Kubeadm 是社区官方持续维护的集群搭建工具,在 Kubernertes v1.13 版本的时候就已经 GA 了(GA 即 General Availability,指官方开始推荐广泛使用),它跟着 Kubernetes 的版本一起发布,目前 Kubeadm 代码放在 Kubernetes 的主代码库中。
Kubeadm 在设计之初的定位就是只关心集群的 bootstrapping,并不负责物理资源的管理和申请。在集群 bootstrapping 搭建完成后,你可以根据自己的需要,在集群中部署自己的 add-on 组件,比如 CNI 插件、Dashboard 等。
采用一台master节点和一台node节点做部署
[root@master ~]# cat /etc/redhat-release
CentOS Linux release 7.8.2003 (Core)
[root@master ~]# uname -r
3.10.0-1127.19.1.el7.x86_64
[root@master ~]# hostname
master
[root@master ~]# getenforce
Disabled
[root@master ~]# docker -v
Docker version 19.03.13, build 4484c46d9d
[root@master ~]# firewall-cmd --state
not running[root@node ~]# cat /etc/redhat-release
CentOS Linux release 7.8.2003 (Core)
[root@node ~]# uname -r
3.10.0-1127.19.1.el7.x86_64
[root@node ~]# hostname
node
[root@node ~]# getenforce
Disabled
[root@node ~]# docker -v
Docker version 19.03.13, build 4484c46d9d
[root@node ~]# firewall-cmd --state
not running[root@master ~]# cat <<EOF > /etc/sysctl.d/k8s.conf
> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> EOF
[root@master ~]# sysctl --system[root@master ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
> [kubernetes]
> name=Kubernetes
> baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
> enabled=1
> gpgcheck=1
> repo_gpgcheck=1
> gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
> EOF
[root@master ~]# yum makecache
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
base | 3.6 kB 00:00:00
docker-ce-stable | 3.5 kB 00:00:00
extras | 2.9 kB 00:00:00
kubernetes/signature | 454 B 00:00:00
Retrieving key from https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
Importing GPG key 0xA7317B0F:
Userid : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
From : https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
Is this ok [y/N]: y
kubernetes/signature | 1.4 kB 00:00:06 !!!
updates | 2.9 kB 00:00:00
(1/11): extras/7/x86_64/filelists_db | 217 kB 00:00:00
(2/11): extras/7/x86_64/other_db | 124 kB 00:00:00
(3/11): base/7/x86_64/other_db | 2.6 MB 00:00:00
(4/11): kubernetes/primary | 78 kB 00:00:00
(5/11): base/7/x86_64/filelists_db | 7.1 MB 00:00:01
(6/11): kubernetes/other | 51 kB 00:00:00
(7/11): kubernetes/filelists | 26 kB 00:00:01
(8/11): updates/7/x86_64/filelists_db | 2.4 MB 00:00:00
(9/11): updates/7/x86_64/other_db | 318 kB 00:00:00
(10/11): docker-ce-stable/x86_64/filelists_db | 21 kB 00:00:02
(11/11): docker-ce-stable/x86_64/other_db | 114 kB 00:00:02
kubernetes 570/570
kubernetes 570/570
kubernetes 570/570
Metadata Cache Created[root@node ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
> [kubernetes]
> name=Kubernetes
> baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
> enabled=1
> gpgcheck=1
> repo_gpgcheck=1
> gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
> EOF
[root@node ~]# yum makecache
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
base | 3.6 kB 00:00:00
docker-ce-stable | 3.5 kB 00:00:00
extras | 2.9 kB 00:00:00
kubernetes/signature | 454 B 00:00:00
Retrieving key from https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
Importing GPG key 0xA7317B0F:
Userid : "Google Cloud Packages Automatic Signing Key <gc-team@google.com>"
Fingerprint: d0bc 747f d8ca f711 7500 d6fa 3746 c208 a731 7b0f
From : https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
Is this ok [y/N]: y
kubernetes/signature | 1.4 kB 00:00:10 !!!
updates | 2.9 kB 00:00:00
(1/11): base/7/x86_64/other_db | 2.6 MB 00:00:00
(2/11): extras/7/x86_64/filelists_db | 217 kB 00:00:00
(3/11): extras/7/x86_64/other_db | 124 kB 00:00:00
(4/11): docker-ce-stable/x86_64/filelists_db | 21 kB 00:00:00
(5/11): kubernetes/filelists | 26 kB 00:00:00
(6/11): kubernetes/other | 51 kB 00:00:00
(7/11): docker-ce-stable/x86_64/other_db | 114 kB 00:00:00
(8/11): updates/7/x86_64/other_db | 318 kB 00:00:00
(9/11): kubernetes/primary | 78 kB 00:00:00
(10/11): base/7/x86_64/filelists_db | 7.1 MB 00:00:01
(11/11): updates/7/x86_64/filelists_db | 2.4 MB 00:00:00
kubernetes 570/570
kubernetes 570/570
kubernetes 570/570
Metadata Cache Createdkubeadm:用来初始化集群的指令。
kubelet:在集群中的每个节点上用来启动 pod 和容器等。
kubectl:用来与集群通信的命令行工具。
[root@master ~]# yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
[root@master ~]# systemctl enable kubelet
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.kubeadm init --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap
- --image-repository #由于kubeadm默认是从官网k8s.grc.io下载所需镜像,国内无法访问,所以这里通过--image-repository指定为阿里云镜像仓库地址
- --pod-network-cidr #指定pod网络段
- --service-cidr #指定service网络段
- --ignore-preflight-errors=Swap #忽略swap报错信息
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.147.129:6443 --token fr99wu.9b51dl4k0yg5u3by --discovery-token-ca-cert-hash sha256:c4293c31d3e30d6171290407e6af503dd75633fe0cb0e1668d8f9c0c6a611bbb [root@master ~]# mkdir -p $HOME/.kube
[root@master ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master ~]# chown $(id -u):$(id -g) $HOME/.kube/config[root@node .kube]# kubeadm join 192.168.147.129:6443 --token fr99wu.9b51dl4k0yg5u3by > --discovery-token-ca-cert-hash sha256:c4293c31d3e30d6171290407e6af503dd75633fe0cb0e1668d8f9c0c6a611bbb[root@master ~]# wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
[root@master ~]# kubectl apply -f kube-flannel.yml[root@master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready master 10m v1.19.2
node Ready <none> 2m6s v1.19.2
[root@master ~]# kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-6d56c8448f-9crzw 1/1 Running 0 9m55s
kube-system coredns-6d56c8448f-qrmkr 1/1 Running 0 9m55s
kube-system etcd-master 1/1 Running 0 10m
kube-system kube-apiserver-master 1/1 Running 0 10m
kube-system kube-controller-manager-master 1/1 Running 0 10m
kube-system kube-flannel-ds-6f4tl 1/1 Running 0 57s
kube-system kube-flannel-ds-s8nw5 1/1 Running 0 57s
kube-system kube-proxy-dj9q4 1/1 Running 0 2m15s
kube-system kube-proxy-mrf9v 1/1 Running 0 9m55s
kube-system kube-scheduler-master 1/1 Running 0 10m原文:https://blog.51cto.com/lisea/2537517