K8s - openeuler2203SP1安装 K8s + flannel
环境说明
[root@master-1 ~]# uname -a
Linux master-1 5.10.0-136.12.0.86.oe2203sp1.x86_64 #1 SMP Tue Dec 27 17:50:15 CST 2022 x86_64 x86_64 x86_64 GNU/Linux
安装过程
1、安装 containerd
-
下载 tar 包
# 确保没有使用官方仓库的containerd [root@localhost ~]# yum remove containerd -y [root@localhost ~]# wget https://github.com/containerd/containerd/releases/download/v1.7.16/containerd-1.7.16-linux-amd64.tar.gz [root@localhost ~]# tar -zxvf containerd-1.7.16-linux-amd64.tar.gz [root@localhost ~]# mv bin/* /usr/local/bin/ -
编写 service 文件
[root@localhost ~]# vi /usr/lib/systemd/system/containerd.service [Unit] Description=containerd container runtime Documentation=https://containerd.io After=network.target local-fs.target [Service] ExecStartPre=-/sbin/modprobe overlay ExecStart=/usr/local/bin/containerd Type=notify Delegate=yes KillMode=process Restart=always RestartSec=5 # Having non-zero Limit*s causes performance problems due to accounting overhead # in the kernel. We recommend using cgroups to do container-local accounting. LimitNPROC=infinity LimitCORE=infinity # Comment TasksMax if your systemd version does not supports it. # Only systemd 226 and above support this version. TasksMax=infinity OOMScoreAdjust=-999 [Install] WantedBy=multi-user.target -
修改配置文件
[root@localhost ~]# mkdir /etc/containerd/ [root@localhost ~]# containerd config default > /etc/containerd/config.toml # 将cgroup打开 [root@localhost ~]# vi /etc/containerd/config.toml # 找到这一行配置,将false改为true 139 SystemdCgroup = true # 修改sandbox镜像地址 67 sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9" -
启动服务
[root@localhost ~]# systemctl daemon-reload [root@localhost ~]# systemctl enable --now containerd
2、安装 cni 插件
[root@localhost ~]# wget https://github.com/containernetworking/plugins/releases/download/v1.4.1/cni-plugins-linux-amd64-v1.4.1.tgz
[root@localhost ~]# mkdir -p /opt/cni/bin
[root@localhost ~]# tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.4.1.tgz
3、主机配置
[root@localhost ~]# hostnamectl set-hostname master-1
[root@localhost ~]# echo "127.0.0.1 master-1" >> /etc/hosts
[root@localhost ~]# echo "::1 master-1" >>/etc/hosts
[root@master-1 ~]# modprobe bridge
[root@master-1 ~]# modprobe br_netfilter
[root@master-1 ~]# vi /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
[root@master-1 ~]# sysctl -p
[root@master-1 ~]# setenforce 0
[root@master-1 ~]# sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config
[root@master-1 ~]# systemctl disable --now firewalld
[root@master-1 ~]# swapoff -a
4、搭建 K8s
-
配置 yum 源
[root@master-1 ~]# sed -i "s/openEuler-22.03-LTS-SP1/openEuler-23.03/g" /etc/yum.repos.d/openEuler.repo -
yum 安装
[root@master-1 ~]# yum install kubernet* cri-tools -y [root@master-1 ~]# systemctl enable kubelet -
cri 配置
[root@master-1 ~]# crictl config --set runtime-endpoint=unix:///run/containerd/containerd.sock --set image-endpoint=unix:///run/containerd/containerd.sock -
查看版本并初始化
[root@master-1 ~]# kubeadm version kubeadm version: &version.Info{Major:"1", Minor:"24", GitVersion:"v1.24.0", GitCommit:"4ce5a8954017644c5420bae81d72b09b735c21f0", GitTreeState:"archive", BuildDate:"2023-03-28T11:09:13Z", GoVersion:"go1.19.4", Compiler:"gc", Platform:"linux/amd64"} [root@master-1 ~]# kubeadm init --kubernetes-version=v1.24.0 --pod-network-cidr=10.244.0.0/16 --image-repository=registry.aliyuncs.com/google_containers -
按照提示信息操作
To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config Alternatively, if you are the root user, you can run: export KUBECONFIG=/etc/kubernetes/admin.conf -
查看节点状态
[root@master-1 ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION master-1 NotReady control-plane 14m v1.24.0
5、网络插件安装
-
下载 flannel yml
[root@master-1 ~]# wget https://github.com/flannel-io/flannel/releases/download/v0.26.2/kube-flannel.yml -
通过离线下载网站获取镜像
https://pull.7ii.win/
-
导入 k8s.io 命名空间,需要通过 docker 进行转换
[root@master-1 ~]# docker load < flannel-flannel-v0.26.2-amd64.tar [root@master-1 ~]# docker load < flannel-flannel-cni-plugin-v1.6.0-flannel1-amd64.tar [root@master-1 ~]# docker save -o flannel-flannel-cni-plugin-v1.6.0-flannel1-amd64.tar flannel/flannel-cni-plugin:v1.6.0-flannel1 [root@master-1 ~]# docker save -o flannel-flannel-v0.26.2-amd64.tar flannel/flannel:v0.26.2 [root@master-1 ~]# ctr -n k8s.io images import flannel-flannel-v0.26.2-amd64.tar [root@master-1 ~]# ctr -n k8s.io images import flannel-flannel-cni-plugin-v1.6.0-flannel1-amd64.tar -
