Centos7系统安装部署Kubernetes(k8s)集群教程( 三 )

社区服务
高级搜索
猴岛论坛电脑百科Centos7系统安装部署Kubernetes(k8s)集群教程( 三 )
发帖 回复
倒序阅读 最近浏览的帖子最近浏览的版块
4个回复

[技术小组]Centos7系统安装部署Kubernetes(k8s)集群教程( 三 )

楼层直达
   三岁

ZxID:44344

糖果

举报 只看楼主 使用道具 楼主   发表于: 2023-08-06 0
4.6 添加worker节点到k8s集群

接下来把另外的两个worker节点也加入到k8s集群。

kubeadm init的时候输出了如下这句:kubeadm join 192.168.110.130:6443 --token nta3x4.3e54l2dqtmj9tlry --discovery-token-ca-cert-hash sha256:9add1314177ac5660d9674dab8c13aa996520028514246c4cd103cf08a211cc8 ,在另外两个worker节点执行这一命令就可以把节点加入到k8s集群里。

如果加入集群的token忘了,可以使用如下的命令获取最新的加入命令token

  1. [root@k8scloude1 ~]# kubeadm token create --print-join-command
  2. kubeadm join 192.168.110.130:6443 --token 8e3haz.m1wrpuf357g72k1u --discovery-token-ca-cert-hash sha256:9add1314177ac5660d9674dab8c13aa996520028514246c4cd103cf08a211cc8


在另外两个节点执行加入集群的token命令

  1. [root@k8scloude2 ~]# kubeadm join 192.168.110.130:6443 --token 8e3haz.m1wrpuf357g72k1u --discovery-token-ca-cert-hash sha256:9add1314177ac5660d9674dab8c13aa996520028514246c4cd103cf08a211cc8
  2. [preflight] Running pre-flight checks
  3.         [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
  4. [preflight] Reading configuration from the cluster...
  5. [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
  6. [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
  7. [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
  8. [kubelet-start] Starting the kubelet
  9. [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
  10. This node has joined the cluster:
  11. * Certificate signing request was sent to apiserver and a response was received.
  12. * The Kubelet was informed of the new secure connection details.
  13. Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
  14. [root@k8scloude3 ~]# kubeadm join 192.168.110.130:6443 --token 8e3haz.m1wrpuf357g72k1u --discovery-token-ca-cert-hash sha256:9add1314177ac5660d9674dab8c13aa996520028514246c4cd103cf08a211cc8
  15. [preflight] Running pre-flight checks
  16.         [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
  17. [preflight] Reading configuration from the cluster...
  18. [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
  19. [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
  20. [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
  21. [kubelet-start] Starting the kubelet
  22. [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
  23. This node has joined the cluster:
  24. * Certificate signing request was sent to apiserver and a response was received.
  25. * The Kubelet was informed of the new secure connection details.
  26. Run 'kubectl get nodes' on the control-plane to see this node join the cluster.


在k8scloude1查看节点状态,可以看到两个worker节点都加入到了k8s集群
  1. [root@k8scloude1 ~]# kubectl get nodes
  2. NAME         STATUS     ROLES                  AGE     VERSION
  3. k8scloude1   NotReady   control-plane,master   8m43s   v1.21.0
  4. k8scloude2   NotReady   <none>                 28s     v1.21.0
  5. k8scloude3   NotReady   <none>                 25s     v1.21.0


可以发现worker节点加入到k8s集群后多了两个镜像
  1. [root@k8scloude2 ~]# docker p_w_picpath
  2. REPOSITORY                                           TAG       IMAGE ID       CREATED         SIZE
  3. registry.aliyuncs.com/google_containers/kube-proxy   v1.21.0   38ddd85fe90e   9 months ago    122MB
  4. registry.aliyuncs.com/google_containers/pause        3.4.1     0f8457a4c2ec   12 months ago   683kB
  5. [root@k8scloude3 ~]# docker p_w_picpath
  6. REPOSITORY                                           TAG       IMAGE ID       CREATED         SIZE
  7. registry.aliyuncs.com/google_containers/kube-proxy   v1.21.0   38ddd85fe90e   9 months ago    122MB
  8. registry.aliyuncs.com/google_containers/pause        3.4.1     0f8457a4c2ec   12 months ago   683kB


4.7 部署CNI网络插件calico

虽然现在k8s集群已经有1个master节点,2个worker节点,但是此时三个节点的状态都是NotReady的,原因是没有CNI网络插件,为了节点间的通信,需要安装cni网络插件,常用的cni网络插件有calico和flannel,两者区别为:flannel不支持复杂的网络策略,calico支持网络策略,因为今后还要配置k8s网络策略networkpolicy,所以本文选用的cni网络插件为calico!

