Fedora 32 kubenetes 安装
Fedora 32 kubenetes 搭建, 系统:Fedora 32(Linux) 1个master节点 2个Worker节点
1. 规划
# Fedora 32 1个master节点 2个Worker节点
| 主机名 | 硬盘镜像 | IP地址 | 配置 | 描述 |
| --- | --- | --- | --- | --- |
| fed_v32_k8s_mst | fed_v32_k8s_mst.qcow2 | 192.168.122.80 | 4C/8G | Master节点 |
| fed_v32_k8s_wn1 | fed_v32_k8s_wn1.qcow2 | 192.168.122.81 | 4C/8G | Worker节点 |
| fed_v32_k8s_wn2 | fed_v32_k8s_wn2.qcow2 | 192.168.122.82 | 4C/8G | Worker节点 |
2. 系统配置
# 获取fedora镜像
wget https://fedoraproject.org/cloud/download
# 设置时区
timedatectl set-timezone Asia/Shanghai
# 安装常用软件
dnf install NetworkManager-tui iptraf-ng bridge-utils tunctl vim git tree
# disable SElinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
systemctl disable --now firewalld
# 加载br_netfilter内核模块
modprobe br_netfilter
lsmod|grep br_netfilter
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
# disable swap
swapoff -a
sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab
3. 配置软件源安装容器/软件包
cat <<EOF > /etc/yum.repos.d/docker-ce.repo
[docker-ce-stable]
# proxy=socks5://127.0.0.1:1080
name=Docker CE Stable - $basearch
baseurl=https://download.docker.com/linux/fedora/32/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://download.docker.com/linux/fedora/gpg
EOF
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
# proxy=socks5://127.0.0.1:1080
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF
# 安装docker
sudo dnf install docker-ce
dnf install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
# enable services
systemctl enable --now docker
systemctl enable --now kubelet
# enable port
firewall-cmd --permanent --add-port={6443,2379,2380,10000-20000}/tcp
firewall-cmd --reload
4. 获取k8s容器
# list containers needed
kubeadm config images list
# get containers
REGISTRY_REP='registry.cn-hangzhou.aliyuncs.com/google_containers'
docker pull $REGISTRY_REP/kube-apiserver:v1.20.2
docker pull $REGISTRY_REP/kube-controller-manager:v1.20.2
docker pull $REGISTRY_REP/kube-scheduler:v1.20.2
docker pull $REGISTRY_REP/kube-proxy:v1.20.2
docker pull $REGISTRY_REP/pause:3.2
docker pull $REGISTRY_REP/etcd:3.4.13-0
docker pull $REGISTRY_REP/coredns:1.7.0
docker tag $REGISTRY_REP/kube-apiserver:v1.20.2 k8s.gcr.io/kube-apiserver:v1.20.2
docker tag $REGISTRY_REP/kube-controller-manager:v1.20.2 k8s.gcr.io/kube-controller-manager:v1.20.2
docker tag $REGISTRY_REP/kube-scheduler:v1.20.2 k8s.gcr.io/kube-scheduler:v1.20.2
docker tag $REGISTRY_REP/kube-proxy:v1.20.2 k8s.gcr.io/kube-proxy:v1.20.2
docker tag $REGISTRY_REP/pause:3.2 k8s.gcr.io/pause:3.2
docker tag $REGISTRY_REP/etcd:3.4.13-0 k8s.gcr.io/etcd:3.4.13-0
docker tag $REGISTRY_REP/coredns:1.7.0 k8s.gcr.io/coredns:1.7.0
5. 部署Kubenates
# clone prepared images
cp fed_v32_k8s_init.qcow2 fed_v32_k8s_mst.qcow2
cp fed_v32_k8s_init.qcow2 fed_v32_k8s_wn1.qcow2
cp fed_v32_k8s_init.qcow2 fed_v32_k8s_wn2.qcow2
# Master-node generate token:
kubeadm init --apiserver-advertise-address 192.168.122.80 --pod-network-cidr 10.244.0.0/16 --kubernetes-version 1.20.2
# Worker-node join cluster use token:
kubeadm join 192.168.122.80:6443 --token 56k33c.lt95acflxwv159pm --discovery-token-ca-cert-hash sha256:9633d524f7de1f65229ef94c14dda9ce963b79386a3abe4857dba07e2f0d2ee3
# add kube-config at $HOME
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
6. 常用组件
# install calico
wget https://kuboard.cn/install-script/v1.20.x/calico-operator.yaml
wget https://kuboard.cn/install-script/v1.20.x/calico-custom-resources.yaml
kubectl create -f calico-operator.yaml
sed -i "s#192.168.0.0/16#10.244.0.0/16#" calico-custom-resources.yaml
kubectl create -f calico-custom-resources.yaml
# install kuboard
kubectl apply -f https://kuboard.cn/install-script/kuboard.yaml
kubectl apply -f https://addons.kuboard.cn/metrics-server/0.3.7/metrics-server.yaml
# install nginx-ingress
kubectl apply -f https://kuboard.cn/install-script/v1.20.x/nginx-ingress.yaml
7. 常用命令
kubectl get pods -A -o wide # 查看组件运行情况
kubectl get nodes -A -o wide # 查看集群节点
kubectl get events --all-namespaces # 查看事件
kubectl get svc -A -o wide # 查看服务
kubectl apply/delete -f xxx.yaml # 安装/卸载pods
kubectl exec -it <your-pod-name> -n <your-namespace> -- /bin/bash # 进入容器
echo $(kubectl -n kube-system get secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}') -o go-template='{{.data.token}}' | base64 -d) # 获取token