进行主机优化配置
参考:
修改主机名称
hostnamectl set-hostname k8s-node03
关闭swap分区
swapoff -a #临时关闭
sed -i '/\/swap/s/^/#' /etc/fstab #永久关闭增加主机解析
cat >> /etc/hosts << EOF
10.1.60.119 k8s-master01
10.1.60.120 k8s-master02
10.1.60.121 k8s-master03
10.1.60.122 k8s-node01
10.1.60.123 k8s-node02
10.1.60.130 k8s-node03
EOF配置内核转发和网桥过滤
cat > /etc/modules-load.d/k8s.conf <<EOF
overlay
br_netfilter
EOF加载配置
sudo modprobe overlay && sudo modprobe br_netfilter查看配置
lsmod |grep -e overlay -e br_netfilter
将桥接的IPv4流量传递到iptables
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF加载配置
sysctl --system安装ipvs服务
apt install -y ipset ipvsadm配置ipvs
cat > /etc/modules-load.d/ipvs.conf <<EOF
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF授权并生效ipvs配置
chmod 755 /etc/modules-load.d/ipvs.conf && bash /etc/modules-load.d/ipvs.conf查看模块是否生效
lsmod | grep -e ip_vs -e nf_conntrack
安装docker或container服务
因为1.26版本kubelet已经不再内置cri-docker,所以使用docker服务需要额外安装cri-docker服务,若使用container服务则不用额外安装,这里选择一个使用即可
选用container
下载container安装包
wget https://github.com/containerd/containerd/releases/download/v1.7.19/cri-containerd-1.7.19-linux-amd64.tar.gz解压
tar xf cri-containerd-1.7.19-linux-amd64.tar.gz -C /
which containerd 
生成配置文件
mkdir /etc/containerd
containerd config default > /etc/containerd/config.toml编辑配置文件
vim /etc/containerd/config.toml
67 sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9" #更改为阿里云镜像地址
139 SystemdCgroup = true #开启cgroup
162 config_path = "etc/containerd/certs.d" #配置镜像加速 
编辑镜像加速配置文件
mkdir -p /etc/containerd/certs.d/docker.io
cat > /etc/containerd/certs.d/docker.io/hosts.toml << EOF
server = "https://docker.io"
[host."https://sudzwtcw.mirror.aliyuncs.com"]
capabilities = ["pull", "resolve"]
EOF配置开机自启并启动containerd服务
systemctl enable --now containerd选用docker
下载阿里云源密钥
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker-archive-keyring.gpg
添加docker官方仓库
echo "deb [arch=amd64 signed-by=/ect/apt/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list安装docker-ce
apt update && apt install -y docker-ce配置开机自启并启动
systemctl enable --now docker
docker -v
安装cri-docker(kubelet不内置docker的cri需要额外安装)
wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.13/cri-dockerd_0.3.13.3-0.ubuntu-jammy_amd64.deb选择自己系统对应的版本,我这里是ubantu 22.04所以用的jammy的包
部署cri-docker
dpkg -i cri-dockerd_0.3.12.3-0.ubuntu-jammy_amd64.deb配置cri-docker服务依赖镜像地址
vi /usr/lib/systemd/system/cri-docker.service
注释以下配置项
#ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd://
新增以下配置项
ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9加载配置项服务,并配置cri-docker开机自启
systemctl daemon-reload
systemctl enable --now cri-docker以上containerd和docker选用一个安装完成后,安装k8s服务
下载阿里云源密钥
curl -fsSL https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.26/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg添加kubernetes apt仓库
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.26/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list更新仓库并查看软件列表
apt update && apt-cache policy kubeadm
安装指定版本的服务
apt -y install kubelet=1.26.0-2.1 kubeadm=1.26.0-2.1 kubectl=1.26.0-2.1编辑kubelet配置
vi /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--cgroup-driver=systemd"配置开机自启
systemctl enable kubelet可以锁定版本,防止自动更新
apt-mark hold kubelet kubeadm kubectl
#解锁执行以下命令
apt-mark unhold kubelet kubeadm kubectl其余的就是创建集群和加入集群的操作
