1. 安装 docker
    yum -y install yum-utils
    yum-config-manager \
    --add-repo \
    http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
    yum -y install docker-ce
    systemctl start docker
  2. 系统配置
    1. 关闭 selinux
      setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
    2. 关闭 swap分区
      swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
    3. 关闭防火墙
      systemctl stop firewalld
    4. 修改内核的运行参数
      cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
      net.bridge.bridge-nf-call-iptables  = 1
      net.ipv4.ip_forward                 = 1
      net.bridge.bridge-nf-call-ip6tables = 1
      EOF
      sysctl --system
  3. 安装 k8s
    cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
    [kubernetes]
    name=Kubernetes
    baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
    enabled=1
    gpgcheck=1
    repo_gpgcheck=1
    gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
    EOF
    yum -y install kubelet kubeadm kubectl
    systemctl start kubelet
  4. 下载镜像
    1. 查看
      kubeadm config images list
    2. coredns
      docker pull coredns/coredns:1.x.x
      docker tag coredns/coredns:x.x.x registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:v1.x.x
      docker image rm coredns/coredns:1.x.x
  5. 初始化
    kubeadm init --image-repository registry.cn-hangzhou.aliyuncs.com/google_containers \
       --pod-network-cidr 10.244.0.0/16 \
       --v 5 \
       --ignore-preflight-errors=all
  6. 创建配置文件
    mkdir -p $HOME/.kube
    cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
    chown $(id -u):$(id -g) $HOME/.kube/config
  7. 安装 flannel
    kubectl create -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
  8. 配置 master 节点调度 pod
    kubectl taint nodes --all node-role.kubernetes.io/master-
  9. 配置 dashboard
    wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta4/aio/deploy/recommended.yaml
    vi recommended.yaml
    ...
    kind: Service
    apiVersion: v1
    metadata:
    labels:
     k8s-app: kubernetes-dashboard
    name: kubernetes-dashboard
    namespace: kubernetes-dashboard
    spec:
    type: NodePort      # 新增 type 类型为 NodePort
    ports:
     - port: 443
       targetPort: 8443
       nodePort: 30002   # 设置 nodeport 端口
    selector:
     k8s-app: kubernetes-dashboard
    ...
    kubectl apply -f recommended.yaml
    kubectl create serviceaccount admin
    kubectl create clusterrolebinding dash-admin --clusterrole=cluster-admin --serviceaccount=default:admin
    secret=$(kubectl get sa admin -o jsonpath='{.secrets[0].name}')
    kubectl get secret $secret -o go-template='{{ .data.token | base64decode }}'
    kubectl get pod -n kubernetes-dashboard -o wide
  10. 访问 dashboard
    1. chrome 解除访问不安全链接的限制
      thisisunsafe
    2. 访问地址
      https://k8s的主机ip:nodePort端口
文档更新时间: 2021-11-26 10:59   作者:lee