1、版本说明:
系统版本:centos stream 9
Kubernetes版本:最新版(v1.30)
docker版本:27.1.1
节点 | 主机名 | ip |
主节点 | k8s-master | 172.31.0.10 |
节点1 | k8s-node1 | 172.31.0.11 |
节点2 | k8s-node2 | 172.31.0.12 |
2、首先,使用Vagrant和Virtualbox创建centos stream 9虚拟机。
2.1、安装Vagrant
vagrant官网下载地址:Install | Vagrant | HashiCorp Developer
这里我们下载Windows版的vagrant_2.4.1_windows_amd64.msi安装包,双击后进行安装:
勾选"I accept the terms in the License Agreement",点击"Install"进行安装。
点击"Finish",然后点击"Yes"重启电脑。
重启之后,我们的vagrant就可以使用了。
2.2、安装Virtualbox
Virtualbox下载地址:
下载VirtualBox-7.0.20-163906-Win.exehttps://download.virtualbox.org/virtualbox/7.0.20/VirtualBox-7.0.20-163906-Win.exe安装包。
然后进行安装:
virtualbox默认是安装在c盘,我不想安装在c盘,修改到了d盘,在安装过程中出现了下面的报错:
然后在打开cmd命令行,执行下面官网说的命令:
icacls D:\virtualbox /reset /t /c
icacls D:\virtualbox /inheritance:d /t /c
icacls D:\virtualbox /grant *S-1-5-32-545:(OI)(CI)(RX)
icacls D:\virtualbox /deny *S-1-5-32-545:(DE,WD,AD,WEA,WA)
icacls D:\virtualbox /grant *S-1-5-11:(OI)(CI)(RX)
icacls D:\virtualbox /deny *S-1-5-11:(DE,WD,AD,WEA,WA)
命令执行成功后继续接下来的步骤。
这样,virtualbox就安装完成了。安装完之后记得重启一下电脑。
2.3、使用Vagrant快速安装Centos stream 9虚拟机,并自动在在虚拟机中安装好docker。
2.3.1、首先,在D盘创建一个vagrant的文件夹(可以自定义其他的目录),然后在文件夹中创建centos_stream_9的文件夹。然后创建名为:Vagrantfile的文件。注意这个文件就叫这个名字不能更改。
Vagrantfile的文件内容如下:
# -*- mode: ruby -*-
# vi: set ft=ruby :# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|# The most common configuration options are documented and commented below.# For a complete reference, please see the online documentation at# https://docs.vagrantup.com.# Every Vagrant development environment requires a box. You can search for# boxes at https://vagrantcloud.com/search.config.vm.box = "eurolinux-vagrant/centos-stream-9"config.vm.box_version = "9.0.45"# Disable automatic box update checking. If you disable this, then# boxes will only be checked for updates when the user runs# `vagrant box outdated`. This is not recommended.# config.vm.box_check_update = false# Create a forwarded port mapping which allows access to a specific port# within the machine from a port on the host machine. In the example below,# accessing "localhost:8080" will access port 80 on the guest machine.# NOTE: This will enable public access to the opened port# config.vm.network "forwarded_port", guest: 80, host: 8080# Create a forwarded port mapping which allows access to a specific port# within the machine from a port on the host machine and only allow access# via 127.0.0.1 to disable public access# config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"# Create a private network, which allows host-only access to the machine# using a specific IP.# 指定虚拟机网络ip为:172.31.0.10config.vm.network "private_network", ip: "172.31.0.10"# Create a public network, which generally matched to bridged network.# Bridged networks make the machine appear as another physical device on# your network.# config.vm.network "public_network"# Share an additional folder to the guest VM. The first argument is# the path on the host to the actual folder. The second argument is# the path on the guest to mount the folder. And the optional third# argument is a set of non-required options.# config.vm.synced_folder "../data", "/vagrant_data"# Disable the default share of the current code directory. Doing this# provides improved isolation between the vagrant box and your host# by making sure your Vagrantfile isn't accessible to the vagrant box.