ubuntu22.04x64 安装k8s1.23.x

Posted 2022-07-12 flyfish225

标签（空格分隔）： kubernetes系列

---

一：系统环境介绍

1.1：系统环境初始化

系统：
    ubuntu22.04x64 

主机名：
    cat /etc/hosts 
----
172.16.10.31    ubuntusrvs01
172.16.10.32    ubuntusrvs02
172.16.10.33    ubuntusrvs03
----

## 关闭swap

swapoff -a  
sed -ri s/.*swap.*/#&/ /etc/fstab

#系统优化
cat > /etc/sysctl.d/k8s_better.conf << EOF
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
vm.swappiness=0
vm.overcommit_memory=1
vm.panic_on_oom=0
fs.inotify.max_user_instances=8192
fs.inotify.max_user_watches=1048576
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720
EOF
modprobe br_netfilter
lsmod |grep conntrack
modprobe ip_conntrack
sysctl -p /etc/sysctl.d/k8s_better.conf

安装依赖包：

apt-get install socat conntrack ntpdate ntp ipvsadm

### 开启ipvs 转发
modprobe br_netfilter 

cat > /etc/sysctl.d/ipvs.modules << EOF 

#!/bin/bash 
modprobe -- ip_vs 
modprobe -- ip_vs_rr 
modprobe -- ip_vs_wrr 
modprobe -- ip_vs_sh 
modprobe -- nf_conntrack
EOF 

chmod 755 /etc/sysctl.d/ipvs.modules

bash /etc/sysctl.d/ipvs.modules

lsmod | grep -e ip_vs -e nf_conntrack

二：安装docker

apt-get install docker.io  [全部节点安装]

docker version 

三：安装kubernetes

Debian / Ubuntu 源： [所有节点安装]

-----------------------------------------------------------------------------
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add
echo "deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main" >>  /etc/apt/sources.list

--------------------------------------------------------------------------------
sudo apt-get update
sudo apt-get upgrade -y
sudo apt-get install -y apt-transport-https ca-certificates 

apt-get install kubelet=1.23.8-00
apt-get install kubeadm=1.23.8-00

apt-get install kubectl=1.23.8-00

初始化k8s 节点：

kubeadm init \\
--apiserver-advertise-address=172.16.10.31 \\
--image-repository registry.aliyuncs.com/google_containers \\
--kubernetes-version v1.23.8 \\
--service-cidr=10.96.0.0/12 \\
--pod-network-cidr=10.244.0.0/16 \\
--ignore-preflight-errors=all

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 172.16.10.31:6443 --token jn4xdg.n46uplnndtnnozlg \\
        --discovery-token-ca-cert-hash sha256:ce07ee78de3bd6fffd155953125b812d9c1541fa0da3db47d1c920f6b2955772

网络组件有很多种，只需要部署其中一个即可，推荐Calico。

Calico是一个纯三层的数据中心网络方案，Calico支持广泛的平台，包括Kubernetes、OpenStack等。

Calico 在每一个计算节点利用 Linux Kernel 实现了一个高效的虚拟路由器（ vRouter） 来负责数据转发，而每个 vRouter 通过 BGP 协议负责把自己上运行的 workload 的路由信息向整个 Calico 网络内传播。

此外，Calico 项目还实现了 Kubernetes 网络策略，提供ACL功能。

1.下载Calico

wget https://docs.projectcalico.org/manifests/calico.yaml --no-check-certificate

vim +3878 calico.yaml
...
- name: CALICO_IPV4POOL_CIDR
  value: "10.244.0.0/16"
...

kubectl apply -f calico.yaml

kubectl get pod -n kube-system 

其它节点加入到主节点：

   kubeadm join 172.16.10.31:6443 --token jn4xdg.n46uplnndtnnozlg \\
        --discovery-token-ca-cert-hash sha256:ce07ee78de3bd6fffd155953125b812d9c1541fa0da3db47d1c920f6b2955772

kubectl get pod -n kube-system 

四：部署一个dashboard

1.下载yaml文件

官网下载地址

目前最新版本为v2.4.0

wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml

vim recommended.yaml
----
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 30001
  type: NodePort      
  selector:
    k8s-app: kubernetes-dashboard
----
kubectl apply -f recommended.yaml

kubectl get pods -n kubernetes-dashboard
kubectl get pods,svc -n kubernetes-dashboard

# 创建用户
kubectl create serviceaccount dashboard-admin -n kube-system

# 用户授权
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin

# 获取用户Token
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk /dashboard-admin/print $1)

打开web:
  https://172.16.10.31:30001

五：创建一个nginx 测试

kubectl create deployment nginx --image=nginx

kubectl expose deployment nginx --port=80 --type=NodePort

kubectl get deploy,svc,pod 

web 访问：
    http://172.16.10.31:31164