《Kubernetes权威指南》学习笔记第一篇-kubeadm安装

1、k8s集群安装软硬件环境

摘抄的网上资料大的一个配置图
11vm4
我自己的配置受限于环境,低于上面推荐配置,但我觉得应该也可以,先试一试

host ip role cpu ram
node155 192.168.0.155 master 2core 4G
node156 192.168.0.156 node 2core 2G
node157 192.168.0.157 node 2core 2G

2、kubeadm方式安装

以下操作所有节点均需要
安装前请在三节点禁用防火墙、selinux、swap以及部署docker-ce
添加kubernetes的yum源
cat /etc/yum.repos.d/kubernetes.repo

[kubernetes]
name=Kubernetes Repository
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0

yum -y install kubeadm kubelet kubectl --disableexclude=kubernetes
看一下安装的版本,返回的结果是1.19,说明当时我部署的时候这三个工具最新版本为1.19

2、kubeadm config

以下操作所有节点均需要
kubeadm将配置文件以configMap的形式保存至集群,可以方便后面的查询升级,同时kubeadm config命令提供了处理配置文件到集群的各种功能

先获取kubeadm默认初始化参数文件
kubeadm config print init-defaults > init.defaults.yaml
mv init.defaults.yaml init-config.yaml

cat init-config.yaml

apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
imageRepository: registry.aliyuncs.com/google_containers
kubernetesVersion: v1.19.0
networking:
  podSubnet: 192.168.0.0/16

拉取镜像
kubeadm config images pull --config=init-config.yaml

3、master安装

node155上
kubeadm init -config=init-config.yaml
会出现提示

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.0.155:6443 --token hfbg9j.bn1c53eab5c2elyd
--discovery-token-ca-cert-hash sha256:14a972d55063caafcf7d31299b4c999a29ceec6324fe39fa12fbbb63acb81b0e

复制配置文件到普通用户的home目录

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config 

前面提到过kubeadm可以加载配置文件到集群中,现在可以使用kubectl来查询
kubectl get -n kube-system configmap 可以看到生成了kubeadm-config

4、node安装

node156 node157
cat join-config.yaml

apiVersion: kubeadm.k8s.io/v1beta2
kind: JoinConfiguration
discovery:
  bootstrapToken:
    apiServerEndpoint: 192.168.0.155:6443
    token: hfbg9j.bn1c53eab5c2elyd
    unsafeSkipCAVerification: true
  tlsBootstrapToken: hfbg9j.bn1c53eab5c2elyd

加入节点
kubeadm join --config=join-config.yaml
出现如下提示

This node has joined the cluster:

  • Certificate signing request was sent to apiserver and a response was received.
  • The Kubelet was informed of the new secure connection details.

当然在添加node时可能会碰到如下错误

[ERROR FileContent--proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables contents are not set to 1

解决方式:
echo "1" >/proc/sys/net/bridge/bridge-nf-call-iptables

5、安装网络插件

node155操作
来查看集群节点
kubectl get nodes
发现所有节点都处于notready状态,这是因为集群没有安装可用网络,可以使用下面的命令一键安装weave插件
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

6、验证集群安装完成

node155操作
kubectl get pods --all-namespaces
显示

kube-system   coredns-6d56c8448f-g6zk6          1/1     Running             0          91m
kube-system   coredns-6d56c8448f-zrdgw          1/1     Running             0          91m
kube-system   etcd-node155                      1/1     Running             0          91m
kube-system   kube-apiserver-node155            1/1     Running             0          91m
kube-system   kube-controller-manager-node155   1/1     Running             0          91m
kube-system   kube-proxy-fhg7j                  1/1     Running             0          91m
kube-system   kube-proxy-gqn8f                  1/1     Running             0          35m
kube-system   kube-proxy-zwh7j                  1/1     Running             0          20m
kube-system   kube-scheduler-node155            1/1     Running             0          91m
kube-system   weave-net-bvfg8                   0/2     ContainerCreating   0          7m48s
kube-system   weave-net-gq9c9                   2/2     Running             0          7m48s
kube-system   weave-net-k92zn                   2/2     Running             0          7m48s

上面有一个错误,pod没有成功创建,可以使用下面命令查看
kubectl --namespace=kube-system describe pod weave-net-bvfg8
显示

Warning Failed 13m kubelet Failed to pull image "docker.io/weaveworks/weave-kube:2.7.0": rpc error: code = Unknown desc = context canceled
Warning Failed 13m kubelet Error: ErrImagePull
Normal Pulling 13m kubelet Pulling image "docker.io/weaveworks/weave-npc:2.7.0"
Normal Pulling 6m39s (x2 over 17m) kubelet Pulling image "docker.io/weaveworks/weave-kube:2.7.0"
Warning Failed 6m39s kubelet Failed to pull image "docker.io/weaveworks/weave-npc:2.7.0": rpc error: code = Unknown desc = context canceled

有两个镜像拉取失败了,使用如下命令来获取是哪个node没有成功拉取镜像
kubectl get nodes
显示

NAME      STATUS     ROLES    AGE   VERSION
node155   Ready      master   99m   v1.19.3
node156   Ready      <none>   43m   v1.19.3
node157   NotReady   <none>   28m   v1.19.3

node157状态异常,说明是这个节点
可以手动去该节点拉取
docker pull docker.io/weaveworks/weave-npc:2.7.0
docker pull docker.io/weaveworks/weave-kube:2.7.0