1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
| # 1. 关闭swap
sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
# 2. 配置内核参数
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
# 3. 配置sysctl参数
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --system
# 4. 安装基础依赖
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl gnupg lsb-release
|
containerd
1
2
3
4
5
6
7
8
| # 安装容器运行时
sudo apt-get update
sudo apt-get install -y containerd
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
sudo systemctl restart containerd
sudo systemctl enable containerd
|
1
2
3
4
5
6
7
8
9
10
11
12
13
| # 创建必要的目录
sudo mkdir -p /etc/apt/keyrings/
# 重新下载并安装密钥
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
# 添加仓库源
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
# 更新包列表并安装
sudo apt-get update
sudo apt-get install -y kubelet=1.32.3-1.1 kubeadm=1.32.3-1.1 kubectl=1.32.3-1.1
sudo apt-mark hold kubelet kubeadm kubectl
|
1
2
3
4
5
6
| sudo ctr images pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.10
sudo kubeadm init \
--pod-network-cidr=10.244.0.0/16 \
--image-repository=registry.aliyuncs.com/google_containers \
--kubernetes-version=v1.32.9
|
1
2
3
4
5
6
7
8
| # 创建 .kube 目录
mkdir -p $HOME/.kube
# 复制集群配置文件
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# 设置正确的文件权限
sudo chown $(id -u):$(id -g) $HOME/.kube/config
|
1
2
| # 安装 Flannel 网络插件
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
| # 1. 检查节点状态(应该显示 Ready)
echo "=== 节点状态 ==="
kubectl get nodes
# 2. 检查核心 Pod(所有应该都是 Running)
echo "=== 系统 Pod 状态 ==="
kubectl get pods -n kube-system
# 3. 检查集群信息
echo "=== 集群信息 ==="
kubectl cluster-info
# 4. 检查网络插件
echo "=== 网络插件 ==="
kubectl get daemonset -n kube-system
# 5. 检查服务
echo "=== 服务状态 ==="
kubectl get svc -n kube-system
|
加入集群的命令:
1
2
| kubeadm join 192.168.31.57:6443 --token p2x3iv.n078gchdqe6el87s \
--discovery-token-ca-cert-hash sha256:af9cdd640b60ca3040933efca26640d4baac1ace352bda339ee673ce210978d8
|
解决工作节点的镜像问题
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
| #!/bin/bash
echo "=== 修复工作节点镜像拉取问题 ==="
# 停止服务
sudo systemctl stop kubelet
sudo systemctl stop containerd
# 配置 containerd 使用国内镜像源
sudo mkdir -p /etc/containerd
sudo tee /etc/containerd/config.toml > /dev/null << 'EOF'
version = 2
[plugins]
[plugins."io.containerd.grpc.v1.cri"]
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.10"
[plugins."io.containerd.grpc.v1.cri".containerd]
snapshotter = "overlayfs"
EOF
# 重启 containerd
sudo systemctl daemon-reload
sudo systemctl start containerd
# 手动拉取必要镜像
echo "拉取必要镜像..."
sudo ctr images pull registry.aliyuncs.com/google_containers/pause:3.10
sudo ctr images tag registry.aliyuncs.com/google_containers/pause:3.10 registry.k8s.io/pause:3.10
sudo ctr images pull registry.aliyuncs.com/google_containers/flannel:v0.23.0
sudo ctr images tag registry.aliyuncs.com/google_containers/flannel:v0.23.0 docker.io/flannel/flannel:v0.23.0
# 重启 kubelet
sudo systemctl start kubelet
echo "=== 修复完成,请等待几分钟后检查节点状态 ==="
echo "在控制平面运行: kubectl get nodes"
echo "检查 Flannel Pod: kubectl get pods -n kube-flannel -o wide"
|
安装docker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| # 更新 apt 包索引
sudo apt-get update
# 安装依赖包
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg \
lsb-release
# 添加 Docker 的官方 GPG 密钥
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
# 设置稳定版仓库
echo \
"deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# 安装 Docker
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io
|
docker镜像加速
1
2
3
4
5
6
7
8
9
10
| sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json << 'EOF'
{
"registry-mirrors": [
"https://dockerproxy.cn",
"https://docker.m.daocloud.io",
"https://docker.1ms.run"
]
}
EOF
|
修改docker 作为后台
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| # 编辑 kubelet 配置
sudo mkdir -p /var/lib/kubelet
sudo tee /var/lib/kubelet/config.yaml > /dev/null << 'EOF'
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
clusterDNS:
- 10.96.0.10
clusterDomain: cluster.local
containerRuntimeEndpoint: "unix:///var/run/dockershim.sock"
staticPodPath: /etc/kubernetes/manifests
EOF
# 重启 kubelet
sudo systemctl daemon-reload
sudo systemctl restart kubelet
|
ctr images pull docker.io/library/httpd:latest –hosts-dir=/etc/containerd/certs.d