This is the fifth day of my participation in the August More text Challenge. For details, see: August More Text Challenge
This column documented the process of installing k8S Master, which took two weeks, because the tutorials on Baidu were basically not working. The author promises that this article is easy to use, and it is recommended to collect.
1. Preparation
1. Check the environment
Swapoff -a // Disable swap setenforce 0 // Temporarily disable selinuxCopy the codeThe following contents cannot be the same for each machine
Sudo cat/sys/class/dmi/id/product_uuid / / each machine at the same uuid cannot ifconfig - a / / IP cannot be the sameCopy the code2. Open the port
| agreement | The direction of | Port range | role | The user |
|---|---|---|---|---|
| TCP | The inbound | 6443 | Kubernetes API server | All of the components |
| TCP | The inbound | 2379-2380. | Etcd Server client API | kube-apiserver, etcd |
| TCP | The inbound | 10250 | Kubelet API | Kubelet itself, control plane components |
| TCP | The inbound | 10251 | kube-scheduler | Kube – the scheduler itself |
| TCP | The inbound | 10252 | kube-controller-manager | Kube – controller – manager itself |
| TCP | The inbound | 8080 | kubelet | Kubelet itself |
| agreement | The direction of | Port range | role | The user |
|---|---|---|---|---|
| TCP | The inbound | 10250 | Kubelet API | Kubelet itself, control plane components |
| TCP | The inbound | 30000-32767. | NodePort service † | All of the components |
3. Allow iptables to check bridge traffic
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system
Copy the code2. Install
1. Install kubeadm, Kubectl, kubelet
Add mirror cat < < EOF | sudo tee/etc/yum repos. D/kubernetes. '[kubernetes] name = kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 EOF # Sudo setenforce 0 sudo sed -i 's/^ SELinux =enforcing$/ SELinux =permissive/' sudo setenforce 0 sudo sed -i 's/^ SELinux =enforcing$/ SELinux =permissive/' /etc/selinux/config sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes sudo systemctl enable Kubeadm version kubectl version --client kubelet --versionCopy the codeIf the following information is displayed, the installation is successful and the installed version is visible.
2. Install the plug-in
yum -y install socat conntrack-tools
Copy the code3. Change the docker group to systemd
Docker needs to be installed in advance
sudo mkdir /etc/docker
cat <<EOF | sudo tee /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
EOF
sudo systemctl enable docker
sudo systemctl daemon-reload
sudo systemctl restart docker
Copy the code4. K8s pull the required mirror
The kubeadm config images pull command can be used to download the image, but there is a high probability that the connection will fail, so use the Ali image command!
If v1.21.0 is used, the statement can be the same as the owner, otherwise, please pull it according to the above command.
Docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.21.1 docker pull Registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.21.1 docker pull Registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.21.1 docker pull Registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.21.1 docker pull Registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.4.1 docker pull Registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.13-0 docker pull coredns/coredns: 1.8.0 comes withCopy the codeWhen installing k8S, the image with the prefix k8s.gcr. IO will be obtained by default, so change the name of the image downloaded above.
Docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.21.1 k8s. GCR. IO/kube - apiserver: v1.21.1 Docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.21.1 k8s. GCR. IO/kube - proxy: v1.21.1 docker The tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.21.1 K8s. GCR. IO/kube - controller - manager: v1.21.1 docker tag Registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.21.1 k8s. GCR. IO/kube - the scheduler: v1.21.1 docker tag Registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.4.1 k8s. GCR. IO/pause: 3.4.1 track docker tag coredns/coredns: 1.8.0 comes with K8s. GCR. IO/coredns/coredns: v1.8.0 docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.13-0 K8s. GCR. IO/etcd: 3.4.13-0Copy the code5. Install and start
1. Modify the host mapping
vi /etc/hosts
Copy the code
2. Initialize the service
Kubeadm init --apiserver-advertise-address=192.168.44.15 -- pod-neto-cidr =10.244.0.0/16 --kubernetes-version=v1.21.1 |tee kubeadmin-init.logCopy the codeThe following message is displayed: Initialization succeeded
3. Pay attention to
To make kubectl available to non-root users, run the following commands, which are also part of the kubeadm init output:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Copy the codeOr, if you are root, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
Copy the codeIf you want to reinitialize, you can perform kubeadm reset.
6. Installation of flannel
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
Copy the codeIf there is a Connecting to raw.githubusercontent.com refused, can perform vi/etc/hosts add 199.232.96.133 behind raw.githubusercontent.com
7. Verify
kubectl get nodes
Copy the code
8. Exception handling
If NotReady is present, you can run the following statement to determine the server status.
kubectl get nodes -o yaml
Copy the codeMessage: Docker: Network plugin is not ready: CNI Config uninitialized
If the preceding problems occur, view logs.
journalctl -f -u kubelet.service
Copy the codeIf the following log appears.
"Error validating the CNI config list" configList = "{\ n \" name \ ": \" cbr0 \ ", \ n \ "cniVersion \" : \ "0.3.1 \", \ n \ plugins \ "" : [\n {\n \"type\": \"flannel\",\n \"delegate\": {\n \"hairpinMode\": true,\n \"isDefaultGateway\": true\n }\n },\n {\n \"type\": \"portmap\",\n \"capabilities\": {\n \"portMappings\": true\n }\n }\n ]\n}\n" err="[failed to find plugin \"flannel\" in path [/opt/cni/bin] failed to find plugin \"portmap\" in path [/opt/cni/bin]]"Copy the codeRun the following command
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum clean all
yum install kubernetes-cni -y
Copy the code