私有云k8s一鍵部署

幾個關鍵點：

1. 把k8s部署須要的鏡像從mirrorgooglecontainers下下來，並打上k8s.gcr.io的tag
2. 注意部署網段，不要和宿主機的網段衝突
3. 注意更改hostname，防止一些不合法的字符以下劃線
4. 注意保持版本一直

echo "關閉docker 可能要花一點時間"
systemctl stop docker


echo "關閉緩存"
swapoff -a
# 編輯/etf/fstab
sed -e '/swap/ s/^#*/#/' -i /etc/fstab
mount -a
# 查看輸出
free -h

echo "關閉防火牆"
# 關閉防火牆
systemctl disable firewalld
systemctl stop firewalld
systemctl status firewalld

echo "關閉防火牆成功"

sleep 1

cat << EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

sysctl --system

sleep 1

# 添加一條規則
cat << EOF > /etc/sysctl.conf
net.ipv4.ip_forward = 1
EOF

# 生效配置
sysctl -p

##################################### 安裝docker
# 前置需求
#yum install -y  yum-utils device-mapper-persistent-data lvm2

## Add docker repository.
#yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

## Install docker.
#yum update && yum install docker-ce-17.06.0.ce-1.el7.centos

## Create /etc/docker directory.
#mkdir -p /etc/docker
#
#cat > /etc/docker/daemon.json <<EOF
#{
#"log-driver":"json-file",
#"log-opts":{"max-size":"1024m","max-file":"2"}
#}
#EOF
##################################### 安裝docker

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF


# 修改主機名， 主機名中不能含有下劃線，不然會報錯。
hn=`hostname`
# 將原來主機名中的下劃線改成-
new_hn="${hn//_/-}"
hostnamectl set-hostname $new_hn
#sed -i "s/$/ $new_hn/" /etc/hosts
sed -e  "s/$/ $new_hn/" -i  /etc/hosts

# 啓動docker服務
echo "啓動docker服務，可能花費較長時間"
systemctl start docker.service

# 從鏡像拉去Image，並改tag

docker pull mirrorgooglecontainers/kube-apiserver:v1.14.2
docker tag mirrorgooglecontainers/kube-apiserver:v1.14.2 k8s.gcr.io/kube-apiserver:v1.14.2
docker pull mirrorgooglecontainers/kube-controller-manager:v1.14.2  k8s.gcr.io/kube-controller-manager:v1.14.2
docker pull mirrorgooglecontainers/kube-controller-manager:v1.14.2
docker tag  mirrorgooglecontainers/kube-controller-manager:v1.14.2  k8s.gcr.io/kube-controller-manager:v1.14.2
docker pull mirrorgooglecontainers/kube-scheduler:v1.14.2
docker tag mirrorgooglecontainers/kube-scheduler:v1.14.2 k8s.gcr.io/kube-scheduler:v1.14.2
docker pull mirrorgooglecontainers/kube-proxy:v1.14.2
docker tag mirrorgooglecontainers/kube-proxy:v1.14.2 k8s.gcr.io/kube-proxy:v1.14.2
docker pull mirrorgooglecontainers/pause:3.1
docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.3.10
docker tag mirrorgooglecontainers/etcd:3.3.10 k8s.gcr.io/etcd:3.3.10
docker pull coredns/coredns:1.3.1
docker tag coredns/coredns:1.3.1 k8s.gcr.io/coredns:1.3.1

# Set SELinux in permissive mode (effectively disabling it)
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

# 這裏增長了對版本的控制
version=1.14.2
yum install -y kubelet-${version} kubeadm-${version} kubectl-${version} --disableexcludes=kubernetes

systemctl enable kubelet && systemctl start kubelet

#############################若是是master結點#######################################
kubeadm init --pod-network-cidr=10.20.0.0/16 --apiserver-advertise-address=Your_host_address

# 設置kubeconfig地址
export KUBECONFIG=/etc/kubernetes/admin.conf

# 設置rbac
kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml

# 下載calico.yaml
curl -O https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml

# 修改calico.yaml
# ！！！！這裏很關鍵，要把原來的CIDR換成一個和宿主機局域網不一樣的網段！！！！！
#            - name: CALICO_IPV4POOL_CIDR
#               value: "192.168.0.0/16"           ------------> 10.20.0.0/16

# 安裝網絡組件
kubectl apply -f calico.yaml


#############################若是是worker節點#######################################

kubeadm join 192.168.130.212:6443 --token 3csntd.vebwbj6pcy5nx6uw \
    --discovery-token-ca-cert-hash sha256:XXXXX