前置说明

master节点CRI: docker
node节点CRI：crio
机器版本：ubuntu 20.4
CRI版本：crio 1.20.7 docker 20.10.7
k8s版本：1.20.12
kubelet、kubeadm、kubectl：1.20.12

前提条件
1、集群中所有机器网络互连
2、不可有重复主机名、mac地址
3、禁用交换分区

前置操作

禁用交换分区

swapoff -a

关闭防火墙

systemctl stop firewalld

master节点搭建步骤

1、配置 sysctl 参数

cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables  = 1
net.ipv4.ip_forward                 = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF

# 手动加载所有配置
sudo sysctl --system

2、安装docker

sudo apt install docker.io

3、安装kube组件

sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl

sudo curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -

sudo echo "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

sudo apt-get update
sudo apt-get install -y kubelet=1.20.12-00 kubeadm=1.20.12-00 kubectl=1.20.12-00
sudo apt-mark hold kubelet=1.20.12-00 kubeadm=1.20.12-00 kubectl=1.20.12-00

4、初始化集群

kubeadm init \
--apiserver-advertise-address=master节点ip \
--image-repository registry.aliyuncs.com/google_containers \
--kubernetes-version v1.20.12 \
--service-cidr=10.1.0.0/16 \
--pod-network-cidr=10.244.0.0/16 \
--cri-socket=/var/run/dockershim.sock

初始化成功后会生成 join 命令行，记得保存一下。

node节点搭建步骤

安装crio

1、前置配置检查

# 创建 .conf 文件以在启动时加载模块
cat <<EOF | sudo tee /etc/modules-load.d/crio.conf
overlay
br_netfilter
EOF

# 加载模块
sudo modprobe overlay
sudo modprobe br_netfilter

2、配置 sysctl 参数

cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables  = 1
net.ipv4.ip_forward                 = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF

# 手动加载所有配置
sudo sysctl --system

3、安装

3.1、导入版本变量

# crio版本
export VERSION=1.20  
# 操作系统版本
export OS=xUbuntu_20.04

os变量值参考：
操作系统 $OS
Ubuntu 20.04 xUbuntu_20.04
Ubuntu 19.10 xUbuntu_19.10
Ubuntu 19.04 xUbuntu_19.04
Ubuntu 18.04 xUbuntu_18.04

3.2、配置版本仓库

cat <<EOF | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/${OS}/ /
EOF
cat <<EOF | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:${VERSION}.list
deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/${VERSION}/${OS}/ /
EOF

3.3、下载版本key

curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/${OS}/Release.key | sudo apt-key --keyring /etc/apt/trusted.gpg.d/libcontainers.gpg add -
curl -L https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:${VERSION}/${OS}/Release.key | sudo apt-key --keyring /etc/apt/trusted.gpg.d/libcontainers-cri-o.gpg add -

3.4、安装

sudo apt-get update
sudo apt-get install cri-o cri-o-runc

3.5、启动crio

sudo systemctl daemon-reload
sudo systemctl enable crio --now

3.6、修改crio配置

sudo vi /etc/crio/crio.conf
# 找到[crio.runtime],将其下变量修改为如下
conmon_cgroup = "pod"
cgroup_manager = "cgroupfs"

# 找到 pause_image, 修改镜像源（如果可以科学上网可以不用换）
pause_image = "registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2"

3.7、重启crio

systemctl restart crio

4、安装kube组件

sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl

sudo curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -

sudo echo "deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

sudo apt-get update
sudo apt-get install -y kubelet=1.20.12-00 kubeadm=1.20.12-00 kubectl=1.20.12-00
sudo apt-mark hold kubelet=1.20.12-00 kubeadm=1.20.12-00 kubectl=1.20.12-00

5、node节点加入master组成集群

使用master节点初始化成功时生成的 join 命令行

kubeadm join 主节点ip:6443 --cri-socket /var/run/crio/crio.sock --token xxxx --discovery-token-ca-cert-hash sha256:xxxx