0%

K8S离线部署笔记-10-Kubeadm

Posted on 2021-01-05

RPM包安装

# 联网环境
# 添加谷歌源(需扶墙)
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

# 添加阿里源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

# 准备RPM包
yumdownloader --assumeyes --destdir=/root/pkg/k8s --resolve yum-utils kubeadm-1.18.* kubelet-1.18.* kubectl-1.18.* ebtables

# 离线环境，安装RPM包。若提示缺少RPM包，按提示使用yum安装即可（需提前配置yum源）
yum install -y libxml2-python python-kitchen
yum install -y --cacheonly --disablerepo=* /root/pkg/k8s/*.rpm

下载K8S镜像

# 查看镜像列表
kubeadm config images list
k8s.gcr.io/kube-apiserver:v1.18.4
k8s.gcr.io/kube-controller-manager:v1.18.4
k8s.gcr.io/kube-scheduler:v1.18.4
k8s.gcr.io/kube-proxy:v1.18.4
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.3-0
k8s.gcr.io/coredns:1.6.7

# 在线环境，镜像下载脚本
vi img_save.sh
images=(
    kube-apiserver:v1.18.4
    kube-controller-manager:v1.18.4
    kube-scheduler:v1.18.4
    kube-proxy:v1.18.4
    pause:3.2
    etcd:3.4.3-0
    coredns:1.6.7
)

for imageName in ${images[@]} ; do
    docker pull registry.aliyuncs.com/google_containers/$imageName
    docker tag  registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
    docker rmi  registry.aliyuncs.com/google_containers/$imageName
    docker save k8s.gcr.io/$imageName > $imageName.tar
done

# 离线环境，镜像导入脚本
vi img_load.sh
images=(
    kube-apiserver:v1.18.4
    kube-controller-manager:v1.18.4
    kube-scheduler:v1.18.4
    kube-proxy:v1.18.4
    pause:3.2
    etcd:3.4.3-0
    coredns:1.6.7
)

for imageName in ${images[@]} ; do
    docker load < $imageName.tar
done

下载Flannel镜像

# 下载yml(需翻墙)
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

# 在线环境，下载镜像
docker pull quay.io/coreos/flannel:v0.13.0-rc2
docker save quay.io/coreos/flannel:v0.13.0-rc2 > flannel_v0.13.0-rc2.tar

# 离线环境，导入镜像
docker load < flannel_v0.13.0-rc2.tar

下载IngressNginx镜像

# 在线环境，下载yml
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/namespace.yaml
wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/nginx-0.30.0/deploy/static/rbac.yaml

# 在线环境，下载镜像
docker pull quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0
docker save quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 > nginx-ingress-controller_0.30.0.tar

# 离线环境，导入镜像
docker load < nginx-ingress-controller_0.30.0.tar

主节点部署

# 注意版本号为之前下载镜像的版本 
kubeadm init --pod-network-cidr=10.244.0.0/16 --kubernetes-version=v1.18.4

# 复制配置文件
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

# 安装Flannel
kubectl apply -f kube-flannel.yml

# 解决Flannel NodePort网络慢问题
ethtool --offload flannel.1 rx off tx off


# 检查节点状态
kubectl get nodes -o wide
kubectl get pods --all-namespaces

# 主节点允许部署pod(可选)
kubectl taint nodes --all node-role.kubernetes.io/master-

工作节点部署

# 加入集群
kubeadm join 10.10.51.78:6443 --token cb3tj7.fvnovftkepaghkeq \
  --discovery-token-ca-cert-hash sha256:093dc747b9a22551ee029b325078e49170b680ee885e869ffbe665cdf53e4d8e

# 若token过期，需要在主节点重新生成
kubeadm token create --print-join-command --ttl=0

其它常规操作

查看报错日志

1	journalctl -u kubelet

删除节点

1 2	kubectl delete node ubuntu103 #on master kubeadm reset #on slave

重置

# 重置k8s
kubeadm reset
rm -rf /etc/cni/net.d

# 清理路由
iptables -L
iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X

# 清理网卡
modprobe -r ipip
ip link delete cni0
ip link delete flannel.1

参考文档