![再也不踩坑的kubernetes实战指南](https://wfqqreader-1252317822.image.myqcloud.com/cover/323/27563323/b_27563323.jpg)
1.2 Kubeadm高可用安装K8S集群(1.13.x和1.14.x)
Kubeadm安装Kubernetes 1.13.x和1.14.x版本差异并不是很大,相对于1.12.x和1.11.x版本更加简单,只需要对其中一台Master初始化即可,其他Master节点和Node使用join即可,Master和Node添加到集群中只差了一个参数,修改命令如下:
--experimental-control-plane
1.2.1 基本组件的安装
关于基本环境配置和内核升级,请参考1.1节。
和上节一样,需要提前安装Kubernetes集群的必需组件。
安装Docker:
yum -y install docker-ce-17.09.1.ce-1.el7.centos
安装Kubernetes组件:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P30_57202.jpg?sign=1739365468-VWuHRKTmmMmfn53XkhTiqxpKWVCZm5Iz-0-4a2c8fd67bd30201dd01bdc7d18aa9df)
所有节点启动Docker:
systemctl enable --now docker
配置Kubelet:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P30_57205.jpg?sign=1739365468-UYzSVM7PdDBv8ixry8dEpHff1ugbbpO8-0-f4b47bdc54161e9a75c4d53c7f6cce6b)
HAProxy和KeepAlived的安装请参考1.1.4节。
1.2.2 集群初始化
Master01节点集群初始化和上一节演示的版本一致,但是kubeadm-config.yaml有所变化,去掉了内置于Kubernetes集群中的Etcd集群配置。在1.13.x版本中,Master02和Master03无须kubeadm-config.yaml也可,但是为了提前下载镜像,一般也会拷贝过去。
使用kubeadm安装Kubernetes高可用集群1.13.x和1.14.x版本,kubeadm的配置文件如下:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P30_57206.jpg?sign=1739365468-VoS8olvyvaD32ecqF74W02uK6nBHyB4X-0-39005304c183817766be049626b034ed)
和上一节不同的是直接开启了ipvs模式的rr模式,这样在初始化完成以后不用再次修改了,其中podSubnet为Pod的网段,如果安装1.14.x,只需要将Kubernetes版本改成1.14.x即可。
Master节点提前下载镜像:
kubeadm config images pull --config /root/kubeadm-config.yaml
Master01节点初始化:
kubeadm init --config /root/kubeadm-config.yaml
对于Kubernetes 1.14.x,在初始化时加入--experimental-upload-certs参数,使集群初始化更加简单,无须再复制证书至其他节点,之后join时添加--certificate-key参数即可自动加入集群。Kubernetes 1.14.x的初始化命令如下:
kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs
如果初始化失败,重置后再次初始化:
kubeadm reset
记录token值,在节点加入集群时使用:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P31_57214.jpg?sign=1739365468-6Q2o7rhaqQWIunLF2UipqrJkn7FbDt0i-0-7cdcd002be9837983c7ec35103b960a5)
对于Kubernetes 1.14.x版本,初始化完成以后生成的Token如下:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P31_57215.jpg?sign=1739365468-6Mo6GWpRqQQzh29COONnEhrAIPONA93R-0-bab708673f62d3dbf2126d8036ef6d88)
其中,Master节点使用--experimental-control-plane和--certificate-key参数即可完成初始化,并以Master的角色加入集群:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P32_57216.jpg?sign=1739365468-Z51viafY31b7aybhEMM0xgbbG2DtEuzq-0-cc8bb08021a3e3a2cf6e1d99ab223696)
所有Master节点配置环境变量:
cat <<EOF >> /root/.bashrc export KUBECONFIG=/etc/kubernetes/admin.conf EOF source /root/.bashrc
查看节点状态:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P32_57218.jpg?sign=1739365468-y6LstyYMRA9jgrH9XoFVeLLPVyN7uXIU-0-ae577686afe0ec4cff94a6076873f499)
