主节点

使用 kubeadmin init 命令初始化集群

#/bin/sh

kubeadm init --config kubeadm-init.yaml

其中 kubeadm-init.yaml 文件为集群参数配置文件，

配置文件可以先使用命令行导出 k8s 标准模板
再跟据实际项目需要调整

导出默认模板

#/bin/sh

kubeadm config print init-defaults > kubeadm-init-defaults.yaml

标准模板格式

apiVersion: kubeadm.k8s.io/v1beta3
bootstrapTokens:
- groups:
  - system:bootstrappers:kubeadm:default-node-token
  token: abcdef.0123456789abcdef
  ttl: 24h0m0s
  usages:
  - signing
  - authentication
kind: InitConfiguration
localAPIEndpoint:
  advertiseAddress: 1.2.3.4
  bindPort: 6443
nodeRegistration:
  criSocket: unix:///var/run/containerd/containerd.sock
  imagePullPolicy: IfNotPresent
  name: node
  taints: null
---
apiServer:
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: registry.k8s.io
kind: ClusterConfiguration
kubernetesVersion: 1.29.0
networking:
  dnsDomain: cluster.local
  serviceSubnet: 10.96.0.0/12
scheduler: {}

优化后的集群配置

apiVersion: kubeadm.k8s.io/v1beta3
kind: InitConfiguration
nodeRegistration:
  criSocket: unix:///var/run/containerd/containerd.sock
  imagePullPolicy: IfNotPresent
  #name: s60
  taints: null
---
apiServer:
  timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
  local:
    dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers #registry.k8s.io
kind: ClusterConfiguration
kubernetesVersion: 1.29.0
networking:
  dnsDomain: k8s-internal.liu12.com
  serviceSubnet: 10.10.0.0/16
  podSubnet: 10.20.0.0/16
scheduler: {}
controlPlaneEndpoint: "k8s.liu12.com:6443" #应该被设置成负载均衡器的地址或 DNS 和端口
---
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
cgroupDriver: systemd
#证书轮训
rotateCertificates: true
#单节点最大pod数（默认110）
maxPods: 220
#驱逐pod阈值
evictionHard:
  memory.available: "500Mi"
  nodefs.available: "1Gi"
  imagefs.available: "1Gi"
evictionMinimumReclaim:
  memory.available: "0Mi"
  nodefs.available: "500Mi"
  imagefs.available: "2Gi"
---
kind: KubeProxyConfiguration
apiVersion: kubeproxy.config.k8s.io/v1alpha1
mode: ipvs
iptables:
  masqueradeAll: false

主要调整说明

修改 InitConfiguration - 集群初始化配置

• 移除 bootstrapTokens
• 移除 localAPIEndpoint
• 移除 nodeRegistration.name

使用默认值 ，多个主节点时批量部署（如 ansible）

修改 ClusterConfiguration - 集群配置

• 修改 imageRepository 变更为国内源
• 增加 networking.podSubnet
• 增加 controlPlaneEndpoint 用于多个主节点负载均衡

serviceSubnet podSubnet 可选私有地址段：

• A类 10.0.0.0--10.255.255.255
• B类 172.16.0.0--172.31.255.255
• C类 192.168.0.0--192.168.255.255

增加 KubeletConfiguration

kubelet 参数配置

增加 KubeProxyConfiguration

kube-proxy 启用 lvs 负款均衡

官方介绍

https://kubernetes.io/zh-cn/docs/reference/networking/virtual-ips/

集群初始化完成后，将k8s配置文年复制到当前用户的 home 目录中

#/bin/sh

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

export KUBECONFIG=/etc/kubernetes/admin.conf

集群创建完成时，会显示加入新节点的命令，复制到其它节点执行就可以

kubeadm init 失败时， 需要 kubeadm reset 清除文件

#!/bin/sh

kubeadm reset

rm -rf /etc/cni
rm -rf /etc/kubernetes
rm -rf /run/secrets/kubernetes.io
rm -rf /run/calico
rm -rf /var/lib/etcd
rm -rf /var/lib/cni
rm -rf /var/lib/kubelet
rm -rf /var/log/containers
rm -rf /var/log/pods
rm -rf /var/run/calico
rm -rf $HOME/.kube

ipvsadm --clear

变更配置

kubectl edit cm kubelet-config -n kube-system