系统相关
首页 > 系统相关> > CentOS7 单机版使用kubeadm安装K8S

CentOS7 单机版使用kubeadm安装K8S

作者:互联网

准备一台干干净净的服务器

准备环境

-----------------------------------------------------------------------------------------

为了安全,先把SSH端口默认的22端口修改了

vi /etc/ssh/sshd_config

修改Port,在服务器的安全策略组中把修改后的端口加进去

重启SSHD服务

service sshd restart

----------------------------------------------------------------------------------------

修改主机名,并在hosts文件中加一行主机名的解析,重启服务器使配置生效

hostnamectl set-hostname master
hostnamectl status
vi /etc/hosts
reboot

-----------------------------------------------------------------------------------------

关闭防火墙、selinux、swap

systemctl stop firewalld
systemctl disable firewalld

sed -i 's/enforcing/disabled/' /etc/selinux/config 
setenforce 0

swapoff -a

------------------------------------------------------------------------------------------

将桥接的IPv4流量传递到iptables的链:

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

sysctl --system

yum update -y

------------------------------------------------------------------------------------------

安装Docker (不加版本号默认安装最新的,当下安装是20.10.17)

wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo

yum -y install docker-ce

systemctl enable docker && systemctl start docker

------------------------------------------------------------------------------------------

安装K8s

先添加阿里云Yum的软件源地址

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

------------------------------------------------------------------------------------------

安装Kubeadm、Kubelet、Kubectl

*注:由于版本更新很频繁,不加版本号的话默认安装最新,官方对于1.24版本声明如下:

 

 

此处,咱使用的是1.23.6版本(主要是1.24.1后续问题太多了。。。。。)

 

yum install -y kubelet-1.23.6 kubeadm-1.23.6 kubectl-1.23.6

systemctl enable kubelet

kubeadm初始化

注:国内无法访问默认的拉取镜像地址k8s.gcr.io,所以这里替换成阿里云镜像仓库的地址(如果有外网环境,当我没说)
kubeadm init  --apiserver-advertise-address=192.168.0.3  --image-repository registry.aliyuncs.com/google_containers   --kubernetes-version v1.23.6   --service-cidr=10.1.0.0/16   --pod-network-cidr=10.244.0.0/16

 

到这一步跑着跑着可能就出现问题了。。错误日志如下

[kubelet-check] It seems like the kubelet isn't running or healthy.
[kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get "http://localhost:10248/healthz": dial tcp 192.168.0.3:10248: connect: connection refused.
[kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get "http://localhost:10248/healthz": dial tcp 192.168.0.3:10248: connect: connection refused.

        Unfortunately, an error has occurred:
                timed out waiting for the condition

        This error is likely caused by:
                - The kubelet is not running
                - The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled)

        If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands:
                - 'systemctl status kubelet'
                - 'journalctl -xeu kubelet'

        Additionally, a control plane component may have crashed or exited when started by the container runtime.
        To troubleshoot, list all containers using your preferred container runtimes CLI.

        Here is one example how you may list all Kubernetes containers running in docker:
                - 'docker ps -a | grep kube | grep -v pause'
                Once you have found the failing container, you can inspect its logs with:
                - 'docker logs CONTAINERID'

------------------------------------------------------------------------------------------------------------------

重置

kubeadm reset

 ------------------------------------------------------------------------------------------------------------------

解决问题

问题原因: 因为docker和 kubelet 服务中的 cgroup 驱动不一致

解决方案:

1、修改docker配置

vi /etc/docker/daemon.json

加入这段

{
    "exec-opts": ["native.cgroupdriver=systemd"]
}

重启docker

systemctl daemon-reload
 
systemctl restart docker

2、修改kubelet配置

vi /etc/systemd/system/kubelet.service.d/10-kubeadm.conf

加入这段

Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --cgroup-driver=cgroupfs"

重启kubelet

systemctl daemon-reload
 
systemctl restart kubelet

 

再次执行上面的kubeadm init --XXXXXXXXXXXXXXX 就妥了~~~~~~

 

标签:单机版,etc,--,CentOS7,kubelet,systemctl,kubeadm,docker
来源: https://www.cnblogs.com/NinaMua/p/16374893.html