您好,登录后才能下订单哦!
密码登录
登录注册
点击 登录注册 即表示同意《亿速云用户服务条款》
# 如何安装Kubernetes(k8s)集群
## 目录
- [前言](#前言)
- [环境准备](#环境准备)
- [硬件要求](#硬件要求)
- [操作系统要求](#操作系统要求)
- [网络要求](#网络要求)
- [安装前配置](#安装前配置)
- [关闭Swap](#关闭swap)
- [配置主机名与Hosts](#配置主机名与hosts)
- [安装依赖工具](#安装依赖工具)
- [配置内核参数](#配置内核参数)
- [安装容器运行时](#安装容器运行时)
- [安装Kubernetes组件](#安装kubernetes组件)
- [添加Kubernetes仓库](#添加kubernetes仓库)
- [安装kubeadm/kubelet/kubectl](#安装kubeadmkubeletkubectl)
- [初始化Master节点](#初始化master节点)
- [运行kubeadm init](#运行kubeadm-init)
- [配置kubectl](#配置kubectl)
- [安装网络插件](#安装网络插件)
- [加入Worker节点](#加入worker节点)
- [验证集群状态](#验证集群状态)
- [部署测试应用](#部署测试应用)
- [集群维护](#集群维护)
- [升级集群](#升级集群)
- [备份与恢复](#备份与恢复)
- [常见问题排查](#常见问题排查)
- [总结](#总结)
## 前言
Kubernetes(简称k8s)是当前最流行的容器编排平台,能够自动化部署、扩展和管理容器化应用。本文将详细介绍如何从零开始搭建一个生产可用的Kubernetes集群,涵盖从环境准备到集群验证的全过程。
## 环境准备
### 硬件要求
- **Master节点**(控制平面):
- 至少2核CPU
- 4GB内存
- 20GB磁盘空间
- 稳定的网络连接
- **Worker节点**(工作节点):
- 根据工作负载调整
- 建议至少4核CPU/8GB内存/50GB磁盘
> 生产环境建议:3个Master节点实现高可用 + 多个Worker节点
### 操作系统要求
- 支持的操作系统:
- Ubuntu 20.04/22.04 LTS
- CentOS 7/8
- RHEL 7/8
- Debian 10/11
本文以**Ubuntu 22.04 LTS**为例演示安装过程。
### 网络要求
- 节点间网络互通
- 开放端口:
- Master节点:6443, 2379-2380, 10250-10252
- Worker节点:10250, 30000-32767
- 建议配置:
- 非NAT环境
- 每个节点固定内网IP
- 禁用防火墙或配置正确规则
## 安装前配置
### 关闭Swap
Kubernetes 1.8+要求禁用Swap:
```bash
sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
sudo hostnamectl set-hostname k8s-master # Master节点
sudo hostnamectl set-hostname k8s-node1 # Worker节点
/etc/hosts(所有节点相同):192.168.1.100 k8s-master
192.168.1.101 k8s-node1
192.168.1.102 k8s-node2
sudo apt-get update && sudo apt-get install -y \
apt-transport-https \
ca-certificates \
curl \
gnupg \
lsb-release
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --system
Kubernetes支持多种容器运行时,本文选择containerd:
# 安装containerd
sudo apt-get install -y containerd
# 生成默认配置
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
# 修改配置启用systemd cgroup驱动
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
# 重启服务
sudo systemctl restart containerd
sudo systemctl enable containerd
sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg \
https://packages.cloud.google.com/apt/doc/apt-key.gpg
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | \
sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl # 防止自动升级
sudo kubeadm init \
--pod-network-cidr=10.244.0.0/16 \
--apiserver-advertise-address=192.168.1.100 \
--control-plane-endpoint=k8s-master
成功后会显示:
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.1.100:6443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:12345...
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
选择Calico网络插件:
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
验证安装:
kubectl get pods -n kube-system
在每个Worker节点执行Master初始化时输出的join命令:
sudo kubeadm join 192.168.1.100:6443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:12345...
kubectl get nodes # 查看所有节点状态
kubectl cluster-info # 查看集群信息
kubectl get pods -A # 查看所有Pod
kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl get svc nginx # 获取访问端口
访问测试:
curl http://<节点IP>:<NodePort>
sudo apt-get update && sudo apt-get install -y kubeadm=1.27.0-00
kubeadm version
sudo kubeadm upgrade plan
sudo kubeadm upgrade apply v1.27.0
kubectl drain <node> --ignore-daemonsets
sudo kubeadm upgrade node
sudo systemctl restart kubelet
kubectl uncordon <node>
备份关键配置:
# 备份etcd
sudo ETCDCTL_API=3 etcdctl \
--endpoints=https://127.0.0.1:2379 \
--cacert=/etc/kubernetes/pki/etcd/ca.crt \
--cert=/etc/kubernetes/pki/etcd/server.crt \
--key=/etc/kubernetes/pki/etcd/server.key \
snapshot save snapshot.db
# 备份k8s配置
sudo cp -r /etc/kubernetes /backup/kubernetes-config
sudo cp -r /var/lib/kubelet /backup/kubelet-data
kubelet无法启动:
sudo systemctl status containerdjournalctl -xeu kubelet节点NotReady:
kubectl get pods -n kube-systemping <其他节点IP>Pod卡在Pending状态:
kubectl describe pod <pod-name>kubectl describe nodes通过本文的详细步骤,您已经成功搭建了一个功能完整的Kubernetes集群。建议进一步: - 配置持久化存储(如NFS/CSI) - 安装监控系统(Prometheus+Grafana) - 配置日志收集(EFK/ELK) - 设置RBAC权限控制
Kubernetes的学习曲线较陡峭,建议通过官方文档和实际项目不断积累经验。Happy Kubernetes-ing! “`
注:实际使用时,请根据您的具体环境修改IP地址、版本号等参数。本文档假设使用Kubernetes 1.27版本,不同版本的具体命令可能略有差异。
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。