K8s 安装:修订间差异
跳到导航
跳到搜索
(→环境准备) |
(→导入模块) |
||
第45行: | 第45行: | ||
lsmod | grep overlay | lsmod | grep overlay | ||
lsmod | grep br_netfilter | lsmod | grep br_netfilter | ||
=== 部署 Containerd === | |||
==== 创建容器工具 ==== | |||
wget https://github.com/opencontainers/runc/releases/download/v1.1.4/runc.amd64 | |||
install -m 755 runc.amd64 /usr/local/sbin/runc | |||
==== 容器间网络通信 ==== | |||
wget https://github.com/containernetworking/plugins/releases/download/v1.2.0/cni-plugins-linux-amd64-v1.2.0.tgz | |||
mkdir -p /opt/cni/bin | |||
tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.2.0.tgz | |||
==== Containerd ==== | |||
wget https://github.com/containerd/containerd/releases/download/v1.7.14/containerd-1.7.14-linux-amd64.tar.gz | |||
tar Cxzvf /usr/local containerd-1.7.14-linux-amd64.tar.gz | |||
wget https://raw.githubusercontent.com/containerd/containerd/main/containerd.service -o /usr/lib/systemd/system/containerd.service | |||
systemctl daemon-reload && systemctl enable containerd | |||
mkdir /etc/containerd | |||
containerd config default > /etc/containerd/config.toml | |||
cd /etc/containerd/ | |||
cp config.toml config.toml.orig | |||
vi config.toml | |||
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] | |||
SystemdCgroup = true # false 修改为 true | |||
[plugins."io.containerd.grpc.v1.cri"] | |||
# sandbox_image = "registry.k8s.io/pause:3.8" | |||
sandbox_image = "registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.8" | |||
[plugins."io.containerd.grpc.v1.cri".registry.mirrors] | |||
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"] | |||
endpoint = ["http://mirrors.ustc.edu.cn"] | |||
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."*"] | |||
endpoint = ["http://hub-mirror.c.163.com"] | |||
systemctl restart containerd | |||
netstat -nlput | grep containerd | |||
=== kubernetes === | === kubernetes === |
2024年3月25日 (一) 17:34的版本
环境准备
- 关闭 selinux 及 firewalld
- 关闭 Swap
host
192.168.0.158 np0 192.168.0.229 np1 192.168.0.249 np2 192.168.0.148 np3
设置网桥参数
cat << EOF > /etc/sysctl.d/99-kubernetes-cri.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 user.max_user_namespaces=28633 EOF sysctl -p /etc/sysctl.d/99-kubernetes-cri.conf
配置支持 IPVS
加载 ip_vs 内核模块。kube-proxy 通过采用 iptables + ipset + ipvs 的方式实现为符合条件的 Pod 提供负载均衡。否则 kube-proxy 会退回到 iptables 模式。
cat > /etc/modules-load.d/ip_vs.conf << EOF ip_vs ip_vs_rr ip_vs_wrr ip_vs_sh nf_conntrack_ipv4 EOF
modprobe ip_vs modprobe ip_vs_rr modprobe ip_vs_wrr modprobe ip_vs_sh modprobe nf_conntrack_ipv4
导入模块
cat << EOF > /etc/modules-load.d/containerd.conf overlay br_netfilter EOF
modprobe overlay modprobe br_netfilter
lsmod | grep overlay lsmod | grep br_netfilter
部署 Containerd
创建容器工具
wget https://github.com/opencontainers/runc/releases/download/v1.1.4/runc.amd64 install -m 755 runc.amd64 /usr/local/sbin/runc
容器间网络通信
wget https://github.com/containernetworking/plugins/releases/download/v1.2.0/cni-plugins-linux-amd64-v1.2.0.tgz mkdir -p /opt/cni/bin tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.2.0.tgz
Containerd
wget https://github.com/containerd/containerd/releases/download/v1.7.14/containerd-1.7.14-linux-amd64.tar.gz tar Cxzvf /usr/local containerd-1.7.14-linux-amd64.tar.gz wget https://raw.githubusercontent.com/containerd/containerd/main/containerd.service -o /usr/lib/systemd/system/containerd.service systemctl daemon-reload && systemctl enable containerd
mkdir /etc/containerd containerd config default > /etc/containerd/config.toml
cd /etc/containerd/ cp config.toml config.toml.orig vi config.toml [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = true # false 修改为 true [plugins."io.containerd.grpc.v1.cri"] # sandbox_image = "registry.k8s.io/pause:3.8" sandbox_image = "registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.8" [plugins."io.containerd.grpc.v1.cri".registry.mirrors] [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"] endpoint = ["http://mirrors.ustc.edu.cn"] [plugins."io.containerd.grpc.v1.cri".registry.mirrors."*"] endpoint = ["http://hub-mirror.c.163.com"]
systemctl restart containerd netstat -nlput | grep containerd
kubernetes
repo
cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF
kubelet kubeadm kubectl
# yum list kubelet --showduplicates yum install kubelet kubeadm kubectl systemctl enable kubelet