K8S 安装（ubuntu环境）

1：默认是从谷歌下载，我们可以添加阿里的k8s源

​cat <<EOF > /etc/apt/sources.list.d/kubernetes.list
deb Index of /kubernetes/apt/ kubernetes-xenial main
EOF

2：执行以下命令进行下载

apt-get update && apt-get install -y apt-transport-https curl
apt-get install -y kubelet kubeadm kubectl --allow-unauthenticated

1）：可能报错 Err:6 https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial InRelease The following signatures couldnt be verified because the public key is not available: NO_PUBKEY FEEA9169307EA071 NO_PUBKEY 8B57C5C2836F4BEB Reading package lists... Done W: GPG error: https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial InRelease: The following signatures couldnt be verified because the public key is not available: NO_PUBKEY FEEA9169307EA071 NO_PUBKEY 8B57C5C2836F4BEB E: The repository https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial InRelease is not signed. N: Updating from such a repository cant be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details.

解决方法： 执行以下命令，给阿里云源添加key:

apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys FEEA9169307EA071

3：执行下面命令测试是否正常

kubeadm init --image-repository registry.aliyuncs.com/google_containers

1）：可能报错 error execution phase preflight: [preflight] Some fatal errors occurred: [ERROR Swap]: running with swap on is not supported. Please disable swap [preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...` To see the stack trace of this error execute with --v=5 or higher

解决方法：

swapoff  -a
sed -ri s/.*swap.*/#&/ /etc/fstab

2）：可能报错 HTTP call equal to curl -sSL http://localhost:10248/healthz failed with error: Get "http://localhost:10248/healthz": dial tcp 127.0.0.1:10248: connect: connection refused.

解决办法:

create daemon.json
vim /etc/docker/daemon.json
{"exec-opts": ["native.cgroupdriver=systemd"]}

systemctl daemon-reload
systemctl restart docker
systemctl restart kubelet

sudo kubeadm reset
sudo kubeadm init --image-repository registry.aliyuncs.com/google_containers

4:修改TAG标签

查看当前从阿里云获取的镜像

docker images

registry.aliyuncs.com/google_containers/kube-apiserver            v1.22.3

然后执行，查看需要修改成什么tag标签

kubeadm config images list

k8s.gcr.io/kube-apiserver:v1.22.3

使用 docker tag {旧名称:版本} {新名称:版本} ，将镜像改名。

例：

docker tag registry.aliyuncs.com/google_containers/kube-apiserver:v1.22.3 k8s.gcr.io/kube-apiserver:v1.22.3

5:使主节点生效

添加环境变量

export KUBECONFIG=/etc/kubernetes/admin.conf

添加网络插件

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

此时如果显示无法找到 raw.githubusercontent.com，则需要找到其对应的IP，放在/etc/hosts文件内，该文件默认为只读，需要先修改该文件的权限

185.199.108.133 raw.githubusercontent.com
185.199.109.133 raw.githubusercontent.com
185.199.110.133 raw.githubusercontent.com
185.199.111.133 raw.githubusercontent.com

如果仍旧不行，那就搞个VPN试试吧

flannel镜像

#每个节点都需要拉取镜像
docker pull lwolf/flannel:v0.12.0
# 为什么要打tag，因为kube-flannel.yaml文件里面的镜像名称就是quay.io/coreos/flannel:v0.12.0-amd64
docker tag lwolf/flannel:v0.12.0 quay.io/coreos/flannel:v0.12.0-amd64

dns插件的安装与应用

没有网络插件的话，dns也不能正常起作用

kubectl get svc -n kube-system -o wide #获取dns服务的ip地址
nslookup svc-nginx.default.svc.cluster.local 10.96.0.10 只能完整域名查找，并且要包含dns服务器的ip