[关闭]
@zhangyy 2021-07-05T14:10:05.000000Z 字数 6051 阅读 161

k8s1.20.x 二进制高可用部署

kubernetes架构系列



一:系统环境初始化

1.1 系统环境

  1. 系统:
  2. centos7.9x64-1
  3. 主机名:
  4. cat /etc/hosts
  5. ----
  6. 192.168.100.11 k8s-master01
  7. 192.168.100.12 k8s-master02
  8. 192.168.100.13 k8s-master03
  9. 192.168.100.100 k8s-master-lb
  10. 192.168.100.14 k8s-node01
  11. 192.168.100.15 k8s-node02
  12. 192.168.100.16 k8s-node03
  13. ----
  14. k8s 1.20.x 高可用

image_1f9q6tmoo1om114ar1mv918k812au9.png-529.5kB


1.2 系统环境初始化

  1. 所有节点关闭firewalld dnsmasqselinux(NetworkManager):
  2. systemctl disable --now firewalld
  3. systemctl disable --now dnsmasq
  4. setenforce 0
  5. 所有节点关闭swap分区:
  6. swapoff -a && sysctl -w vm.swappiness=0

image_1f9o1u0pln3d11vl1i9015sk5qr9.png-50.1kB

  1. 时间服务器:
  2. vim /etc/chrony.conf
  3. ----
  4. service ntp1.aliyun.com iburst
  5. ----
  6. service chronyd stop
  7. service chronyd start
  8. chronyc sources -v

image_1f9o2140g1rq6rfau305rtpmkm.png-143.1kB

  1. 所有节点安装基本工具
  2. yum install wget jq psmisc vim net-tools yum-utils device-mapper-persistent-data lvm2 git -y

image_1f9o28g491ubrlgo6b111at2av1j.png-157.7kB

  1. 下载所需要文件:
  2. git clone https://github.com/dotbalo/k8s-ha-install.git
  3. git branch -a
  4. git checkout manual-installation-v1.20.x

image_1f9qanupp1415t101jb71kl11gup.png-102.3kB

image_1f9qaojr51ntk1g76imdpp8lu416.png-187.1kB

image_1f9qap2f7143eifk19kk7vg11nj1j.png-54.4kB

1.3 安装 源所需准备

  1. centos7的源安装: 【全部节点】
  2. curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
  3. yum install -y yum-utils device-mapper-persistent-data lvm2
  4. yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

image_1f9qavv649i616mc174tp0cs1u2d.png-191.3kB

  1. CentOS 8 安装源如下:
  2. curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo
  3. yum makecache
  4. yum install -y yum-utils device-mapper-persistent-data lvm2
  1. 所有节点安装ipvs
  2. yum install ipvsadm ipset sysstat conntrack libseccomp -y

image_1f9qbbumiq0vilf3en1k7d1ngh2q.png-161.1kB

  1. vim /etc/modules-load.d/ipvs.conf
  2. ip_vs
  3. ip_vs_lc
  4. ip_vs_wlc
  5. ip_vs_rr
  6. ip_vs_wrr
  7. ip_vs_lblc
  8. ip_vs_lblcr
  9. ip_vs_dh
  10. ip_vs_sh
  11. ip_vs_fo
  12. ip_vs_nq
  13. ip_vs_sed
  14. ip_vs_ftp
  15. ip_vs_sh
  16. nf_conntrack_ipv4
  17. ip_tables
  18. ip_set
  19. xt_set
  20. ipt_set
  21. ipt_rpfilter
  22. ipt_REJECT
  23. ipip
  24. sysctl -p
  25. systemctl enable --now systemd-modules-load.service
  26. reboot 重启所有机器

