k8s部署

1.1 配置主機名添加hosts解析

cat <<EOF >>/etc/hosts
> 192.168.252.1 master
> 192.168.252.2 node01
> EOF

1.2 關閉防火牆、selinux

systemctl stop firewalld

systemctl disable firewalld

setenforce 0

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

 

1.3 配置內核參數，將橋接的IPv4流量傳遞到iptables的鏈

cat > /etc/sysctl.d/k8s.conf <<EOF

net.bridge.bridge‐nf‐call‐ip6tables= 1

net.bridge.bridge‐nf‐call‐iptables= 1

EOF

 

1.4 配置國內yum源

yum install ‐y wget mkdir /etc/yum.repos.d/bak && mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak

wget ‐O /etc/yum.repos.d/CentOS‐Base.repo http://mirrors.cloud.tencent.com/repo/centos7_base.repo

wget ‐O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel‐7.repo

yum clean all && yum makecache

 

1.5 配置國內kubernetes源

cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF

安裝軟件

1.1 配置不檢查swap

vim /etc/sysconfig/kubelet

KUBELET_EXTRA_ARGS="‐‐fail‐swap‐on=false"
KUBE_PROXY_MODE=ipvs #讓集羣支持ipvs
ip_vs,ip_vs_rr,ip_vs_wrr,ip_vs_sh,nf_conntrack_ipv4

1.2 安裝相關軟件

yum install kubectl kubelet kubeadm
初始化
kubeadm init --kubernetes-version=1.18.0  --apiserver-advertise-address=0.0.0.0   --image-repository registry.aliyuncs.com/google_containers  --service-cidr=10.10.0.0/16 --pod-network-cidr=10.122.0.0/16 --ignore-preflight-errors=all
複製

1.3配置kubectl工具

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
 sudo chown $(id -u):$(id -g) $HOME/.kube/config
source <(kubectl completion bash)
kubectl get node

1.4安裝網絡插件

kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

1.5安裝kubernetes-dashboard

kubectl create -f recommended.yaml

1.6獲取到token進行登錄

建立 token
kubectl create sa dashboard-admin -n kube-system
受權token 訪問權限
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
獲取token
ADMIN_SECRET=$(kubectl get secrets -n kube-system | grep dashboard-admin | awk '{print $1}')
獲取dashboard.kubeconfig 使用token 值
DASHBOARD_LOGIN_TOKEN=$(kubectl describe secret -n kube-system ${ADMIN_SECRET} | grep -E '^token' | awk '{print $2}')
echo ${DASHBOARD_LOGIN_TOKEN}