安裝K8S 

kubeadm安裝k8s  前期環(huán)境準(zhǔn)備

###所有節(jié)點，關(guān)閉防火墻規(guī)則，關(guān)閉selinux，關(guān)閉swap交換
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i 's/enforcing/disabled/' /etc/selinux/config

iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X

#交換分區(qū)必須要關(guān)閉
swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab
#永久關(guān)閉swap分區(qū)，&符號在sed命令中代表上次匹配的結(jié)果

#調(diào)整內(nèi)核參數(shù)

cat > /etc/sysctl.d/k8s.conf << EOF
#開啟網(wǎng)橋模式，可將網(wǎng)橋的流量傳遞給iptables鏈
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
#關(guān)閉ipv6協(xié)議
net.ipv6.conf.all.disable_ipv6=1
net.ipv4.ip_forward=1
EOF

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv6.conf.all.disable_ipv6=1
net.ipv4.ip_forward=1
EOF

sysctl --system
所有節(jié)點安裝docker

###安裝依賴包
yum install -y yum-utils device-mapper-persistent-data lvm2

wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo

 yum install -y docker-ce docker-ce-cli containerd.io

systemctl start docker.service

systemctl enable docker.service

##修改配置文件和鏡像加速

mkdir -p /etc/docker

tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://ysmprsek.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "500m", "max-file": "3"
}
}
EOF

systemctl daemon-reload
systemctl restart docker
所有節(jié)點

###定義kubernetes源

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

yum install -y kubelet-1.20.15 kubeadm-1.20.15 kubectl-1.20.15

###開機(jī)自啟kubelet
systemctl enable kubelet.service
#K8S通過kubeadm安裝出來以后都是以Pod方式存在，即底層是以容器方式運行，所以kubelet必須設(shè)置開機(jī)自啟
###查看相關(guān)軟件的版本

yum list kubeadm-1.20*

##### 命令行初始化，僅需master執(zhí)行  apiserver  masterIP

kubeadm init \
--apiserver-advertise-address=192.168.242.72 \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version=v1.20.15 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=10.244.0.0/16 \
--token-ttl=0

根據(jù)輸出提示操作：

[root@k8s-master ~]# mkdir -p $HOME/.kube
[root@k8s-master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config

加入Kubernetes Node
在兩個 Node 節(jié)點執(zhí)行
使用kubeadm join 注冊Node節(jié)點到Matser

kubeadm join 的內(nèi)容，在上面kubeadm init 已經(jīng)生成好了

 安裝網(wǎng)絡(luò)插件flannel

###安裝 CNI網(wǎng)絡(luò)插件  master節(jié)點
##上傳 flannel-v0.21.5.zip 到 /opt/k8s

unzip flannel-v0.21.5.zip
docker load -i flannel.tar
docker load -i flannel-cni-plugin.tar

##移動系統(tǒng)創(chuàng)建的cni目錄，并手動創(chuàng)建
cd /opt/
mv cni/ cni_bak
mkdir -p /opt/cni/bin

##解壓配置文件
tar xf /opt/k8s/cni-plugins-linux-amd64-v1.3.0.tgz -C /opt/cni/bin/

##安裝插件
cd /opt/k8s
kubectl apply -f kube-flannel.yml

 node節(jié)點 把master上的flannel的兩個鏡像 scp過去

###先導(dǎo)入 flannel的兩個鏡像
scp flannel.tar flannel-cni-plugin.tar 192.168.242.73:/opt/
scp flannel.tar flannel-cni-plugin.tar 192.168.242.74:/opt/

docker load -i flannel.tar
docker load -i flannel-cni-plugin.tar
然再執(zhí)行kubeadm init 看看結(jié)果

 部署dashboard  

##master01節(jié)點

###上傳 配置文件 recommended.yaml

##安裝 kubectl apply -f recommended.yaml

配置文件修改如下

修改鏡像文件:

kubernetesui/dashboard:v2.7.0 --> registry.cn-hangzhou.aliyuncs.com/google_containers/dashboard:v2.7.0

kubernetesui/metrics-scraper:v1.0.8 --> registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-scraper:v1.0.8

修改service配置如下圖， 添加type和nodeport 屬性

 kubectl apply -f k8s-dashborad.yml

##創(chuàng)建service account并綁定默認(rèn)cluster-admin管理員集群角色
kubectl create serviceaccount dashboard-admin -n kube-system

##查看創(chuàng)建的用戶
kubectl get sa -n kube-system

###給賬戶授權(quán)
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin

##獲取用戶的 token
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')

#使用輸出的token登錄Dashboard
https://masterIP:31622