标签：单机版 etc -- CentOS7 kubelet systemctl kubeadm docker

准备一台干干净净的服务器

准备环境

-----------------------------------------------------------------------------------------

为了安全，先把SSH端口默认的22端口修改了

vi /etc/ssh/sshd_config

修改Port，在服务器的安全策略组中把修改后的端口加进去

重启SSHD服务

service sshd restart

----------------------------------------------------------------------------------------

修改主机名，并在hosts文件中加一行主机名的解析，重启服务器使配置生效

hostnamectl set-hostname master
hostnamectl status
vi /etc/hosts
reboot

-----------------------------------------------------------------------------------------

关闭防火墙、selinux、swap

systemctl stop firewalld
systemctl disable firewalld

sed -i 's/enforcing/disabled/' /etc/selinux/config 
setenforce 0

swapoff -a

------------------------------------------------------------------------------------------

将桥接的IPv4流量传递到iptables的链：

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

sysctl --system

yum update -y

------------------------------------------------------------------------------------------

安装Docker （不加版本号默认安装最新的，当下安装是20.10.17）

wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo

yum -y install docker-ce

systemctl enable docker && systemctl start docker

------------------------------------------------------------------------------------------

安装K8s

先添加阿里云Yum的软件源地址

cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

------------------------------------------------------------------------------------------

安装Kubeadm、Kubelet、Kubectl

*注：由于版本更新很频繁，不加版本号的话默认安装最新，官方对于1.24版本声明如下：

 

 

此处，咱使用的是1.23.6版本（主要是1.24.1后续问题太多了。。。。。）

 

yum install -y kubelet-1.23.6 kubeadm-1.23.6 kubectl-1.23.6

systemctl enable kubelet

kubeadm初始化

注：国内无法访问默认的拉取镜像地址k8s.gcr.io，所以这里替换成阿里云镜像仓库的地址（如果有外网环境，当我没说）

kubeadm init  --apiserver-advertise-address=192.168.0.3  --image-repository registry.aliyuncs.com/google_containers   --kubernetes-version v1.23.6   --service-cidr=10.1.0.0/16   --pod-network-cidr=10.244.0.0/16

 

到这一步跑着跑着可能就出现问题了。。错误日志如下

[kubelet-check] It seems like the kubelet isn't running or healthy.
[kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get "http://localhost:10248/healthz": dial tcp 192.168.0.3:10248: connect: connection refused.
[kubelet-check] The HTTP call equal to 'curl -sSL http://localhost:10248/healthz' failed with error: Get "http://localhost:10248/healthz": dial tcp 192.168.0.3:10248: connect: connection refused.

        Unfortunately, an error has occurred:
                timed out waiting for the condition

        This error is likely caused by:
                - The kubelet is not running
                - The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled)

        If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands:
                - 'systemctl status kubelet'
                - 'journalctl -xeu kubelet'

        Additionally, a control plane component may have crashed or exited when started by the container runtime.
        To troubleshoot, list all containers using your preferred container runtimes CLI.

        Here is one example how you may list all Kubernetes containers running in docker:
                - 'docker ps -a | grep kube | grep -v pause'
                Once you have found the failing container, you can inspect its logs with:
                - 'docker logs CONTAINERID'

------------------------------------------------------------------------------------------------------------------

重置

kubeadm reset

 ------------------------------------------------------------------------------------------------------------------

解决问题

问题原因： 因为docker和 kubelet 服务中的 cgroup 驱动不一致

解决方案：

1、修改docker配置

vi /etc/docker/daemon.json

加入这段

{
    "exec-opts": ["native.cgroupdriver=systemd"]
}

重启docker

systemctl daemon-reload
 
systemctl restart docker

2、修改kubelet配置

vi /etc/systemd/system/kubelet.service.d/10-kubeadm.conf

加入这段

Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --cgroup-driver=cgroupfs"

重启kubelet

systemctl daemon-reload
 
systemctl restart kubelet

 

再次执行上面的kubeadm init --XXXXXXXXXXXXXXX 就妥了~~~~~~

 

标签：单机版,etc,--,CentOS7,kubelet,systemctl,kubeadm,docker
来源： https://www.cnblogs.com/NinaMua/p/16374893.html

本站声明： 1. iCode9 技术分享网（下文简称本站）提供的所有内容，仅供技术学习、探讨和分享；
2. 关于本站的所有留言、评论、转载及引用，纯属内容发起人的个人观点，与本站观点和立场无关；
3. 关于本站的所有言论和文字，纯属内容发起人的个人观点，与本站观点和立场无关；
4. 本站文章均是网友提供，不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属；如您发现该文章侵犯了您的权益，可联系我们第一时间进行删除；
5. 本站为非盈利性的个人网站，所有内容不会用来进行牟利，也不会利用任何形式的广告来间接获益，纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。