安装配置 CRI-O安装CRI-O
# cat get_cri-o.sh#!/bin/bashVERSION=1.22sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/CentOS_7/devel:kubic:libcontainers:stable.reposudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:${VERSION}.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:${VERSION}/CentOS_7/devel:kubic:libcontainers:stable:cri-o:${VERSION}.repo# ansible k8s -myum -a "name=cri-o,cri-tools state=latest"# ansible k8s -mshell-a "sudo systemctl enable --now crio"修改cri-o 存储路径
# ansible k8s -m shell -a "sed -i -e's?^graphroot =.*?graphroot = "/export/Data/containers/storage"?g' /etc/containers/storage.conf"配置cgroup
# cat 02-cgroup-manager.conf[crio.runtime]conmon_cgroup = "pod"cgroup_manager = "systemd"# ansible k8s -m copy -a "src=https://www.huyubaike.com/biancheng/02-cgroup-manager.confdest=/etc/crio/crio.conf.d/"配置镜像加速
# cat images_mirr.sh#!/bin/bashcat >> /etc/containers/registries.conf << EOF[[registry]]prefix = "docker.io"location = "hub-mirror.c.163.com"[[registry.mirror]]prefix = "docker.io"location = "hub-mirror.c.163.com"EOF# ansible k8s-m script -a "/root/images_mirr.sh"# ansible k8s-m service -a 'name=criostate=restarted'配置LB公有云使用负载均衡代替
高可用LB后续更新,暂用nginx代替
以下操作LB节点执行
[root@lb ~]# yum -y install epel-release.noarch[root@lb ~]# yum -y install nginx nginx-mod-streamnginx 配置文件中加入以下配置
stream {log_formatmain'$remote_addr [$time_local]''$protocol $status $bytes_sent $bytes_received''$session_time';server {listen 16443;proxy_pass kubeapi;access_log/var/log/nginx/access.logmain;}upstream kubeapi {server 192.168.3.24:6443;server 192.168.3.25:6443;server 192.168.3.26:6443;}}部署k8s安装kubeadm、kubelet
# cat kube.sh#!/bin/bashcat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearchenabled=1gpgcheck=1repo_gpgcheck=1gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpgexclude=kubelet kubeadm kubectlEOFyum install-y kubelet-1.22.3-0kubeadm-1.22.3-0kubectl-1.22.3-0 --disableexcludes=kubernetessudo systemctl enable --now kubelet# ansible k8s-m script -a "/root/kube.sh"分发etcd证书
# ansible k8s -m shell -a "mkdir -p /export/Data/certs/"配置kubelet
# catkubelet_conf.sh#!/bin/bashcat > /etc/sysconfig/kubelet <<EOFKUBELET_EXTRA_ARGS=--container-runtime=remote --cgroup-driver=systemd --container-runtime-endpoint='unix:///var/run/crio/crio.sock' --runtime-request-timeout=5mEOF# ansible k8s-m script -a "/root/kubelet_conf.sh"# ansible k8s-m service -a 'name=kubeletstate=restarted'初始第一个master节点
# cat kubeadm_config.yamlapiVersion: kubeadm.k8s.io/v1beta2kind: ClusterConfigurationkubernetesVersion: v1.22.3imageRepository: registry.aliyuncs.com/google_containerscontrolPlaneEndpoint: "192.168.3.29:16443"networking:serviceSubnet: "10.96.0.0/16"podSubnet: "172.16.0.0/16"dnsDomain: "cluster.local"dns:type: "CoreDNS"etcd:external:endpoints:- https://192.168.3.21:2379- https://192.168.3.22:2379- https://192.168.3.23:2379caFile: /export/Data/certs/ca.pemcertFile: /export/Data/certs/etcd.pemkeyFile: /export/Data/certs/etcd-key.pem---apiVersion: kubelet.config.k8s.io/v1beta1kind: KubeletConfigurationcgroupDriver: systemd---apiVersion: kubeproxy.config.k8s.io/v1alpha1kind: KubeProxyConfigurationmode: ipvs# ansible 192.168.3.24 -m copy -a "src=https://www.huyubaike.com/biancheng/kubeadm_config.yaml dest=/root"# ansiblek8s-m copy -a "src=https://www.huyubaike.com/root/ssl/ dest=/export/Data/certs/"#ansible 192.168.3.24 -m shell-a "kubeadm init--config=/root/kubeadm_config.yaml--upload-certs"
经验总结扩展阅读
- 云电视功能介绍 人脸识别的年代已到来
- 云电视哪个牌子好 价格一般多少
- 10月31日湖南未来三天多云到晴天为主 后天晚上湘南有降雨
- 谁是最容易出轨星座男生?
- 11月1日浙江今明天多云间阴为主 南部地区偶有小雨“叨扰”
- 未来一个月里将会月运气青云直上 状态极佳的3个星座
- 2022京东双十二优惠力度有双十一大吗 双十二和双十一有什么区别
- 2022京东买黄金双十一便宜还是双十二便宜 买黄金要注意什么
- tcl液晶电视质量怎样 tcl智能云电视哪款好
- 云小课|MRS基础原理之MapReduce介绍