Build k8s cluster initialization master

Environmental Science:

CentOS 8.4 three sets

step1 preparation

Each node needs to have a unique MAC address. Sometimes, under special circumstances, the virtual machine may have the same MAC address, so it is necessary to compare the Product_UUID and MAC are unique among all nodes.

-Check and compare MAC addresses

ip link

-Check and compare product_uuid

cat /sys/class/dmi/id/product_uuid

Modify the hostname of each node and configure the address mapping

- Master

[root@Master ~]# cat /etc/hostname

Master

- Node1

[root@Node1 k8s]# cat /etc/hostname

Node1

- Node2

[root@Node2 ~]# cat /etc/hostname

Node2

For the above three nodes, master node1 and node2 configure address mapping under the directory / etc/hosts:

10.11.115.199 Master AutoCDPMaster1

10.11.104.84 Node1 AutoCDPNode11

10.11.56.96 Node2 AutoCDPNode21

disable Selinux, (because the container needs to contact the host file)

setenforce 0

Setting setenforce to 0 effectively sets SELinux to permissive and effectively disables SELinux until the next reboot. To disable it completely, use the following command and restart.

sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux

reboot

Kubernetes uses various ports for communication and access, and these ports need to be accessible to kubernetes. If the firewall is enabled, you need to set these ports to be unrestricted by the firewall.

firewall-cmd --permanent --add-port=6443/tcp

firewall-cmd --permanent --add-port=2379-2380/tcp

firewall-cmd --permanent --add-port=10250/tcp

firewall-cmd --permanent --add-port=10251/tcp

firewall-cmd --permanent --add-port=10252/tcp

firewall-cmd --permanent --add-port=10255/tcp

firewall-cmd --reload

modprobe br_netfilter

Firewall related commands:

View firewall related status:

systemctl status firewalld

Stop firewall  

systemctl stop firewalld

Open fire protection

systemctl start firewalld

Turn off the firewall and the machine will not be restored after restarting

systemctl disable firewalld

  Turn on the firewall and it will not be restored after restarting the machine

systemctl enable firewalld

Step 2 install docker CE

This step is required if docker has not been installed

-Add docker Library

dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

-Install containerd

dnf install https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm

-Install docker CE

dnf install docker-ce

-Start docker service

systemctl enable docker

systemctl start docker

Step 3: installing kubedm

-Add Kubernetes Library

cat <<EOF > /etc/yum.repos.d/kubernetes.repo

[kubernetes]

name=Kubernetes

baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64

enabled=1

gpgcheck=1

repo_gpgcheck=1

gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

EOF

-Installing kubedm

dnf install kubeadm -y

-Start kubedm service

systemctl enable kubelet

systemctl start kubelet

step3 initialize the master node

-Turn off swap

swapoff -a

-Check whether / proc / sys / net / bridge / bridge NF call iptables is 1. If not, set it to 1

echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

-Initialize master node

kubeadm init

The successful interface is as follows:

Where command:

kubeadm join 9.30.215.42:6443 --token v1s2qw.e4864hl50gdq4h7t --discovery-token-ca-cert-hash sha256:3cfb83830bbf46b95b0a0303ddd3752301a2ec345c104b14e0abb0094627bf3d

It needs to be remembered so that it can be used when node nodes join. Once the initialization is successful, the user needs to be given permission so that the corresponding user can purchase and use the cluster. If the root permission is used, execute the following command:

mkdir -p $HOME/.kube

cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

chown $(id -u):$(id -g) $HOME/.kube/config

If you are a non root user, execute the following command:

mkdir -p $HOME/.kube

sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

sudo chown $(id -u):$(id -g) $HOME/.kube/config

-View node

kubectl get nodes

At this time, you will see that the status of the master node is NotReady, because the pod network has not been deployed at this time

  Step 5: deploy pod network

The weave plugin is used here

export kubever=$(kubectl version | base64 | tr -d '\n')

kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$kubever"

After some time, check the node status again and find that it becomes Ready


 

Tags: Linux Docker Kubernetes Container

Posted on Thu, 07 Oct 2021 22:08:38 -0400 by spudly