docker linux k8s kubeadm

一. 安装docker

1.添加yum国内依赖

yum -y install yum-utils
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

2.安装docker

yum -y install docker-ce docker-ce-cli containerd.io

3.启动docker

systemctl start docker

4.添加开机自启

systemctl enable docker

二.安装k8s

1.配置k8s 国内yum源

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
setenforce 0
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet

或者

## 新建k8s.repo文件
vim /etc/yum.repo.d/k8s.repo
## 添加下面内容
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

2.安装kubeadm,kubelet, kubectl

yum install -y kubelet kubernetes-cni kubeadm
# 设置开机自启并立即启动
systemctl enable kubelet
systemctl start kubelet

3.配置kubeadm.yml并下载所需镜像

vim kubeadm.yaml

apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
kubernetesVersion: v1.19.3
imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers
networking:serviceSubnet: "10.96.0.0/12"podSubnet: "10.244.0.0/16"

拉取镜像（可能需要先修改主机名：hostnamectl set-hostname young）

kubeadm --config kubeadm.yaml config images pull

4.修改镜像tag(注意版本，按照你的版本修改)


docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.19.3 k8s.gcr.io/kube-apiserver:v1.19.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.19.3 k8s.gcr.io/kube-controller-manager:v1.19.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.19.3 k8s.gcr.io/kube-scheduler:v1.19.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.19.3 k8s.gcr.io/kube-proxy:v1.19.3
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2 k8s.gcr.io/pause:3.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.13-0 k8s.gcr.io/etcd:3.4.13-0
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.7.0 k8s.gcr.io/coredns:1.7.0

5.初始化k8s集群（注意版本）

sudo swapoff -akubeadm init --kubernetes-version=1.19.3 --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=NumCPU

6.配置环境变量

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

7.安装配置网络

docker pull quay.io/coreos/flannel:v0.13.0

kube-flannel.ym内容如下

apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:name: psp.flannel.unprivilegedannotations:seccomp.security.alpha.kubernetes.io/allowedProfileNames: docker/defaultseccomp.security.alpha.kubernetes.io/defaultProfileName: docker/defaultapparmor.security.beta.kubernetes.io/allowedProfileNames: runtime/defaultapparmor.security.beta.kubernetes.io/defaultProfileName: runtime/default
spec:privileged: falsevolumes:- configMap- secret- emptyDir- hostPathallowedHostPaths:- pathPrefix: "/etc/cni/net.d"- pathPrefix: "/etc/kube-flannel"- pathPrefix: "/run/flannel"readOnlyRootFilesystem: false# Users and groupsrunAsUser:rule: RunAsAnysupplementalGroups:rule: RunAsAnyfsGroup:rule: RunAsAny# Privilege EscalationallowPrivilegeEscalation: falsedefaultAllowPrivilegeEscalation: false# CapabilitiesallowedCapabilities: ['NET_ADMIN', 'NET_RAW']defaultAddCapabilities: []requiredDropCapabilities: []# Host namespaceshostPID: falsehostIPC: falsehostNetwork: truehostPorts:- min: 0max: 65535# SELinuxseLinux:# SELinux is unused in CaaSPrule: 'RunAsAny'
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: flannel
rules:
- apiGroups: ['extensions']resources: ['podsecuritypolicies']verbs: ['use']resourceNames: ['psp.flannel.unprivileged']
- apiGroups:- ""resources:- podsverbs:- get
- apiGroups:- ""resources:- nodesverbs:- list- watch
- apiGroups:- ""resources:- nodes/statusverbs:- patch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: flannel
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: flannel
subjects:
- kind: ServiceAccountname: flannelnamespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:name: flannelnamespace: kube-system
---
kind: ConfigMap
apiVersion: v1
metadata:name: kube-flannel-cfgnamespace: kube-systemlabels:tier: nodeapp: flannel
data:cni-conf.json: |{"name": "cbr0","cniVersion": "0.3.1","plugins": [{"type": "flannel","delegate": {"hairpinMode": true,"isDefaultGateway": true}},{"type": "portmap","capabilities": {"portMappings": true}}]}net-conf.json: |{"Network": "10.244.0.0/16","Backend": {"Type": "vxlan"}}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:name: kube-flannel-dsnamespace: kube-systemlabels:tier: nodeapp: flannel
spec:selector:matchLabels:app: flanneltemplate:metadata:labels:tier: nodeapp: flannelspec:affinity:nodeAffinity:requiredDuringSchedulingIgnoredDuringExecution:nodeSelectorTerms:- matchExpressions:- key: kubernetes.io/osoperator: Invalues:- linuxhostNetwork: truepriorityClassName: system-node-criticaltolerations:- operator: Existseffect: NoScheduleserviceAccountName: flannelinitContainers:- name: install-cniimage: quay.io/coreos/flannel:v0.13.0command:- cpargs:- -f- /etc/kube-flannel/cni-conf.json- /etc/cni/net.d/10-flannel.conflistvolumeMounts:- name: cnimountPath: /etc/cni/net.d- name: flannel-cfgmountPath: /etc/kube-flannel/containers:- name: kube-flannelimage: quay.io/coreos/flannel:v0.13.0command:- /opt/bin/flanneldargs:- --ip-masq- --kube-subnet-mgrresources:requests:cpu: "100m"memory: "50Mi"limits:cpu: "100m"memory: "50Mi"securityContext:privileged: falsecapabilities:add: ["NET_ADMIN", "NET_RAW"]env:- name: POD_NAMEvalueFrom:fieldRef:fieldPath: metadata.name- name: POD_NAMESPACEvalueFrom:fieldRef:fieldPath: metadata.namespacevolumeMounts:- name: runmountPath: /run/flannel- name: flannel-cfgmountPath: /etc/kube-flannel/volumes:- name: runhostPath:path: /run/flannel- name: cnihostPath:path: /etc/cni/net.d- name: flannel-cfgconfigMap:name: kube-flannel-cfg

