极客时间运维进阶训练营第 12 周作业

~# apt install chrony~# systemctl start chrony.service~# systemctl enable chrony.service

~# vim /etc/hosts
192.168.253.21  k8s-master01.magedu.com k8s-master01 kubeapi.magedu.com kubeapi k8sapi.magedu.com192.168.253.22  k8s-master02.magedu.com k8s-master02192.168.253.23  k8s-master03.magedu.com k8s-master03192.168.253.31  k8s-node01.magedu.com k8s-node01192.168.253.32  k8s-node02.magedu.com k8s-node02192.168.253.33  k8s-node03.magedu.com k8s-node03

root@k8s-node03:~# systemctl --type swap
  UNIT          LOAD   ACTIVE SUB    DESCRIPTION  swap.img.swap loaded active active /swap.img

root@k8s-node03:~# systemctl mask swap.img.swap
Created symlink /etc/systemd/system/swap.img.swap → /dev/null.

root@k8s-node03:~# systemctl --type swap
  UNIT          LOAD   ACTIVE SUB    DESCRIPTION● swap.img.swap masked active active /swap.img

root@k8s-node03:~# swapoff -aroot@k8s-node03:~# systemctl --type swap
  UNIT LOAD ACTIVE SUB DESCRIPTION0 loaded units listed. Pass --all to see loaded but inactive units, too.To show all installed unit files use 'systemctl list-unit-files'.

root@k8s-node03:~# ufw statusStatus: inactive
root@k8s-node03:~# ufw disableFirewall stopped and disabled on system startup
root@k8s-node03:~# ufw statusStatus: inactive

root@k8s-node03:~# apt -y install apt-transport-https ca-certificates curl software-properties-common
root@k8s-node03:~# curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | apt-key add -
root@k8s-node03:~# add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
root@k8s-node03:~# apt update

root@k8s-node03:~# apt install docker-ce

root@k8s-node03:~# vim /etc/docker/daemon.json
root@k8s-node03:~# cat /etc/docker/daemon.json{"registry-mirrors": [  "https://registry.docker-cn.com"],"exec-opts": ["native.cgroupdriver=systemd"]}

root@k8s-node03:~# systemctl daemon-reload
root@k8s-node03:~# systemctl start docker.service
root@k8s-node03:~# systemctl enable docker.service

scp cri-dockerd_0.3.0.3-0.ubuntu-jammy_amd64.deb k8s-node03:/opt/
root@k8s-node03:~# dpkg -i /opt/cri-dockerd_0.3.0.3-0.ubuntu-jammy_amd64.deb
root@k8s-node03:~# systemctl status cri-docker.service● cri-docker.service - CRI Interface for Docker Application Container Engine     Loaded: loaded (/lib/systemd/system/cri-docker.service; enabled; vendor preset: enabled)     Active: active (running) since Wed 2023-01-25 17:48:38 CST; 1min 15s agoTriggeredBy: ● cri-docker.socket       Docs: https://docs.mirantis.com   Main PID: 5378 (cri-dockerd)      Tasks: 7     Memory: 10.3M        CPU: 64ms     CGroup: /system.slice/cri-docker.service             └─5378 /usr/bin/cri-dockerd --container-runtime-endpoint fd://

root@k8s-node03:~# apt update && apt install -y apt-transport-https curl
root@k8s-node03:~# curl -fsSL https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
root@k8s-node03:~# cat <<EOF >/etc/apt/sources.list.d/kubernetes.listdeb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial mainEOF
root@k8s-node03:~# apt update

root@k8s-node03:~# apt install -y kubelet kubeadm kubectlroot@k8s-node03:~# systemctl enable kubelet

root@k8s-node03:~# vim /usr/lib/systemd/system/cri-docker.service
[Service]Type=notify#ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd://ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --network-plugin=cni --cni-bin-dir=/opt/cni/bin --cni-cache-dir=/var/lib/cni/cache --cni-conf-dir=/etc/cni/net.dExecReload=/bin/kill -s HUP $MAINPIDTimeoutSec=0RestartSec=2Restart=always
root@k8s-node03:~# systemctl daemon-reload && systemctl restart cri-docker.service

root@k8s-node03:~# mkdir /etc/sysconfig	
root@k8s-node03:~# cat /etc/sysconfig/kubeletKUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint=/run/cri-dockerd.sock"	

