ubuntu22.04安装 kubernetes（docker）

初始化检查

操作系统：ubuntu22.04 LTS

docker：20.10.18

kubelet: v1.23.6

kubeadm:v1.23.6

kubectl: v1.23.6

1、校准时间：

 cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

2、修改系统配置，允许桥接流量

cat <<EOF | tee /etc/modules-load.d/k8s.conf

br_netfilter

EOF

cat <<EOF | tee /etc/sysctl.d/k8s.conf

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

EOF

sysctl --system

3、关闭swap和防火墙

swapoff -a # 临时

sed -ri 's/.*swap.*/#&/' /etc/fstab # 永久

关闭防火墙：

systemctl disable --now ufw

systemctl stop ufw

4、使用aliyun镜像

sed -i 's@http://cn.archive.ubuntu.com@https://mirrors.aliyun.com@g' /etc/apt/sources.list

apt-get update

vim /etc/netplan/00-installer-config.yaml

network:

  ethernets:

    ens33:

      dhcp4: false

      addresses: [192.168.3.101/24]

      nameservers:

        addresses: [192.168.3.1,223.5.5.5,233.6.6.6]

      gateway4: 192.168.3.1

  ethernets:

    ens37:

      dhcp4: false

      addresses: [10.0.8.101/24]

  version: 2

5、安装docker

apt-get update

apt-get -y install apt-transport-https ca-certificates curl software-properties-common

# step 2: 安装GPG证书

curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -

# Step 3: 写入软件源信息

add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"

# Step 4: 更新并安装Docker-CE

apt-get -y update

apt-get install containerd.io docker-ce docker-ce-cli

修改docker 配置文件 #cat /etc/docker/daemon.json

  {

  "data-root": "/data/docker",

  "exec-opts": ["native.cgroupdriver=systemd"],

  "registry-mirrors": [

    "https://docker.mirrors.ustc.edu.cn",

    "http://hub-mirror.c.163.com",

    "https://mjpmak3l.mirror.aliyuncs.com"

  ],

  "data-root": "/data/docker",

  "insecure-registries": ["127.0.0.1/8","10.0.8.121","harbor.myland.com"],

  "max-concurrent-downloads": 10,

  "live-restore": true,

  "log-driver": "json-file",

  "log-level": "warn",

  "log-opts": {

    "max-size": "50m",

    "max-file": "1"

    },

  "storage-driver": "overlay2"

}

systemctl daemon-reload

systemctl restart docker

systemctl enable docker

6、修改containerd配置文件

生成配置文件

mkdir -p /etc/containerd

containerd config default | sudo tee /etc/containerd/config.toml

修改配置文件

sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml

grep 'SystemdCgroup' -B 11 /etc/containerd/config.toml #检查是否修改成功

systemctl daemon-reload

systemctl restart containerd.service

systemctl enable containerd

7、安装kubeadm、kubelet和kubectl

由于这三个程序的托管仓库在google站点服务上，访问存在问题，目前可以使用阿里云（http://mirrors.aliyun.com）或者Azure（http://mirror.azure.cn）

#参见 https://developer.aliyun.com/mirror/kubernetes?spm=a2c6h.13651102.0.0.73281b11JvSrJo

apt-get update && apt-get install -y apt-transport-https

#添加kubernetes官方秘钥

curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -

#配置kubernetes仓库

cat <<EOF >/etc/apt/sources.list.d/kubernetes.list

deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main

EOF

cp /etc/apt/trusted.gpg /etc/apt/trusted.gpg.d/kube-trusted.gpg

apt-get update

apt install kubeadm=1.23.6-00 kubelet=1.23.6-00 kubectl=1.23.6-00 -y #由于kubelet v1.24及以后新版本不支持docker，这里安装老版本

systemctl start kubelet

systemctl enabel kubelet

8、安装kubernetes

kubeadm init \

--image-repository registry.aliyuncs.com/google_containers \   #指定使用的镜像仓库 ，默认的为gcr.io,在国内一般无法访问

--kubernetes-version v1.25.3 \      #版本

--control-plane-endpoint k8s-api.ilinux.io \ #控制平面的的固定访问端点，IP地址或者DNS都可以，集群管理员与集群组件的kubeconfig配置文件的API Server访问地址

--apiserver-advertise-address 10.0.8.101 \  # API Sever通告给其他组件的IP地址，一般为Mater节点用于集群内部通信的地址，0.0.0.0wei所哟可以地址

--pod-network-cidr 10.201.0.0/16 \     #POD地址网段

--service-cidr 10.97.0.0/16 \      #SERVICE地址网段

--token-ttl 0

　安装完成后有如下输出：

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube

  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.

Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:

  https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of control-plane nodes by copying certificate authorities

and service account keys on each node and then running the following as root:

  kubeadm join k8s-api.ilinux.io:6443 --token 96xjvw.wte9wdakt7csogrl \

	--discovery-token-ca-cert-hash sha256:5353f5f85b475859f67b11ac299cad4fb53eb41ddec06142c4fcef35d0229b34 \

	--control-plane 

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join k8s-api.ilinux.io:6443 --token 96xjvw.wte9wdakt7csogrl \

	--discovery-token-ca-cert-hash sha256:5353f5f85b475859f67b11ac299cad4fb53eb41ddec06142c4fcef35d0229b34

node节点可以只安装kubelet和kubeadm即可，按照上面的加入命令加入集群