Kubeadm installs K8S and Token updates

System software environment preset

1.1 set the hosts

Vi /etc/hosts Add 127.0.0.1 vm210Copy the code

1.2 Disabling the Firewall

[root@vm210 ~]# systemctl stop firewalld
[root@vm210 ~]# systemctl disable firewalld
[root@vm210 ~]# systemctl status firewalld
Copy the code

1.3 installation docker

Use yum to install, skip if already installed

yum -y install docker

1.4 Configuring the Yum Source

Vi/etc/yum. Repos. D/kubernetes. 'to join the following [kubernetes] name = kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=0Copy the code

1.5 set SELinux

Run the vi /etc/selinux/config command to add selinux =disabled. Comment out selinux =enforcing,SELINUXTYPE=targetedCopy the code

1.6 Disabling the Swap Memory

Using swap affects performance. Kubelet disable swap

• System level temporary shutdown

Swapoff-a: the value becomes invalid after restart

• The system level is shut down

Vi /etc/fstab, comment out the swap line, and you need to restart it. It does not become invalid after restartCopy the code

1.7 set up iptables

Fixed an issue with iptables causing traffic to be improperly routed

cat <<EOF >  /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
Copy the code

Install kubeadm on the Master node

2.1 Install kubelet, kubeadm and kubectl

yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
systemctl enable --now kubelet
Copy the code

2.2 start the docker

systemctl enable docker && systemctl start docker
Copy the code

2.3 Downloading an Image file

for i in `kubeadm config images list`; do 
  imageName=${i#k8s.gcr.io/}
  docker pull registry.aliyuncs.com/google_containers/$imageName
  docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
  docker rmi registry.aliyuncs.com/google_containers/$imageName
done;
Copy the code

2.4 Change kubelet parameters

KUBELET_EXTRA_ARGS=--cgroup-driver=systemdCopy the code

2.5 Kubeadm Initialization

Kubeadm init --pod-network-cidr=10.244.0.0./16 --service-cidr=10.1.0.0/16 you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one  of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root: Kubeadm join 192.168.159.210:6443 --token ct4248.2egr8dv9k4avqul7 \ --discovery-token-ca-cert-hash sha256:4ca4f6835e9cd70b43be16b81d8340876dca0e064c6168342c140140d17f449bCopy the code

The last command needs to be executed in the Node node to join the K8S clusterCopy the code

Run the following command as prompted

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config
Copy the code

Kubeadm is installed on three nodes

3.1 Installing kubeadm kubelet

yum -y install kubeadm kubelet

3.2 start the docker

systemctl enable docker && systemctl start docker
Copy the code

3.3 Downloading an Image file

for i in `kubeadm config images list`; do 
  imageName=${i#k8s.gcr.io/}
  docker pull registry.aliyuncs.com/google_containers/$imageName
  docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
  docker rmi registry.aliyuncs.com/google_containers/$imageName
done;
Copy the code

3.4 Changing kubelet parameters

KUBELET_EXTRA_ARGS=--cgroup-driver=systemdCopy the code

3.5 to join the master

The token comes from the result of kubeinit on the master node

Kubeadm join 192.168.159.210:6443 --token ct4248.2egr8dv9k4avqul7 \ --discovery-token-ca-cert-hash sha256:4ca4f6835e9cd70b43be16b81d8340876dca0e064c6168342c140140d17f449bCopy the code

Install network plug-ins

4.1 the calico

Kubectl apply -f https://docs.projectcalico.org/v3.8/manifests/calico.yamlCopy the code

4.2 flannel

kubectl apply -f https://github.com/coreos/flannel/blob/master/Documentation/kube-flannel.yml
Copy the code

Note that the cidR set in flanenl is the same as the CIDR set in kubeadm init.

5 Adding a Node (Token Forgotten)

5.1 Obtaining the K8S Version of the Cluster

$kubectl get nodes NAME STATUS ROLES AGE VERSION node41 Ready < None > 95D v1.19.3node42 Ready < None > 95D v1.19.3node45 Ready < None > 38s v1.19.3 Node46 Ready Master 95D v1.19.3Copy the code

The version is 1.19.3

5.2 Installing Kubelet and Kubeadm (Corresponding Versions)

# find version $yum list kubelet - showduplicate | grep 1.19.3 kubelet. X86_64 1.19.3 0 @ kubernetes kubelet. X86_64 1.19.3-0 Kubernetes $yum list kubeadm - showduplicate | grep 1.19.3 kubeadm. X86_64 1.19.3 0 @ kubernetes kubeadm. X86_64 1.19.3-0 Kubernetes $yum install -y kubeadm-1.19.3-0 kubelet-1.19.3-0Copy the code

5.3 access token

# # $kubeadm token create to regenerate the token list token kubeadm token list | awk -f "" '{print $1}' | tail - n 1Copy the code

5.4 Obtaining the Hash Value of the CA Public Key

openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256  -hex | sed 's/^ .* //'Copy the code

5.5 Adding a Node to a Cluster

Kubeadm join 192.168.40.8:6443 --token Token --discovery-token-ca-cert-hash SHA256: Hash valueCopy the code