root@k8s-master01:~# kubeadm token create --print-join-commandkubeadm join kubeapi.magedu.com:6443 --token u4bwuj.s6uilvb1p6tddx0r --discovery-token-ca-cert-hash sha256:7fdc8c7faebc87c4a9d39832a1522e849eeb80fdb583bfd72b395b5c6679aca6

root@k8s-node03:~# kubeadm join kubeapi.magedu.com:6443 --token u4bwuj.s6uilvb1p6tddx0r --discovery-token-ca-cert-hash sha256:7fdc8c7faebc87c4a9d39832a1522e849eeb80fdb583bfd72b395b5c6679aca6Found multiple CRI endpoints on the host. Please define which one do you wish to use by setting the 'criSocket' field in the kubeadm configuration file: unix:///var/run/containerd/containerd.sock, unix:///var/run/cri-dockerd.sockTo see the stack trace of this error execute with --v=5 or higher
root@k8s-node03:~# kubeadm join kubeapi.magedu.com:6443 --token u4bwuj.s6uilvb1p6tddx0r --discovery-token-ca-cert-hash sha256:7fdc8c7faebc87c4a9d39832a1522e849eeb80fdb583bfd72b395b5c6679aca6 --cri-socket unix:///run/cri-dockerd.sock
[preflight] Running pre-flight checks[preflight] Reading configuration from the cluster...[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"[kubelet-start] Starting the kubelet[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...This node has joined the cluster:* Certificate signing request was sent to apiserver and a response was received.* The Kubelet was informed of the new secure connection details.Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

