参考 https://kubernetes.io/zh/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
使用阿里源:
cat << EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF# 将 SELinux 设置为 permissive 模式(相当于将其禁用)
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
systemctl enable --now kubelet一些 RHEL/CentOS 7 的用户曾经遇到过问题:由于 iptables 被绕过而导致流量无法正确路由的问题。您应该确保 在 sysctl 配置中的 net.bridge.bridge-nf-call-iptables 被设置为 1。
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --systemyum install -y yum-utils \
device-mapper-persistent-data \
lvm2
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
yum install docker-ce docker-ce-cli containerd.io
systemctl enable docker
systemctl start docker容器运行时 https://kubernetes.io/zh/docs/setup/production-environment/container-runtimes/
cat > /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["https://pneqngfi.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF# 重启 Docker
systemctl daemon-reload
systemctl restart docker初始化
kubeadm reset && systemctl start kubelet
kubeadm init \
--apiserver-advertise-address=192.168.1.10 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.17.3 \
--pod-network-cidr=192.168.0.0/16Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.1.10:6443 --token zj9sed.nsv0mr8ym228qpq6 \
--discovery-token-ca-cert-hash sha256:df276fa7c8551cb914deeb3a73c9705a5f77081c092e2dbd47c29a06a50f6ce8
安装calico3.10.2
wget https://docs.projectcalico.org/v3.10/manifests/calico.yaml
sed -i "s#192\.168\.0\.0/16#${POD_SUBNET}#" calico.yaml
kubectl apply -f calico.yaml测试环境使用单机集群,可以使用如下命令,让 master 上也可以有 pod
kubectl taint nodes --all node-role.kubernetes.io/master-关闭swap
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstabnode节点
kubeadm join 192.168.1.10:6443 --token zj9sed.nsv0mr8ym228qpq6 \
--discovery-token-ca-cert-hash sha256:df276fa7c8551cb914deeb3a73c9705a5f77081c092e2dbd47c29a06a50f6ce8 --ignore-preflight-errors=allhttps://blog.csdn.net/u012570862/article/details/80150988
来源:oschina
链接:https://my.oschina.net/u/160697/blog/3171846