现在去官网下载calico.yaml文件:

官网:https://projectcalico.docs.tigera.io/about/about-calico


搜索框里直接搜索calico.yaml

找到下载calico.yaml的命令


下载calico.yaml文件
  1. [root@k8scloude1 ~]# curl https://docs.projectcalico.org/manifests/calico.yaml -O
  2.   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
  3.                                  Dload  Upload   Total   Spent    Left  Speed
  4. 100  212k  100  212k    0     0  44222      0  0:00:04  0:00:04 --:--:-- 55704
  5. [root@k8scloude1 ~]# ls
  6. calico.yaml


查看需要下载的calico镜像,这四个镜像需要在所有节点都下载,以k8scloude1为例
  1. [root@k8scloude1 ~]# grep image calico.yaml
  2.           image: docker.io/calico/cni:v3.21.2
  3.           image: docker.io/calico/cni:v3.21.2
  4.           image: docker.io/calico/pod2daemon-flexvol:v3.21.2
  5.           image: docker.io/calico/node:v3.21.2
  6.           image: docker.io/calico/kube-controllers:v3.21.2
  7.           
  8. [root@k8scloude1 ~]# docker pull docker.io/calico/cni:v3.21.2
  9. v3.21.2: Pulling from calico/cni
  10. Digest: sha256:ce618d26e7976c40958ea92d40666946d5c997cd2f084b6a794916dc9e28061b
  11. Status: Image is up to date for calico/cni:v3.21.2
  12. docker.io/calico/cni:v3.21.2
  13. [root@k8scloude1 ~]# docker pull docker.io/calico/pod2daemon-flexvol:v3.21.2
  14. v3.21.2: Pulling from calico/pod2daemon-flexvol
  15. Digest: sha256:b034c7c886e697735a5f24e52940d6d19e5f0cb5bf7caafd92ddbc7745cfd01e
  16. Status: Image is up to date for calico/pod2daemon-flexvol:v3.21.2
  17. docker.io/calico/pod2daemon-flexvol:v3.21.2
  18. [root@k8scloude1 ~]# docker pull docker.io/calico/node:v3.21.2
  19. v3.21.2: Pulling from calico/node
  20. Digest: sha256:6912fe45eb85f166de65e2c56937ffb58c935187a84e794fe21e06de6322a4d0
  21. Status: Image is up to date for calico/node:v3.21.2
  22. docker.io/calico/node:v3.21.2
  23. [root@k8scloude1 ~]# docker pull docker.io/calico/kube-controllers:v3.21.2
  24. v3.21.2: Pulling from calico/kube-controllers
  25. d6a693444ed1: Pull complete
  26. a5399680e995: Pull complete
  27. 8f0eb4c2bcba: Pull complete
  28. 52fe18e41b06: Pull complete
  29. 2f8d3f9f1a40: Pull complete
  30. bc94a7e3e934: Pull complete
  31. 55bf7cf53020: Pull complete
  32. Digest: sha256:1f4fcdcd9d295342775977b574c3124530a4b8adf4782f3603a46272125f01bf
  33. Status: Downloaded newer image for calico/kube-controllers:v3.21.2
  34. docker.io/calico/kube-controllers:v3.21.2
  35. #主要是如下4个镜像
  36. [root@k8scloude1 ~]# docker p_w_picpath
  37. REPOSITORY                                                        TAG        IMAGE ID       CREATED         SIZE
  38. calico/node                                                       v3.21.2    f1bca4d4ced2   4 weeks ago     214MB
  39. calico/pod2daemon-flexvol                                         v3.21.2    7778dd57e506   5 weeks ago     21.3MB
  40. calico/cni                                                        v3.21.2    4c5c32530391   5 weeks ago     239MB
  41. calico/kube-controllers                                           v3.21.2    b20652406028   5 weeks ago     132MB



修改calico.yaml 文件,CALICO_IPV4POOL_CIDR的IP段要和kubeadm初始化时候的pod网段一致,注意格式要对齐,不然会报错

  1. [root@k8scloude1 ~]# vim calico.yaml
  2. [root@k8scloude1 ~]# cat calico.yaml | egrep "CALICO_IPV4POOL_CIDR|"10.244""
  3.              - name: CALICO_IPV4POOL_CIDR
  4.                value: "10.244.0.0/16"

