java基礎知識圖解 軟體開發 軟體開發 軟體,即一系列按照特定順序組織的電腦數據和指令的集合。有系統軟體和應用軟體之分。 人機交互方式 圖形化界面(Graphical User Interface GUI):這種方式簡單直觀,使用者易於接受,容易上手操作。 命令行方式(Command Line ...
1. 安裝containerd
k8s1.24不支持docker作為運行時容器,需要採用containerd
k8s1.24可以支持docker的遠程鏡像
1.1. 安裝
apt-get install containerd.io=1.6.6-1
1.2. 生成containerd預設配置文件(所有節點)
mv /etc/containerd/config.toml /etc/containerd/config.toml.orig
containerd config default > /etc/containerd/config.toml
1.3. 修改config.toml文件
- endpoint加速器
[plugins."io.containerd.tracing.processor.v1.otlp"]
endpoint = "https://docker.mirrors.ustc.edu.cn/"
insecure = false
protocol = “"
- 修改sandbox_image
#sandbox_image = "k8s.gcr.io/pause:3.6"
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.7"
- 修改Systemdcgroup
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
IoUid = 0
NoNewKeyring = false
NoPivotRoot = false
Root = ""
ShimCgroup = ""
SystemdCgroup = true
- 修改root和state的路徑(看硬碟情況)
required_plugins = []
root = "/home/containerd/root"
state = "/home/containerd/state"
temp = ""
version = 2
1.4. 重啟containerd
systemctl restart containerd
1.5. 查看鏡像
sudo crictl image ls
1.6. 查看容器
sudo crictl ps
qiteck@server:~$ sudo crictl ps WARN[0000] runtime connect using default endpoints: [unix:///var/run/dockershim.sock unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead. ERRO[0000] unable to determine runtime API version: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial unix /var/run/dockershim.sock: connect: no such file or directory" WARN[0000] image connect using default endpoints: [unix:///var/run/dockershim.sock unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead. ERRO[0000] unable to determine image API version: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial unix /var/run/dockershim.sock: connect: no such file or directory" CONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID POD ef543e51cfa0c b008bec0252cb 5 hours ago Running omp 0 0fa6d165a2c35 omp-7696d4c57-2r6fl 706fb4abbdd02 cec7ba5a893a8 6 hours ago Running omp2 0 2d63b9953013f omp2-77689d4c5b-vmz2l c589f102227c3 beac3508eacfe 30 hours ago Running account 0 27abc088678b6 account-794585bbbb-p927k 433d94b8dd567 6358d98c814a7 31 hours ago Running game 0 2c41d2412209b game-7f44bb65f8-cjbrq 6b035346f216c d9814b25e52ba 46 hours ago Running consul 0 c390fa719ff8d consul-server-2 6774c93cb6c59 d9814b25e52ba 46 hours ago Running consul 0 6ab43d041c87a consul-client-m7jwf 0134002a22882 d9814b25e52ba 46 hours ago Running consul 0 54f1d07e965d1 consul-server-0 fb04bc0d7364e 2e858e385e1d1 46 hours ago Running gateway 0 f0416f209774a gateway-6d5fc9979f-99mmk 6d5fcf76bb4fa 4e845a6c446da 46 hours ago Running ota 1 baa0a202dab7c ota-848849756c-zgz78 835c6b1d4d477 d349e70825881 46 hours ago Running advertise 1 e6de5d636a3e1 advertise-74d996d7dd-w7fnh 46a2861697792 6e715ec1cdef6 46 hours ago Running file 1 7e0ddf0e5d55d file-7bbd64f796-frfff f2a039b8e6cb6 94a191ac1e06d 46 hours ago Running device 1 84607636a1206 device-75777b668c-n25kq 588286ca925e0 408c00be0844f 46 hours ago Running count 1 5645003fb9953 count-679b5fb4bb-lfhbl 8a575ea4e8421 94a191ac1e06d 46 hours ago Running device 1 20963e33e429d device-75777b668c-w5dnx 086ed6c6e5be1 6e715ec1cdef6 46 hours ago Running file 1 a11fcbbd7e88d file-7bbd64f796-hn5pj a83d8fc2ee00a ef376b69a2934 46 hours ago Running sport 1 f33a7bcafb377 sport-89bc7648f-4w46v e7f76b6f1c84f 2f2f9a205f3c1 