K8S cluster with multi-masters on Azure VM

拓扑参考:

在 Azure VM 实例上部署 KubeSphere

  • 基础模板

    需要修改 IP 地址和 VM Image的可以在模板中修改。

    powershell 复制代码
    {
        "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
        "contentVersion": "1.0.0.0",
        "parameters": {
            "vmNamePrefix": {
                "defaultValue": "master-",
                "type": "String",
                "metadata": {
                    "description": "The name of your VM master node."
                }
            },
            "vmssName": {
                "defaultValue": "node",
                "type": "String",
                "metadata": {
                    "description": "The name of your VMSS cluster."
                }
            },
            "location": {
                "defaultValue": "[resourceGroup().location]",
                "type": "String",
                "metadata": {
                    "description": "Location for all resources."
                }
            },
            "adminUsername": {
                "type": "String",
                "metadata": {
                    "description": "Username for the Virtual Machine."
                }
            },
            "adminKey": {
                "type": "SecureString",
                "metadata": {
                    "description": "SSH Key for the Virtual Machine."
                }
            },
            "defaultMasterCount": {
                "defaultValue": 3,
                "type": "Int",
                "metadata": {
                    "description": "The default instances count of master"
                }
            },
            "defaultNodeCount": {
                "defaultValue": 3,
                "type": "Int",
                "metadata": {
                    "description": "The initial node size of your VMSS cluster."
                }
            },
            "minNodeCount": {
                "defaultValue": 1,
                "type": "Int",
                "metadata": {
                    "description": "The min node size of your VMSS cluster."
                }
            },
            "maxNodeCount": {
                "defaultValue": 20,
                "type": "Int",
                "metadata": {
                    "description": "The max node size of your VMSS cluster."
                }
            },
            "dnsLabelPrefix": {
                "defaultValue": "[toLower(concat('k8s-cluster-', uniqueString(resourceGroup().id)))]",
                "type": "String",
                "metadata": {
                    "description": "Unique DNS Name for the Public IP used to access the Virtual Machine."
                }
            },
            "vmSize": {
                "defaultValue": "Standard_DS2_v2",
                "type": "String",
                "metadata": {
                    "description": "The size of the VM"
                }
            },
            "virtualNetworkName": {
                "defaultValue": "vNetwork",
                "type": "String",
                "metadata": {
                    "description": "Name of the Virtual Network"
                }
            },
            "subnetName": {
                "defaultValue": "Subnet",
                "type": "String",
                "metadata": {
                    "description": "Name of the subnet in the virtual network"
                }
            },
            "vmssSubnetName": {
                "defaultValue": "nodeSubnet",
                "type": "String",
                "metadata": {
                    "description": "Name of the VMSS subnet in the virtual network"
                }
            },
            "publicLBName": {
                "defaultValue": "publicLB",
                "type": "String",
                "metadata": {
                    "description": "Internal Load Balancer name"
                }
            }
        },
        "variables": {
            "publicIPAddressName": "[concat(parameters('publicLBName'), 'IP' )]",
            "availabilitySetName": "masterAvSet",
            "networkInterfaceName": "[concat(parameters('vmNamePrefix'),'Interface')]",
            "networkSecurityGroupName": "[concat(parameters('virtualNetworkName'),'nsg-default')]",
            "subnetRef": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworkName'), parameters('subnetName'))]",
            "vmssSubnetRef": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworkName'), parameters('vmssSubnetName'))]",
            "osDiskType": "Standard_LRS",
            "publicLBID": "[resourceId('Microsoft.Network/loadBalancers',parameters('publicLBName'))]"
        },
        "resources": [
            {
                "type": "Microsoft.Network/networkSecurityGroups",
                "apiVersion": "2015-06-15",
                "name": "[variables('networkSecurityGroupName')]",
                "location": "[parameters('location')]",
                "properties": {
                    "securityRules": [
                        {
                            "name": "Port_SSH",
                            "properties": {
                                "description": "SSH",
                                "protocol": "*",
                                "sourcePortRange": "*",
                                "destinationPortRange": "22",
                                "sourceAddressPrefix": "*",
                                "destinationAddressPrefix": "*",
                                "access": "Allow",
                                "priority": 100,
                                "direction": "Inbound",
                                "sourcePortRanges": [],
                                "destinationPortRanges": [],
                                "sourceAddressPrefixes": [],
                                "destinationAddressPrefixes": []
                            }
                        },
                        {
                            "name": "Port_API_Server",
                            "properties": {
                                "description": "k8s API Server",
                                "protocol": "TCP",
                                "sourcePortRange": "*",
                                "destinationPortRange": "6443",
                                "sourceAddressPrefix": "*",
                                "destinationAddressPrefix": "*",
                                "access": "Allow",
                                "priority": 140,
                                "direction": "Inbound",
                                "sourcePortRanges": [],
                                "destinationPortRanges": [],
                                "sourceAddressPrefixes": [],
