安装docker
# 每台即将加入集群的机子
sudo apt-get update
sudo apt-get -y install apt-transport-https ca-certificates curl software-properties-common
# step 2: 安装GPG证书
curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
# Step 3: 写入软件源信息
sudo add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
apt-get update && apt-get install docker-ce=18.06.0~ce~3-0~ubuntu
# Setup daemon.
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
mkdir -p /etc/systemd/system/docker.service.d
# Restart docker.
systemctl daemon-reload
systemctl restart docker
安装k8s依赖
sudo apt-get update
sudo apt-get install -y socat ebtables
从(https://packages.cloud.google.com/apt/dists/kubernetes-xenial/main/binary-amd64/Packages)找到对应包名Filename,利用(https://packages.cloud.google.com/apt/pool/ + Filename)下载
dpkg -i cri-tools_1.12.0-00_amd64.deb
dpkg -i kubernetes-cni_0.6.0-00_amd64.deb
dpkg -i kubelet_1.13.0-00_amd64.deb
dpkg -i kubectl_1.13.0-00_amd64.deb
dpkg -i kubeadm_1.13.0-00_amd64.deb
# 查看对应版本k8s所需镜像
v1.13.0 =
# 需要通过代理拉取镜像
# 命令导到本地
# 每个node节点都导入镜像,或者将镜像到国内可获取的镜像库(推荐阿里云容器镜像服务)
# 导入镜像
docker load -i apiserver-v1.13.0.tar
docker load -i controller-manager-v1.13.0.tar
docker load -i coredns-1.2.6.tar
docker load -i etcd-3.2.24.tar
docker load -i pause-3.1.tar
docker load -i proxy-v1.13.0.tar
docker load -i scheduler-v1.13.0.tar
# calico
docker load -i calico-cni-v3.3.0.tar
docker load -i calico-node-v3.3.0.tar
docker load -i calico-typha-v3.3.0.tar
# init-config.yaml
# 参数查看详情 https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1
apiVersion: kubeadm.k8s.io/v1beta1
bootstrapTokens:
groups:
system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
signing
authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: "10.0.0.181"
bindPort: 6443
nodeRegistration:
criSocket: /var/run/dockershim.sock
name: ip-10-0-0-181.cn-northwest-1.compute.internal
kubeletExtraArgs:
aws :
taints:
effect: NoSchedule
key: node-role.kubernetes.io/master
---
apiServer:
extraArgs:
aws :
certSANs:
"52.82.19.227"
"ec2-52-82-19-227.cn-northwest-1.compute.amazonaws.com.cn"
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta1
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: ""
controllerManager:
extraArgs:
aws :
dns:
type: CoreDNS
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.cn-hangzhou.aliyuncs.com/common-wjx
kind: ClusterConfiguration
kubernetesVersion: v1.13.0
networking:
dnsDomain: cluster.local
podSubnet: "10.100.0.1/24"
serviceSubnet: "10.96.0.0/12"
scheduler: {}
imageRepository改成代理镜像库或者你自己的镜像库
# 非或不想使用云服务提供的能力可以删除该配置,其他云服务配置需要自行查询
extraArgs:
cloud-provider: aws
启动k8s集群
# 关闭交换内存
# sudo vim /etc/default/kubelet
KUBELET_EXTRA_ARGS=--fail-swap-on=false
kubeadm init --config=init-config.yaml
kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml
kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml
开启master可调度
kubectl get nodes
kubectl taint nodes --all node-role.kubernetes.io/master-
添加节点到集群
apiVersion: kubeadm.k8s.io/v1beta1
kind: JoinConfiguration
discovery:
bootstrapToken:
token: bibnz8.e9cbyjmfheaxp14q
apiServerEndpoint: "172.31.2.165:6443"
caCertHashes:
"sha256:2e09e881a71c9a91a507697965ee49e1593622f838bf8301230511444f1cfa73"
nodeRegistration:
name: <Private DNS of worker node>
kubeletExtraArgs:
aws :
kubeadm join 172.31.2.165:6443 --token bibnz8.e9cbyjmfheaxp14q --discovery-token-ca-cert-hash sha256:2e09e881a71c9a91a507697965ee49e1593622f838bf8301230511444f1cfa73 --ignore-preflight-errors=Swap
删除集群中节点
kubectl drain node_name --delete-local-data
kubectl delete node node_name
删除集群
# 删除
kubeadm reset
iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X
故障排查
# https://kubernetes.io/docs/setup/independent/troubleshooting-kubeadm/
# https://github.com/coredns/coredns/tree/master/plugin/loop#troubleshooting-loops-in-kubernetes-clusters
sudo vim /etc/resolvconf/resolv.conf.d/tail
nameserver 127.0.0.53
sudo /etc/init.d/resolvconf restart