Kubeadm快速安装 Kubernetes集群

1. Kubernetes简介

Kubernetes（k8s）是谷歌开源的容器编排平台，用于自动化部署、扩展和管理容器化应用程序。它具有以下特点：

• 开源
• 容器化
• 自动部署
• 扩展
• 高可用

2. Kubernetes架构

Kubernetes遵循主从式架构设计，主要分为工作节点（Node）组件和控制平面组件。

2.1 控制平面组件

• Kubernetes Master：集群的主要控制单元，用于管理工作负载并指导整个系统的通信。
• Kube-APIServer：提供集群网关，是整个集群的控制中枢。
• Scheduler：负责资源调度，将Pod调度到对应的主机上。
• Controller Manager：负责维护集群的状态，如故障检测、内存垃圾回收等。
• etcd：用于可靠的存储集群的配置数据，是一种持久性、轻量型、分布式的键值数据存储组件。

2.2 工作节点组件

• Kubelet：在Node节点上运行，负责维护Pod的生命周期。
• Kube-Proxy：负责为服务提供集群内部的服务发现和应用的负载均衡。
• 容器运行时：如Docker，负责镜像管理和Pod和容器的真正运行。

3. 为什么需要Kubernetes

随着容器化项目的增多，管理容器变得越来越复杂，Kubernetes提供了以下优势：

• 自动化部署和回滚
• 扩缩容
• 服务发现和负载均衡
• 隔离环境
• 统一配置管理

4. Kubeadm快速安装Kubernetes集群

Kubeadm是Kubernetes官方提供的集群安装工具，可以快速安装和初始化Kubernetes集群。

1.实验环境

主机名	IP地址	操作系统	主要软件
k8s-master	192.168.10.101	CentOS 7.9	Docker CE, Kube-apiserver, Kube-controllermanager, Kubescheduler, Kubelet ,Etcd， Kube-proxy
k8s-node01	192.168.10.102	CentOS 7.9	Docker CE, Kubectl, Kube-proxy, Calico
k8s-node02	192.168.10.103	CentOS 7.9	Docker CE, Kubectl, Kube-proxy Calico

2.基础环境准备（三台主机都需要执行）

升级内核

# 删除现有的yum仓库配置文件
rm -rf /etc/yum.repos.d/*# 添加CentOS Base仓库
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo# 添加EPEL仓库
curl -o /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo# 清除yum缓存
yum clean all# 更新系统
yum -y update# 升级系统
yum -y upgrade# 导入elrepo的GPG密钥
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org# 安装elrepo仓库
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-4.el7.elrepo.noarch.rpm# 启用elrepo仓库并安装最新的Linux内核
yum --enablerepo=elrepo-kernel install -y kernel-ml-devel kernel-ml# 设置默认内核启动顺序
grub2-set-default 0# 重启系统
reboot

3：部署docker环境（三台主机都需要）

可以去看这个文章01 Docker概念和部署-CSDN博客https://blog.csdn.net/qq_51678989/article/details/142024581?spm=1001.2014.3001.5501

4：部署Kubernetes集群

（1）配置三台主机的主机名

主机一

hostnamectl set-hostname k8s-master
bash

 主机二

hostnamectl set-hostname k8s-node01
bash

主机三

hostnamectl set-hostname k8s-node02
bash

（2） 在三台主机上绑定hosts

cat <<EOF>>/etc/hosts
192.168.10.101 k8s-master
192.168.10.102 k8s-node01
192.168.10.103 k8s-node02
EOF

(3) 关闭交换分区 

swapoff -a
sed -i '/swap/s/^/#/' /etc/fstab

(4) 在三台主机上安装常用软件 

yum -y install vim wget net-tools  lrzsz

(5) 配置kubarnetes的YUM源三台主机都要配置 

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpgrrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.al
EOF