查看Pod状态:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P32_57219.jpg?sign=1739365468-1IhjHYCZAjGw01XRvWrHvIvq0afM4YZr-0-609992f74f4371f4abc6fd6eb6683412)
1.2.3 Calico组件的安装
可安装截止本书截稿时的最新版3.6.1,也可以参考1.1.5节,POD_CIDR为上述配置的podSubnet:
POD_CIDR="<your-pod-cidr>" \ sed -i -e "s?192.168.0.0/16?$POD_CIDR?g" calico/v3.6.1/calico.yaml kubectl apply -f calico/v3.6.1/calico.yaml
1.2.4 高可用Master
Kubernetes 1.13.x版需要复制证书至其他Master节点,1.14.x版则无须再复制证书至其他Master节点:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P33_57221.jpg?sign=1739365468-2auBVOBzxe1UE6WLtaYqdsjRi30cx10s-0-1b73e300c7bd05b2f73f50e2ebb9683c)
Master02提前下载镜像:
kubeadm config images pull --config /root/kubeadm-config.yaml
Master02加入集群,与Node节点相差的参数就是--experimental-control-plane:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P33_57223.jpg?sign=1739365468-Pz03uwvKkj1Po3VRrLncrpKTRPLccPwA-0-cb0a7cf6d11a6fd5fc82b4369adc98b0)
对于Kubernetes 1.14.x,使用如下命令加入集群,多了一个--certificate-key参数:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P33_57224.jpg?sign=1739365468-qNGzEIfXOMvUcJ1stTutPonz4jFXBPYA-0-d0f00f97bb76d3ddafd70aba4491e65b)
反馈如下:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P33_57225.jpg?sign=1739365468-5r0FjxpwpDq3X5K43pb187ARgDzwl3nI-0-c5e97ea848895bb9ce7873e4cfe634b8)
Master01查看状态:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P34_57228.jpg?sign=1739365468-T2kZoN4dotYDLSaEml4NHHNa5JHMoHXS-0-ad6bbf1d1ebad409ff42c206cbaa7a76)
其他Master节点操作相同,查看Master最终的状态:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P34_57229.jpg?sign=1739365468-rgeXAVYUn6mgDh6UxLgTHbm7o5ZRUaSx-0-6e9d3a3481e1d8a9c3564e1f7e06b78f)
查看CSR:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P35_57231.jpg?sign=1739365468-3duWeLZtdaj7baej8WE7PFqJitl5Ap95-0-e8152c7d1da901b333fe16b101577865)
在所有Master节点上允许HPA采集数据,修改后自动重启:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P35_57232.jpg?sign=1739365468-5d2WoDyWcgjtQWD4oaHmQDprDNtMrJWH-0-90b483c9279be646488503c09a175a6c)
1.2.5 Node节点的配置
在1.13.x和1.14.x版本中,Node节点和Master节点加入集群的方式与1.11.x和1.12.x版本相比只是少了--experimental-control-plane参数。
将Node节点加入集群,所有Node节点配置相同:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P35_57234.jpg?sign=1739365468-vhBEj9gBiDXbqCuCaDo5rUtSpyHCMjzg-0-e2716b193deb239ed228d7bb91d6306e)
反馈如下:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P35_57235.jpg?sign=1739365468-sqkEk5mPvDoXbpqPCiZ8SgFlBf2I61Y2-0-ea4e9655d4a4b1464bbcdb628edf0eee)
查看Master节点的状态:
![](https://epubservercos.yuewen.com/62A1DF/15825992304144506/epubprivate/OEBPS/Images/Figure-P35_57236.jpg?sign=1739365468-wxxNl2hy4EeUg4QVUMkURDckJctKKOUX-0-ecce2b4227bd46022773106fcc7f457b)
关于Metrics和Dashboard的部署请参考1.1.8节和1.1.9节。