# If you use this you may want to enable additional shared subfolders as# shown above.# config.vm.synced_folder ".", "/vagrant", disabled: true# Provider-specific configuration so you can fine-tune various# backing providers for Vagrant. These expose provider-specific options.# Example for VirtualBox:## config.vm.provider "virtualbox" do |vb|# # Display the VirtualBox GUI when booting the machine# vb.gui = true## # Customize the amount of memory on the VM:# vb.memory = "1024"# end## View the documentation for the provider you are using for more# information on available options.# Enable provisioning with a shell script. Additional provisioners such as# Ansible, Chef, Docker, Puppet and Salt are also available. Please see the# documentation for more information about their specific syntax and use.config.vm.provision "shell", inline: <<-SHELL# 1、Docker安装# 1.1、卸载旧版本dockersudo yum remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-engine# 1.2、设置存储库sudo yum install -y yum-utilssudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo# 1.3、安装 Docker Enginesudo yum install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-pluginsudo systemctl enable dockersudo systemctl start docker# 1.4、禁用防火墙sudo systemctl stop firewalldsudo systemctl disable firewalld# 1.5、修改 SSH 配置sudo sed -i 's/^#*PasswordAuthentication .*/PasswordAuthentication yes/' /etc/ssh/sshd_configsudo sed -i 's/^#*PermitRootLogin .*/PermitRootLogin yes/' /etc/ssh/sshd_config# 1.6、重启 SSH 服务sudo systemctl restart sshd.service# 1.7、修改 root 用户密码echo "root:1TdhblkFcdhx2a" | sudo chpasswd# 1.8、配置 Docker 镜像加速mkdir -p /etc/dockercat > /etc/docker/daemon.json <<EOF{"registry-mirrors": ["https://6kx4zyno.mirror.aliyuncs.com","https://registry.docker-cn.com"],"exec-opts": ["native.cgroupdriver=systemd"]}
EOFsudo systemctl daemon-reloadsudo systemctl restart docker# 2、配置非root用户(Docker)执行docker命令时不使用sudo。# 2.1、创建名为 "Docker" 的用户sudo useradd Docker# 2.2、设置 "Docker" 用户的密码echo "Docker:1TdhblkFcdhx2a" | sudo chpasswd# 2.3、创建名为 "docker" 的组sudo groupadd docker# 2.4、将用户 "Docker" 添加到组 "docker"sudo gpasswd -a Docker docker# 2.5、重启dockersudo systemctl restart dockerSHELL
end
在弹出的cmd命令框中输入下面的命令:
vagrant up
等待执行完之后,我们就可以得到一台安装好Docker并且运行的centos stream 9的虚拟机。第一次执行的时候因为会下载centos stream 9的镜像文件,所以会很慢,我大概等了20分钟。成功以后再次安装centos stream 9就很快了。
我们打开virtualbox,就可以看到这个虚拟机正在运行。
使用MobaXterm或者其他ssh工具连接这个虚拟机。
MobaXterm下载地址:MobaXterm free Xserver and tabbed SSH client for Windows
虚拟机连接信息如下:
IP:172.31.0.10
用户:root
密码:1TdhblkFcdhx2a
密码可能有些长,这样记忆:一条大河波浪宽,风吹稻花香两岸。
3、Kubernetes集群
Kubernetes官方文档地址:
3.1、通过kubeadm快速安装Kubernetes集群
Kubernetes从v1.4版本开始引入了命令行工具kubeadm,以简化集群的安装过程,到v1.13版本时,kubeadm已经达到GA阶段。
3.1.1、在安装kubeadm前,需要关闭Linux的系统交换分区(swap),这可以通过下面的命令实现:
#关闭swap
swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab
3.1.2、然后,将 SELinux 设置为 permissive 模式(相当于将其禁用)。
# 将 SELinux 设置为 permissive 模式(相当于将其禁用)
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
3.1.3、修改/etc/hosts文件,添加域名映射
# 所有机器添加master的域名映射,保证各个node节点可以ping通master。以下需要修改为自己的IP和域名。
echo "172.31.0.10 k8s-master" >> /etc/hosts
# 添加这个映射,解决后期calico网络插件安装的报错。
echo "185.199.111.133 raw.githubusercontent.com" >> /etc/hosts
3.1.4、允许 iptables 检查桥接流量
按照步骤执行下面的命令:
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness = 0
EOF
sudo sysctl --system