kubeadm安装k8s单点（debian系统）

# 1. 安装docker

# 1.1 安装必要的系统工具

sudo apt-get update
sudo apt-get -y install apt-transport-https ca-certificates curl software-properties-common

1
2

# 1.2 安装GPG证书

 curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/debian/gpg | sudo apt-key add -

# 1.3 写入软件源信息

 sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/debian $(lsb_release -cs) stable"

# 1.4 更新并安装Docker-CE

sudo apt-get -y update
sudo apt-get -y install docker-ce

1
2

安装指定版本的Docker-CE

查找Docker-CE的版本:

apt-cache madison docker-ce
docker-ce | 17.03.1~ce-0~ubuntu-xenial | https://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
docker-ce | 17.03.0~ce-0~ubuntu-xenial | https://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages

1
2
3

安装指定版本的Docker-CE: (VERSION例如上面的17.03.1~ce-0~ubuntu-xenial)

 sudo apt-get -y install docker-ce=[VERSION]

# 1.5 配置docker

修改docker Cgroup Driver为systemd

# 将/usr/lib/systemd/system/docker.service文件中的这一行 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock 修改为 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd

# 如果不修改，在添加 worker 节点时可能会碰到如下错误
# [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/

sed -i "s#^ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd#g" /usr/lib/systemd/system/docker.service

1
2
3
4
5
6

# 1.6 启动docker

systemctl enable docker
systemctl start docker

1
2

重启命令

systemctl daemon-reload
systemctl restart docker

1
2

# 2.安装 k8s 前准备

# 2.1 关闭 swap

swapoff -a

# 2.2 修改 /etc/sysctl.conf

如果有配置，则修改

sed -i "s#^net.ipv4.ip_forward.*#net.ipv4.ip_forward=1#g"  /etc/sysctl.conf
sed -i "s#^net.bridge.bridge-nf-call-ip6tables.*#net.bridge.bridge-nf-call-ip6tables=1#g"  /etc/sysctl.conf
sed -i "s#^net.bridge.bridge-nf-call-iptables.*#net.bridge.bridge-nf-call-iptables=1#g"  /etc/sysctl.conf

1
2
3

可能没有，追加

echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf
echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf

1
2
3

执行命令以应用

sysctl -p

# 3. 安装k8s

# 3.1 配置K8S的yum源

apt-get update && apt-get install -y apt-transport-https
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update

1
2
3
4
5
6

# 3.2 安装 kubelet 和 kubeadm

apt-get install -y kubelet=1.18.8-00 kubeadm=1.18.8-00 kubectl=1.18.8-00

启动kubelet

systemctl enable kubelet && systemctl start kubelet

配置host

echo "172.30.64.4    xh01" >> /etc/hosts

# 3.3 kubeadm初始化

cat <<EOF > ./kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: v1.18.8
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
controlPlaneEndpoint: "172.30.64.4:6443"
networking:
  serviceSubnet: "172.30.128.0/24"
  podSubnet: "172.30.132.0/22"
  dnsDomain: "cluster.local"
EOF

kubeadm init --config=kubeadm-config.yaml --upload-certs

1
2
3
4
5
6
7
8
9
10
11
12
13

# 3.4 添加master

  kubeadm join 172.30.64.4:6443 --token uq21o6.oqeqagefmdz1gkq3 \
    --discovery-token-ca-cert-hash sha256:81114a72663bdd2c251e8cb98cbf104097e78c8e9d4beb9aff7b5577d70cfcf9 \
    --control-plane --certificate-key d50fc4bba6607b3b2a2f55f09e346f617dcbc50b377f265f730e97df67043b36

1
2
3

# 3.5 添加worker

kubeadm join 172.30.64.4:6443 --token uq21o6.oqeqagefmdz1gkq3 \
    --discovery-token-ca-cert-hash sha256:81114a72663bdd2c251e8cb98cbf104097e78c8e9d4beb9aff7b5577d70cfcf9

1
2

# 3.6 删除master 污点（可选）

kubectl taint node xh01 node-role.kubernetes.io/master-

上次更新: 2022/10/05, 15:51:58

← kubeadm安装k8s单点（centos系统） k8s单master集群部署→