不直观的话看图片:修改calico.yaml 文件


应用calico.yaml文件

  1. [root@k8scloude1 ~]# kubectl apply -f calico.yaml
  2. configmap/calico-config unchanged
  3. customresourcedefinition.apiextensions.k8s.io/bgpconfigurations.crd.projectcalico.org configured
  4. customresourcedefinition.apiextensions.k8s.io/bgppeers.crd.projectcalico.org configured
  5. customresourcedefinition.apiextensions.k8s.io/blockaffinities.crd.projectcalico.org configured
  6. customresourcedefinition.apiextensions.k8s.io/caliconodestatuses.crd.projectcalico.org configured
  7. customresourcedefinition.apiextensions.k8s.io/clusterinformations.crd.projectcalico.org configured
  8. customresourcedefinition.apiextensions.k8s.io/felixconfigurations.crd.projectcalico.org configured
  9. customresourcedefinition.apiextensions.k8s.io/globalnetworkpolicies.crd.projectcalico.org configured
  10. customresourcedefinition.apiextensions.k8s.io/globalnetworksets.crd.projectcalico.org configured
  11. customresourcedefinition.apiextensions.k8s.io/hostendpoints.crd.projectcalico.org configured
  12. customresourcedefinition.apiextensions.k8s.io/ipamblocks.crd.projectcalico.org configured
  13. customresourcedefinition.apiextensions.k8s.io/ipamconfigs.crd.projectcalico.org configured
  14. customresourcedefinition.apiextensions.k8s.io/ipamhandles.crd.projectcalico.org configured
  15. customresourcedefinition.apiextensions.k8s.io/ippools.crd.projectcalico.org configured
  16. customresourcedefinition.apiextensions.k8s.io/ipreservations.crd.projectcalico.org configured
  17. customresourcedefinition.apiextensions.k8s.io/kubecontrollersconfigurations.crd.projectcalico.org configured
  18. customresourcedefinition.apiextensions.k8s.io/networkpolicies.crd.projectcalico.org configured
  19. customresourcedefinition.apiextensions.k8s.io/networksets.crd.projectcalico.org configured
  20. clusterrole.rbac.authorization.k8s.io/calico-kube-controllers unchanged
  21. clusterrolebinding.rbac.authorization.k8s.io/calico-kube-controllers unchanged
  22. clusterrole.rbac.authorization.k8s.io/calico-node unchanged
  23. clusterrolebinding.rbac.authorization.k8s.io/calico-node unchanged
  24. daemonset.apps/calico-node created
  25. serviceaccount/calico-node created
  26. deployment.apps/calico-kube-controllers created
  27. serviceaccount/calico-kube-controllers created
  28. Warning: policy/v1beta1 PodDisruptionBudget is deprecated in v1.21+, unavailable in v1.25+; use policy/v1 PodDisruptionBudget
  29. poddisruptionbudget.policy/calico-kube-controllers created


此时发现三个节点都是Ready状态了
  1. [root@k8scloude1 ~]# kubectl get nodes
  2. NAME         STATUS   ROLES                  AGE   VERSION
  3. k8scloude1   Ready    control-plane,master   53m   v1.21.0
  4. k8scloude2   Ready    <none>                 45m   v1.21.0
  5. k8scloude3   Ready    <none>                 45m   v1.21.0



4.8 配置kubectl命令tab键自动补全

查看kubectl自动补全命令
  1. [root@k8scloude1 ~]# kubectl --help | grep bash
  2.   completion    Output shell completion code for the specified shell (bash or zsh)

添加source <(kubectl completion bash)到/etc/profile,并使配置生效
  1. [root@k8scloude1 ~]# cat /etc/profile | head -2
  2. # /etc/profile
  3. source <(kubectl completion bash)
  4. [root@k8scloude1 ~]# source /etc/profile


此时即可kubectl命令tab键自动补全
  1. [root@k8scloude1 ~]# kubectl get nodes
  2. NAME         STATUS   ROLES                  AGE   VERSION
  3. k8scloude1   Ready    control-plane,master   59m   v1.21.0
  4. k8scloude2   Ready    <none>                 51m   v1.21.0
  5. k8scloude3   Ready    <none>                 51m   v1.21.0
  6. #注意:需要bash-completion-2.1-6.el7.noarch包,不然不能自动补全命令
  7. [root@k8scloude1 ~]# rpm -qa | grep bash
  8. bash-completion-2.1-6.el7.noarch
  9. bash-4.2.46-30.el7.x86_64
  10. bash-doc-4.2.46-30.el7.x86_64


自此,Kubernetes(k8s)集群部署完毕!


感兴趣的猴子可以看看教程一 二

教程一:Centos7系统安装部署Kubernetes(k8s)集群教程( 一 )

教程二:Centos7系统安装部署Kubernetes(k8s)集群教程( 二 )





本帖de评分: 1 条评分 DB +10
DB+10 2023-08-09

我很赞同

[/url]
猴岛论坛技术组-神一般的头衔 各个领域 天才云集 福利多多 你还在等什么 赶快加入我们吧!

小野博客
゛千城墨白ぅ.

ZxID:25949615

等级: 大将
在这个冷暖自知的年代,遇见你们,真好!     

举报 只看该作者 沙发   发表于: 2023-08-06 0
不愧是大神
老赵.

ZxID:7272

等级: 总版主
配偶: 大小姐 
啊?

举报 只看该作者 板凳   发表于: 2023-08-07 0
好复杂
算账

ZxID:29357411

等级: 版主
配偶: 浓酒与歌

举报 只看该作者 地板   发表于: 2023-08-07 0
不愧是
本帖de评分: 1 条评分 DB +10
DB+10 2023-08-07

我很赞同

Null.

ZxID:171717

等级: 版主
配偶: 金度延
接电脑组装配置咨询  IP查定位等

举报 只看该作者 4楼  发表于: 2023-08-07 0
我很赞同
« 返回列表
发帖 回复