root@k8s-node03:~# systemctl status kubelet.service● kubelet.service - kubelet: The Kubernetes Node Agent     Loaded: loaded (/lib/systemd/system/kubelet.service; enabled; vendor preset: enabled)    Drop-In: /etc/systemd/system/kubelet.service.d             └─10-kubeadm.conf     Active: active (running) since Wed 2023-01-25 18:05:52 CST; 5min ago       Docs: https://kubernetes.io/docs/home/   Main PID: 7358 (kubelet)      Tasks: 11 (limit: 4534)     Memory: 34.4M        CPU: 3.307s     CGroup: /system.slice/kubelet.service             └─7358 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --container-runtime-endpoint=unix:///run/cri-dockerd.sock --pod-infra-container-image=r>Jan 25 18:08:42 k8s-node03 kubelet[7358]: E0125 18:08:42.732576    7358 kubelet.go:2475] "Container runtime network not ready" networkReady="NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized"Jan 25 18:08:47 k8s-node03 kubelet[7358]: E0125 18:08:47.739135    7358 kubelet.go:2475] "Container runtime network not ready" networkReady="NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized"Jan 25 18:08:52 k8s-node03 kubelet[7358]: E0125 18:08:52.744664    7358 kubelet.go:2475] "Container runtime network not ready" networkReady="NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized"Jan 25 18:08:57 k8s-node03 kubelet[7358]: E0125 18:08:57.751155    7358 kubelet.go:2475] "Container runtime network not ready" networkReady="NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized"Jan 25 18:09:02 k8s-node03 kubelet[7358]: E0125 18:09:02.756072    7358 kubelet.go:2475] "Container runtime network not ready" networkReady="NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized"Jan 25 18:09:07 k8s-node03 kubelet[7358]: E0125 18:09:07.761712    7358 kubelet.go:2475] "Container runtime network not ready" networkReady="NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized"Jan 25 18:09:12 k8s-node03 kubelet[7358]: E0125 18:09:12.767530    7358 kubelet.go:2475] "Container runtime network not ready" networkReady="NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized"Jan 25 18:09:17 k8s-node03 kubelet[7358]: E0125 18:09:17.773640    7358 kubelet.go:2475] "Container runtime network not ready" networkReady="NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized"Jan 25 18:09:22 k8s-node03 kubelet[7358]: E0125 18:09:22.778349    7358 kubelet.go:2475] "Container runtime network not ready" networkReady="NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized"Jan 25 18:09:27 k8s-node03 kubelet[7358]: I0125 18:09:27.179874    7358 pod_startup_latency_tracker.go:102] "Observed pod startup duration" pod="kube-flannel/kube-flannel-ds-lhxzd" podStartSLOduration=-9.22337183467494e+09 pod.CreationTimestamp="2023-01-25 18:06:05 >
root@k8s-node03:~# systemctl daemon-reload && systemctl restart kubelet.serviceroot@k8s-node03:~# systemctl status kubelet.service● kubelet.service - kubelet: The Kubernetes Node Agent     Loaded: loaded (/lib/systemd/system/kubelet.service; enabled; vendor preset: enabled)    Drop-In: /etc/systemd/system/kubelet.service.d             └─10-kubeadm.conf     Active: active (running) since Wed 2023-01-25 18:12:36 CST; 10s ago       Docs: https://kubernetes.io/docs/home/   Main PID: 22727 (kubelet)      Tasks: 10 (limit: 4534)     Memory: 23.7M        CPU: 207ms     CGroup: /system.slice/kubelet.service             └─22727 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --container-runtime-endpoint=unix:///run/cri-dockerd.sock --pod-infra-container-image=>Jan 25 18:12:37 k8s-node03 kubelet[22727]: I0125 18:12:37.373816   22727 reconciler_common.go:253] "operationExecutor.VerifyControllerAttachedVolume started for volume \"cni-plugin\" (UniqueName: \"kubernetes.io/host-path/83cdc89b-6744-4c38-95a6-0933a2392bf4-cni-plu>Jan 25 18:12:37 k8s-node03 kubelet[22727]: I0125 18:12:37.373941   22727 reconciler_common.go:253] "operationExecutor.VerifyControllerAttachedVolume started for volume \"xtables-lock\" (UniqueName: \"kubernetes.io/host-path/83cdc89b-6744-4c38-95a6-0933a2392bf4-xtabl>Jan 25 18:12:37 k8s-node03 kubelet[22727]: I0125 18:12:37.374054   22727 reconciler_common.go:253] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kube-api-access-xw9jx\" (UniqueName: \"kubernetes.io/projected/83cdc89b-6744-4c38-95a6-0933a2392>Jan 25 18:12:37 k8s-node03 kubelet[22727]: I0125 18:12:37.374166   22727 reconciler_common.go:253] "operationExecutor.VerifyControllerAttachedVolume started for volume \"flannel-cfg\" (UniqueName: \"kubernetes.io/configmap/83cdc89b-6744-4c38-95a6-0933a2392bf4-flanne>Jan 25 18:12:37 k8s-node03 kubelet[22727]: I0125 18:12:37.374277   22727 reconciler_common.go:253] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kube-proxy\" (UniqueName: \"kubernetes.io/configmap/74d7b6cb-83f8-4760-b7f2-68b40e01b9b4-kube-pr>Jan 25 18:12:37 k8s-node03 kubelet[22727]: I0125 18:12:37.374452   22727 reconciler_common.go:253] "operationExecutor.VerifyControllerAttachedVolume started for volume \"xtables-lock\" (UniqueName: \"kubernetes.io/host-path/74d7b6cb-83f8-4760-b7f2-68b40e01b9b4-xtabl>Jan 25 18:12:37 k8s-node03 kubelet[22727]: I0125 18:12:37.374654   22727 reconciler_common.go:253] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kube-api-access-l2wqr\" (UniqueName: \"kubernetes.io/projected/74d7b6cb-83f8-4760-b7f2-68b40e01b>Jan 25 18:12:37 k8s-node03 kubelet[22727]: I0125 18:12:37.374740   22727 reconciler_common.go:253] "operationExecutor.VerifyControllerAttachedVolume started for volume \"run\" (UniqueName: \"kubernetes.io/host-path/83cdc89b-6744-4c38-95a6-0933a2392bf4-run\") pod \"k>Jan 25 18:12:37 k8s-node03 kubelet[22727]: I0125 18:12:37.374840   22727 reconciler_common.go:253] "operationExecutor.VerifyControllerAttachedVolume started for volume \"cni\" (UniqueName: \"kubernetes.io/host-path/83cdc89b-6744-4c38-95a6-0933a2392bf4-cni\") pod \"k>Jan 25 18:12:37 k8s-node03 kubelet[22727]: I0125 18:12:37.374906   22727 reconciler.go:41] "Reconciler: start to sync state"