侧边栏壁纸
博主头像
爱运维 博主等级

行动起来,活在当下

  • 累计撰写 197 篇文章
  • 累计创建 143 个标签
  • 累计收到 21 条评论

目 录CONTENT

文章目录
K8S

kubeadm创建高可用集群

Administrator
2020-08-16 / 0 评论 / 0 点赞 / 8 阅读 / 0 字

机器列表

lb
192.168.88.190
nginx
k8s-m1
192.168.88.191
master
k8s-m2
192.168.88.192
master
k8s-m3
192.168.88.193
master
k8s-n1
192.168.88.194
node

LB搭建(4层代理)

####开启内核转发
echo 'net.ipv4.ip_forward=1'>>/etc/sysctl.conf
sysctl -p

yum install -y nginx

### /etc/nginx/nginx.conf添加如下配置文件
stream {   
    upstream app_server{
          server 192.168.88.191:6443;
          server 192.168.88.192:6443;
          server 192.168.88.193:6443;
      }
    server {
        listen 6443;
        proxy_pass app_server;
    }
}

###启动
systenctl start nginx
systenctl enable nginx

安装docker,kubeadmin,kubectl,kubelet

k8s所有机器执行
#####安装docker,用阿里云,快
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sudo yum makecache fast
sudo yum -y install docker-ce
sudo service docker start
docker version

#####设置docker加速器
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://pxbbclyd.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

####安装kubeadm,用阿里云快
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

yum install -y kubelet kubeadm kubectl

swapoff -a

安装第一个master节点

kubeadm init --control-plane-endpoint "192.168.88.190:6443" \
  --pod-network-cidr=10.244.0.0/16 --upload-certs \
  --apiserver-advertise-address 192.168.88.191 \
  --image-repository registry.aliyuncs.com/google_containers \
  --kubernetes-version 1.18.1
##############执行无错输出如下

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:
  #####添加config配置文件
  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of the control-plane node running the following command on each as root:
    ## master节点添加命令
    kubeadm join 192.168.88.190:6443 --token jf0oj0.wapfnf2wz0nbbepd \
    --discovery-token-ca-cert-hash sha256:545523bda3b4a6f8aecafd81f89df1e42ecd9fbb31ff65968058e9e303c3c5cd \
    --control-plane --certificate-key 1b9bc46cfc15f49046d8925e4b9cfe7f98bdaaafd949a715e3668b8425c8c6af

Please note that the certificate-key gives access to cluster sensitive data, keep it secret!
As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use
"kubeadm init phase upload-certs --upload-certs" to reload certs afterward.

Then you can join any number of worker nodes by running the following on each as root:
    ####node节点添加命令
kubeadm join 192.168.88.190:6443 --token jf0oj0.wapfnf2wz0nbbepd \
    --discovery-token-ca-cert-hash sha256:545523bda3b4a6f8aecafd81f89df1e42ecd9fbb31ff65968058e9e303c3c5cd 

安装flannel

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

添加其余master节点

kubeadm join 192.168.88.190:6443 --token jf0oj0.wapfnf2wz0nbbepd \
    --discovery-token-ca-cert-hash sha256:545523bda3b4a6f8aecafd81f89df1e42ecd9fbb31ff65968058e9e303c3c5cd \
    --control-plane --certificate-key 1b9bc46cfc15f49046d8925e4b9cfe7f98bdaaafd949a715e3668b8425c8c6af
如果--certificate-key过期,默认2小时过期
kubeadm init phase upload-certs --upload-certs

node节点添加

kubeadm join 192.168.88.190:6443 --token jf0oj0.wapfnf2wz0nbbepd \
    --discovery-token-ca-cert-hash sha256:545523bda3b4a6f8aecafd81f89df1e42ecd9fbb31ff65968058e9e303c3c5cd 
0

评论区