k8s二进制文件部署

版本

k8s: 1.19

docker:19.03

集群规划

机器 ip 分配节点
172.16.100.92 172.16.100.92 etcd,api-server,kube-controller,kube-scheduler
172.16.100.63 172.16.100.63 docker,kube-proxy,kubelet
172.16.100.64 172.16.100.64 docker,kube-proxy,kubelet
172.16.100.71 172.16.100.71 docker,kube-proxy,kubelet

先在服务器安装etcd服务

服务器的 selinux 最好要要关掉

1
2
3
$ vi /etc/selinux/config
# 修改 SELINUX=disabled	
$ reboot

下载地址

https://github.com/kubernetes/kubernetes/releases

找到对应的版本点击 CHANGELOG 下载对应操作系统的压缩包

1.19版本

https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.19.md

下载Server Binaries文件

kubernetes-server-linux-amd64.tar

下载完成解压出来,二进制可执行文件在 kubernetes\server\bin 目录

安装 kube-apiserver

kube-apiserver 上传到服务器

新建服务服务文件

vim /usr/lib/systemd/system/kube-apiserver.service 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[Unit]
Description=k8sapiserver
Documentation=k8sapiserver
After=etcd.server
Wants=etcd.server

[Service]
EnvironmentFile=/soyuan/k8s/api-server/apiserver
ExecStart=/usr/local/bin/kube-apiserver $KUBE_API_ADDRESS $KUBE_ETCD_SERVERS $KUBE_SERVICE_ADDRESSES $KUBE_ADMISSION_CONTROL $KUBE_API_ARGS
Restart=failure
Type=notify
LimitNOFILE=65536


[Install]
WantedBy=multi-user.target

EnvironmentFile 配置文件 /soyuan/k8s/api-server/apiserver

1
2
3
4
5
KUBE_API_ADDRESS=" --insecure-bind-address=0.0.0.0 --insecure-port=8080 --logtostderr=false --log-dir=/soyuan/k8s/api-server/logs --v=0"
KUBE_ETCD_SERVERS=" --etcd-servers=http://172.16.100.92:2379"
KUBE_SERVICE_ADDRESSES=" --service-cluster-ip-range=10.254.0.0/16 --service-node-port-range=1-65535"
KUBE_ADMISSION_CONTROL=" --admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota,ServiceAccount"
KUBE_API_ARGS=""

启动 kube-apiserver

1
2
3
4
5
6
7
8
# 重新加载系统服务文件
$ systemctl daemon-reload
# 启动api-server
$ systemctl start kube-apiserver
# 查看状态
$ systemctl status kube-apiserver
# 设置开机启动
$ systemctl enable kube-apiserver

安装kube-controller-manager

kube-controller-manager 上传到服务器

vim /usr/lib/systemd/system/kube-controller-manager.service 

1
2
3
4
5
6
7
8
9
10
11
12
13
[Unit]
Description=controller manager
After=kube-apiserver.service
Requires=kube-apiserver.service

[Service]
EnvironmentFile=/soyuan/k8s/kube-controller-manager/controller-manager
ExecStart=/usr/local/bin/kube-controller-manager $KUBE_CONTROLLER_MANAGER_AGE
Restart=on-failure
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target

EnvironmentFile 配置文件 /soyuan/k8s/kube-controller-manager/controller-manager

1
KUBE_CONTROLLER_MANAGER_AGE="--master=http://172.16.100.92:8080 --service-account-private-key-file=/soyuan/k8s/172.16.100.92.key --logtostderr=false --log-dir=/soyuan/k8s/controller-manager/logs --v=0"

启动kube-controller-manager服务

1
2
3
4
5
6
7
8
# 重新加载系统服务文件
$ systemctl daemon-reload
# 启动服务
$ systemctl start kube-controller-manager
# 查看服务状态
$ systemctl status kube-controller-manager
# 设置开机启动
$ systemctl enable kube-controller-manager

安装kube-scheduler服务

kube-scheduler 上传到服务器

vim /usr/lib/systemd/system/kube-scheduler.service

1
2
3
4
5
6
7
8
9
10
11
12
13
[Unit]
Description=Kubernetes Scheduler
After=kube-apiserver.service 
Requires=kube-apiserver.service

[Service]
EnvironmentFile=/soyuan/k8s/kube-scheduler/scheduler
ExecStart=/usr/local/bin/kube-scheduler $KUBE_MASTER $KUBE_SCHEDULER_ARGS
Restart=on-failure
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target

EnvironmentFile 配置文件 /soyuan/k8s/kube-scheduler/scheduler

1
2
KUBE_MASTER="--master=http://172.16.100.92:8080"
KUBE_SCHEDULER_ARGS="--logtostderr=true --log-dir=/soyuan/k8s/kube-schduler/logs --v=2"

