环境准备

由这三台物理机或者虚拟机组成，一个master节点，两个node节点，如下所示。

机器

ip

内存

cpu

kubemaster

172.18.35.20

8G

4核

kubenode1

172.18.35.23

8G

4核

kubenode2

172.18.35.26

8G

4核

2.设置主机名

hostnamectl set-hostname kubemaster

hostnamectl set-hostname kubenode1

hostnamectl set-hostname kubenode2

3.主机名与ip映射

在master上添加主机名和ip对应关系：

vi /etc/hosts

添加如下

172.18.35.20 kubemaster

172.18.35.23 kubenode1

172.18.35.26 kubenode2

关闭ufw防火墙和selinux

Ubuntu默认未启用,无需设置,selinux默认未安装

ufw disable

setenforce 0 #临时关闭

开启ipv4转发，配置iptables参数

modprobe br_netfilter

cat >> /etc/sysctl.conf << EOF

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

net.ipv4.ip_forward = 1

EOF

sysctl -p #执行此命令生效配置

禁用swap分区

swapoff -a #临时关闭

sed -ri 's/.*swap.*/#&/' /etc/fstab #永久关闭

更换阿里源

deb bionic main restricted universe multiverse

deb bionic-security main restricted universe multiverse

deb bionic-updates main restricted universe multiverse

deb bionic-proposed main restricted universe multiverse

deb bionic-backports main restricted universe multiverse

deb-src bionic main restricted universe multiverse

deb-src bionic-security main restricted universe multiverse

deb-src bionic-updates main restricted universe multiverse

deb-src bionic-proposed main restricted universe multiverse

deb-src bionic-backports main restricted universe multiverse

更新系统

sudo apt update

Apt upgrade或者sudo apt -y full-upgrade

确认时间同步

apt install -y chrony

systemctl enable --now chrony

chronyc sources

#确认时间是否同步

timedatectl

加载ipvs内核模块

参考：

另外，针对Linux kernel 4.19以上的内核版本使用nf_conntrack 代替nf_conntrack_ipv4。

cat <<EOF | tee /etc/modules-load.d/ipvs.conf

# Load IPVS at boot

ip_vs

ip_vs_rr

ip_vs_wrr

ip_vs_sh

nf_conntrack

EOF

modprobe -- ip_vs

modprobe -- ip_vs_rr

modprobe -- ip_vs_wrr

modprobe -- ip_vs_sh

modprobe -- nf_conntrack

#确认内核模块加载成功

lsmod | grep -e ip_vs -e nf_conntrack

#安装ipset和ipvsadm

apt install -y ipset ipvsadm

安装docker-ce

1.卸载

sudo apt-get remove docker docker-engine docker.io containerd runc

2.安装Docker

sudo apt-get update

# 安装依赖包

sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common

# 添加 Docker 的官方 GPG 密钥

curl -fsSL | sudo apt-key add -

# 验证您现在是否拥有带有指纹的密钥

sudo apt-key fingerprint 0EBFCD88

# 设置稳定版仓库

sudo add-apt-repository "deb [arch=amd64] $(lsb_release -cs) stable"

3.安装 Docker Engine-Community

# 更新

$ sudo apt-get update

# 安装最新的Docker-ce

sudo apt-get install docker-ce

# 启动

sudo systemctl enable docker

sudo systemctl start docker

配置daemon.json

{

"registry-mirrors": [";],

"dns": ["172.18.40.177","172.18.40.3","172.18.35.26"],

"insecure-registries": ["172.18.35.27:8082" ],

"exec-opts": ["native.cgroupdriver=systemd"]

}

sudo systemctl restart docker

查看是否安装kube： dpkg -l | grep kube

安装kubeadm、kubelet、kubectl

添加k8s阿里源

curl -s | sudo apt-key add -

cat > /etc/apt/sources.list.d/kubernetes.list <<EOF

> deb kubernetes-xenial main

> EOF

#查看可安装的版本

sudo apt-get update

apt-cache madison kubectl | more

#执行安装

sudo apt-get install -y kubelet=1.23.6-00 kubeadm=1.23.6-00 kubectl=1.23.6-00

这里用的是1.23.6版本的

apt-get install kubeadm=1.23.6-00 kubectl=1.23.6-00 kubelet=1.23.6-00

锁定版本

sudo apt-mark hold kubelet kubeadm kubectl

启动kubelet服务

systemctl enable--now kubelet

部署master节点

备注：以下操作仅在master节点执行。

1、查看可安装的kubernetes版本

kubectl version --short

2、查看对应版本的容器镜像并提前拉取到本地，

kubeadm config images list \

--kubernetes-version=v1.23.5 \

--image-repository registry.aliyuncs.com/google_containers

执行初始化配置

指定image-repository为registry.aliyuncs.com/google_containers

kubeadm init \

--apiserver-advertise-address=172.18.35.26 \

--image-repository registry.aliyuncs.com/google_containers \

--kubernetes-version v1.23.6 \

--service-cidr=10.96.0.0/12 \

--pod-network-cidr=10.244.0.0/16 \

--ignore-preflight-errors=all

master节点初始化完成后参考最后提示配置kubectl客户端连接

mkdir -p $HOME/.kube

cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

chown $(id -u):$(id -g) $HOME/.kube/config

安装网络插件

下载kube-flannel.yml

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

node节点：

复制master的/etc/kubernetes/admin.conf

scp /etc/kubernetes/admin.conf user@host:/etc/kubernetes/admin.conf

user为主机登录用户

host为主机ip

然后执行：

echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile

source ~/.bash_profile

节点加入集群

kubeadm join 172.18.35.26:6443 --token 6mdoqi.2xvy5n5ucrnel31e \

--discovery-token-ca-cert-hash sha256:27a7689c35aa73dcc5cc744a60d7cdc7ae82cdd8aa5a38c413c0d68749bec57f

查看部署状态

kubectl get nodes