k8s cluster construction (kubedm mode)


Content source: bilibili Shang Silicon Valley k8s teaching video

1. Installation requirements

Deploying Kubernetes cluster machines requires the following conditions

  • One or more machines, operating system CentOS7.x-86_x64
  • Hardware configuration: 2GB or more RAM, 2 CPUs or more CPUs, hard disk 30GB or more
  • You can access the external network and need to pull the image. If the server cannot access the Internet, you need to download the image in advance and import the node
  • Disable swap partition

2. Environmental preparation

2.1 node preparation

Three nodes are used here

roleIP
master10.4.108.159
node110.4.109.145
node210.4.109.144

2.2 turn off the firewall

systemctl stop firewalld

#perhaps
systemctl disable firewalld

2.3 close selinux

# Permanent shutdown
sed -i 's/enforcing/disabled/' /etc/selinux/config

#Temporarily closed
setenforce 0 

2.4 close swap

# Permanent shutdown
sed -ri 's/.*swap.*/#&/' /etc/fstab

#Temporarily Closed
swapoff -a

2.5 set the host name according to the plan

Here we set the corresponding host name for ip

# 10.4.108.159 in master
hostnamectl set-hostname master

# 10.4.109.144 in node2
hostnamectl set-hostname node2

# 10.4.109.145 in node1
hostnamectl set-hostname node1

You can enter hostname to check

2.6 add hosts in master

cat >> /etc/hosts << EOF
10.4.108.159 master
10.4.109.145 node1
10.4.109.144 node2
EOF

2.7 deliver bridged IPv4 traffic to iptables chain

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
#take effect
sysctl --system

2.8 time synchronization

yum install ntpdate -y
ntpdate time.windows.com

3. Install docker / kubedm / kubelet on all nodes

By default, the CRI (container runtime) of Kubernetes is Docker, so Docker is installed first

3.1 installing Docker

$ wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
$ yum -y install docker-ce-18.06.1.ce-3.el7
$ systemctl enable docker && systemctl start docker
$ docker --version

#Check the version Docker version 18.06.1-ce, build e68fc7a
cat > /etc/docker/daemon.json << EOF
{
  "registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"]
}
EOF

Restart docker

Systemctl restart docker

3.2 adding alicloud YUM software source

$ cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

3.3 install kubedm, kubelet and kubectl

$ yum install -y kubelet-1.18.0 kubeadm-1.18.0 kubectl-1.18.0
$ systemctl enable kubelet

4. Deploy Kubernetes Master

Execute in master
Since the default pull image address k8s.gcr.io cannot be accessed domestically, the Alibaba cloud image warehouse address is specified here

# One line of code, the \
$ kubeadm init \
  --apiserver-advertise-address=10.4.108.159 \
  --image-repository registry.aliyuncs.com/google_containers \
  --kubernetes-version v1.18.0 \
  --service-cidr=10.96.0.0/12 \
  --pod-network-cidr=10.244.0.0/16

After executing init, you will get the following information, which indicates that your initialization has been completed
Then enter the second red box information on the master node
Enter the third red box information in node1 and node2 nodes

Using the kubectl tool:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

kubectl get nodes


Existing nodes can be seen, but the status is notReady

5. Join Kubernetes Node

Add a new node to the cluster and execute the kubedm join command output in kubedm init:
Execute in 10.4.19.144(node2) and 10.4.109.145 (Node2)

$ kubeadm join 192.168.1.11:6443 --token esce21.q6hetwm8si29qxwn \
    --discovery-token-ca-cert-hash sha256:00603a05805807501d7181c3d60b478788408cfe6cedefedb1f97569708be9c5

The default token is valid for 24 hours. When it expires, the token will not be available. In this case, you need to re create the token, as follows

kubeadm token create --print-join-command

6. Deploy CNI network plug-in

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

If you can't connect, you can get the kube-flannel.yml file first, and then use kubectl apply -f YAML file

wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

7. View initialization status

View pod:

kubectl get pods -n kube-system

The following indicates that initialization is in progress

The following appears: initialization is complete

View node status

kubectl get nodes

8. Test kubernetes cluster

Create a pod in the Kubernetes cluster and verify that it works normally:

$ kubectl create deployment nginx --image=nginx
$ kubectl expose deployment nginx --port=80 --type=NodePort
$ kubectl get pod,svc


Open the browser and view the node ip address: 32653 port address

that will do

Tags: Operation & Maintenance Docker

Posted on Tue, 28 Sep 2021 21:17:00 -0400 by hlstriker