配置 kubernetes 主节点

1. 初始化

## 创建目录
mkdir -p /usr/local/docker/kubernetes/
cd /usr/local/docker/kubernetes/
# 导出配置
kubeadm config print init-defaults --kubeconfig ClusterConfiguration > kubeadm.yml

nodeRegistration.name: Invalid value: "kb_master": a DNS-1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')

原因是 hostname 和 DNS 的解析规则不匹配，改掉自己的hostname就好了。

hostname
#kb_master 存在下划线，不符合dns规则
hostnamectl set-hostname kbmaster
hostname
#kbmaster

vim kubeadm.yml

# 修改以下内容
# 修改为主节点 IP
advertiseAddress: 192.168.141.130 # 虚拟机的对外ip
# 修改版本号
kubernetesVersion: v1.16.1 #kubeadm version可查看版本号
# 国内不能访问 Google，修改为阿里云
imageRepository: registry.aliyuncs.com/google_containers
# 配置成 Calico 的默认网段
  podSubnet: "192.168.0.0/16"
# 开启 IPVS 模式
apiVersion: kubeproxy.config.k8s.io/v1alpha1

2. 查看所需镜像列表

kubeadm config images list --config kubeadm.yml

3 拉取镜像

# 这一步之前要安装docker 否者汇报 找不到 docker 服务
kubeadm config images pull --config kubeadm.yml
#一共大概7个镜像，必须都成功
# docker images 可以查看镜像

4 设置主节点

cd /usr/local/docker/kubernetes/
kubeadm init --config=kubeadm.yml --upload-certs | tee kubeadm-init.log
#v1.14.1   kubeadm init --config=kubeadm.yml --experimental-upload-certs | tee  kubeadm-init.log

报错

[ERROR NumCPU]: the number of available CPUs 1 is less than the required 2

分析
虚拟机的cup核数不够
解决
关闭虚拟机/虚拟机/设置/处理器和内存

#启动虚拟机，回到之前目录，再次初始化
kubeadm init --config=kubeadm.yml --upload-certs | tee kubeadm-init.log

报错
[ERROR FileContent--proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables contents are not set to 1

解决

echo "1" >/proc/sys/net/bridge/bridge-nf-call-iptables

5 创建配置文件

按照它的提示来就好了

# 验证
kubectl get nodes
#NAME       STATUS     ROLES    AGE   VERSION
#kbmaster   NotReady   master   80s   v1.16.1

docker ps --format "{{.Names}}"

6 配置网络

6.1 使用calico插件

kubectl apply -f https://docs.projectcalico.org/v3.7/manifests/calico.yaml

# 输出如下
configmap/calico-config created
customresourcedefinition.apiextensions.k8s.io/felixconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipamblocks.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/blockaffinities.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipamhandles.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ipamconfigs.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/bgppeers.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/bgpconfigurations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/ippools.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/hostendpoints.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/clusterinformations.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/globalnetworkpolicies.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/globalnetworksets.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/networkpolicies.crd.projectcalico.org created
customresourcedefinition.apiextensions.k8s.io/networksets.crd.projectcalico.org created
clusterrole.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrolebinding.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrole.rbac.authorization.k8s.io/calico-node created
clusterrolebinding.rbac.authorization.k8s.io/calico-node created
daemonset.extensions/calico-node created
serviceaccount/calico-node created
deployment.extensions/calico-kube-controllers created
serviceaccount/calico-kube-controllers created

确认安装是否成功

kubectl get pods --all-namespaces

# 需要等待所有状态为 Running，注意时间可能较久，3 - 5 分钟的样子

NAMESPACE     NAME                                        READY   STATUS    RESTARTS   AGE
kube-system   calico-kube-controllers-8646dd497f-g2lln    1/1     Running   0          50m
kube-system   calico-node-8jrtp                           1/1     Running   0          50m
kube-system   coredns-8686dcc4fd-mhwfn                    1/1     Running   0          51m
kube-system   coredns-8686dcc4fd-xsxwk                    1/1     Running   0          51m
kube-system   etcd-kubernetes-master                      1/1     Running   0          50m
kube-system   kube-apiserver-kubernetes-master            1/1     Running   0          51m
kube-system   kube-controller-manager-kubernetes-master   1/1     Running   0          51m
kube-system   kube-proxy-p8mdw                            1/1     Running   0          51m
kube-system   kube-scheduler-kubernetes-master            1/1     Running   0 

假如 两个coredns总是pending状态

NAME                                            READY   STATUS    RESTARTS   AGE   IP              NODE                    NOMINATED NODE   READINESS GATES
coredns-5c98db65d4-5fh6c                        0/1     Pending   0          54s  
coredns-5c98db65d4-dbwmq                        0/1     Pending   0          54s   

#查看kubelet的状态 会发现找不到  /etc/cni/net.d 这个文件
systemctl status kubelet.service
journalctl -f -u kubelet.service

解决办法 ：安装 cni

cat >/etc/cni/net.d/10-mynet.conf <<EOF
{
    "cniVersion": "0.2.0",
    "name": "mynet",
    "type": "bridge",
    "bridge": "cni0",
    "isGateway": true,
    "ipMasq": true,
    "ipam": {
        "type": "host-local",
        "subnet": "10.22.0.0/16",
        "routes": [
            { "dst": "0.0.0.0/0" }
        ]
    }
}
EOF

cat >/etc/cni/net.d/99-loopback.conf <<EOF
{
    "cniVersion": "0.2.0",
    "name": "lo",
    "type": "loopback"
}
EOF

再次确认

kubectl get pods --all-namespaces
#所有的组件都跑起来了

kubectl get node
NAME         STATUS   ROLES    AGE   VERSION
k8s-master   Ready    master   44h   v1.16.2

本作品采用《CC 协议》，转载必须注明作者和本文链接