安装 kubeadm、kubelet、kubectl
配置 K8s apt 源
清华源(推荐):
# 创建目录
mkdir -p /etc/apt/keyrings/
# 添加 GPG key
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
# 添加 apt 源
cat > /etc/apt/sources.list.d/kubernetes.list << EOF
deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.tuna.tsinghua.edu.cn/kubernetes/core:/stable:/v1.29/deb/ /
EOF
bash
阿里云源:
# 添加 GPG key
curl -fsSL https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.29/deb/Release.key |
gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
# 添加 apt 源
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.29/deb/ /" |
tee /etc/apt/sources.list.d/kubernetes.list
bash
安装工具
# 更新源并安装
sudo apt update && apt install -y kubelet kubeadm kubectl
# 锁定版本(防止自动升级)
sudo apt-mark hold kubelet kubeadm kubectl
# 添加命令补全
source <(kubectl completion bash)
source <(kubeadm completion bash)
bash
初始化 Master 节点
生成初始化配置
kubeadm config print init-defaults > kubeadm-config.yaml
bash
编辑 kubeadm-config.yaml,修改以下内容:
apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168.4.205 # 当前节点 IP
bindPort: 6443
nodeRegistration:
criSocket: unix:///var/run/containerd/containerd.sock
imagePullPolicy: IfNotPresent
name: master1
taints: null
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.k8s.io
kind: ClusterConfiguration
kubernetesVersion: 1.29.0
networking:
dnsDomain: cluster.local
serviceSubnet: 10.96.0.0/12
podSubnet: 10.244.0.0/16
scheduler: {}
---
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
cgroupDriver: systemd
yaml
关键配置说明:
advertiseAddress:当前节点的实际 IPcriSocket:容器运行时 socket 路径cgroupDriver: systemd:与 containerd 的 Cgroup 驱动保持一致podSubnet:Pod 网络网段,需与 Calico 配置一致
拉取镜像
# 查看需要的镜像
kubeadm config images list
# 拉取镜像
kubeadm config images pull
bash
如果拉取失败,可以使用国内镜像源批量拉取并重新标记:
#!/bin/sh
images=(
kube-apiserver:v1.29.7
kube-controller-manager:v1.29.7
kube-scheduler:v1.29.7
kube-proxy:v1.29.7
coredns/coredns:v1.11.1
pause:3.9
etcd:3.5.12-0
)
for imageName in ${images[@]} ; do
ctr -n k8s.io images pull registry.aliyuncs.com/google_containers/$imageName
ctr -n k8s.io images tag registry.aliyuncs.com/google_containers/$imageName registry.k8s.io/$imageName
done
bash
执行初始化
kubeadm init --config kubeadm-config.yaml
bash
初始化成功后会输出:
- kubeconfig 文件路径
- Worker 节点加入命令(
kubeadm join ...)
配置 kubectl
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
# 验证
kubectl get nodes
bash
↑