46 hours ago Running rcache 1 ca980f5411acb rcache-55f4549cb8-6cqmx b709db2369dc1 ae97cd3e4622d 46 hours ago Running course 1 96d75555bb645 course-694b96bd8d-6qqmk 97be53613824b 82a5eb76d151c 46 hours ago Running msg 1 1b2e5ea5c2aa8 msg-7dbd97bddd-mg6d4 546a1501a6ccd 49512e7b89bc1 46 hours ago Running erp 1 4d2c7b154361d erp-6b879f8d7-krn5p d598b2782d979 e237e85065092 46 hours ago Running kube-flannel 5 26bb55717d190 kube-flannel-ds-rt8z5 2746d12ffc426 77b49675beae1 46 hours ago Running kube-proxy 5 c4daf9ff2bba3 kube-proxy-ngnrv
2. 安裝kubeadm、kubelet 和 kubectl
- kubeadm:用來初始化集群的指令。
- kubelet:在集群中的每個節點上用來啟動 pod 和容器等。
- kubectl:用來與集群通信的命令行工具。
安裝1.24.0版本
環境是ubuntu22.04
sudo apt-get update && sudo apt-get install -y apt-transport-https curl
需要能訪問google
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
國內的源(此源可以使用,本次搭建使用的是此源):
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main
EOF
sudo apt-get update
sudo apt-get install -y kubelet=1.24.2-00 kubeadm=1.24.2-00 kubectl=1.24.2-00
sudo apt-mark hold kubelet kubeadm kubectl
安裝完,看下版本:
xxxx@iZ2zeabl8ta0jq1nd850igZ:~/program$ kubectl version WARNING: This version information is deprecated and will be replaced with the output from kubectl version --short. Use --output=yaml|json to get the full version. Client Version: version.Info{Major:"1", Minor:"24", GitVersion:"v1.24.2", GitCommit:"f66044f4361b9f1f96f0053dd46cb7dce5e990a8", GitTreeState:"clean", BuildDate:"2022-06-15T14:22:29Z", GoVersion:"go1.18.3", Compiler:"gc", Platform:"linux/amd64"} Kustomize Version: v4.5.4 The connection to the server localhost:8080 was refused - did you specify the right host or port
3. 關閉swap
如果不關閉kubernetes運行會出現錯誤, 即使安裝成功了,node重啟後也會出現kubernetes server運行錯誤。
- 暫時關閉
sudo swapoff -a
- 永久關閉
編輯 /etc/fstab 文件
vi /etc/fstab
將 /dev/mapper/centos-swap swap swap default 0 0 這一行前面加個 # 號將其註釋掉。
4. master主節點啟動
4.1. 清空數據
sudo rm -rf /var/lib/etcd
4.2. 生成預設配置文件
kubeadm config print init-defaults --kubeconfig ClusterConfiguration > kubeadm.yml
4.3. 修改配置文件
name: logic需要是host的name,hostname獲取
name也可以隨便取,只要/etc/hosts裡面有配置地址就可以,
podSubnet的地址需要和flannel一致,因為是通過flannel來分配ip地址的, k8s會在各個子王上面劃分對應的ip網段
4.4. 指定配置文件初始化
xxxx@iZ2zeabl8ta0jq1nd850igZ:~/program/k8s$ sudo kubeadm init --config kubeadm.yml
提示這樣就初始化成功k8s的master主節點了
4.4. 查看pods:
xxxx@server:~$ sudo kubectl get pods --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE default account-794585bbbb-p927k 1/1 Running 0 29h default account-794585bbbb-xdlt7 1/1 Running 0 29h default advertise-74d996d7dd-qtxzf 1/1 Running 0 2d22h default advertise-74d996d7dd-w7fnh 1/1 Running 1 (46h ago) 2d22h default consul-client-m7jwf 1/1 Running 0 45h default consul-client-vpd94 1/1 Running 0 45h default consul-server-0 1/1 Running 0 45h default consul-server-1 1/1 Running 0 45h default consul-server-2 1/1 Running 0 45h default count-679b5fb4bb-hlqrj 1/1 Running 0 2d22h default count-679b5fb4bb-lfhbl 1/1 Running 1 (46h ago) 2d22h default course-694b96bd8d-6qqmk 1/1 Running 1 (46h ago) 2d22h default course-694b96bd8d-j6lfw 1/1 Running 0 2d22h
4.5. 拷貝授權登陸文件給當前用戶:
配置文件設置kubectl的使用,包括連接api伺服器,證書許可權等等
K8s會用到當前用戶的許可權,可以拷貝配置文件,或者設置鏈接
拷貝:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
軟連接:
mkdir -p $HOME/.kube
sudo ln -sf /etc/kubernetes/admin.conf ~/.kube/config
否則將報錯:The connection to the server localhost:8080 was refused - did you specify the right host or port?