image_1f9qctd4i1l9v17r4516451pq937.png-153.6kB

1.5 系统句柄准备

  1. cat <<EOF > /etc/sysctl.d/k8s.conf
  2. net.ipv4.ip_forward = 1
  3. net.bridge.bridge-nf-call-iptables = 1
  4. fs.may_detach_mounts = 1
  5. vm.overcommit_memory=1
  6. vm.panic_on_oom=0
  7. fs.inotify.max_user_watches=89100
  8. fs.file-max=52706963
  9. fs.nr_open=52706963
  10. net.netfilter.nf_conntrack_max=2310720
  11. net.ipv4.tcp_keepalive_time = 600
  12. net.ipv4.tcp_keepalive_probes = 3
  13. net.ipv4.tcp_keepalive_intvl =15
  14. net.ipv4.tcp_max_tw_buckets = 36000
  15. net.ipv4.tcp_tw_reuse = 1
  16. net.ipv4.tcp_max_orphans = 327680
  17. net.ipv4.tcp_orphan_retries = 3
  18. net.ipv4.tcp_syncookies = 1
  19. net.ipv4.tcp_max_syn_backlog = 16384
  20. net.ipv4.ip_conntrack_max = 65536
  21. net.ipv4.tcp_max_syn_backlog = 16384
  22. net.ipv4.tcp_timestamps = 0
  23. net.core.somaxconn = 16384
  24. EOF
  25. sysctl --system

image_1f9qd2mu12j199g7brlokc923k.png-157.6kB

1.5 系统内核升级准备

  1. 如需内核升级,可以按需操作:
  2. CentOS7 需要升级内核至4.18+
  3. https://www.kernel.org/ 和 https://elrepo.org/linux/kernel/el7/x86_64/
  4. CentOS 7 dnf可能无法安装内核
  5. dnf --disablerepo=\* --enablerepo=elrepo -y install kernel-ml kernel-ml-devel
  6. grubby --default-kernel
  7. 使用如下方式安装最新版内核
  8. rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
  9. rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
  10. 查看最新版内核yum --disablerepo="*" --enablerepo="elrepo-kernel" list available
  11. [root@k8s-node01 ~]# yum --disablerepo="*" --enablerepo="elrepo-kernel" list available
  12. Loaded plugins: fastestmirror
  13. Loading mirror speeds from cached hostfile
  14. * elrepo-kernel: mirrors.neusoft.edu.cn
  15. elrepo-kernel | 2.9 kB 00:00:00
  16. elrepo-kernel/primary_db | 1.9 MB 00:00:00
  17. Available Packages
  18. elrepo-release.noarch 7.0-5.el7.elrepo elrepo-kernel
  19. kernel-lt.x86_64 4.4.229-1.el7.elrepo elrepo-kernel
  20. kernel-lt-devel.x86_64 4.4.229-1.el7.elrepo elrepo-kernel
  21. kernel-lt-doc.noarch 4.4.229-1.el7.elrepo elrepo-kernel
  22. kernel-lt-headers.x86_64 4.4.229-1.el7.elrepo elrepo-kernel
  23. kernel-lt-tools.x86_64 4.4.229-1.el7.elrepo elrepo-kernel
  24. kernel-lt-tools-libs.x86_64 4.4.229-1.el7.elrepo elrepo-kernel
  25. kernel-lt-tools-libs-devel.x86_64 4.4.229-1.el7.elrepo elrepo-kernel
  26. kernel-ml.x86_64 5.7.7-1.el7.elrepo elrepo-kernel
  27. kernel-ml-devel.x86_64 5.7.7-1.el7.elrepo elrepo-kernel
  28. kernel-ml-doc.noarch 5.7.7-1.el7.elrepo elrepo-kernel
  29. kernel-ml-headers.x86_64 5.7.7-1.el7.elrepo elrepo-kernel
  30. kernel-ml-tools.x86_64 5.7.7-1.el7.elrepo elrepo-kernel
  31. kernel-ml-tools-libs.x86_64 5.7.7-1.el7.elrepo elrepo-kernel
  32. kernel-ml-tools-libs-devel.x86_64 5.7.7-1.el7.elrepo elrepo-kernel
  33. perf.x86_64 5.7.7-1.el7.elrepo elrepo-kernel
  34. python-perf.x86_64 5.7.7-1.el7.elrepo elrepo-kernel
  35. 安装最新版:
  36. yum --enablerepo=elrepo-kernel install kernel-ml kernel-ml-devel y
  37. 安装完成后reboot
  38. 更改内核顺序:
  39. grub2-set-default 0 && grub2-mkconfig -o /etc/grub2.cfg && grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-kernel)" && reboot
  40. 开机后查看内核
  41. [appadmin@k8s-node01 ~]$ uname -a
  42. Linux k8s-node01 5.7.7-1.el7.elrepo.x86_64 #1 SMP Wed Jul 1 11:53:16 EDT 2020 x86_64 x86_64 x86_64 GNU/Linux
  43. CentOS 8按需升级:
  44. 可以采用dnf升级,也可使用上述同样步骤升级(使用上述步骤注意elrepo-release-8.1版本)
  45. rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
  46. dnf install https://www.elrepo.org/elrepo-release-8.1-1.el8.elrepo.noarch.rpm
  47. dnf --disablerepo=\* --enablerepo=elrepo -y install kernel-ml kernel-ml-devel
  48. grubby --default-kernel && reboot

