5、整合kubelet和cri-dockerd5-1、配置cri-dockerd #所有节点执行: ? [root@k8s-master01 ~]# vim /usr/lib/systemd/system/cri-docker.service ? #ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// ExecStart=/usr/bin/cri-dockerd --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.8 --container-runtime-endpoint fd:// --network-plugin=cni --cni-bin-dir=/opt/cni/bin --cni-cache-dir=/var/lib/cni/cache --cni-conf-dir=/etc/cni/net.d ? ? ? #说明: 需要添加的各配置参数(各参数的值要与系统部署的CNI插件的实际路径相对应): --network-plugin:指定网络插件规范的类型,这里要使用CNI; --cni-bin-dir:指定CNI插件二进制程序文件的搜索目录; --cni-cache-dir:CNI插件使用的缓存目录; --cni-conf-dir:CNI插件加载配置文件的目录; 配置完成后,重载并重启cri-docker.service服务 。 ? [root@k8s-master01 ~]# systemctl daemon-reload && systemctl restart cri-docker.service [root@k8s-master01 ~]# systemctl status cri-docker ?5-2、配置kubelet #所有节点执行: ? #配置kubelet,为其指定cri-dockerd在本地打开的Unix Sock文件的路径,该路径一般默认为“/run/cri-dockerd.sock“ [root@k8s-master01 ~]# mkdir /etc/sysconfig [root@k8s-master01 ~]# vim /etc/sysconfig/kubelet KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint=/run/cri-dockerd.sock" [root@k8s-master01 ~]# cat /etc/sysconfig/kubelet KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint=/run/cri-dockerd.sock" ? #说明:该配置也可不进行 , 而是直接在后面的各kubeadm命令上使用“--cri-socket unix:///run/cri-dockerd.sock”选项6、初始化第一个主节点 #第一个主节点执行: ? #列出k8s所需要的镜像 [root@k8s-master01 ~]# kubeadm config images list registry.k8s.io/kube-apiserver:v1.25.3 registry.k8s.io/kube-controller-manager:v1.25.3 registry.k8s.io/kube-scheduler:v1.25.3 registry.k8s.io/kube-proxy:v1.25.3 registry.k8s.io/pause:3.8 registry.k8s.io/etcd:3.5.4-0 registry.k8s.io/coredns/coredns:v1.9.3 ? #使用阿里云拉取所需镜像 [root@k8s-master01 ~]# kubeadm config images pull --image-repository=registry.aliyuncs.com/google_containers --cri-socket unix:///run/cri-dockerd.sock ? [root@k8s-master01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED registry.aliyuncs.com/google_containers/kube-apiserver v1.25.3 0346dbd74bcb 3 weeks ago registry.aliyuncs.com/google_containers/kube-scheduler v1.25.3 6d23ec0e8b87 3 weeks ago registry.aliyuncs.com/google_containers/kube-controller-manager v1.25.3 603999231275 3 weeks ago registry.aliyuncs.com/google_containers/kube-proxy v1.25.3 beaaf00edd38 3 weeks ago registry.aliyuncs.com/google_containers/pause 3.8 4873874c08ef 4 months ago registry.aliyuncs.com/google_containers/etcd 3.5.4-0 a8a176a5d5d6 5 months ago registry.aliyuncs.com/google_containers/coredns v1.9.3 5185b96f0bec 5 months ago ? [root@k8s-master01 ~]# kubeadm init --control-plane-endpoint="kubeapi.wang.org" --kubernetes-version=v1.25.3 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 --token-ttl=0 --cri-socket unix:///run/cri-dockerd.sock --upload-certs --image-repository registry.aliyuncs.com/google_containers ? #如提示以下信息,代表初始化完成,请记录信息,以便后续使用: ..... ? Your Kubernetes control-plane has initialized successfully! ? To start using your cluster, you need to run the following as a regular user: ? mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config ? Alternatively, if you are the root user, you can run: ? export KUBECONFIG=/etc/kubernetes/admin.conf ? You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ ? You can now join any number of the control-plane node running the following command on each as root: ? kubeadm join kubeapi.wang.org:6443 --token s800nl.dtylo6tpgghpre7p \ --discovery-token-ca-cert-hash sha256:a13ee9d0212edbd255fe0c5929186725b217a650f0b04ba75c6a1d6e67576aea \ --control-plane --certificate-key 185090182962d3e322ff37a902734bfdd769e8e6e82d796bc882d0b1967c9886 ? Please note that the certificate-key gives access to cluster sensitive data, keep it secret! As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use "kubeadm init phase upload-certs --upload-certs" to reload certs afterward. ? Then you can join any number of worker nodes by running the following on each as root: ? kubeadm join kubeapi.wang.org:6443 --token s800nl.dtylo6tpgghpre7p \ --discovery-token-ca-cert-hash sha256:a13ee9d0212edbd255fe0c5929186725b217a650f0b04ba75c6a1d6e67576aea ? [root@k8s-master01 ~]#mkdir -p $HOME/.kube [root@k8s-master01 ~]#sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config [root@k8s-master01 ~]#sudo chown $(id -u):$(id -g) $HOME/.kube/config ?
推荐阅读
- 小米10S、荣耀60和小米civi怎么选-购机建议
- vivoy31s和iqoou3哪个好_vivoy31s和iqoou3对比
- 皮新字组词|皮的新字和组词
- 小米air2se和红米airdots2区别_小米air2se和红米airdots2哪个好
- 小米10和小米10s拍照对比_小米10和小米10s哪个拍照好
- 兰蔻505和迪奥999对比_兰蔻505和迪奥999哑光试色
- 基于 Docker 构建轻量级 CI 系统:Gitea 与 Woodpecker CI 集成
- 使用LabVIEW实现基于pytorch的DeepLabv3图像语义分割
- vivo s9和vivo x60哪个好_哪个性价比高
- FrameLess Qt--无边框窗口完美实现,包含缩放和移动功能重写。