diff --git a/init-k8s.sh b/init-k8s.sh index 46b8314..288110b 100644 --- a/init-k8s.sh +++ b/init-k8s.sh @@ -3,9 +3,8 @@ lsb_dist=$(cat /etc/*release | grep ^ID= | cut -d= -f2) # ubuntu or debian? release=$(cat /etc/*release | grep VERSION_CODENAME | cut -d= -f2) # ubuntu(jammy oracular) debian(bookworm).... # -K8S_VERSION=1.32 -CONTAINERD_VERSION=2.0.2 - +K8S_VERSION=${K8S_VERSION:-1.32} # 如果未设置,使用默认值 1.32 +CONTAINERD_VERSION=${CONTAINERD_VERSION:-2.0.2} # 如果未设置,使用默认值 2.0.2 # 更新 apt curl -sSL https://git.martin98.com/MartinFarm/init/raw/branch/main/init-apt.sh | bash @@ -17,7 +16,7 @@ curl -fsSL https://mirrors.martin98.com/repository/kubernetes/core/stable/v$K8S_ echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.martin98.com/repository/kubernetes/core/stable/v$K8S_VERSION/deb/ /" > /etc/apt/sources.list.d/kubernetes.list # k8s 相关环境 -apt update && apt install -y curl apt-transport-https ca-certificates gnupg +apt update && apt install -y curl apt-transport-https ca-certificates gnupg runc # 调整内核 关闭 swap cat < /etc/containerd/config.toml +sed -i "s|sandbox = 'registry.k8s.io|sandbox = 'docker.martin98.com/k8s|g" /etc/containerd/config.toml sed -ri '0,/(config_path).*/s@(config_path).*@\1 = "/etc/containerd/certs.d"@' /etc/containerd/config.toml sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml @@ -96,11 +96,9 @@ EOF sudo systemctl restart containerd && sudo systemctl enable --now containerd -# ctr image pull registry.k8s.io/pause:3.10 -# ctr image pull --hosts-dir /etc/containerd/certs.d registry.k8s.io/pause:3.10 - - # 安装 kubeadm kubelet kubectl apt update && apt install -y kubeadm kubelet kubectl && apt-mark hold kubeadm kubelet kubectl +echo 'KUBELET_EXTRA_ARGS="--cgroup-driver=systemd"' > kubeadm-config.yaml + echo "k8s 运行环境安装成功" \ No newline at end of file diff --git a/k8s/README.md b/k8s/README.md index 804fc48..8cc57bf 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -1,36 +1,49 @@ -## +## 初始化每个节点环境 +### 配置 k8s 属性 ```bash +# k8s containerd 版本 +export K8S_VERSION=1.32 +export CONTAINERD_VERSION=2.0.2 +export CALICO_VERSION=3.27.5 +# 镜像源 k8s_version +export mirrors=docker.martin98.com/k8s +export k8s_version=1.32.1 +# 网段配置 +export pod_subnet=10.101.0.0/16 +export service_subnet=10.100.0.0/16 +``` + +```bash +# 设置 +curl -sSL https://git.martin98.com/MartinFarm/init/raw/branch/main/init-k8s.sh | bash + # 配置主机 host cat >> /etc/hosts < kubeadm-config.yaml apiVersion: kubeadm.k8s.io/v1beta4 bootstrapTokens: - groups: - system:bootstrappers:kubeadm:default-node-token - token: b77tyr.n7bk46h0947nddkb + token: $(openssl rand -hex 3).$(openssl rand -hex 8) ttl: 24h0m0s usages: - signing - authentication kind: InitConfiguration localAPIEndpoint: - advertiseAddress: 10.1.2.200 + advertiseAddress: $(hostname -I | awk '{print $1}') bindPort: 6443 nodeRegistration: criSocket: unix:///var/run/containerd/containerd.sock imagePullPolicy: IfNotPresent imagePullSerial: true name: k8s-test - taints: - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane + taints: null timeouts: controlPlaneComponentHealthCheck: 4m0s discovery: 5m0s @@ -46,26 +59,51 @@ caCertificateValidityPeriod: 87600h0m0s certificateValidityPeriod: 8760h0m0s certificatesDir: /etc/kubernetes/pki clusterName: kubernetes -controlPlaneEndpoint: $(hostname):6443 controllerManager: {} -dns: - imageRepository: docker.martin98.com/k8s/coredns +dns: + imageRepository: $mirrors/coredns encryptionAlgorithm: RSA-2048 etcd: local: dataDir: /var/lib/etcd -imageRepository: docker.martin98.com/k8s +imageRepository: $mirrors kind: ClusterConfiguration -kubernetesVersion: v1.32.1 +kubernetesVersion: $k8s_version networking: dnsDomain: cluster.local - podSubnet: 10.101.0.0/16 - serviceSubnet: 10.100.0.0/16 + podSubnet: $pod_subnet + serviceSubnet: $service_subnet proxy: {} scheduler: {} EOF -kubeadm init --config=kubeadm-config.yaml +# 开始安装 +kubeadm init --config=kubeadm-config.yaml --upload-certs --v=9 +# 配置 +mkdir -p $HOME/.kube +sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config +sudo chown $(id -u):$(id -g) $HOME/.kube/config +export KUBECONFIG=/etc/kubernetes/admin.conf +# 安装 calico +curl https://mirrors.martin98.com/repository/proxy/raw.githubusercontent.com/projectcalico/calico/v$CALICO_VERSION/manifests/calico.yaml -O +sed -i '/^[[:space:]]*# - name: CALICO_IPV4POOL_CIDR/s/# //' calico.yaml +sed -i '/CALICO_IPV4POOL_CIDR/ {n; s|#\s||; s|value: ".*"|value: "'"$pod_subnet"'"|;}' calico.yaml +kubectl apply -f calico.yaml +``` +### 加入集群 +```bash +kubeadm token create --print-join-command +# worker 加入 +kubeadm join 10.1.2.200:6443 \ + --token ??? \ + --discovery-token-ca-cert-hash ??? +# admin 加入 +kubeadm join 10.1.2.200:6443 \ + --token ??? \ + --discovery-token-ca-cert-hash ??? \ + --control-plane +# 验证集群 +kubectl get nodes ``` \ No newline at end of file