K8s 安装:修订间差异

来自牛奶河Wiki
跳到导航 跳到搜索
第45行: 第45行:
  lsmod | grep overlay
  lsmod | grep overlay
  lsmod | grep br_netfilter
  lsmod | grep br_netfilter
=== 部署 Containerd ===
==== 创建容器工具 ====
wget https://github.com/opencontainers/runc/releases/download/v1.1.4/runc.amd64
install -m 755 runc.amd64 /usr/local/sbin/runc
==== 容器间网络通信 ====
wget https://github.com/containernetworking/plugins/releases/download/v1.2.0/cni-plugins-linux-amd64-v1.2.0.tgz
mkdir -p /opt/cni/bin
tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.2.0.tgz
==== Containerd ====
wget https://github.com/containerd/containerd/releases/download/v1.7.14/containerd-1.7.14-linux-amd64.tar.gz
tar Cxzvf /usr/local containerd-1.7.14-linux-amd64.tar.gz
wget https://raw.githubusercontent.com/containerd/containerd/main/containerd.service -o /usr/lib/systemd/system/containerd.service
systemctl daemon-reload && systemctl enable containerd
mkdir /etc/containerd
containerd config default > /etc/containerd/config.toml
cd /etc/containerd/
cp config.toml config.toml.orig
vi config.toml
  [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
    SystemdCgroup = true # false 修改为 true
  [plugins."io.containerd.grpc.v1.cri"]
    # sandbox_image = "registry.k8s.io/pause:3.8"
    sandbox_image = "registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.8"
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors]
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
    endpoint = ["http://mirrors.ustc.edu.cn"]
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."*"]
    endpoint = ["http://hub-mirror.c.163.com"]
systemctl restart containerd
netstat -nlput | grep containerd


=== kubernetes ===
=== kubernetes ===

2024年3月25日 (一) 17:34的版本

环境准备

  • 关闭 selinux 及 firewalld
  • 关闭 Swap

host

192.168.0.158   np0
192.168.0.229   np1
192.168.0.249   np2
192.168.0.148   np3

设置网桥参数

cat << EOF > /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
user.max_user_namespaces=28633
EOF

sysctl -p /etc/sysctl.d/99-kubernetes-cri.conf

配置支持 IPVS

加载 ip_vs 内核模块。kube-proxy 通过采用 iptables + ipset + ipvs 的方式实现为符合条件的 Pod 提供负载均衡。否则 kube-proxy 会退回到 iptables 模式。

cat > /etc/modules-load.d/ip_vs.conf << EOF 
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack_ipv4
EOF
modprobe ip_vs
modprobe ip_vs_rr
modprobe ip_vs_wrr
modprobe ip_vs_sh
modprobe nf_conntrack_ipv4

导入模块

cat << EOF > /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
modprobe overlay
modprobe br_netfilter
lsmod | grep overlay
lsmod | grep br_netfilter

部署 Containerd

创建容器工具

wget https://github.com/opencontainers/runc/releases/download/v1.1.4/runc.amd64
install -m 755 runc.amd64 /usr/local/sbin/runc

容器间网络通信

wget https://github.com/containernetworking/plugins/releases/download/v1.2.0/cni-plugins-linux-amd64-v1.2.0.tgz
mkdir -p /opt/cni/bin
tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.2.0.tgz

Containerd

wget https://github.com/containerd/containerd/releases/download/v1.7.14/containerd-1.7.14-linux-amd64.tar.gz
tar Cxzvf /usr/local containerd-1.7.14-linux-amd64.tar.gz

wget https://raw.githubusercontent.com/containerd/containerd/main/containerd.service -o /usr/lib/systemd/system/containerd.service
systemctl daemon-reload && systemctl enable containerd
mkdir /etc/containerd
containerd config default > /etc/containerd/config.toml
cd /etc/containerd/
cp config.toml config.toml.orig
vi config.toml
 [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
    SystemdCgroup = true	# false 修改为 true
 [plugins."io.containerd.grpc.v1.cri"]
    # sandbox_image = "registry.k8s.io/pause:3.8"
    sandbox_image = "registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.8"
 [plugins."io.containerd.grpc.v1.cri".registry.mirrors]
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
    endpoint = ["http://mirrors.ustc.edu.cn"]
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."*"]
    endpoint = ["http://hub-mirror.c.163.com"]
systemctl restart containerd
netstat -nlput | grep containerd

kubernetes

repo

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

kubelet kubeadm kubectl

# yum list kubelet --showduplicates

yum install kubelet kubeadm kubectl
systemctl enable kubelet

master

Node