前提条件
已完成 K8S安装过程的前七个过程的安装。
- 所有的证书都存储在 /etc/kubernetes/ssl 目录
- 所有的 kubernetes 配置都存储在 /opt/kubernetes/cfg 目录
如果发现这两个目录是空的,请从kubernetes 节点复制上述内容到当前节点的相应目录位置。
1. 获取安装包
在 K8S安装过程八:Kubernetes Master 节点安装 8.4 章节中生成了 kubernetes.tar.gz
文件。现在从 kubernetes master 节点获取该文件用于 kubernetes worker 节点的安装。
- 获取kubernetes worker 节点安装文件
scp root@<kubernetes-master-ip>:/opt/kubernetes.tar.gz /opt/
- 解压
kubernetes.tar.gz
安装包
cd /opt
tar -xvf kubernetes.tar.gz
mkdir /opt/kubernetes/manifests
cp /opt/kubernetes/cfg/admin.kubeconfig /opt/kubernetes/cfg/kubelet.kubeconfig
2. 安装 kubelet 服务
2.1 创建 kublet-config.yaml 配置
apiVersion: kubelet.config.k8s.io/v1beta1
authentication:
anonymous:
enabled: false
webhook:
cacheTTL: 0s
enabled: true
x509:
clientCAFile: /etc/kubernetes/ssl/ca.pem
authorization:
mode: Webhook
webhook:
cacheAuthorizedTTL: 0s
cacheUnauthorizedTTL: 0s
cgroupDriver: systemd
clusterDNS:
- 10.255.0.2
clusterDomain: cluster.local
cpuManagerReconcilePeriod: 0s
evictionPressureTransitionPeriod: 0s
fileCheckFrequency: 0s
healthzBindAddress: 127.0.0.1
healthzPort: 10248
httpCheckFrequency: 0s
imageMinimumGCAge: 0s
kind: KubeletConfiguration
logging:
flushFrequency: 0
options:
json:
infoBufferSize: "0"
verbosity: 0
memorySwap: {}
nodeStatusReportFrequency: 0s
nodeStatusUpdateFrequency: 0s
rotateCertificates: true
runtimeRequestTimeout: 0s
shutdownGracePeriod: 0s
shutdownGracePeriodCriticalPods: 0s
staticPodPath: /opt/kubernetes/manifests
streamingConnectionIdleTimeout: 0s
syncFrequency: 0s
volumeStatsAggPeriod: 0s
imageRepository: registry.aliyuncs.com/google_containers
clusterDNS
:设置 CoreDNS 的 Service IP 地址。后续安装 CoreDNS 时,需要与这个变量的值保持一致。
2.2 创建 kubelet.conf 配置
KUBELET_OPTS="--kubeconfig=/opt/kubernetes/cfg/kubelet.kubeconfig \
--bootstrap-kubeconfig=/opt/kubernetes/cfg/kubelet-bootstrap.kubeconfig \
--config=/opt/kubernetes/cfg/kubelet-config.yaml \
--cgroup-driver=systemd \
--container-runtime=remote \
--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google-containers/pause:3.6 \
--containtim6-endpoint=/var/run/cri-dockerd.sock \
--cert-dir=/opt/kubernetes/ssl"
--bootstrap-kubeconfig
:设置为 K8S安装过程八:Kubernetes Master 节点安装 中 8.2 章节中生成的配置文件。
2.3 为 kubelet 创建 systemctl 启动服务
cat > /usr/lib/systemd/system/kubelet.service <<EOF
[Unit]
Description=Kubernetes Kubelet
After=docker.service
[Service]
EnvironmentFile=/opt/kubernetes/cfg/kubelet.conf
ExecStart=/opt/kubernetes/server/bin/kubelet \$KUBELET_OPTS
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
EOF
2.4 启动 kubelet 服务
systemctl enable kubelet
systemctl start kubelet
2.5 查看 kubelet 服务状态
systemctl status kubelet
3. 安装 kube-proxy
3.1 创建 kube-proxy-kubeconfig.sh 脚本
#!/bin/sh
KUBE_APISERVER="https://192.168.0.110:8443"
kubectl config set-cluster kubernetes \
--certificate-authority=/etc/kubernetes/ssl/ca.pem \
--embed-certs=true \
--server=${KUBE_APISERVER} \
--kubeconfig=kube-proxy.kubeconfig
kubectl config set-credentials "kube-proxy" \
--client-certificate=/etc/kubernetes/ssl/kube-proxy.pem \
--client-key=/etc/kubernetes/ssl/kube-proxy-key.pem \
--embed-certs=true \
--kubeconfig=kube-proxy.kubeconfig
kubectl config set-context default \
--cluster=kubernetes \
--user="kube-proxy" \
--kubeconfig=kube-proxy.kubeconfig
kubectl config use-context default --kubeconfig=kube-proxy.kubeconfig
3.2 执行 kube-proxy-kubeconfig.sh 脚本
chmod +x kube-proxy-kubeconfig.sh
sh kube-proxy-kubeconfig.sh
3.3 创建 kube-proxy-config.yaml 配置
cat > /opt/kubernetes/cfg/kube-proxy-config.yaml <<EOF
apiVersion: kubeproxy.config.k8s.io/v1alpha1
bindAddress: 0.0.0.0
clientConnection:
kubeconfig: /opt/kubernetes/cfg/kube-proxy.kubeconfig
clusterCIDR: 172.16.0.0/16
healthzBindAddress: 0.0.0.0:10256
kind: KubeProxyConfiguration
hostnameOverride: k8s-node1
metricsBindAddress: 0.0.0.0:10249
mode: "ipvs"
enableProfiling: true
EOF
clusterCIDR
:设置 Kubernetes Pod 的 IP 地址范围,一定要与 K8S安装过程八:Kubernetes Master 节点安装 5.3 章节中的--cluster-cidr
变量值保持一致。hostnameOverride
:设置节点的名称,建议该值与机器名称保持一致。
3.4 创建 kube-proxy.conf 文件
KUBE_PROXY_OPTS="--logtostderr=false \
--v=4 \
--log-dir=/var/log/kubernetes \
--config=/opt/kubernetes/cfg/kube-proxy-config.yaml"
3.5 为 kube-proxy 创建 systemctl 启动服务
cat > /usr/lib/systemd/system/kube-proxy.service <<EOF
[Unit]
Description=Kubernetes Proxy
After=network.target
[Service]
EnvironmentFile=/opt/kubernetes/cfg/kube-proxy.conf
ExecStart=/opt/kubernetes/server/bin/kube-proxy \$KUBE_PROXY_OPTS
Restart=on-failure
RestartSec=10
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
EOF
3.6 启动 kube-proxy 服务
systemctl enable kube-proxy
systemctl start kube-proxy
3.7 查看 kube-proxy 服务状态
systemctl status kube-proxy
4 查看节点
登陆到 kubernetes master 节点使用 kubectl 命令工具查看节点状态,使用如下命令查看。再次强调一遍,是登陆 Kubernetes Master 节点执行下边命令。
kubectl get nodes
确认节点是否已经加入到了集群,且节点的状态是否为 NotReady 状态。目前还没有安装 CNI 网络插件,所以 kubernetes worker 节点的状态应该是。NotReady 状态,等后续安装完 Kubernetes CNI 插件后,集群才算基本安装完成,Kubernetes worker 节点的状态将会变成 Ready 状态。