1. 需要一台联网的CentOS7.6 mini安装的机器
[root@localhost ~]# cat /etc/redhat-release CentOS Linux release 7.6.1810 (Core)
2. 配置yum缓存包保留
[root@localhost ~]# cat /etc/yum.conf
[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=1
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
3. 安装需要的软件
# 添加epel yum install epel -y && yum makecache fast # 安装python3,ipvs支持 yum install python3 ipset ipvsadm -y # 安装docker-ce yum install yum-utils device-mapper-persistent-data lvm2 -y yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo yum install docker-ce -y && systemctl enable docker-ce --now
4. 下载kubespray部署文件https://github.com/kubernetes-sigs/kubespray/archive/v2.14.2.tar.gz
wget https://github.com/kubernetes-sigs/kubespray/archive/v2.14.2.tar.gz tar xvf kubespray-2.14.2.tar.gz && mv kubespray-2.14.2 kubespray
5. 安装kubespray依赖
cd kubespray # 创建python3虚拟环境 python3 -m venv python3 # 激活python3虚拟机环境 source python3/bin/activate # 安装python依赖包 pip3 install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple
6. 操作系统配置
# 生成ssh-key ssh-keygen # 信任本机key ssh-copy-id root@localhost # 关闭firewalld systemctl disable firewalld --now # 关闭selinux setenforce 0 sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config # 内核相关配置 cat > /etc/sysctl.d/k8s.conf << EOF net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF modprobe br_netfilter && sysctl -p /etc/sysctl.d/k8s.conf cat > /etc/sysconfig/modules/ipvs.modules <<EOF #!/bin/bash modprobe -- ip_vs modprobe -- ip_vs_rr modprobe -- ip_vs_wrr modprobe -- ip_vs_sh modprobe -- nf_conntrack_ipv4 EOF chmod 755 /etc/sysconfig/modules/ipvs.modules bash /etc/sysconfig/modules/ipvs.modules lsmod | grep -e ip_vs -e nf_conntrack_ipv4
7. 按照kubespray部署走一遍,替换为自己的IP
# Install dependencies from ``requirements.txt``
sudo pip3 install -r requirements.txt
# Copy ``inventory/sample`` as ``inventory/mycluster``
cp -rfp inventory/sample inventory/mycluster
# Update Ansible inventory file with inventory builder
declare -a IPS=(10.10.1.3 10.10.1.4 10.10.1.5)
CONFIG_FILE=inventory/mycluster/hosts.yaml python3 contrib/inventory_builder/inventory.py ${IPS[@]}
# Review and change parameters under ``inventory/mycluster/group_vars``
cat inventory/mycluster/group_vars/all/all.yml
cat inventory/mycluster/group_vars/k8s-cluster/k8s-cluster.yml
# Deploy Kubespray with Ansible Playbook - run the playbook as root
# The option `--become` is required, as for example writing SSL keys in /etc/,
# installing packages and interacting with various systemd daemons.
# Without --become the playbook will fail to run!
ansible-playbook -i inventory/mycluster/hosts.yaml --become --become-user=root cluster.yml