ubuntu部署单节点Kubernetes1.27
系统:Ubuntu22.04
1.准备工作
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 curl -fsSL https://get.docker.com | sudo sh # 使用 aliyun 的 k8s 源安装 kubeadm 和相关命令行工具 apt-get update && apt-get install -y apt-transport-https curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add - echo "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list apt-get update apt-get install -y kubelet kubeadm kubectl systemctl enable kubelet # 修改 docker 的 cgroup driver 选项为 systemd,与 k8s 保持一致,并修改 registry-mirror 加速下载 vi /etc/docker/daemon.json { "exec-opts": ["native.cgroupdriver=systemd"], "registry-mirrors": ["https://registry.docker-cn.com", "https://docker.mirrors.ustc.edu.cn"] } systemctl restart docker
2.使用 kubeadm init k8s
1 2 3 # 使用阿里云上提供的 k8s 镜像(这里指定的网络与后续使用的网络插件的配置保持一致) kubeadm init --image-repository registry.aliyuncs.com/google_containers \ --service-cidr=10.1.0.0/16 --pod-network-cidr=10.244.0.0/16
2.1 问题修复(如果上一步执行正常无报错 则跳过)
1 container runtime is not running :CRI v1 runtime API is not implemented for endpoint \"unix:///var/run/containerd/containerd.sock\": rpc error: code = Unimplemented desc = unknown service runtime.v1.RuntimeService
报错的原因是ubuntu22.04默认预装的是旧版本的containerd.io 需要下载二进制包手动替换:
以下是简单步骤(可以照做)具体详细的文档参见https://github.com/containerd/containerd/blob/main/docs/getting-started.md
1 2 3 4 5 6 7 8 9 10 # 下载containerd二进制包 wget https://github.com/containerd/containerd/releases/download/v1.7.2/containerd-1.7.2-linux-amd64.tar.gz # 将其解压缩到/usr/local下: tar Cxzvf /usr/local containerd-1.7.2-linux-amd64.tar.gz # 接下来从runc的github上单独下载安装runc,该二进制文件是静态构建的,并且应该适用于任何Linux发行版。 wget https://github.com/opencontainers/runc/releases/download/v1.1.7/runc.amd64 install -m 755 runc.amd64 /usr/local/sbin/runc # 生成containerd的配置文件 mkdir -p /etc/containerd containerd config default > /etc/containerd/config.toml
根据官方文档指导 需要将systemd
设置为 cgroup 驱动对于使用systemd作为init system的Linux的发行版,使用systemd作为容器的cgroup driver可以确保服务器节点在资源紧张的情况更加稳定 详见https://kubernetes.io/zh-cn/docs/setup/production-environment/container-runtimes/ 修改刚刚生成的配置文件
1 vim /etc/containerd/config.toml
1 2 3 4 [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] ... [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = true
国内环境需要替换k8s官方镜像仓库为阿里云仓库
还是刚刚的配置文件:
1 2 3 4 [plugins."io.containerd.grpc.v1.cri"] ... sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"
为了通过systemd启动containerd,请还需要从https://raw.githubusercontent.com/containerd/containerd/main/containerd.service
下载containerd.service
单元文件,并将其放置在/etc/systemd/system/containerd.service
中。 配置containerd开机启动,并启动containerd,执行以下命令:
1 2 3 4 cd /etc/systemd/system wget https://raw.githubusercontent.com/containerd/containerd/main/containerd.service systemctl daemon-reload systemctl enable containerd --now
下载安装crictl工具(选装,ubuntu22.04自带):
1 2 3 wget https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.27.0/crictl-v1.27.0-linux-amd64.tar.gz tar -zxvf crictl-v1.27.0-linux-amd64.tar.gz install -m 755 crictl /usr/local/bin/crictl
使用crictl测试一下,确保可以打印出版本信息并且没有错误信息输出:
1 2 3 4 5 6 crictl --runtime-endpoint=unix:///run/containerd/containerd.sock version Version: 0.1.0 RuntimeName: containerd RuntimeVersion: v1.7.2 RuntimeApiVersion: v1
notice:这里是第二个坑,执行命令返回
1 2 crictl --runtime-endpoint=unix:///run/containerd/containerd.sock version FATA[0000] validate service connection: CRI v1 runtime API is not implemented for endpoint "unix:///run/containerd/containerd.sock": rpc error: code = Unimplemented desc = unknown service runtime.v1.RuntimeService
!!(上一步没问题的跳过)原因是系统预装的containerd还在运行,需要删除掉后重启
1 2 3 4 apt remove containerd.io systemctl daemon-reload systemctl enable containerd --now systemctl status containerd
此时再次运行检查命令,返回正常
1 crictl --runtime-endpoint=unix:///run/containerd/containerd.sock version
启动kubelet
1 systemctl enable kubelet.service
再次运行
1 2 kubeadm init --image-repository registry.aliyuncs.com/google_containers \ --service-cidr=10.1.0.0/16 --pod-network-cidr=10.244.0.0/16
2.2 完成安装
全部执行完成后根据提示执行下述命令
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config Alternatively, if you are the root user, you can run: export KUBECONFIG=/etc/kubernetes/admin.conf You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root: # 单节点集群跳过这步 kubeadm join 172.16.3.169:6443 --token z4o3n1.l64vso6rqo8pobmp \ --discovery-token-ca-cert-hash sha256:124049c1f0335b2ed1314262710e60ac4d344403bd6375d2c66ea7e3013da99c
执行 kubectl get pods -A
1 2 3 4 5 6 7 8 NAMESPACE NAME READY STATUS RESTARTS AGE kube-system coredns-7bdc4cb885-w6vrn 0/1 Pending 0 5s kube-system coredns-7bdc4cb885-wx2nr 0/1 Pending 0 5s kube-system etcd-***-****-** 1/1 Running 0 5s kube-system kube-apiserver-***-****-** 1/1 Running 0 5s kube-system kube-controller-manager-***-****-** 1/1 Running 0 5s kube-system kube-proxy-lbcbk 1/1 Running 0 5s kube-system kube-scheduler-***-****-** 1/1 Running 0 5s
大功告成
3.安装包管理器helm 3
Helm是Kubernetes的包管理器,后续流程也将使用Helm安装Kubernetes的常用组件。 这里先在master节点node1上安装helm。
1 2 3 wget https://get.helm.sh/helm-v3.12.0-linux-amd64.tar.gz tar -zxvf helm-v3.12.0-linux-amd64.tar.gz mv linux-amd64/helm /usr/local/bin/
执行 helm list 确认没有错误输出