（6）安装kubelet，kubeadm，kubectl

yum -y install kubelet-1.23.0 kubeadm-1.23.0 kubectl-1.23.0

（8）生产初始化配置文件（只在mater节点修改） 

[root@k8s-master ~]# kubeadm config print init-defaults > init-config.yaml
[root@k8s-master ~]# vim init-config.yaml apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:- system:bootstrappers:kubeadm:default-node-tokentoken: abcdef.0123456789abcdefttl: 24h0m0susages:- signing- authentication
kind: InitConfiguration
localAPIEndpoint:advertiseAddress: 192.168.10.101                //端口bindPort: 6443
nodeRegistration:criSocket: /var/run/dockershim.sockimagePullPolicy: IfNotPresentname: k8s-master                            //名字taints: null
---
apiServer:timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:local:dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: 1.23.0
networking:dnsDomain: cluster.localserviceSubnet: 10.96.0.0/12podSubnet: 10.244.0.0/16         //增加访问地址
scheduler: {}

（9）导入镜像

链接: 百度网盘 请输入提取码 提取码: rmgq 复制这段内容后打开百度网盘手机App，操作更方便哦

（10）初始化

[root@k8s-master ~]# kubeadm init --config=init-config.yaml
kubeadm join 192.168.10.101:6443 --token abcdef.0123456789abcdef \--discovery-token-ca-cert-hash sha256:ec16f88acf12c7186e5fa237ab03615b3b2bedd212080aee087ddea1933b6942 
看见这个算初始化成功

(11) 让其他节点加入

node1
[root@k8s-node01 ~]# kubeadm join 192.168.10.101:6443 --token abcdef.0123456789abcdef \
> --discovery-token-ca-cert-hash sha256:ec16f88acf12c7186e5fa237ab03615b3b2bedd212080aee087ddea1933b6942node2
[root@k8s-node02 ~]# kubeadm join 192.168.10.101:6443 --token abcdef.0123456789abcdef \
> --discovery-token-ca-cert-hash sha256:ec16f88acf12c7186e5fa237ab03615b3b2bedd212080aee087ddea1933b6942 

（12）配置环境

[root@k8s-master ~]#  mkdir -p $HOME/.kube
[root@k8s-master ~]#  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
[root@k8s-master ~]#  export KUBECONFIG=/etc/kubernetes/admin.conf

（13）导入calico.yaml包

已经下载好的

链接: 百度网盘 请输入提取码 提取码: 7a67 复制这段内容后打开百度网盘手机App，操作更方便哦

官网获取

wget https://docs.projectcalico.org/manifests/calico.yaml

（14） 部署 Calico 网络

[root@k8s-master ~]# kubectl apply -f calico.yaml 
[root@k8s-master ~]# kubectl get pod -A
NAMESPACE     NAME                                       READY   STATUS    RESTARTS   AGE
kube-system   calico-kube-controllers-64cc74d646-l2d94   1/1     Running   0          28s
kube-system   calico-node-697r4                          1/1     Running   0          28s
kube-system   calico-node-cl4n9                          1/1     Running   0          28s
kube-system   calico-node-xzgjr                          1/1     Running   0          28s
kube-system   coredns-6d8c4cb4d-9fsq7                    1/1     Running   0          11m
kube-system   coredns-6d8c4cb4d-l8wr4                    1/1     Running   0          11m
kube-system   etcd-k8s-master                            1/1     Running   0          11m
kube-system   kube-apiserver-k8s-master                  1/1     Running   0          11m
kube-system   kube-controller-manager-k8s-master         1/1     Running   0          11m
kube-system   kube-proxy-97rxx                           1/1     Running   0          9m24s
kube-system   kube-proxy-kd5fz                           1/1     Running   0          10m
kube-system   kube-proxy-t75pz                           1/1     Running   0          11m
kube-system   kube-scheduler-k8s-master                  1/1     Running   0          11m
[root@k8s-master ~]# kubectl get nodes
NAME         STATUS   ROLES                  AGE     VERSION
k8s-master   Ready    control-plane,master   12m     v1.23.0
k8s-node01   Ready    <none>                 11m     v1.23.0
k8s-node02   Ready    <none>                 9m53s   v1.23.0
[root@k8s-master ~]# 

（15）查看利用情况 

[root@k8s-master ~]# kubectl top node
error: Metrics API not available
#发现没有

（16）获取Kubernetes 的命令行工具包

链接: 百度网盘 请输入提取码 提取码: mdwc 复制这段内容后打开百度网盘手机App，操作更方便哦

（17）查询利用率

[root@k8s-master ~]# kubectl create  -f components.yaml 
serviceaccount/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
clusterrole.rbac.authorization.k8s.io/system:metrics-server created
rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created
service/metrics-server created
deployment.apps/metrics-server created
apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created
[root@k8s-master ~]# kubectl top node
NAME         CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%   
k8s-master   118m         5%     1443Mi          38%       
k8s-node01   65m          3%     799Mi           21%       
k8s-node02   78m          3%     1988Mi          52%       
[root@k8s-master ~]# 

