SundayHK
主机信息
| 主机 IP | 主机名 | 角色 | 硬件 |
|---|---|---|---|
| 192.168.77.131 | k8s-master01 | control plane, etcd | 4H4G |
| 192.168.77.132 | k8s-node01 | worker | 4H4G |
| 192.168.77.133 | k8s-node02 | worker | 4H4G |
系统软件版本
- OS:Ubuntu 22.04.3 LTS
- Kernel:Linux 5.15.0-88-generic
- Kubernetes:v1.28.8
- Containerd:1.7.13
- KubeKey:v3.1.6
Host解析
hostnamectl set-hostname k8s-master01
# cat /etc/hosts
192.168.77.131 k8s-master01
192.168.77.132 k8s-node01
192.168.77.133 k8s-node02Chrony时间同步
apt-get install -y chronyk8s-master01 做chrony主
sed -i.bak 's/^\(pool.*\)/#\1/g' /etc/chrony/chrony.conf
sed -i '0,/^#pool.*/{s//pool ntp1.aliyun.com iburst\n&/}' /etc/chrony/chrony.conf
systemctl enable chrony
systemctl restart chrony
# 验证
chronyc sourcestats -v
root@k8s-master01:~# grep ^pool /etc/chrony/chrony.conf
pool ntp1.aliyun.com iburstk8s-node01 k8s-node02s 指向k8s-master01
sed -i.bak 's/^\(pool.*\)/#\1/g' /etc/chrony/chrony.conf
sed -i '0,/^#pool.*/{s//pool 192.168.77.131 iburst\n&/}' /etc/chrony/chrony.conf
systemctl enable chrony
systemctl restart chrony
# 验证
chronyc sourcestats -v系统配置
ufw disable
timedatectl set-timezone Asia/Shanghai
timedatectl set-local-rtc 0
swapoff -a
sed -i '/swap/s/^\(.*\)$/#\1/g' /etc/fstab
sed -i 's#http://.*.ubuntu.com#http://mirrors.aliyun.com#g' /etc/apt/sources.list
apt-get update关闭主机systemd-resolve 53端口
sed -i 's/^#\?DNSStubListener=.*/DNSStubListener=no/' /etc/systemd/resolved.conf
ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
systemctl restart systemd-resolved.service安装依赖
apt-get install -y curl socat conntrack ebtables ipset ipvsadm bash-completionSudo免密码
update-alternatives --config editor #选择3 vim.basic
visudo # 添加
sunday ALL=(ALL:ALL) NOPASSWD:ALLSSH免密码
root@k8s-master01:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:AfQnEmRagGWhrOKZVUHcSNh/iGbpmc0KDMlwmQSP9Mk root@k8s-master01
The key's randomart image is:
+---[RSA 3072]----+
|.+.=@OX |
|o+B+.B.= |
|+.=E..= = . |
| = .= + = |
|o o.+ = S |
|o +o + o |
| + . . |
| . |
| |
+----[SHA256]-----+
root@k8s-master01:~# ssh-copy-id sunday@k8s-master01
root@k8s-master01:~# ssh-copy-id sunday@k8s-node01
root@k8s-master01:~# ssh-copy-id sunday@k8s-node02下载KubeKey
export KKZONE=cn
curl -sfL https://get-kk.kubesphere.io | sh -查看 KubeKey 支持的 Kubernetes 版本列表
./kk version --show-supported-k8s./kk create config --with-kubernetes v1.28.8注:密钥不支持sudo,目前只能用password
root@k8s-master01:~# vim config-sample.yaml
apiVersion: kubekey.kubesphere.io/v1alpha2
kind: Cluster
metadata:
name: sundayhk
spec:
hosts:
- {name: k8s-master01, address: 192.168.77.131, internalAddress: 192.168.77.131, user: sunday, password: "password"}
- {name: k8s-node01, address: 192.168.77.132, internalAddress: 192.168.77.132, user: sunday, password: "password"}
- {name: k8s-node02, address: 192.168.77.133, internalAddress: 192.168.77.133, user: sunday, password: "password"}
#- {name: k8s-node02, address: 192.168.77.133, internalAddress: 192.168.77.133, user: sunday, privateKeyPath: "~/.ssh/id_rsa"}
roleGroups:
etcd:
- k8s-master01
control-plane:
- k8s-master01
worker:
- k8s-node01
- k8s-node02
controlPlaneEndpoint:
## Internal loadbalancer for apiservers
# internalLoadbalancer: haproxy
domain: lb.kubesphere.local
address: ""
port: 6443
kubernetes:
version: v1.28.8
clusterName: cluster.local
autoRenewCerts: true
containerManager: containerd
etcd:
type: kubekey
network:
plugin: calico
kubePodsCIDR: 10.233.64.0/18
kubeServiceCIDR: 10.233.0.0/18
## multus support. https://github.com/k8snetworkplumbingwg/multus-cni
multusCNI:
enabled: false
registry:
privateRegistry: ""
namespaceOverride: ""
registryMirrors: []
insecureRegistries: []
addons: []./kk create cluster -f config-sample.yaml
root@k8s-master01:~# ./kk create cluster -f config-sample.yaml
_ __ _ _ __
| | / / | | | | / /
| |/ / _ _| |__ ___| |/ / ___ _ _
| \| | | | '_ \ / _ \ \ / _ \ | | |
| |\ \ |_| | |_) | __/ |\ \ __/ |_| |
\_| \_/\__,_|_.__/ \___\_| \_/\___|\__, |
__/ |
|___/
15:46:31 CST [GreetingsModule] Greetings
15:46:32 CST message: [k8s-node02]
Greetings, KubeKey!