1.6 docker 安装准备

  1. 安装docker-19.03
  2. yum install docker-ce-19.03* docker-ce-cli-19.03* -y
  3. service docker start
  4. chkconfig docker on
  5. 配置dockercgroup:
  6. cat > /etc/docker/daemon.json <<EOF
  7. {
  8. "exec-opts": ["native.cgroupdriver=systemd"]
  9. }
  10. EOF

image_1f9qhf6d510mcg4h12291ncfsng41.png-136.8kB

二: 安装 kubernetes 准备

  1. 下载地址github
  2. k8s github : https://github.com/kubernetes/kubernetes/
  3. 安装k8s1.20.8
  4. tar -zxvf kubernetes-server-linux-v1.20.8-amd64.tar --strip-components=3 -C /usr/local/bin kubernetes/server/bin/kube{let,ctl,-apiserver,-controller-manager,-scheduler,-proxy}

image_1f9qi0tb5uq2vfom77vv92o14e.png-130.4kB

  1. 配置etcd
  2. tar -zxvf etcd-v3.4.14-linux-amd64.tar.gz --strip-components=1 -C /usr/local/bin etcd-v3.4.14-linux-amd64/{etcd,etcdctl}

image_1f9qj32sk6mv1acl1qen1ebnurn13.png-72.4kB

  1. vim k8s.sh
  2. -------
  3. MasterNodes='k8s-master02 k8s-master03'
  4. WorkNodes='k8s-node01 k8s-node02 k8s-node03'
  5. for NODE in $MasterNodes; do echo $NODE; scp /usr/local/bin/kube{let,ctl,-apiserver,-controller-manager,-scheduler,-proxy} $NODE:/usr/local/bin/; scp /usr/local/bin/etcd* $NODE:/usr/local/bin/; done
  6. for NODE in $WorkNodes; do scp /usr/local/bin/kube{let,-proxy} $NODE:/usr/local/bin/ ; done
  7. -------
  8. . ./k8s.sh

image_1f9qj96t74or1j3ednjhl7mqd1g.png-120.1kB

  1. CNI安装,下载CNI组件
  2. wget https://github.com/containernetworking/plugins/releases/download/v0.8.5/cni-plugins-linux-amd64-v0.8.5.tgz
  3. 所有节点:
  4. mkdir -p /opt/cni/bin
  5. 解压cni并发送至其他节点
  6. tar -zxf cni-plugins-linux-amd64-v0.8.5.tgz -C /opt/cni/bin
  7. vim cni.sh
  8. --------
  9. MasterNodes='k8s-master02 k8s-master03'
  10. WorkNodes='k8s-node01 k8s-node02 k8s-node03'
  11. for NODE in $MasterNodes; do ssh $NODE 'mkdir -p /opt/cni/bin'; scp /opt/cni/bin/* $NODE:/opt/cni/bin/; done
  12. for NODE in $WorkNodes; do ssh $NODE 'mkdir -p /opt/cni/bin'; scp /opt/cni/bin/* $NODE:/opt/cni/bin/; done
  13. ---------
  14. . ./cni.sh

image_1f9qjq2mjo03jei1tl5t5r1l521t.png-89.5kB

image_1f9qjqgsl1iit1gmhmf8hq91c0p2a.png-87.6kB

image_1f9qkghi4nqd14rtmhurvcdg2n.png-90.8kB

添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注