kubectl get nodes -o wide

测试集群

kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get pod,svc