CentOS 7 搭建 Kubernetes 1.34.3 集群4节点集群规划主机IP主机名角色172.31.1.241k8s-master01master172.31.1.242k8s-node01worker172.31.1.243k8s-node02worker172.31.1.244k8s-node03workerKubernetes 版本1.34.3容器运行时containerd网络插件flannel一、所有节点基础配置以下操作需要在241242243244全部执行。二、设置主机名masterhostnamectl set-hostname k8s-master01node1hostnamectl set-hostname k8s-node01node2hostnamectl set-hostname k8s-node02node3hostnamectl set-hostname k8s-node03三、配置 hosts所有节点cat/etc/hostsEOF 172.31.1.241 k8s-master01 172.31.1.242 k8s-node01 172.31.1.243 k8s-node02 172.31.1.244 k8s-node03 EOF测试pingk8s-master01四、关闭防火墙所有节点systemctl stop firewalld systemctl disable firewalld五、关闭 SELinux所有节点临时关闭setenforce0永久关闭sed-is/^SELINUXenforcing$/SELINUXdisabled//etc/selinux/configsed-is/^SELINUXpermissive$/SELINUXdisabled//etc/selinux/config六、关闭 swap所有节点swapoff-a永久关闭sed-ris/.*swap.*/#//etc/fstab验证free-mSwap 应为0七、配置内核参数所有节点cat/etc/modules-load.d/k8s.confEOF overlay br_netfilter EOF加载模块modprobe overlay modprobe br_netfilter配置 sysctlcat/etc/sysctl.d/k8s.confEOF net.bridge.bridge-nf-call-iptables 1 net.bridge.bridge-nf-call-ip6tables 1 net.ipv4.ip_forward 1 vm.swappiness 0 EOF生效sysctl--system八、同步时间所有节点安装yuminstall-ychrony启动systemctlenablechronyd systemctl restart chronyd验证chronyc sources九、安装 containerd所有节点安装依赖yuminstall-yyum-utils device-mapper-persistent-data lvm2添加 Docker Repoyum-config-manager\--add-repo\https://download.docker.com/linux/centos/docker-ce.repo安装 containerdyuminstall-ycontainerd.io生成配置mkdir-p/etc/containerd containerd config default/etc/containerd/config.toml修改 systemd cgroupsed-is/SystemdCgroup false/SystemdCgroup true/g/etc/containerd/config.toml配置 sandbox 镜像国内推荐sed-is#registry.k8s.io/pause:3.8#registry.aliyuncs.com/google_containers/pause:3.10#g/etc/containerd/config.toml启动 containerdsystemctl daemon-reload systemctlenablecontainerd systemctl restart containerd检查systemctl status containerd十、安装 Kubernetes 组件所有节点添加 Kubernetes Repocat/etc/yum.repos.d/kubernetes.repoEOF [kubernetes] nameKubernetes baseurlhttps://pkgs.k8s.io/core:/stable:/v1.34/rpm/ enabled1 gpgcheck1 gpgkeyhttps://pkgs.k8s.io/core:/stable:/v1.34/rpm/repodata/repomd.xml.key excludekubelet kubeadm kubectl cri-tools kubernetes-cni EOF安装 kubelet kubeadm kubectlyuminstall-ykubelet-1.34.3 kubeadm-1.34.3 kubectl-1.34.3--disableexcludeskubernetes启动 kubeletsystemctlenablekubelet systemctl restart kubelet十一、初始化 Master仅在172.31.1.241执行。拉取镜像kubeadm config images pull\--kubernetes-versionv1.34.3\--image-repository registry.aliyuncs.com/google_containers初始化集群kubeadm init\--apiserver-advertise-address172.31.1.241\--image-repository registry.aliyuncs.com/google_containers\--kubernetes-versionv1.34.3\--service-cidr10.96.0.0/12\--pod-network-cidr10.244.0.0/16成功后会看到kubeadmjoin...保存下来。十二、配置 kubectl仅 mastermkdir-p$HOME/.kubecp-i/etc/kubernetes/admin.conf$HOME/.kube/configchown$(id-u):$(id-g)$HOME/.kube/config验证kubectl get nodes十三、安装 Flannel 网络插件仅 masterkubectl apply-fhttps://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml十四、Node 加入集群在242243244执行 master 初始化后生成的 join 命令。类似kubeadmjoin172.31.1.241:6443\--tokenxxxxxx.xxxxxxxxxxxxxxxx\--discovery-token-ca-cert-hash sha256:xxxxxxxxxxxxxxxx十五、验证集群master 执行kubectl get nodes正常应该NAME STATUS ROLES AGE VERSION k8s-master01 Ready control-plane xx v1.34.3 k8s-node01 Readynonexx v1.34.3 k8s-node02 Readynonexx v1.34.3 k8s-node03 Readynonexx v1.34.3十六、验证 Podkubectl get pod-A所有 Pod 应为Running十七、常见问题1. kubelet 无法启动查看日志journalctl-ukubelet-f2. swap 未关闭报错running with swap on is not supported解决swapoff-a3. Node NotReady通常是 flannel 未启动。查看kubectl get pod-A4. containerd CRI 报错重启systemctl restart containerd systemctl restart kubelet5. 查看集群信息kubectl cluster-info十八、安装 Metrics Server推荐masterkubectl apply-fhttps://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml修改kubectl edit deployment metrics-server-nkube-system增加---kubelet-insecure-tls验证kubectltopnodes十九、开放 Master 调度可选如果希望 Pod 也能调度到 masterkubectl taint nodes--allnode-role.kubernetes.io/control-plane-二十、查看 Join Token如果忘了 join 命令kubeadm token create --print-join-command二十一、重置集群节点执行kubeadm reset-f删除残留rm-rf~/.kuberm-rf/etc/cnirm-rf/var/lib/cnirm-rf/var/lib/kubelet/*rm-rf/etc/kubernetes重启systemctl restart containerd systemctl restart kubelet二十二、验证测试 Podkubectl create deployment nginx--imagenginx查看kubectl get pod-owide二十三、建议配置生产环境建议使用 keepalived haproxy 做高可用 master使用 calico 替代 flannel使用 ingress-nginx使用 metrics-server使用 prometheus grafana使用 local-path-provisioner 或 NFS CSI二十四、版本查看kubectl version kubeadm version kubelet--version二十五、查看运行时crictl info ctr version