调整 yml 镜像拉取策略,在 image 下增加 imagePullPolicy: Never
-
应用 yml
[root@master-1 ~]# kubectl apply -f kube-flannel.yml -
yml 参考
apiVersion: v1 kind: Namespace metadata: labels: k8s-app: flannel pod-security.kubernetes.io/enforce: privileged name: kube-flannel --- apiVersion: v1 kind: ServiceAccount metadata: labels: k8s-app: flannel name: flannel namespace: kube-flannel --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: k8s-app: flannel name: flannel rules: - apiGroups: - "" resources: - pods verbs: - get - apiGroups: - "" resources: - nodes verbs: - get - list - watch - apiGroups: - "" resources: - nodes/status verbs: - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: k8s-app: flannel name: flannel roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: flannel subjects: - kind: ServiceAccount name: flannel namespace: kube-flannel --- apiVersion: v1 data: cni-conf.json: | { "name": "cbr0", "cniVersion": "0.3.1", "plugins": [ { "type": "flannel", "delegate": { "hairpinMode": true, "isDefaultGateway": true } }, { "type": "portmap", "capabilities": { "portMappings": true } } ] } net-conf.json: | { "Network": "10.244.0.0/16", "EnableNFTables": false, "Backend": { "Type": "vxlan" } } kind: ConfigMap metadata: labels: app: flannel k8s-app: flannel tier: node name: kube-flannel-cfg namespace: kube-flannel --- apiVersion: apps/v1 kind: DaemonSet metadata: labels: app: flannel k8s-app: flannel tier: node name: kube-flannel-ds namespace: kube-flannel spec: selector: matchLabels: app: flannel k8s-app: flannel template: metadata: labels: app: flannel k8s-app: flannel tier: node spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/os operator: In values: - linux containers: - args: - --ip-masq - --kube-subnet-mgr command: - /opt/bin/flanneld env: - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: EVENT_QUEUE_DEPTH value: "5000" image: docker.io/flannel/flannel:v0.26.2 imagePullPolicy: Never name: kube-flannel resources: requests: cpu: 100m memory: 50Mi securityContext: capabilities: add: - NET_ADMIN - NET_RAW privileged: false volumeMounts: - mountPath: /run/flannel name: run - mountPath: /etc/kube-flannel/ name: flannel-cfg - mountPath: /run/xtables.lock name: xtables-lock hostNetwork: true initContainers: - args: - -f - /flannel - /opt/cni/bin/flannel command: - cp image: docker.io/flannel/flannel-cni-plugin:v1.6.0-flannel1 imagePullPolicy: Never name: install-cni-plugin volumeMounts: - mountPath: /opt/cni/bin name: cni-plugin - args: - -f - /etc/kube-flannel/cni-conf.json - /etc/cni/net.d/10-flannel.conflist command: - cp image: docker.io/flannel/flannel:v0.26.2 imagePullPolicy: Never name: install-cni volumeMounts: - mountPath: /etc/cni/net.d name: cni - mountPath: /etc/kube-flannel/ name: flannel-cfg priorityClassName: system-node-critical serviceAccountName: flannel tolerations: - effect: NoSchedule operator: Exists volumes: - hostPath: path: /run/flannel name: run - hostPath: path: /opt/cni/bin name: cni-plugin - hostPath: path: /etc/cni/net.d name: cni - configMap: name: kube-flannel-cfg name: flannel-cfg - hostPath: path: /run/xtables.lock type: FileOrCreate name: xtables-lock
6、安装结果
[root@master-1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master-1 Ready control-plane 7m38s v1.24.0
[root@master-1 ~]#
[root@master-1 ~]#
[root@master-1 ~]# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-flannel kube-flannel-ds-rtwp4 1/1 Running 0 98s
kube-system coredns-74586cf9b6-cdr5n 1/1 Running 0 7m22s
kube-system coredns-74586cf9b6-hhn72 1/1 Running 0 7m22s
kube-system etcd-master-1 1/1 Running 0 7m36s
kube-system kube-apiserver-master-1 1/1 Running 0 7m36s
kube-system kube-controller-manager-master-1 1/1 Running 0 7m36s
kube-system kube-proxy-27tnv 1/1 Running 0 7m22s
kube-system kube-scheduler-master-1 1/1 Running 0 7m36s
参考
解决无法拉取flannel镜像:https://blog.csdn.net/qq_46274911/article/details/138486623