（17）图形化界面

该链接提供了图形化

链接: 百度网盘 请输入提取码 提取码: vcih 复制这段内容后打开百度网盘手机App，操作更方便哦

[root@k8s-master ~]# mkdir -p /opt/k8s/dashboard                 //创建一个目录
[root@k8s-master ~]# cd /opt/k8s/dashboard/
[root@k8s-master dashboard]# rz -E                               //把链接的包拉出来
rz waiting to receive.
[root@k8s-master dashboard]# kubectl create -f .                    
serviceaccount/admin-user created
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
[root@k8s-master ~]# kubectl get pod -A
NAMESPACE              NAME                                         READY   STATUS    RESTARTS   AGE
kube-system            calico-kube-controllers-64cc74d646-7npbs     1/1     Running   0          4m2s
kube-system            calico-node-7z94t                            1/1     Running   0          4m2s
kube-system            calico-node-b65zv                            1/1     Running   0          4m2s
kube-system            calico-node-hsgvn                            1/1     Running   0          4m2s
kube-system            coredns-6d8c4cb4d-nhttz                      1/1     Running   0          7m13s
kube-system            coredns-6d8c4cb4d-twbxs                      1/1     Running   0          7m13s
kube-system            etcd-k8s-master                              1/1     Running   0          7m28s
kube-system            kube-apiserver-k8s-master                    1/1     Running   0          7m28s
kube-system            kube-controller-manager-k8s-master           1/1     Running   0          7m28s
kube-system            kube-proxy-8qnjf                             1/1     Running   0          7m13s
kube-system            kube-proxy-m8426                             1/1     Running   0          5m41s
kube-system            kube-proxy-xjb6k                             1/1     Running   0          5m45s
kube-system            kube-scheduler-k8s-master                    1/1     Running   0          7m28s
kube-system            metrics-server-66bdc46d86-nht4z              1/1     Running   0          3m21s
kubernetes-dashboard   dashboard-metrics-scraper-7fcdff5f4c-mnnrl   1/1     Running   0          2m21s
kubernetes-dashboard   kubernetes-dashboard-df74f58f9-zjnj8         1/1     Running   0          2m21s

(18)获取token 

[root@k8s-master ~]# kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard   //修改一下端口改成31245
[root@k8s-master ~]# kubectl get svc -n  kubernetes-dashboard 
NAME                        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.103.197.81   <none>        8000/TCP        7m5s
kubernetes-dashboard        NodePort    10.110.1.207    <none>        443:31245/TCP   7m5s[root@k8s-master ~]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin -user | awk '{print $1}')token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IjlmeExvcUp6ZFBZaUQwZXE4cXQ3U3JOZzcwU2RfVFlDVWZXN3lzWVVPMzgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJ0dGwtY29udHJvbGxlci10b2tlbi13eDI0OCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJ0dGwtY29udHJvbGxlciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjcwODQ4ZGU2LTY1NjMtNGMwZi1iYWNhLWRlN2JmMzU4N2Q2ZCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTp0dGwtY29udHJvbGxlciJ9.akwFAPPwWS18Jb7NtyL9C7mXl6gHJWEzT_EqyND5BFJdGnP56kXJKO68MHy0KEoJboAtQE-vVlFQTBkFsNPEYJ2L-AQ6UjQObgiMPUfFTuWAu2KsqjAwQDv-THT72KTwx0N0F9KRpWZ9OHbvTsHztMrGfWMrZAHRBKEv6IBPAsL0C0OQujqE3Tx6Z7Fno8iHt5cYaanwsZV9DXw5-6WVhejMUjQMGcAMGIjiLRLqhgjC3LRguhPyakt0bgp57oa77FOK71T_b3D1kDtAOqjghbji4BagloA48odsCFBHEzl6xv3UH9glQsf9cAFCkFHr9TRQ9IYx8jIC4L7DjPZI2g

--test-type --ignore-certificate-errors在谷歌属性添加 

复制token输入浏览器中