1、pod kubernetes 系统架构：

2、核心逻辑：

3、网络模型基础

4、k8s的用户：

5、k8s 运行模式：

6、kubeadm

7、kubeadm 工作流程

demo 环境部署：

[[email protected] ~]# cat /etc/hosts

192.168.100.40 node04.magedu.com node04 node04

192.168.100.30 node03.magedu.com node03 node03

192.168.100.20 node02.magedu.com node02 node02

192.168.100.10 node01.magedu.com node01 node01

环境检查：

[[email protected] ~]#

1、systemctl stop firewalld systemctl disable firewalld

2、UUID=fa47bfb8-28b6-485a-add4-3c8464933f39 swap #关闭swap 分区

3、ntpdate time1.aliyun.com

docker 安装：

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/Linux/centos/docker-ce.repo

yum install docker-ce -y

配置：daemon.json # cat /etc/docker/daemon.json

{

"registry-mirrors": ["https://9916w1ow.mirror.aliyuncs.com"],

"exec-opts":["native.cgroupdriver=systemd"],

"log-driver":"json-file",

"log-opts":{

"max-size":"100m"

},

"storage-driver":"overlay2"

}

systemctl daemon-reload

systemctl restart docker

systemctl start docker

systemctl enable docker

docker info #查看驱动

Logging Driver: json-file

Cgroup Driver: systemd

Kubernetes 镜像

https://developer.aliyun.com/mirror/kubernetes?spm=a2c6h.13651102.0.0.3e221b115fDyMd

cat <<EOF > /etc/yum.repos.d/kubernetes.repo

[kubernetes]

name=Kubernetes

baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/

enabled=1

gpgcheck=1

repo_gpgcheck=1

gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

EOF

setenforce 0 #seLinux

关闭swap分区:

swapoff -a

yum install -y kubelet kubeadm kubectl

systemctl enable kubelet && systemctl start kubelet

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

Installed:

kubeadm.x86_64 0:1.20.2-0 kubectl.x86_64 0:1.20.2-0 kubelet.x86_64 0:1.20.2-0

Dependency Installed:

conntrack-tools.x86_64 0:1.4.4-7.el7 cri-tools.x86_64 0:1.13.0-0

kubernetes-cni.x86_64 0:0.8.7-0 libnetfilter_cthelper.x86_64 0:1.0.0-11.el7

libnetfilter_cttimeout.x86_64 0:1.0.0-7.el7 libnetfilter_queue.x86_64 0:1.0.2-2.el7_2

socat.x86_64 0:1.7.3.2-2.el7

<<<<<<<<<<<<<<<<<<<<<<<

<<<<<<<

modprobe br_netfilter ； echo 1 > /proc/sys/net/bridge/bridge-nf-call-iptables

kubeadm init #初始化平面：

kubeadm init --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=v1.20.2 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap

<<<<<<<<<<

集群高可用：

kubeadm init --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=v1.20.2 --control-plane-endpoint node01 --apiserver-advertise-address 192.168.100.1 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --ignore-preflight-errors=Swap --token-ttl 0

<<<<<<<<<<

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

mkdir -p $HOME/.kube

sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.

Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:

https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.10.110:6443 --token peuw3m.5fiyzsdokf0cfzup \

--discovery-token-ca-cert-hash sha256:82873b6ecea8107b4ab2d9b49fc5f791869a4aee9d6bf2dcaa9b8ad788e50210

<<<<<<<<<<<<<<<<<<<<<

############

创建普通用户：

useradd iLinux

echo 'centos' |passwd --stdin iLinux

#echo 'iLinux ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/inLinux

cat /etc/sudoers.d/inLinux

kubectl get nodes

flannel 网络插件：

https://github.com/coreos/flannel

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

安装插件出现的问题：
[iLinux@jenkins-server~]$kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

The connection to the server raw.githubusercontent.com was refused - did you specify the right host or port?

解决GitHub的raw.githubusercontent.com无法连接问题

在 https://site.ip138.com/raw.Githubusercontent.com/

输入raw.githubusercontent.com查询IP地址

vim /etc/hosts 文件：

151.101.88.133 raw.githubusercontent.com

验证flannel pod插件；

kubectl get pods -n kube-system

NAME READY STATUS RESTARTS AGE

coredns-7f89b7bc75-5fzrg 1/1 Running 0 50m

coredns-7f89b7bc75-6d4sj 1/1 Running 0 50m

kube-controller-manager-node03.magedu.com 1/1 Running 0 50m

kube-flannel-ds-48qrx 1/1 Running 0 4m50s

kube-proxy-vnftj 1/1 Running 0 50m

加入node 节点：

kubeadm join 192.168.10.110:6443 --token peuw3m.5fiyzsdokf0cfzup \

--discovery-token-ca-cert-hash sha256:82873b6ecea8107b4ab2d9b49fc5f791869a4aee9d6bf2dcaa9b8ad788e50210

k8s 集群验证

kubectl get nodes

服务开机是否自启动：

[[email protected] ~]# systemctl is-enabled docker ;systemctl is-enabled kubelet ; systemctl is-enabled docker

pod 练习 ：