2023年6月30日发(作者：)

kubernetes（k8s）安装教程前⾔最近在学习安装k8s，搜索了很多教程勉强安装成功。但教程良莠不齐，导致安装过程中遇到各种各样的问题。为了⽅便以后查看，现将总结的安装教程记录在这⾥。如有侵权,联系删除。vim /etc/hostnamevi /etc/hosts1.2firewall-cmd --state # 查看防⽕墙状态systemctl stop firewalld # 停⽌防⽕墙的服务systemctl disable firewalld # 禁⽌开机启动1.3关闭（全部节点）编辑⽂件，修改SELINUX的值为disablevi /etc/sysconfig/selinuxSELINUX=disabled查看状态sestatus -vSELinux status: disabled）在⽤户主⽬录下，进⼊.ssh⽂件夹cd .ssh⽣成密钥ssh-keygen -t rsa发放其他主机ssh-copy-id 主机名1.5所有节点安装ntpyum -y install ntp主节点：vi /etc/先注释四个server 然后添加server主机ip

vi /etc/sysconfig/ntpdSYNC_CLOCK=yes启动服务systemctl start esystemctl enable eservice ntpd status其他节点：crontab -e*/10 * * * * /usr/sbin/ntpdate 主节点 1.6swapoff -a && sed -i '/ swap / s/^(.*)$/#1/g' /etc/fstab1.7源wget -O /etc/.d/ /repo/下载：cd /etc/ /docker-ce/linux/centos/：cat < /etc/.d/[kubernetes]name=Kubernetesbaseurl=/kubernetes/yum/repos/kubernetes-el7-x86_64/enabled=1gpgcheck=1repo_gpgcheck=1gpgkey=/kubernetes/yum/doc/ /kubernetes/yum/doc/查看yum源是否可⽤yum repolist1.8的内核采纳数，添加⽹桥过滤和地址转发功能编辑/etc/sysctl.d/⽂件，添加如下配置：-nf-call-ip6tables = -nf-call-iptables = _forward = 1重新加载配置sysctl -p加载⽹桥过滤模块modprobe br_netfilter查看⽹桥过滤模块是否加载成功lsmod | grep br_netfilter1.9功能yum install ipset ipvsadm -ycat < /etc/sysconfig/modules/s#!/bin/bashmodprobe -- ip_vsmodprobe -- ip_vs_rrmodprobe -- ip_vs_wrrmodprobe -- ip_vs_shmodprobe -- nf_conntrack_ipv4EOF增加权限chmod +x /etc/sysconfig/modules/s执⾏脚本/bin/bash /etc/sysconfig/modules/s查看对应的模块是否加载成功lsmod | grep -e -ip_vs -e nf_conntrack_ipv42、master & node: 均需要安装 kubelet kubeadm dockermaster: 执⾏ kubeadm init, ⽤于建⽴集群nodes: 执⾏kubeadm join, ⽤于加⼊集群Dockeryum install docker-ce查看可安装版本yum list docker-ce --showduplicates或指定安装版本yum install --setopt=obsoletes=0 7 -y查看版本docker --version配置⽂件mkdir /etc/dockercat < /etc/docker/{"exec-opts": ["driver=systemd"],"registry-mirrors": [""]}EOF启动Docker服务并激活开机启动：systemctl start dockersystemctl enable docker2.2 组件Kubelet：运⾏在cluster所有节点上，负责启动POD和容器；Kubeadm：⽤于初始化cluster的⼀个⼯具；Kubectl：kubectl是kubenetes命令⾏⼯具，通过kubectl可以部署和管理应⽤，查看各种资源，创建，删除和更新组件；yum install kubelet kubeadm kubectl或指定版本yum install -y kubeadm-1.16.2 kubectl-1.16.2 kubelet-1.16.2配置kubelet的cgroupvim /etc/sysconfig/kubelet添加下⾯的配置KUBELET_CGROUP_ARGS="--cgroup-driver=systemd"KUBE_PROXY_MODE="ipvs"设置kubelet开机⾃启systemctl enable kubelet2.3 新件master_ ⽂件，拉取镜像：#!/bin/bash# Author: ****# Description: 简单脚本，⽤于下载 kubeadm 所需镜像，并修改成相应的 tag 信息

# 定义 master 节点所需镜像

MasterImageList="/kube-apiserver:/kube-controller-manager:/kube-scheduler:/kube-proxy:/pause:/etcd:/coredns:/coreos/flannel:v0.11.0-amd64"

# 定义 node 节点所需镜像NodeImageList="/kube-proxy:/pause:/coreos/flannel:/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1"

# 定义 dockerhub 上个⼈镜像仓库PrivateReg="byteedu"

# master 节点镜像处理函数function MasterImageProcess(){for IMAGE in ${MasterImageList};for IMAGE in ${MasterImageList};doImage=$(echo ${IMAGE}|awk -F '/' {'print $NF'})PrivateImage=${PrivateReg}/${Image}docker pull ${PrivateImage}; docker tag ${PrivateImage} ${IMAGE}; docker rmi ${PrivateImage}done}

# node 节点镜像处理函数function NodeImageProcess(){for IMAGE in ${NodeImageList};doImage=$(echo ${IMAGE}|awk -F '/' {'print $NF'})PrivateImage=${PrivateReg}/${Image}docker pull ${PrivateImage}; docker tag ${PrivateImage} ${IMAGE}; docker rmi ${PrivateImage}done}

# 定义主函数function MAIN(){read -p "当前节点是作为 master 还是 node ? [master|node] " -t 30 CHOICEcase ${CHOICE} in"master"|"m"|"MASTER"|"M")MasterImageProcess[ $? -eq 0 ] && echo -e "Master 节点镜像 033[32m[处理成功]033[0m" || (echo -e "Master 节点镜像 033[31m[处理失败]033[0m, 请⼿动检查！ " && exit 1) ;;"node"|"n"|"NODE"|"N")NodeImageProcess[ $? -eq 0 ] && echo -e "Node 节点镜像 033[32m[处理成功]033[0m" || (echo -e "Node 节点镜像 033[31m[处理失败]033[0m, 请⼿动检查！ " && exit 1);;*)echo "输⼊参数不合法，请输⼊ master 或者 node. "exit;;esac}

MAIN修改⽂件可执⾏权限chmod +x master_

下载./master_2.4

master节点kubeadm init --kubernetes-version=1.16.2 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12记录运⾏结果最后⼀段：kubeadm join 10.122.32.2:6443 --token 206c1m.4rs3nl232gme92mu --discovery-token-ca-cert-hash sha256:c5ecb1edd7aaf5253e0002e4cb396fd83d3455012c216a4ef30c4ffd92d289dc成功后：mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/ $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/confignode节点加⼊集群在node节点运⾏刚才记录的最后⼀⾏kubeadm join 10.122.32.2:6443 --token 206c1m.4rs3nl232gme92mu --discovery-token-ca-cert-hash sha256:c5ecb1edd7aaf5253e0002e4cb396fd83d3455012c216a4ef30c4ffd92d289dc如果忘记：查看tokenkubeadm token list查看discovery-token-ca-cert-hashopenssl x509 -pubkey -in /etc/kubernetes/pki/ | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'在master上查看节点信息kubectl get nodes2.5

kubectl apply -f /coreos/flannel/master/Documentation/查看组件运⾏，发现flannel已经在运⾏kubectl get pods -n kube-system发现已经ready了kubectl get node节点监控watch kubectl get pod -n kube-system -o wide