当前位置: 首页 > ai >正文

ubuntu20.04系统搭建k8s1.28集群-docker作为容器运行时

ai 2025/5/15 5:28:09

ubuntu系统搭建

ubuntu-22.04.5-desktop-amd64.iso映像文件--->实际却是20.4focal版本。

【安装过程没有特别指出的默认回车下一步】

【用户和密码设置】

【网络连接】

【在vmware上安装的话,网络配置如下】【在vm里配置选择nat或者桥接即可】

【国内源配置】,这里的源是20.04版,内核为5.14,22版本以上为5.15内核

vi /etc/apt/source.list

----

deb http://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiverse

deb-src http://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiverse

deb-src http://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse

deb-src http://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse

# deb http://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse

# deb-src http://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse

deb https://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse

deb-src https://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse

deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu focal stable

# deb-src [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu focal stable

apt update

apt install -y openssh-server

apt-get install -y vim tree wget bash-completion bash-completion-extras lrzsz net-tools sysstat iotop htop unzip nc nmap telnet bc psmisc httpd-tools bind-utils nethogs expect epel-release

【关闭swap】

swapoff -a

sed -i 's/.*swap.*/#&/g' /etc/fstab

【安装ssh服务】

passwd root 给root设置密码

apt-get install -y openssh_server

vi /etc/ssh/sshd_config

#新增

PermitRootLogin yes

PasswordAuthentication yes

Port 22

systemctl restart ssh

【时间同步】

如果是上海市区,默认为北京时间

【xshell连接】

root/1

【iptables桥接流量】

cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
ip_vs
ip_vs_wrr
ip_vs_sh
ip_vs_rr
EOF

sudo modprobe overlay

sudo modprobe br_netfilter

cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf

net.bridge.bridge-nf-call-iptables  = 1

net.bridge.bridge-nf-call-ip6tables = 1

net.ipv4.ip_forward = 1

EOF

sudo sysctl --system

【安装docker  】

#依赖

sudo apt install -y apt-transport-https ca-certificates curl software-properties-common gnupg lsb-release

curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -

#如果/etc/apt/source.list文件中已有,就不要再配置docker源了。

sudo add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"

sudo apt-get update #更新

mkdir -p /data/docker  #这个目录最好是单独的分区,且容量大,可做rsync远程同步存储到nfs

chmod 755 -R /data/docker

sudo apt-get install docker-ce -y #直接安装是28版本

【docker/daemon.json】

vim /etc/docker/daemon.json

{"exec-opts": ["native.cgroupdriver=systemd"],"registry-mirrors": ["https://docker.1panel.live","https://docker.1panel.dev","https://docker.fxxk.dedyn.io","https://docker.zhai.cm","https://docker.5z5f.com","https://a.ussh.net","https://docker.m.daocloud.io","https://docker.aityp.com","https://docker.m.daocloud.io","https://docker.imgdb.de","https://docker-0.unsee.tech","https://docker.hlmirror.com","https://cjie.eu.org","https://docker.mirrors.ustc.edu.cn"],"storage-driver": "overlay2","log-driver": "json-file","log-level": "warn","log-opts": {"max-size": "100m","max-file": "10"},"default-shm-size": "128M","max-concurrent-downloads": 10,"max-concurrent-uploads": 10,"debug": false,"experimental": true,"features": {"buildkit": true},"data-root": "/data/docker","insecure-registries": ["https://registry.npm.taobao.org"]}

systemctl daemon-reload && systemctl restart docker

【cri-dockerd配置兼容性】

rz cri-dockerd-0.3.16.amd64.tgz

pwd

/home

tar -xf cri-dockerd-0.3.16.amd64.tgz

cp -rf cri-dockerd/cri-dockerd /usr/local/bin/

# 配置启动文件

cat > /etc/systemd/system/cri-docker.service <<-"EOF"
[Unit]
Description=CRI Interface for Docker Application Container Engine
Documentation=https://docs.mirantis.com
After=network-online.target firewalld.service docker.service
Wants=network-online.target
Requires=cri-docker.socket
[Service]
Type=notify
ExecStart=/usr/local/bin/cri-dockerd --container-runtime-endpoint fd:// --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.10
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
StartLimitBurst=3
StartLimitInterval=60s
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
EOF

