1.切换清华镜像站并更新数据源列表

参考:http://120.48.103.61/?p=115

2关闭swap

临时关闭:swapoff -a # 临时

永久关闭:注释/etc/fstab文件的最后一行:

3.安装docker

3.1安装依赖

sudo apt-get install ca-certificates curl gnupg lsb-release

3.2配置GPG密钥

sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg –dearmor -o /etc/apt/keyrings/docker.gpg

echo \
“deb [arch=$(dpkg –print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable” | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

3.3安装Docker组件

sudo apt-get update

sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin

4.开启IPv4转发

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF

sudo sysctl –system

5.安装cri-dockerd

Kubernetes在v1.24版本之后删除了dockershim,Docker不再是默认的容器运行时了,要想继续使用Docker运行时,需要安装cri-dockerd。

5.1下载软件包
直接从github下载速度较慢,这里使用了代理加速:

wget https://ghproxy.com/https://github.com/Mirantis/cri-dockerd/releases/download/v0.2.5/cri-dockerd_0.2.5.3-0.ubuntu-jammy_amd64.deb

5.2安装软件包

dpkg -i cri-dockerd_0.2.5.3-0.ubuntu-jammy_amd64.deb

5.3调整启动参数

sed -i -e ‘s#ExecStart=.*#ExecStart=/usr/bin/cri-dockerd –network-plugin=cni –pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.7#g’ /usr/lib/systemd/system/cri-docker.service

5.4设置开启自启动

systemctl daemon-reload
systemctl enable cri-docker

6安装Kubernetes
6.1安装依赖组件

sudo apt-get install -y apt-transport-https ca-certificates curl

6.2安装GPG密钥

sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg

echo “deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] http://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main” | sudo tee /etc/apt/sources.list.d/kubernetes.list

6.3安装Kubernetes

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl

6.4标记软件包,避免其自动更新。

sudo apt-mark hold kubelet kubeadm kubectl

6.5执行kubeadm init命令进行集群的初始化:

kubeadm init –image-repository registry.aliyuncs.com/google_containers \
–apiserver-advertise-address=192.168.1.8 \
–pod-network-cidr=10.0.0.0/16 \
–cri-socket /var/run/cri-dockerd.sock

完成初始化后将会看到以下输出信息,给出了需要执行的一些操作,以及集群Node节点加入集群的命令:

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run “kubectl apply -f [podnetwork].yaml” with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.1.880:6443 –token 5bfmzz.fvs4lcqyspm9n62s \
–discovery-token-ca-cert-hash sha256:2f3c6cc4904c3e659ec64851d6e7677eea8dce83b9e77d2dc70f752bfb3a339b

6.6 配置

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
echo “export KUBECONFIG=/etc/kubernetes/admin.conf” >> ~/.bash_profile
source ~/.bash_profile
chown $(id -u):$(id -g) $HOME/.kube/config

 

7.配置节点

根据主节点初始化集群的输出,在Worker节点执行以下命令将该节点加入Kubernetes集群:

kubeadm join 192.168.1.8:6443 –token dc4wxa.qar86v4pb1b2umvm \
–discovery-token-ca-cert-hash sha256:1df0074a2226ed1a56f53b9d33bf263c51d3794b4c4b9d6132f07b68592ac38a \
–cri-socket unix:///var/run/cri-dockerd.sock

未指定–cri-socket参数时,会出现以下错误:

Found multiple CRI endpoints on the host. Please define which one do you wish to use by setting the ‘criSocket’ field in the kubeadm configuration file: unix:///var/run/containerd/containerd.sock, unix:///var/run/cri-dockerd.sock

8.安装命令补全

8.1安装软件包

apt install bash-completion
8.2 添加配置
source /usr/share/bash-completion/bash_completion source <(kubectl completion bash) echo “source <(kubectl completion bash)” >> ~/.bashrc

9.安装网络组件

9.1master节点执行

kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

kubectl get pods -n kube-system -w

9.2 验证

kubectl get nodes
kubectl get componentstatuses
kubectl cluster-info
kubectl -n kube-system get pod

 

问题记录:

1.排查日志
安装过程中如果有任何问题,请仔细看清楚 kube init 之后的命令输出,另外就是查看 kubelet 以及 containerd 这两个服务的日志,下面是可能会用到的排查命令

journalctl -xeu containerd –no-page -f
journalctl -xeu kubelet –no-page -f

2.忘记token

使用命令重新生成

kubeadm token create –print-join-command