k8s series-12-offline binary method to install k8s
Introduction
The binary installation method, also known as the kubernetes-the-hard-way (the hard way for k8s), has the following characteristics:
Production high-availability
certificates never expire
Does not rely on third-party tools such as ansible
Use local agents, do not rely on haproxy or keepalived
So who is this method suitable for?
People who are deep learning
like people who are in control of every component who
are deploying production environments
The above is too official, in simple terms, this method is that you can control how each component is installed, unlike the kubespary method, which is directly deployed with one click. Many things are beyond your control, and problems will arise. Don't know where the problem is.
However, how to choose between the two methods depends on personal habits. Can't say which is good and which is bad. Each has its own merits.
environment
CPU>=2 cores, memory>=2G, other information is as follows:
node-name | ip-address | role |
node1 | 192.168.112.130 | master, etcd |
node2 | 192.168.112.131 | master, worker, etcd |
node3 | 192.168.112.132 | worker, etcd |
All installations are performed using the root user.
Configure hostnames and routes
PS: need to operate on all three nodes
[[email protected] ~]# vim /etc/hostname
node1 # Each of the three servers writes their own name
[[email protected] ~]# hostname node1
[[email protected] ~]# bash
[[email protected] ~]# vim /etc /hosts
192.168.112.130 node1
192.168.112.131 node2
192.168.112.132 node3
[[email protected] ~]#
Installation dependencies
PS: need to operate on all three nodes
# Update yum source
[[email protected] ~]# yum update -y
# Download dependencies
[[email protected] ~]# yum install -y socat conntrack ipvsadm ipset jq sysstat curl iptables libseccomp yum-utils
Strategy Adjustment
PS: need to operate on all three nodes
[[email protected] ~]# setenforce 0
[[email protected] ~]# vim /etc/selinux/config
SELINUX=disabled
[[email protected] ~]# systemctl stop firewalld.service
[[email protected] ~]# systemctl disable firewalld.service
[[email protected] ~]# iptables -F && iptables -X && iptables -F -t nat && iptables -X -t nat && iptables -P FORWARD ACCEPT
[[email protected] ~]# swapoff -a
[[email protected] ~] # systemctl stop dnsmasq.service
[[email protected] ~]# systemctl disable dnsmasq.service
Parameter settings
PS: need to operate on all three nodes
[[email protected] ~]# vim /etc/sysctl.d/kubernetes.conf
net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1
net.ipv4.ip_nonlocal_bind= 1
net.ipv4.ip_forward = 1
vm.swappiness = 0
vm.overcommit_memory = 1
[[email protected] ~]# sysctl -p /etc/sysctl.d/kubernetes.conf
Password- configurationfree
PS: You can operate on the node1 node
[root @ node1 ~] # ssh -keygen # way to enter the line
[the root @ node1 ~] # CAT /root/.ssh/id_rsa.pub
SSH-RSA AAAAB3NzaC1yc2EAAAADAQABAAABAQDImB4dg1iR14Ghmd6J2h2BhBxZi59NR3xgD3dXWn8i3VPpzydKhR5bw2Q8 + gqQPGqUtGCWbjtf30KrMGm2idpf8GJu5caJVMSFoscSYbv9nv9UvNCEuyDSgmpoZSDBxNK9CxBSNSBCvyOcFrjGyEyrBBCyjFVH / T71hG9SUwvdR3E38Qyv7 / npYmVaoLADvDDf9E1c6siQLe8jbhvz6fjXVXLFG00 / + 1p6qox8dvNKQK30D7rYB8NunqnMN4vDFarQSCRJ8u6x9yThqTV0j8G8pXX3YkmMbTJT7BqAjeF3fuDgoy57 / s3CgjxPqKE09tqx2B9Qaj / Lud / 8xCfQ2Xvr [email protected]
[[email protected] ~]#
PS: You need to operate on all three nodes, including node1
# The information obtained after the previous step cat for distribution
[root @ node1 ~] # echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDImB4dg1iR14Ghmd6J2h2BhBxZi59NR3xgD3dXWn8i3VPpzydKhR5bw2Q8 + gqQPGqUtGCWbjtf30KrMGm2idpf8GJu5caJVMSFoscSYbv9nv9UvNCEuyDSgmpoZSDBxNK9CxBSNSBCvyOcFrjGyEyrBBCyjFVH / T71hG9SUwvdR3E38Qyv7 / npYmVaoLADvDDf9E1c6siQLe8jbhvz6fjXVXLFG00 / + 1p6qox8dvNKQK30D7rYB8NunqnMN4vDFarQSCRJ8u6x9yThqTV0j8G8pXX3YkmMbTJT7BqAjeF3fuDgoy57 / s3CgjxPqKE09tqx2B9Qaj / Lud / 8xCfQ2Xvr root @ node1" >> ~ / .ssh / authorized_keys
[[email protected] ~]#
Package download
You can download it from google. I also prepared a downloaded copy here. You can get the download address by replying "binary k8s" in the background of the public account "Operation and Maintenance Home". I looked at it, the latest version seems to be version 1.23.4, and the version I provide here is version 1.20.2.
Package distribution
Upload it to any node, I am uploading the node1 node here.
[[email protected] ~]# pwd
/root
[[email protected] ~]# tar xf kubernetes-v1.20.2.tar.gz
[[email protected] ~]# cd kubernetes-v1.20.2/
[[email protected] kubernetes-v1. 20.2]# ls
etcd-v3.4.10-linux-amd64.tar.gz kube-apiserver kube-controller-manager kubectl kubelet kube-proxy kube-scheduler
[[email protected] kubernetes-v1.20.2]# chmod +x kube*
# Distribute the master component
[[email protected] kubernetes-v1.20.2]# MASTERS=(node1 node2)
[[email protected] kubernetes-v1.20.2]# for instance in ${MASTERS[@]}; do scp kube-apiserver kube-controller -manager kube-scheduler kubectl root@${instance}:/usr/local/bin/; done
# Distribute worker components
[[email protected] kubernetes-v1.20.2]# WORKERS=(node2 node3)
[[email protected] kubernetes-v1.20.2]# for instance in ${WORKERS[@]}; do scp kubelet kube-proxy root@${instance}:/usr/local/bin/; done
# Distribute etcd components
[root @node1 kubernetes-v1.20.2]# tar xf etcd-v3.4.10-linux-amd64.tar.gz
[[email protected] kubernetes-v1.20.2]# cd etcd-v3.4.10-linux-amd64/
[[email protected] etcd-v3.4.10-linux-amd64]# ETCDS=(node1 node2 node3)
[[email protected] etcd-v3.4.10-linux-amd64]# for instance in ${ETCDS[@]}; do scp etcd etcdctl root@ ${instance}:/usr/local/bin/; done
At this point, this article ends. The basic environment is ready, and the next step is to install each widget.
Tags
Technical otaku
Sought technology together
0 Comments