如果按照前面這麼配置還有問題的話,需要註意區分sudo和非sudo的情況,非sudo的情況下要保證對/etc/kubernetes/admin.conf的許可權,
8080埠是kubectl預設請求的埠,這個是不安全的埠,安全的訪問方式是https://localhost:6443
4.6. 修改nodeport埠範圍:
Nodeport的預設埠範圍是30000-32767
很影響使用,把它改成1-65535
編輯 kube-apiserver.yaml文件
vim /etc/kubernetes/manifests/kube-apiserver.yaml
找到 --service-cluster-ip-range 這一行,在這一行的下一行增加 如下內容
- --service-node-port-range=1-65535
實際內容如下:
最後 重啟 kubelet
sudo systemctl daemon-reload
sudo systemctl restart kubelet
4.7. 設置master節點可以部署pod
這是因為kubernetes出於安全考慮預設情況下無法在master節點上部署pod,
- 1 node(s) had taint {node-role.kubernetes.io/master: } that the pod didn't tolerate.:
kubectl taint nodes --all node-role.kubernetes.io/master-
執行後將輸出如下信息(其中報錯可忽略):
- 1 node(s) had untolerated taint {node-role.kubernetes.io/control-plane: }. preemption: 0/1 nodes are available:
kubectl taint nodes --all node-role.kubernetes.io/control-plane-
4.8. 日誌查看
systemctl status kubelet
journalctl -xefu kubelet
vim /var/log/pods/kube-system_kube-apiserver
4.9. POD網路差距flannel安裝
用來部署pod的地址
- 下載配置:
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
- 修改配置文件:
確保kube-flannel.yml的這個欄位“Network”: “10.244.0.0/16" 與kubeadm.conf的podSubnet地址一致
- 部署:
kubectl apply -f kube-flannel.yml
- 檢測flannel進程是否啟動:
qiteck@logic:~/program/k8s_1.24.2$ ps -ef|grep flannel
root 4673 4326 0 09:16 ? 00:00:00 /opt/bin/flanneld --ip-masq --kube-subnet-mgr
- 檢測flannel進程是否啟動:
xxxx@server:~$ sudo kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE coredns-74586cf9b6-8mbqz 1/1 Running 3 (6d23h ago) 6d23h coredns-74586cf9b6-hz48p 1/1 Running 3 (6d23h ago) 6d23h etcd-master.cluster.k8s 1/1 Running 5 (6d23h ago) 6d23h kube-apiserver-master.cluster.k8s 1/1 Running 0 3d1h kube-controller-manager-master.cluster.k8s 1/1 Running 7 (2d23h ago) 6d23h kube-flannel-ds-rt8z5 1/1 Running 5 (46h ago) 3d kube-flannel-ds-t6nrc 1/1 Running 1 (6d23h ago) 6d23h kube-proxy-ngnrv 1/1 Running 5 (46h ago) 3d kube-proxy-tjh8h 1/1 Running 4 (6d23h ago) 6d23h kube-scheduler-master.cluster.k8s 1/1 Running 7 (2d23h ago) 6d23h
- 看下cni0網卡是否有了:
xxxx@server:~$ ifconfig br-0480d1b7cefb: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255 inet6 fe80::42:e1ff:fe6e:8e3c prefixlen 64 scopeid 0x20<link> ether 02:42:e1:6e:8e:3c txqueuelen 0 (Ethernet) RX packets 84662 bytes 119261797 (119.2 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 83663 bytes 121420317 (121.4 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 cni0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450 inet 10.244.1.1 netmask 255.255.255.0 broadcast 10.244.1.255 inet6 fe80::b821:f2ff:fe1d:809a prefixlen 64 scopeid 0x20<link> ether ba:21:f2:1d:80:9a txqueuelen 1000 (Ethernet) RX packets 9016802 bytes 993361285 (993.3 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6600536 bytes 1003467886 (1.0 GB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- 看下是否有生成/run/flannel/subnet.env文件:
設置flannel插件的信息, 一旦flanneld啟動,它會自動將一些數據寫入/run/flannel/subnet.env
至此,k8s主節點已經搭建起來了。