启动kube-scheduler服务

1
2
3
4
5
6
7
8
# 重新加载系统服务文件
$ systemctl daemon-reload
# 启动服务
$ systemctl start kube-scheduler
# 查看服务状态
$ systemctl status kube-scheduler
# 设置开机启动
$ systemctl enable kube-scheduler

在node节点安装kube-proxy

vim /usr/lib/systemd/system/kube-proxy.service

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
[Unit]
Description=Kubernetes Kube-Proxy Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=network.target
 
[Service]
EnvironmentFile=/soyuan/k8s/kube-node/config
EnvironmentFile=/soyuan/k8s/kube-node/proxy
ExecStart=/usr/local/bin/kube-proxy \
            $KUBE_LOGTOSTDERR \
            $KUBE_LOG_LEVEL \
            $KUBE_MASTER \
            $KUBE_PROXY_ARGS
Restart=on-failure
LimitNOFILE=65536
 
[Install]
WantedBy=multi-user.target

EnvironmentFile 配置文件

/soyuan/k8s/kube-node/config

1
2
3
4
KUBE_LOGTOSTDERR="--logtostderr=true"
KUBE_LOG_LEVEL="--v=0"
KUBE_ALLOW_PRIV="--allow_privileged=false"
KUBE_MASTER="--master=http://172.16.100.92:8080 --kubeconfig /opt/k8s/kubeconfig"

/soyuan/k8s/kube-node/proxy

1
KUBE_PROXY_ARGS=""

可以再 KUBE_PROXY_ARGS 变量中增加启动可选参数

启动kube-proxy服务

1
2
3
4
5
6
7
8
# 重新加载系统服务文件
$ systemctl daemon-reload
# 启动服务
$ systemctl start kube-proxy
# 查看服务状态
$ systemctl status kube-proxy
# 设置开机启动
$ systemctl enable kube-proxy

在node节点安装kubelet

机器必须先按照docker

vim /usr/lib/systemd/system/kubelet.service

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
[Unit]
Description=Kubernetes Kubelet Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=docker.service
Requires=docker.service
 
[Service]
WorkingDirectory=/soyuan/k8s/kube-node/kubelet
EnvironmentFile=/soyuan/k8s/kube-node/kubeletenv
ExecStart=/usr/local/bin/kubelet $KUBELET_ARGS
Restart=on-failure
KillMode=process
 
[Install]
WantedBy=multi-user.target

EnvironmentFile 配置文件

/soyuan/k8s/kube-node/kubeletenv

1
KUBELET_ARGS="--enable-server=true --enable-debugging-handlers=true --fail-swap-on=false --kubeconfig=/soyuan/k8s/kube-node/kubeconfig --hostname-override=kube-master  --cluster-dns=172.16.100.92 --cluster-domain=kube-master --certificate-authority=/soyuan/k8s/ssl/ca.crt"

/soyuan/k8s/kube-node/kubeconfig

1
2
3
4
5
6
7
8
9
10
11
12
13
14
apiVersion: v1
kind: Config
users:
- name: kubelet
clusters:
- name: kubernetes
  cluster:
    server: http://172.16.100.92:8080
contexts:
- context:
    cluster: kubernetes
    user: kubelet
  name: service-account-context
current-context: service-account-context

启动kebulet服务

1
2
3
4
5
6
7
8
9
10
# 重新加载系统服务文件
$ systemctl daemon-reload
# 创建工作目录
$ mkdir -p /soyuan/k8s/kube-node/kubelet
# 启动服务
$ systemctl start kubelet
# 查看服务状态
$ systemctl status kubelet
# 设置开机启动
$ systemctl enable kubelet

导入docker 基础镜像

kubelet 运行时需要基础镜像,需要先下载,因为默认镜像下载地址需要翻墙,所以得自己手动下载。

查看需要的镜像文件列表

kubeadm config images list

从阿里云下载镜像,然后再把镜像名称改成k8s需要的

vim pullk8s.sh

1
2
3
4
5
6
for i in `kubeadm config images list`; do
        imageName=${i#k8s.gcr.io/}
        docker pull registry.aliyuncs.com/google_containers/$imageName
        docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
        docker rmi registry.aliyuncs.com/google_containers/$imageName
done;

sh ./pullk8s.sh

下载完成如下图

域名修改

每个注册上来的node的 hostname-overridemaster要配置hosts节点

k8s
#运维 #k8s
k8s二进制文件部署
https://zhaops-hub.github.io/2021/11/24/k8s/k8s二进制文件部署/
作者
赵培胜
发布于
2021年11月24日
许可协议