前言
很早就知道大家在使用,現在也是現在的主流技術,雖然很想接觸與使用,但因為公司規模沒有大到需要使用,甚至許多老公司也並未考慮使用該服務,所以身為一個技術宅,我能做的也只有自己建一套來玩玩了(´;ω;`)
以上內容在原廠的文件中皆有提及,我僅將其把過程統整
連結在此
本次安裝有許多怪怪的問題發生,所以就一起把它提出來啦~
本次系統規格
| Hostname |
System |
Memory |
Disk |
| k8s-master |
Ubuntu 22.04 LTS |
8GB |
50GB |
| k8s-worker1 |
Ubuntu 22.04 LTS |
8GB |
50GB |
Step 1: 更新
Step 2: 關閉SWAP
1
2
| swapoff -a
sed -i '/swap/d' /etc/fstab
|
Step 3: 新增Kernel Parameters
1
2
3
4
5
6
| sudo tee /etc/modules-load.d/containerd.conf <<EOF
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
|
and
1
2
3
4
5
| sudo tee /etc/sysctl.d/kubernetes.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
|
Step 4: Sysctl setting & reload
- 設定sysctl
1
2
3
4
5
6
7
8
9
|
cat >>/etc/sysctl.d/kubernetes.conf<<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl --system
|
Step 5: install containerd runtime
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt -qq update >/dev/null 2>&1
apt install -qq -y containerd.io >/dev/null 2>&1
containerd config default >/etc/containerd/config.toml
vim /etc/containerd/config.toml
''
SystemdCgroup = True
''
systemctl restart containerd
systemctl enable containerd >/dev/null 2>&1
|
Step 6: install kubernetes
※註:這邊很容易出錯,所以建議參照原廠文件操作
1
2
3
4
5
6
7
8
9
| curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
sudo systemctl enable --now kubelet
|
Step 7: Initialize Kubernetes Cluster with Kubeadm(Master only)
初始化 kubernetes cluster
- –apiserver-advertise-address Cluster 用於和其他node溝通用的IP,Master IP
- –pod-network-cidr pod network 網卡範圍IP
1
| kubeadm init --apiserver-advertise-address=192.168.50.10(master IP) --pod-network-cidr=10.244.0.0/16(flannel default IP)
|
※注意,初始化完成後會產生 Token 和 Token-ca-cert-hash 這個要記得,稍後會用上
1
2
3
| ....
kubeadm join ip:6443 --token p6vecd.hlipzx6b2vhep7st \
--discovery-token-ca-cert-hash sha256:d4463dc6b42d5a2sabda199cce041d18d39a70acc1b479ebv728b0076768
|
Step 8: 配置.kube
1
2
3
| mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
|
Step 9: 加入 Nodes
將前面初始化時提供的 kubeadm join貼到node主機上即可
1
2
| kubeadm join 192.168.50.10:6443 --token gt7hq1.ylpsk4yzlrueawcw \
--discovery-token-ca-cert-hash sha256:5810ec4d9ef094f187ecbb27502db26ae35fb5b290e82bd588f4631f1b4d4b76
|
Step 10: 檢查狀態
1
2
| kubectl get nodes
kubectl get pods -A
|
Shell 自動補齊
透過以下指另,可以將kubectl命令自動補齊
1
2
| source <(kubectl completion bash)>
echo "source <(kubectl completion bash)" >> ~/.bashrc
|
部屬Pod Network 網路
依照 https://kubernetes.io/docs/concepts/cluster-administration/addons/ 有很多種部屬方式,本次選擇 overlay 的方式。
flannel (overlay) 方法如下:
1
2
|
wget https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
|
確認yml檔中的網路設置,確保與 –pod-network-cidr 依樣
1
2
3
4
5
6
7
| net-conf.json: |
{
"Network": "10.244.0.0/16",
"Backend": {
"Type": "vxlan"
}
}
|
執行
1
| kubectl apply -f kube-flannel.yml
|
註: apply雖然可以建立 pod,和Create又不太一樣,這點有空後面在來說
網路配置完成之後,我們可以來檢查一下pod狀態是否正常,以確認設定和配置都沒問題(尤其是Coredns和flannel)
做到這一步基本上我們Cluster已經完成了接下來可以把Worker加進來了
添加 Worker很快很簡單,確定worker環境也準備好之後,使用join加入
1
2
| kubeadm join 192.168.50.10:6443 --token p6vecd.hlipzx6b2vhep7st \
--discovery-token-ca-cert-hash sha256:d4463dc6b42d5a2sabda199cce041d18d39a70acc1b479ebv728b0076768
|
都設置好之後可以在 MASTER 上查看 cluster狀態
也可以透過以下指令查看cluster狀態