15:46:33 CST message: [k8s-master01]
Greetings, KubeKey!
15:46:34 CST message: [k8s-node01]
Greetings, KubeKey!
15:46:34 CST success: [k8s-node02]
15:46:34 CST success: [k8s-master01]
15:46:34 CST success: [k8s-node01]
15:46:34 CST [NodePreCheckModule] A pre-check on nodes
15:46:35 CST success: [k8s-node02]
15:46:35 CST success: [k8s-master01]
15:46:35 CST success: [k8s-node01]
15:46:35 CST [ConfirmModule] Display confirmation form
+-------------+------+------+---------+----------+-------+-------+---------+-----------+--------+--------+------------+------------+-------------+------------------+--------------+
| name | sudo | curl | openssl | ebtables | socat | ipset | ipvsadm | conntrack | chrony | docker | containerd | nfs client | ceph client | glusterfs client | time |
+-------------+------+------+---------+----------+-------+-------+---------+-----------+--------+--------+------------+------------+-------------+------------------+--------------+
| k8s-master01 | y | y | y | y | y | y | y | y | y | | | | | | CST 15:46:35 |
| k8s-node01 | y | y | y | y | y | y | y | y | y | | | | | | CST 15:46:35 |
| k8s-node02 | y | y | y | y | y | y | y | y | y | | | | | | CST 15:46:35 |
+-------------+------+------+---------+----------+-------+-------+---------+-----------+--------+--------+------------+------------+-------------+------------------+--------------+
This is a simple check of your environment.
Before installation, ensure that your machines meet all requirements specified at
https://github.com/kubesphere/kubekey#requirements-and-recommendations
Install k8s with specify version: v1.28.8
Continue this installation? [yes/no]: yes
15:46:55 CST success: [LocalHost]
15:46:55 CST [NodeBinariesModule] Download installation binaries
15:46:55 CST message: [localhost]
downloading amd64 kubeadm v1.28.8 ...
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 46.0M 100 46.0M 0 0 2273k 0 0:00:20 0:00:20 --:--:-- 2631k
15:47:16 CST message: [localhost]
...
15:53:48 CST success: [k8s-master01]
15:53:48 CST [ConfigureKubernetesModule] Configure kubernetes
15:53:48 CST success: [k8s-master01]
15:53:48 CST [ChownModule] Chown user $HOME/.kube dir
15:53:49 CST success: [k8s-node01]
15:53:49 CST success: [k8s-node02]
15:53:49 CST success: [k8s-master01]
15:53:49 CST [AutoRenewCertsModule] Generate k8s certs renew script
15:53:49 CST success: [k8s-master01]
15:53:49 CST [AutoRenewCertsModule] Generate k8s certs renew service
15:53:49 CST success: [k8s-master01]
15:53:49 CST [AutoRenewCertsModule] Generate k8s certs renew timer
15:53:50 CST success: [k8s-master01]
15:53:50 CST [AutoRenewCertsModule] Enable k8s certs renew service
15:53:51 CST success: [k8s-master01]
15:53:51 CST [SaveKubeConfigModule] Save kube config as a configmap
15:53:51 CST success: [LocalHost]
15:53:51 CST [AddonsModule] Install addons
15:53:51 CST message: [LocalHost]
[0/0] enabled addons
15:53:51 CST success: [LocalHost]
15:53:51 CST Pipeline[CreateClusterPipeline] execute successfully
Installation is complete.
Please check the result using the command:
kubectl get pod -Aroot@k8s-master01:~# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-7bbcc5b6fb-zn6qm 1/1 Running 0 29m
kube-system calico-node-cd8x2 1/1 Running 0 29m
kube-system calico-node-wh4qq 1/1 Running 0 29m
kube-system calico-node-x4hdc 1/1 Running 0 29m
kube-system coredns-64568965-btwct 1/1 Running 0 29m
kube-system coredns-64568965-gzk97 1/1 Running 0 29m
kube-system kube-apiserver-k8s-master01 1/1 Running 0 30m
kube-system kube-controller-manager-k8s-master01 1/1 Running 0 30m
kube-system kube-proxy-9rl7t 1/1 Running 0 29m
kube-system kube-proxy-bwsqx 1/1 Running 0 29m
kube-system kube-proxy-gtt2s 1/1 Running 0 29m
kube-system kube-scheduler-k8s-master01 1/1 Running 0 30m
kube-system nodelocaldns-b4hlg 1/1 Running 0 29m
kube-system nodelocaldns-csqjx 1/1 Running 0 29m
kube-system nodelocaldns-rwtpk 1/1 Running 0 29m
root@k8s-master01:~# kubectl get node
NAME STATUS ROLES AGE VERSION
k8s-master01 Ready control-plane 29m v1.28.8
k8s-node01 Ready worker 29m v1.28.8
k8s-node02 Ready worker 29m v1.28.8https://kubesphere.io/zh/docs/v3.4/installing-on-linux/introduction/multioverview/
https://kubesphere.io/zh/blogs/breaching-docker-image-limits-to-deploy-kubesphere-3.4.1/
