本文參考官方文檔,采用堆控制層面節(jié)點(diǎn)方式部署高可用集群,etcd組件和控制平面組件都以pod形式部署在master節(jié)點(diǎn)上,利用keepalived實(shí)現(xiàn)api-server組件的高可用訪問
拓?fù)鋱D
k8s.png
準(zhǔn)備工作
資源準(zhǔn)備
k8s-1 192.168.229.131
k8s-2 192.168.229.132
k8s-3 192.168.229.133
VIP: 192.168.229.139
環(huán)境準(zhǔn)備
- 配置主機(jī)名
192.168.229.131上執(zhí)行
hostname k8s-1
192.168.229.132上執(zhí)行
hostname k8s-2
192.168.229.133上執(zhí)行
hostname k8s-3
- 配置hosts(三個(gè)節(jié)點(diǎn)上執(zhí)行)
cat <<EOF > /etc/hosts
k8s-1 192.168.229.131
k8s-2 192.168.229.132
k8s-3 192.168.229.133
EOF
- 禁用swap(三個(gè)節(jié)點(diǎn)上執(zhí)行 )
swapoff -a
- 配置NTP服務(wù)(三個(gè)節(jié)點(diǎn)上執(zhí)行)
systemctl start ntpd
- 調(diào)整內(nèi)核參數(shù)(三個(gè)節(jié)點(diǎn)上執(zhí)行)
- 臨時(shí)修改
sysctl net.bridge.bridge-nf-call-iptables=1
- 永久修改
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p /etc/sysctl.d/k8s.conf
- 配置yum源(三個(gè)節(jié)點(diǎn)上執(zhí)行)
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
- 安裝docker,kubeadm(三個(gè)節(jié)點(diǎn)上執(zhí)行)
yum install -y yum-utils
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum -y install docker-ce docker-ce-selinux kubeadm
- 下載k8s鏡像(三個(gè)節(jié)點(diǎn)上執(zhí)行)
8.1 查看指定版本組件
任意一臺node上執(zhí)行
kubeadm config images list --kubernetes-version=1.18.0
獲取版本組件輸出,如下所示:
images=(
kube-apiserver:v1.18.0
kube-controller-manager:v1.18.0
kube-scheduler:v1.18.0
kube-proxy:v1.18.0
pause:3.2
etcd:3.4.3-0
coredns:1.6.7
)
8.2 下載鏡像
for imageName in ${images[@]} ; do
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
done
安裝部署
安裝keepalived
配置master
192.168.229.131上編輯/etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id k8s-1
}
vrrp_instance VI_1 {
state MASTER
interface eno16777736
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.229.139
}
}
配置backup
192.168.229.132上編輯/etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id k8s-2
}
vrrp_instance VI_1 {
state BACKUP
interface eno16777736
virtual_router_id 50
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.229.139
}
}
192.168.229.133上編輯/etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id k8s-3
}
vrrp_instance VI_1 {
state BACKUP
interface eno16777736
virtual_router_id 50
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.229.139
}
}
啟動keepalived(三個(gè)節(jié)點(diǎn)上執(zhí)行)
systemctl start keepalived
安裝k8s集群master節(jié)點(diǎn)
初始化第一臺master節(jié)點(diǎn)
192.168.229.121上執(zhí)行
kubeadm init --control-plane-endpoint=192.168.229.139:6443 --upload-certs --kubernetes-version=1.18.0 --pod-network-cidr=10.25.0.0/16
執(zhí)行完畢后會輸出添加master節(jié)點(diǎn)和添加worker節(jié)點(diǎn)命令,拷貝復(fù)制
添加其他master節(jié)點(diǎn)
192.168.229.132上執(zhí)行
kubeadm join 192.168.229.139:6443 --token dxznj9.2ckioxsea8yj6e9i \
--discovery-token-ca-cert-hash sha256:6cbf6a8df1edd5921698a8db2ca193a6fe769f5b380ac511d0afec53d7da3ec7 \
--control-plane --certificate-key f0cb3b5efab8d3d1895801b77451b5b9d7e52b74ec031d6cc68623d191aba358
192.168.229.133上執(zhí)行
kubeadm join 192.168.229.139:6443 --token dxznj9.2ckioxsea8yj6e9i \
--discovery-token-ca-cert-hash sha256:6cbf6a8df1edd5921698a8db2ca193a6fe769f5b380ac511d0afec53d7da3ec7 \
--control-plane --certificate-key f0cb3b5efab8d3d1895801b77451b5b9d7e52b74ec031d6cc68623d191aba358
kubectl配置(任意一臺master節(jié)點(diǎn)執(zhí)行)
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
安裝flannel網(wǎng)絡(luò)插件
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
查看集群狀態(tài)
[root@k8s-1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-1 Ready master 94d v1.18.3
k8s-2 Ready master 94d v1.18.3
k8s-3 Ready master 94d v1.18.3
查看master節(jié)點(diǎn)組件狀態(tài)
[root@k8s-1 ~]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-66bff467f8-mtxxf 1/1 Running 15 90d
coredns-66bff467f8-p78fx 1/1 Running 15 90d
etcd-k8s-1 1/1 Running 32 89d
etcd-k8s-2 1/1 Running 25 89d
etcd-k8s-3 1/1 Running 26 89d
kube-apiserver-k8s-1 1/1 Running 33 89d
kube-apiserver-k8s-2 1/1 Running 28 89d
kube-apiserver-k8s-3 1/1 Running 29 89d
kube-controller-manager-k8s-1 1/1 Running 19 89d
kube-controller-manager-k8s-2 1/1 Running 21 89d
kube-controller-manager-k8s-3 1/1 Running 21 89d
kube-flannel-ds-amd64-kfdt6 1/1 Running 22 94d
kube-flannel-ds-amd64-qfq7d 1/1 Running 23 94d
kube-flannel-ds-amd64-wpt6t 1/1 Running 25 94d
kube-proxy-8k46v 1/1 Running 19 94d
kube-proxy-cdrfl 1/1 Running 16 94d
kube-proxy-lj2bm 1/1 Running 20 94d
kube-scheduler-k8s-1 1/1 Running 19 89d
kube-scheduler-k8s-2 1/1 Running 20 89d
kube-scheduler-k8s-3 1/1 Running 20 89d
