# 如何安装Kubernetes(k8s)集群 ## 目录 - [前言](#前言) - [环境准备](#环境准备) - [硬件要求](#硬件要求) - [操作系统要求](#操作系统要求) - [网络要求](#网络要求) - [安装前配置](#安装前配置) - [关闭Swap](#关闭swap) - [配置主机名与Hosts](#配置主机名与hosts) - [安装依赖工具](#安装依赖工具) - [配置内核参数](#配置内核参数) - [安装容器运行时](#安装容器运行时) - [安装Kubernetes组件](#安装kubernetes组件) - [添加Kubernetes仓库](#添加kubernetes仓库) - [安装kubeadm/kubelet/kubectl](#安装kubeadmkubeletkubectl) - [初始化Master节点](#初始化master节点) - [运行kubeadm init](#运行kubeadm-init) - [配置kubectl](#配置kubectl) - [安装网络插件](#安装网络插件) - [加入Worker节点](#加入worker节点) - [验证集群状态](#验证集群状态) - [部署测试应用](#部署测试应用) - [集群维护](#集群维护) - [升级集群](#升级集群) - [备份与恢复](#备份与恢复) - [常见问题排查](#常见问题排查) - [总结](#总结) ## 前言 Kubernetes(简称k8s)是当前最流行的容器编排平台,能够自动化部署、扩展和管理容器化应用。本文将详细介绍如何从零开始搭建一个生产可用的Kubernetes集群,涵盖从环境准备到集群验证的全过程。 ## 环境准备 ### 硬件要求 - **Master节点**(控制平面): - 至少2核CPU - 4GB内存 - 20GB磁盘空间 - 稳定的网络连接 - **Worker节点**(工作节点): - 根据工作负载调整 - 建议至少4核CPU/8GB内存/50GB磁盘 > 生产环境建议:3个Master节点实现高可用 + 多个Worker节点 ### 操作系统要求 - 支持的操作系统: - Ubuntu 20.04/22.04 LTS - CentOS 7/8 - RHEL 7/8 - Debian 10/11 本文以**Ubuntu 22.04 LTS**为例演示安装过程。 ### 网络要求 - 节点间网络互通 - 开放端口: - Master节点:6443, 2379-2380, 10250-10252 - Worker节点:10250, 30000-32767 - 建议配置: - 非NAT环境 - 每个节点固定内网IP - 禁用防火墙或配置正确规则 ## 安装前配置 ### 关闭Swap Kubernetes 1.8+要求禁用Swap: ```bash sudo swapoff -a sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab sudo hostnamectl set-hostname k8s-master # Master节点 sudo hostnamectl set-hostname k8s-node1 # Worker节点 /etc/hosts(所有节点相同):192.168.1.100 k8s-master 192.168.1.101 k8s-node1 192.168.1.102 k8s-node2 sudo apt-get update && sudo apt-get install -y \ apt-transport-https \ ca-certificates \ curl \ gnupg \ lsb-release cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf overlay br_netfilter EOF sudo modprobe overlay sudo modprobe br_netfilter cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 EOF sudo sysctl --system Kubernetes支持多种容器运行时,本文选择containerd:
# 安装containerd sudo apt-get install -y containerd # 生成默认配置 sudo mkdir -p /etc/containerd containerd config default | sudo tee /etc/containerd/config.toml # 修改配置启用systemd cgroup驱动 sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml # 重启服务 sudo systemctl restart containerd sudo systemctl enable containerd sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg \ https://packages.cloud.google.com/apt/doc/apt-key.gpg echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | \ sudo tee /etc/apt/sources.list.d/kubernetes.list sudo apt-get update sudo apt-get install -y kubelet kubeadm kubectl sudo apt-mark hold kubelet kubeadm kubectl # 防止自动升级 sudo kubeadm init \ --pod-network-cidr=10.244.0.0/16 \ --apiserver-advertise-address=192.168.1.100 \ --control-plane-endpoint=k8s-master 成功后会显示:
Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root: kubeadm join 192.168.1.100:6443 --token abcdef.0123456789abcdef \ --discovery-token-ca-cert-hash sha256:12345... mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config 选择Calico网络插件:
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml 验证安装:
kubectl get pods -n kube-system 在每个Worker节点执行Master初始化时输出的join命令:
sudo kubeadm join 192.168.1.100:6443 --token abcdef.0123456789abcdef \ --discovery-token-ca-cert-hash sha256:12345... kubectl get nodes # 查看所有节点状态 kubectl cluster-info # 查看集群信息 kubectl get pods -A # 查看所有Pod kubectl create deployment nginx --image=nginx kubectl expose deployment nginx --port=80 --type=NodePort kubectl get svc nginx # 获取访问端口 访问测试:
curl http://<节点IP>:<NodePort> sudo apt-get update && sudo apt-get install -y kubeadm=1.27.0-00 kubeadm version sudo kubeadm upgrade plan sudo kubeadm upgrade apply v1.27.0 kubectl drain <node> --ignore-daemonsets sudo kubeadm upgrade node sudo systemctl restart kubelet kubectl uncordon <node> 备份关键配置:
# 备份etcd sudo ETCDCTL_API=3 etcdctl \ --endpoints=https://127.0.0.1:2379 \ --cacert=/etc/kubernetes/pki/etcd/ca.crt \ --cert=/etc/kubernetes/pki/etcd/server.crt \ --key=/etc/kubernetes/pki/etcd/server.key \ snapshot save snapshot.db # 备份k8s配置 sudo cp -r /etc/kubernetes /backup/kubernetes-config sudo cp -r /var/lib/kubelet /backup/kubelet-data kubelet无法启动:
sudo systemctl status containerdjournalctl -xeu kubelet节点NotReady:
kubectl get pods -n kube-systemping <其他节点IP>Pod卡在Pending状态:
kubectl describe pod <pod-name>kubectl describe nodes通过本文的详细步骤,您已经成功搭建了一个功能完整的Kubernetes集群。建议进一步: - 配置持久化存储(如NFS/CSI) - 安装监控系统(Prometheus+Grafana) - 配置日志收集(EFK/ELK) - 设置RBAC权限控制
Kubernetes的学习曲线较陡峭,建议通过官方文档和实际项目不断积累经验。Happy Kubernetes-ing! “`
注:实际使用时,请根据您的具体环境修改IP地址、版本号等参数。本文档假设使用Kubernetes 1.27版本,不同版本的具体命令可能略有差异。
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。
