kubernetes 1.15.1安装部署

标签：物理   each   -o   version   recycle   The   panic   install   address   

节点四台：master、node01、node02、harbor

设置系统主机名及host文件解析
#hostnamectl set-hostname k8s-master hostnamectl set-hostname k8s-node01 hostnamectl set-hostname k8s-node02

安装依赖包
#yum -y install conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget vim net-tools git

设置防火墙为iptables规则并设置空规则
#systemctl stop firewalld&&systemctl disable firewalld
#yum -y install iptables-services && systemctl start iptables && systemctl enable iptables && iptables -F && service iptables save

关闭SElinux
# swapoff -a && sed -i ‘/ swap / s/^\(.*\)$/#\1/g‘ /etc/fstab
#setenforce 0 && sed -I ‘s/^SELINUX=.*/SELINUX=disabled/‘ /etc/selinux/config

调整内核参数
#cat > kubernetes.conf << EOF
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
net.ipv4.tcp_tw_recycle=0
vm.swappiness=0 #禁止使用swap空间
vm.overcommit_memory=1 #不检查物理内存
vm.panic_on_oom=0
fs.inotify.max_user_instances=8192
fs.inotify.max_user_watches=1048576
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720
EOF

开机调用kubernetes.conf，并生效
#cp kubernetes.conf /etc/sysctl.d/kubernetes.conf
#sysctl -p /etc/sysctl.d/kubernetes.conf

调整系统时区-安装系统时选择上海，这步跳过
设置时区 中国/上海
#timedatectl set-timezone Asia/Shanghai
将当前UTC时间写入硬件时钟
#timedatectl set-local-rtc 0
重启依赖于系统时间的服务
#systemctl restart rsyslog
#systemctl restart crond

关闭系统邮件服务
#systemctl stop postfix&&systemctl disable postfix

设置系统日志服务rsyslogd和systemd journald
创建持久化目录
# mkdir /var/log/journal
创建journald配置文件
# mkdir /etc/systemd/journal.conf.d

#cat > /etc/systemd/journal.conf.d/99-prophet.conf <<EOF
[ Journal ]
#持久化保存到磁盘
Storage=persistent

#压缩历史日志
Compress=yes

SyncIntervalSec=5m
RateLimitInterval=30s
RateLimitBurst=1000

#最大占用空间
SystemMaxUse=10G

#单日志文件最大 200M
SystemMaxFileSize=200M

#日志保存时间
MaxRetentionSec=2week

#不讲日志转发到 syslog
ForwardToSyslog=no

EOF
#systemctl restart systemd-journald

升级系统内核为4.44版本
#rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm

查看 /boot/grub2/grub.cfg是否存在menuentry 中是否包含 initrd16配置，如果没有重新安装
#cat /boot/grub2/grub.cfg|grep initrd16

#yum --enablerepo=elrepo-kernel install -y kernel-lt

设置开几重启内核
#grub2-set-default ‘CentOS Linux (4.4.214-1.el7.elrepo.x86_64) 7 (core)‘
#reboot

检查下三台节点内核版本是否为4.44
#uname -r
4.4.214-1.el7.elrepo.x86_64

Kube-proxy开启ipvs前置条件
#modprobe br_netfilter
#cat > /etc/sysconfig/modules/ipvs.modules << EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF

#chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod |grep -e ip_vs -e nf_conntrack_ipv4

安装docker
#yum -y install yum-utils device-mapper-persistent-data lvm2

#yum-config-manager \
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

# yum update -y && yum install -y docker-ce

创建 /etc/docker 目录
#mkdir /etc/docker

#grub2-set-default ‘CentOS Linux (4.4.214-1.el7.elrepo.x86_64) 7 (core)‘&&reboot

设置docker启动，开机自启
# systemctl start docker && systemctl enable docker

创建 daemon.json 配置文件，将存储日志的方式改为为 json file 格式存储，方便日后从 /var/log/container/ 下查找容器日志，之后就可以从 efk 中搜索索引信息了
#cat > /etc/docker/daemon.json << EOF
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"exec-opts": ["native.cgroupdriver=systemd"], #centos7中有两种cgroup组（cgroupfx， cgroupdriver）是由systemd做隔离
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
}
}
EOF
#mkdir -p /etc/systemd/system/docker.service.d

#systemctl daemon-reload && systemctl restart docker && systemctl enable docker

安装kubeadm
#cat << EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
EOF

#yum -y install kubeadm-1.15.1 kubectl-1.15.1 kubelet-1.15.1
#systemctl enable kubelet

导入kubernetes系统镜像，本地资料中
# tar xf kubeadm-basic.images.tar.gz
批量导入镜像脚本
# vim docker-load.sh
#!/bin/bash

ls /root/rpm/kubeadm-basic.images > /root/docker-load-list.txt

cd /root/rpm/kubeadm-basic.images

for i in $(cat /root/docker-load-list.txt)
do
docker load -i $i
done
#chmod a+x docker-load.sh
#./docker-load.sh

在master节点操作，导出kubeadm-config.yaml配置文件
#kubeadm config print init-defaults > /etc/kubernetes/kubeadm-config.yaml
#vim kubeadm-config.yaml
第12行：advertiseAddress:192.168.1.11
第34行：kubernetesVersion: v1.15.1
第36行下增加：podSubnet: "10.244.0.0/16" #pod网段

初始化master
#kubeadm init --config=/etc/kubernetes/kubeadm-config.yaml --experimental-upload-certs | tee kubeadm-init.log

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.1.11:6443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:69540b24d9d2eaa4fd9a9d533bfde8c6520ce7586366fa9e35474e94553532ba

# mkdir -p $HOME/.kube
# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# chown $(id -u):$(id -g) $HOME/.kube/config
# echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
#source ~/.bash_profile

保留安装文件
#mkdir install-k8s
# mv /etc/kubernetes/kubeadm-config.yaml /etc/kubernetes/kubeadm-init.log /usr/local/kubernetes/install-k8s/

master安装flannel
#wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
# kubectl create -f kube-flannel.yml

没有镜像可以下载国内镜像，然后重新打标签，将镜像scp到node01和node02节点上，docker load即可
#docker pull lizhenliang/flannel:v0.11.0-amd64
#docker tag lizhenliang/flannel:v0.11.0-amd64 quay.io/coreos/flannel:v0.11.0-amd64

Node01和Node02节点加入k8s集群
#tail -5 /usr/local/kubernetes/install-k8s/kubeadm-init.log
#kubeadm join 192.168.1.11:6443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:69540b24d9d2eaa4fd9a9d533bfde8c6520ce7586366fa9e35474e94553532ba

kubernetes 1.15.1安装部署

标签：物理   each   -o   version   recycle   The   panic   install   address   

原文地址：https://www.cnblogs.com/houjunjun437416/p/12378425.html