- Published on
centos7.6安装单点k8s
- Authors
- Name
- 刘十三
一、系统初始化(必须)
1️⃣ 设置主机名
hostnamectl set-hostname k8s-master
2️⃣ 关闭防火墙 & SELinux
systemctl disable --now firewalld
setenforce 0
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
3️⃣ 关闭 Swap(k8s 强制要求)
swapoff -a
sed -i '/swap/d' /etc/fstab
二、内核与网络配置(k8s 必须)
1️⃣ 加载内核模块
cat <<EOF > /etc/modules-load.d/k8s.conf
br_netfilter
EOF
modprobe br_netfilter
2️⃣ sysctl 参数
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl --system
三、安装 Docker(20.10.24)
1️⃣ 卸载旧 Docker
yum remove -y docker docker-client docker-common docker-engine
2️⃣ 添加 Docker 阿里源
cat <<EOF > /etc/yum.repos.d/docker-ce.repo
[docker-ce-stable]
name=Docker CE Stable - Aliyun
baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/stable
enabled=1
gpgcheck=0
EOF
yum clean all
yum makecache fast
yum list docker-ce --showduplicates | head
3️⃣ 安装指定版本
yum install -y \
docker-ce-20.10.24 \
docker-ce-cli-20.10.24 \
containerd.io
4️⃣ 配置 Docker(systemd + 国内镜像)
mkdir -p /etc/docker
cat <<EOF > /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": [
"https://docker.m.daocloud.io",
"https://registry.cn-hangzhou.aliyuncs.com"
]
}
EOF
5️⃣ 启动 Docker
systemctl enable docker --now
docker version
四、安装 cri-dockerd(关键)
Kubernetes 1.24+ 已移除内置 dockershim,
Docker 必须配合 cri-dockerd
1️⃣ 下载并安装
wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.7/cri-dockerd-0.3.7.20231027185657.170103f2-0.el7.x86_64.rpm
yum install -y ./cri-dockerd-0.3.7.20231027185657.170103f2-0.el7.x86_64.rpm
2️⃣ 启动服务
systemctl enable cri-docker --now
3️⃣ 验证
ls /run/cri-dockerd.sock
五、安装 Kubernetes(v1.26.6)
1️⃣ 配置 k8s yum 源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
EOF
2️⃣ 安装指定版本
yum install -y \
kubelet-1.26.6 \
kubeadm-1.26.6 \
kubectl-1.26.6
3️⃣ 启动 kubelet
systemctl enable kubelet
六、初始化单节点 Kubernetes
1️⃣ kubeadm init(关键命令)
先执行
docker pull registry.aliyuncs.com/google_containers/pause:3.6
docker tag \
registry.aliyuncs.com/google_containers/pause:3.6 \
registry.k8s.io/pause:3.6
拉取
registry.k8s.io/pause:3.6镜像,避免初始化时网络问题
kubeadm init \
--kubernetes-version=1.26.6 \
--image-repository=registry.aliyuncs.com/google_containers \
--pod-network-cidr=10.244.0.0/16 \
--cri-socket=unix:///run/cri-dockerd.sock
成功后会看到:
Your Kubernetes control-plane has initialized successfully!
2️⃣ 配置 kubectl
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
验证:
kubectl get nodes
七、安装网络插件(Flannel)
kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
等待 1~2 分钟:
kubectl get pods -n kube-system
等到
coredns-xxx都是Running状态
八、单节点允许调度 Pod(很重要)
默认 master 不能跑业务 Pod,需要解锁:
kubectl taint nodes --all node-role.kubernetes.io/control-plane-
再次查看:
kubectl get nodes
应为:
STATUS: Ready
ROLES: control-plane
九、验证集群是否可用
kubectl run nginx --image=nginx
kubectl expose pod nginx --port=80 --type=NodePort
kubectl get svc
十、版本确认(你可对照)
docker --version
# Docker version 20.10.24
kubectl version --short
# Client Version: v1.26.6
# Server Version: v1.26.6
kubeadm version
# kubeadm version: v1.26.6