kubectl apply -f kube-flannel.yml

8.配置master节点可调度（默认master节点不可调度，即不可运行pod）

kubectl taint nodes --all node-role.kubernetes.io/master-

docker linux k8s kubeadm相关推荐

工作用到的 cmd git docker linux redis k8s 命令
工作用到的 cmd git docker linux redis k8s 命令 cmd git docker 常用命令保存镜像加载镜像 pom 文件配置打包到容器的内容容器和服务器间拷贝文件 l ...
Linux操作系统学习笔记（三十）docker和k8s的恩怨情仇
一. 简介之前聊天发现很多小伙伴对docker和k8s了解甚少,所以决定分享一下在docker和k8s背后这些年容器发展的故事,谈不上以史为鉴,但是至少可以从中汲取经验教训,同时也能了解容器及容 ...
【尚硅谷云原生Java架构师的第一课 4 2021-09-28】KubeSphere三种安装，docker，k8s，nfs安装，metrics。KubeKey一键单多节点安装。
1.KubeSphere https://www.yuque.com/leifengyang/oncloud/gz1sls 介绍 sphere 英 /sfɪə(r)/ n. (活动.兴趣.专业知识的) ...
docker、k8s 简介
2010年,几个搞IT的年轻人,在美国旧金山成立了一家名叫"dotCloud"的公司. 这家公司主要提供基于PaaS的云计算技术服务.具体来说,是和LXC有关的容器技术. LXC, ...
已解决：centos 7.x系统自带的3.10.x内核存在一些bugs，导致运行docker、k8s不稳定，需要升级内核解决此问题。
1.问题描述 Docker 要求 CentOS 系统的内核版本高于 3.10,因为centos 7.x系统自带的3.10.x内核存在一些bugs,导致运行docker.k8s不稳定. 2.问题分析升 ...
干货满满！10分钟看懂Docker和K8S（转）
转载地址:https://my.oschina.net/jamesview/blog/2994112 2010年,几个搞IT的年轻人,在美国旧金山成立了一家名叫"dotCloud" ...
docker和k8s发展史--理解oci/cri/cni/docker swarm/containerd/runc/dockershim
1. docker和k8s的爱恨情仇 1.1 PaaS的普及和难点 2013年,伴随着 PaaS 概念的逐步普及,以 Cloud Foundry 为代表的经典 PaaS 项目,开始进入基础设施领域的视 ...
云计算：OpenStack、Docker、K8S（Kubernetes容器编排工具）的演进史 | 附推荐阅读
目录引子 OpenStack 的诞生 OpenStack 是什么 Docker 的出现 K8S(Kubernetes) - 为 Docker 而生推荐阅读引子作为一名程序员,设计程序架构.优化 ...
docker swarm k8s比较_Docker 图形化管理又有更新了
1. 前言您是否还在命令行窗口中来监视 Docker 容器?乐此不彼地敲着 Docker 相关的命令,虽然这些命令并不是很复杂.今天介绍几款 Docker 的 GUI 监视工具来解放你的双手,把它们 ...

docker linux k8s kubeadm

一. 安装docker

1.添加yum国内依赖

2.安装docker

3.启动docker

4.添加开机自启

二.安装k8s

1.配置k8s 国内yum源

2.安装kubeadm,kubelet, kubectl

3.配置kubeadm.yml并下载所需镜像

4.修改镜像tag(注意版本，按照你的版本修改)

5.初始化k8s集群（注意版本）

6.配置环境变量

7.安装配置网络

8.配置master节点可调度（默认master节点不可调度，即不可运行pod）

docker linux k8s kubeadm相关推荐

最新文章

热门文章