Centos 7.x 线上安装 Kubernetes

镜像下载、域名解析、时间同步请点击阿里云开源镜像站

安装依赖包

yum install -y conntrack ntpdate ntp ipvsadm ipset jq iptables curl systat libseccomp wget vim net-tools git iptables-services

关闭防火墙，为iptables设置规则

systemctl stop firewalld && systemctl disable firewalld && systemctl status firewalld
systemctl start iptables && systemctl enable iptables && iptables -F && service iptables save

关闭SWAP 和 SELINUX

swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config

调整内核参数，对于k8s

cat > /etc/sysctl.d/kubernetes.conf << EOF
net.bridge.bridge-nf-call-iptables=1   #&#x5F00;&#x542F;&#x7F51;&#x6865;&#x6A21;&#x5F0F;
net.bridge.bridge-nf-call-ip6tables=1   #&#x5F00;&#x542F;&#x7F51;&#x6865;&#x6A21;&#x5F0F;
net.ipv4.ip_forward=1
net.ipv4.tcp_tw_recycle=0
vm.swappiness=0        #&#x7981;&#x6B62;&#x4F7F;&#x7528; swap &#x7A7A;&#x95F4;, &#x53EA;&#x6709;&#x5F53;&#x7CFB;&#x7EDF; OOM &#x65F6;&#x624D;&#x5141;&#x8BB8;&#x4F7F;&#x7528;&#x5B83;
vm.overcommit_memory=1    #&#x4E0D;&#x68C0;&#x67E5;&#x7269;&#x7406;&#x5185;&#x5B58;&#x662F;&#x5426;&#x591F;&#x7528;
vm.panic_on_oom=0         #&#x5F00;&#x542F;OOM
fs.inotify.max_user_instances=8192
fs.inotify.max_user_watches=1048576
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1   #&#x5173;&#x95ED;IPV6&#x534F;&#x8BAE;
net.netfilter.nf_conntrack_max=2310720
EOF

sysctl -p /etc/sysctl.d/kubernetes.conf

调整系统时区

设置系统时区为 中国/上海
timedatectl set-timezone Asia/Shanghai

关闭系统不需要服务，postfix是邮件服务

systemctl stop postfix && systemctl disable postfix

设置rsyslogd 和 systemd journald

创建持久化保存日志目录
mkdir -p /var/log/journal
创建配置文件存放目录
mkdir -p /etc/systemd/journald.conf.d

创建配置文件
cat > /etc/systemd/journald.conf.d/99-prophet.conf << EOF
[Journal]
#&#x6301;&#x4E45;&#x5316;&#x4FDD;&#x5B58;&#x5230;&#x78C1;&#x76D8;
Storage=persistent
#&#x538B;&#x7F29;&#x5386;&#x53F2;&#x65E5;&#x5FD7;
Compress=yes
SyncIntervalSec=5m
RateLimitInterval=30s
RateLimitBurst=1000
#&#x6700;&#x5927;&#x5360;&#x7528;&#x7A7A;&#x95F4;10G
SystemMaxUse=10G
#&#x5355;&#x65E5;&#x5FD7;&#x6587;&#x4EF6;&#x6700;&#x5927;200M
SystemMaxFileSize=200M
#&#x65E5;&#x5FD7;&#x4FDD;&#x5B58;&#x65F6;&#x95F4;2&#x5468;
MaxRetentionSec=2week
#&#x4E0D;&#x5C06;&#x65E5;&#x5FD7;&#x8F6C;&#x53D1;&#x5230;syslog
ForwardToSyslog=no
EOF

&#x91CD;&#x542F;journald
systemctl restart systemd-journald

kube-proxy开启ipvs的前置条件

modprobe br_netfilter

cat > /etc/sysconfig/modules/ipvs.modules << EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF

chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4

安装 Docker 软件

配置daemon
cat > /etc/docker/daemon.json << EOF
{
    "exec-opts": ["native.cgroupdriver=systemd"],
    "log-driver": "json-file",
    "log-opts": {
        "max-size": "100m"
    }
}
EOF
&#x91CD;&#x542F;docker
systemctl daemon-reload && systemctl restart docker

安装 Kubeadm （主从配置）

配置yum源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
&#x5B89;&#x88C5; kubeadm &#x521D;&#x59CB;&#x5316;&#x5DE5;&#x5177;&#xFF0C;kubectl &#x547D;&#x4EE4;&#x884C;&#x7BA1;&#x7406;&#x5DE5;&#x5177;&#xFF0C;kubelet
yum -y install kubeadm-1.15.1 kubectl-1.15.1 kubelet-1.15.1
&#x8BBE;&#x7F6E;&#x5F00;&#x673A;&#x81EA;&#x542F;
systemctl enable kubelet

初始化主节点

注意：
1.advertiseAddress需要更换为master服务器的ip地址

打印默认的初始化文件，打印到kubeadm-init.yaml
kubeadm config print init-defaults > kubeadm-init.yaml
修改
cat > kubeadm-init.yaml << EOF
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
  - system:bootstrappers:kubeadm:default-node-token
  token: abcdef.0123456789abcdef
  ttl: 24h0m0s
  usages:
  - signing
  - authentication
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: xx.xx.xx.xx   # master&#x8282;&#x70B9;&#x7684;IP&#x5730;&#x5740;
  bindPort: 6443
nodeRegistration:
  criSocket: /var/run/dockershim.sock
  name: master
  taints:
  - effect: NoSchedule
    key: node-role.kubernetes.io/master
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
featureGates:
  SupportIPVSProxyMode: true
mode: ipvs
EOF
&#x542F;&#x52A8;
kubeadm init --config=kubeadm-init.yaml | tee kubeadm-init.log

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

mkdir -p /root/install-k8s/core
mv /root/kubeadm-init.* /root/install-k8s/core

安装 flannel

mkdir -p /root/install-k8s/plugin/flannel
cd /root/install-k8s/plugin/flannel
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f /root/install-k8s/plugin/flannel/kube-flannel.yml

本文转自：https://blog.csdn.net/weixin_45456679/article/details/123423237

Original: https://www.cnblogs.com/helong-123/p/16053466.html
Author: 萌褚
Title: Centos 7.x 线上安装 Kubernetes