# 配置 socket 文件

cat > /etc/systemd/system/cri-docker.socket <<-EOF
[Unit]
Description=CRI Docker Socket for the API
PartOf=cri-docker.service
[Socket]
ListenStream=%t/cri-dockerd.sock
SocketMode=0660
SocketUser=root
SocketGroup=docker
[Install]
WantedBy=sockets.target
EOF

systemctl daemon-reload && systemctl enable cri-docker --now cri-docker && systemctl status cri-docker

【安装k8s】

apt-get install curl

sudo mkdir -p /etc/apt/keyrings

curl -fsSL https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes.gpgecho "deb [signed-by=/etc/apt/keyrings/kubernetes.gpg] https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

等于:加k8s源+gpg文件

cat /etc/apt/sources.list.d/kubernetes.list
deb [signed-by=/etc/apt/keyrings/kubernetes.gpg] https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main

apt update

apt-get install kubeadm kubectl kubelet -y

systemctl enable --now kubelet

#先手动拉取镜像

sudo kubeadm config images pull \--image-repository=registry.aliyuncs.com/google_containers \--cri-socket=unix:///run/cri-dockerd.sock \--kubernetes-version=v1.28.2

#检查cri-dockerd.sock文件路径,和初始化中cri-socket路径一致

ls -l /run/cri-dockerd.sock  #在run目录下的unix:///run/cri-dockerd.sock

#再初始化

sudo kubeadm init --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=all --cri-socket=unix:///run/cri-dockerd.sock

#粘贴到master节点上

  mkdir -p $HOME/.kube

  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

  sudo chown $(id -u):$(id -g) $HOME/.kube/config

#token

kubeadm join 10.0.0.120:6443 --token 0qgk0z.5hncmkz990wf216w \

--discovery-token-ca-cert-hash sha256:dc989d9d4cc708b8e494392f9b0a79986a3c73dd2f7cead0f73ce3be84613c03

【calico安装】

#先下载镜像,防止因为镜像问题起不来

docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/cni:v3.26.1

docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/node:v3.26.1

docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/kube-controllers:v3.26.1

#再执行yaml文件

kubectl apply -f calico1.yaml

http://www.xdnf.cn/news/6007.html

相关文章:

  • 视网膜屏幕:重新定义数字显示的革命性技术
  • Go 语言 net/http 包使用:HTTP 服务器、客户端与中间件
  • 游戏引擎学习第278天:将实体存储移入世界区块
  • RabbitMq消息阻塞,立即解决方案
  • 使用Thrust库实现异步操作与回调函数
  • spark数据清洗
  • 代码随想录训练营第二十三天| 572.另一颗树的子树 104.二叉树的最大深度 559.N叉树的最大深度 111.二叉树的最小深度
  • 编程日志5.5
  • 第8章-9 优化技巧2
  • 2025年Flutter项目管理技能要求
  • 数据库系统概论(八)SQL单表查询语言超详细讲解(附带例题表格对比带你一步步掌握)
  • 智能体制作学习笔记1——智能体
  • 【前端】:单 HTML 去除 Word 批注
  • 实战案例:采集 51job 企业招聘信息
  • [特殊字符] VMware虚拟机挂起后Docker容器MySQL无法连接的解决方案
  • Java类与对象的描述及内存原理
  • 激光打印机常见打印故障简单处理意见
  • WebPageTest 多地域测试
  • ElasticSearch深入解析(十一):分页和分批统计的三种实现
  • 【AI论文】健康的大型语言模型(LLMs)?——评估大型语言模型对英国政府公共健康信息的掌握程度
  • TypeScript 知识框架
  • Python之with语句
  • 高级 Java 锁技术:超越基本同步
  • 应用探析|千眼狼PIV测量系统在职业病防治中的应用
  • idea2021创建web项目及其整合tomcat
  • RuoYi-Cloud
  • CodeBuddy 中国版 Cursor 实战:Redis+MySQL双引擎驱动〈王者荣耀〉战区排行榜
  • 阳光学院【2020下】计算机网络原理-A卷-试卷-期末考试试卷
  • 中国区adsense接收pin码,身份验证和地址验证指南
  • AD Class创建与Class应用