hello云胜

技术与生活

0%

发表于

服务器需要能够访问公网!!!

1、关闭防火墙

1
systemctl stop firewalld.service

2、关闭selinux

1
setenforce 0

3、关闭swap

1
2
3
4
5
6
7
8
9
10
11
12
13
swapoff -a  //临时关闭

vi /etc/fstab
#
# /etc/fstab
# Created by anaconda on Wed Jan  3 16:46:39 2024
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=cd2a9e51-6f72-410b-997c-9d660e67c409 /boot                   xfs     defaults        0 0
#/dev/mapper/centos-swap swap                    swap    defaults        0 0     //注释这行,永久关闭swap

4、添加主机名与ip对应关系

1
2
3
4
5
6
vi /etc/hosts

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
1x.xx.243.208 testljcspt-paas04
1x.xx.243.205 apiserver.cluster.local  //添加master解析

5、添加/etc/sysctl.d/k8s.conf,将桥接的流量传递到iptables的链

1
2
3
4
vi /etc/sysctl.d/k8s.conf

net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

6、添加yum阿里云docker-ce仓库

1
2
3
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

yum list docker-ce --showduplicates | sort -r    //查看docker-ce所有版本

7、添加yum阿里云kubernetes仓库

1
2
3
4
5
6
7
8
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

8、安装docker

1
yum install docker-ce-19.03.0-3.el7 docker-ce-cli-19.03.0-3.el7 -y

安装可能出现报错缺少container-selinux,解决:

1
2
3
4
5
yum install policycoreutils-python

wget http://mirror.centos.org/centos/7/extras/x86_64/Packages/container-selinux-2.119.1-1.c57a6f9.el7.noarch.rpm

rpm -ivh container-selinux-2.119.1-1.c57a6f9.el7.noarch.rpm

9、安装socat

1
yum install -y socat

10、安装kubectl、kubelet、kubeadm

1
yum install -y kubelet-1.18.8-0 kubectl-1.18.8-0 kubeadm-1.18.8-0

11、复制master上的cni文件到新节点

1
2
3
4
5
6
7
8
9
10
11
//在新节点新增文件夹

mkdir -p /etc/cni/net.d

//在master上copy cni文件
scp 10-calico.conflist 1x.xx.243.208:/etc/cni/net.d/
scp calico-kubeconfig 1x.xx.243.208:/etc/cni/net.d/

//拷贝master上的文件
scp /opt/cni/bin/calico 1x.xx.243.208:/opt/cni/bin/
scp /opt/cni/bin/calico-ipam 1x.xx.243.208:/opt/cni/bin/

12、新节点加入集群

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
//在master节点和新节点都修改cgroup驱动为cgroup,k8s默认systemd
vi /etc/systemd/system/kubelet.service.d/10-kubeadm.conf

//添加
Environment="KUBELET_CGROUP_ARGS=--cgroup-driver=cgroup"

//执行
systemctl daemon-reload

//在master执行
kubeadm token create --print-join-command
//执行完成终端打印
W0123 14:21:19.978841   10721 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
kubeadm join apiserver.cluster.local:6443 --token t4d0l0.fxaxj7w33fy3pvbg     --discovery-token-ca-cert-hash sha256:0f6506f557a6f97719bfad6c1f5e2d1617f78e177d4368effd3ac8dd5b6e429d

//在新节点执行
kubeadm join apiserver.cluster.local:6443 --token t4d0l0.fxaxj7w33fy3pvbg     --discovery-token-ca-cert-hash sha256:0f6506f557a6f97719bfad6c1f5e2d1617f78e177d4368effd3ac8dd5b6e429d