Environmental Science:
CentOS 8.4 three sets
step1 preparation
Each node needs to have a unique MAC address. Sometimes, under special circumstances, the virtual machine may have the same MAC address, so it is necessary to compare the Product_UUID and MAC are unique among all nodes.
-Check and compare MAC addresses
ip link
-Check and compare product_uuid
cat /sys/class/dmi/id/product_uuid
Modify the hostname of each node and configure the address mapping
- Master [root@Master ~]# cat /etc/hostname Master - Node1 [root@Node1 k8s]# cat /etc/hostname Node1 - Node2 [root@Node2 ~]# cat /etc/hostname Node2
For the above three nodes, master node1 and node2 configure address mapping under the directory / etc/hosts:
10.11.115.199 Master AutoCDPMaster1 10.11.104.84 Node1 AutoCDPNode11 10.11.56.96 Node2 AutoCDPNode21
disable Selinux, (because the container needs to contact the host file)
setenforce 0
Setting setenforce to 0 effectively sets SELinux to permissive and effectively disables SELinux until the next reboot. To disable it completely, use the following command and restart.
sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux reboot
Kubernetes uses various ports for communication and access, and these ports need to be accessible to kubernetes. If the firewall is enabled, you need to set these ports to be unrestricted by the firewall.
firewall-cmd --permanent --add-port=6443/tcp firewall-cmd --permanent --add-port=2379-2380/tcp firewall-cmd --permanent --add-port=10250/tcp firewall-cmd --permanent --add-port=10251/tcp firewall-cmd --permanent --add-port=10252/tcp firewall-cmd --permanent --add-port=10255/tcp firewall-cmd --reload modprobe br_netfilter
Firewall related commands:
View firewall related status:
systemctl status firewalld
Stop firewall
systemctl stop firewalld
Open fire protection
systemctl start firewalld
Turn off the firewall and the machine will not be restored after restarting
systemctl disable firewalld
Turn on the firewall and it will not be restored after restarting the machine
systemctl enable firewalld
Step 2 install docker CE
This step is required if docker has not been installed
-Add docker Library
dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
-Install containerd
dnf install https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm
-Install docker CE
dnf install docker-ce
-Start docker service
systemctl enable docker systemctl start docker
Step 3: installing kubedm
-Add Kubernetes Library
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg EOF
-Installing kubedm
dnf install kubeadm -y
-Start kubedm service
systemctl enable kubelet systemctl start kubelet
step3 initialize the master node
-Turn off swap
swapoff -a
-Check whether / proc / sys / net / bridge / bridge NF call iptables is 1. If not, set it to 1
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables
-Initialize master node
kubeadm init
The successful interface is as follows:
Where command:
kubeadm join 9.30.215.42:6443 --token v1s2qw.e4864hl50gdq4h7t --discovery-token-ca-cert-hash sha256:3cfb83830bbf46b95b0a0303ddd3752301a2ec345c104b14e0abb0094627bf3d
It needs to be remembered so that it can be used when node nodes join. Once the initialization is successful, the user needs to be given permission so that the corresponding user can purchase and use the cluster. If the root permission is used, execute the following command:
mkdir -p $HOME/.kube cp -i /etc/kubernetes/admin.conf $HOME/.kube/config chown $(id -u):$(id -g) $HOME/.kube/config
If you are a non root user, execute the following command:
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
-View node
kubectl get nodes
At this time, you will see that the status of the master node is NotReady, because the pod network has not been deployed at this time
Step 5: deploy pod network
The weave plugin is used here
export kubever=$(kubectl version | base64 | tr -d '\n') kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$kubever"
After some time, check the node status again and find that it becomes Ready