1.脚本部署

#/bin/bash
hostnamectl set-hostname k8s-master1
echo "172.19.16.10 k8s-master1" >> /etc/hosts
systemctl stop firewalld
systemctl disable firewalldsed -i 's/enforcing/disabled/' /etc/selinux/config 
setenforce 0swapoff -acat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOFmodprobe br_netfilter
lsmod | grep br_netfiltercd /etc/yum.repos.d
mv CentOS-Base.repo CentOS-Base.repo.bak
curl -o CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
sed -i 's/gpgcheck=1/gpgcheck=0/g' /etc/yum.repos.d/CentOS-Base.repocurl -o docker-ce.repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repocat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOFyum clean all  
yum makecache  
yum repolistyum list docker-ce --showduplicates | sort -r
yum install docker-ce-19.03.9 docker-ce-cli-19.03.9 containerd.io -ysystemctl start docker
systemctl enable dockertee /etc/docker/daemon.json <<-'EOF'
{"registry-mirrors":["https://reg-mirror.qiniu.com/"]}
EOFsystemctl daemon-reload
systemctl restart docker
#安装kubeadm、kubelet和kubectl(根据需求 指定版本号 如果不指定 默认拉取最新的版本)
yum -y  install kubelet-1.20.5 kubeadm-1.20.5 kubectl-1.20.5
systemctl enable kubeletecho "export KUBECONFIG=/etc/kubernetes/admin.conf" >> /etc/profile
source /etc/profile
#address=172.19.16.10需要填写服务器内网，用公网无法启动
kubeadm init \--apiserver-advertise-address=172.19.16.10 \--image-repository registry.aliyuncs.com/google_containers \--kubernetes-version v1.20.5 \--service-cidr=10.1.0.0/16 \--pod-network-cidr=10.244.0.0/16\--ignore-preflight-errors=NumCPU#安装calico网络插件
wget https://docs.projectcalico.org/v3.8/manifests/calico.yaml
#value改成第4步中的pod-network-cidr的IP:10.244.0.0/16
sed -i "s/192.168/10.244/g" calico.yaml
kubectl apply -f calico.yaml

默认token有效期为24小时，当过期之后，该token就不可用了。这时就需要重新创建token，可以直接使用命令快捷生成：

kubeadm token create --print-join-command

2.部署dashboard
Dashboard是官方提供的一个UI，可用于基本管理K8s资源。

1、YAML下载地址：
https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml
课件中文件名是：kubernetes-dashboard.yaml
默认Dashboard只能集群内部访问，修改Service为NodePort类型，暴露到外部：

# 默认 dashboad 只能集群内部访问，修改 service 为 nodeport 类型，暴露到外部
wgethttps://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml
vi recommended.yamlkind: Service
apiVersion: v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
spec:ports:- port: 443targetPort: 8443nodePort: 30001selector:k8s-app: kubernetes-dashboardtype: NodePort# 安装dashboard
kubectl apply -f recommended.yaml
kubectl get pods -n kubernetes-dashboard

创建 service account 并绑定默认 cluster-admin 管理员集群角色：

# 创建用户
$ kubectl create serviceaccount dashboard-admin -n kube-system
# 用户授权
$ kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
# 获取用户Token
$ kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')

访问地址：https://nodeip:30001，使用输出的 token 登录 dashboard

当创建单机版的 k8s 时，这个时候 master 节点是默认不允许调度 pod 。

kubectl taint nodes --all node-role.kubernetes.io/master-

将 master 标记为可调度即可
设置污点

NoSchedule: 一定不能被调度
PreferNoSchedule: 尽量不要调度
NoExecute: 不仅不会调度, 还会驱逐Node上已有的Podkubectl taint nodes node1 key1=value1:NoSchedule
kubectl taint nodes node1 key1=value1:NoExecute
kubectl taint nodes node1 key2=value2:NoSchedule

删除污点

kubectl taint node node1 key1:NoSchedule-  # 这里的key可以不用指定value
kubectl taint node node1 key1:NoExecute-
kubectl taint node node1 key1-             # 删除指定key所有的effect
kubectl taint node node1 key2:NoSchedule-

3…错误总结
问题：第3第4步版本拉取不一致导致出现

this version of kubeadm only supports deploying clusters with the control plane version >= 1.27.0. Current version: v1.20.5 To see the stack trace of this error execute with --v=5 or higher

解决方法：移除后指定对应版本

yum remove -y kubelet kubeadm kubectl

yum -y install kubelet-1.20.5 kubeadm-1.20.5 kubectl-1.20.5

问题：因为第4步环境变量设置的是临时的，重启或其他一些行为就会导致这个问题

The connection to the server localhost:8080 was refused - did you specify the right host or port?

解决方法：设置永久环境变量

vim /etc/profile

export KUBECONFIG=/etc/kubernetes/admin.conf

source /etc/profile

#安装Calico网络插件
wget https://docs.projectcalico.org/v3.8/manifests/calico.yaml #如果下载不了就用浏览器访问，复制源码粘贴。记得在calico.yaml文件里的625行处把192.168.0.0/16修改为10.244.0.0/16。