                                "destinationAddressPrefixes": []
                            }
                        },
                        {
                            "name": "Port_Http",
                            "properties": {
                                "description": "Web",
                                "protocol": "TCP",
                                "sourcePortRange": "*",
                                "destinationPortRange": "80",
                                "sourceAddressPrefix": "*",
                                "destinationAddressPrefix": "*",
                                "access": "Allow",
                                "priority": 120,
                                "direction": "Inbound",
                                "sourcePortRanges": [],
                                "destinationPortRanges": [],
                                "sourceAddressPrefixes": [],
                                "destinationAddressPrefixes": []
                            }
                        },
                        {
                            "name": "Port_Https",
                            "properties": {
                                "protocol": "TCP",
                                "sourcePortRange": "*",
                                "destinationPortRange": "443",
                                "sourceAddressPrefix": "*",
                                "destinationAddressPrefix": "*",
                                "access": "Allow",
                                "priority": 130,
                                "direction": "Inbound",
                                "sourcePortRanges": [],
                                "destinationPortRanges": [],
                                "sourceAddressPrefixes": [],
                                "destinationAddressPrefixes": []
                            }
                        }
                    ]
                }
            },
            {
                "type": "Microsoft.Network/virtualNetworks",
                "apiVersion": "2019-11-01",
                "name": "[parameters('virtualNetworkName')]",
                "location": "[parameters('location')]",
                "dependsOn": [
                    "[resourceId('Microsoft.Network/networkSecurityGroups/', variables('networkSecurityGroupName'))]"
                ],
                "properties": {
                    "addressSpace": {
                        "addressPrefixes": [
                            "10.211.0.0/16"
                        ]
                    },
                    "subnets": [
                        {
                            "name": "[parameters('vmssSubnetName')]",
                            "properties": {
                                "networkSecurityGroup": {
                                    "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]"
                                },
                                "addressPrefix": "10.211.0.0/24"
                            }
                        },
                        {
                            "name": "[parameters('subnetName')]",
                            "properties": {
                                "networkSecurityGroup": {
                                    "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]"
                                },
                                "addressPrefix": "10.211.1.0/24"
                            }
                        }
                    ]
                }
            },
            {
                "type": "Microsoft.Network/networkInterfaces",
                "apiVersion": "2019-11-01",
                "name": "[concat(variables('networkInterfaceName'), copyindex())]",
                "location": "[parameters('location')]",
                "dependsOn": [
                    "[resourceId('Microsoft.Network/virtualNetworks/', parameters('virtualNetworkName'))]",
                    "[resourceId('Microsoft.Network/loadBalancers/', parameters('publicLBName'))]"
                ],
                "properties": {
                    "ipConfigurations": [
                        {
                            "name": "ipconfig1",
                            "properties": {
                                "subnet": {
                                    "id": "[variables('subnetRef')]"
                                },
                                "loadBalancerBackendAddressPools": [
                                    {
                                        "id": "[concat(variables('publicLBID'), '/backendAddressPools/BackendPoolMaster')]"
                                    }
                                ],
                                "loadBalancerInboundNatRules": [
                                    {
                                        "id": "[concat(variables('publicLBID'), '/inboundNatRules/lbNAT-master',copyindex())]"
                                    }
                                ],
                                "privateIPAllocationMethod": "Dynamic"
                            }
                        }
                    ]
                },
                "copy": {
                    "name": "nicLoop",
                    "count": "[parameters('defaultMasterCount')]"
                }
            },
            {
                "type": "Microsoft.Network/publicIPAddresses",
                "apiVersion": "2019-09-01",
                "name": "[variables('publicIPAddressName')]",
                "location": "[parameters('location')]",
                "sku": {
                    "name": "Standard"
                },
                "properties": {
                    "publicIPAllocationMethod": "Static",
                    "publicIPAddressVersion": "IPv4",
                    "dnsSettings": {
                        "domainNameLabel": "[parameters('dnsLabelPrefix')]"
                    },
                    "idleTimeoutInMinutes": 10
                }
            },
            {
                "type": "Microsoft.Network/loadBalancers",
                "apiVersion": "2018-06-01",
                "name": "[parameters('publicLBName')]",
                "location": "[parameters('location')]",
                "dependsOn": [
                    "[concat('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]"
                ],
                "sku": {
                    "name": "Standard"
                },
                "properties": {
                    "frontendIPConfigurations": [
                        {
                            "name": "LoadBalancerFrontEnd",
                            "properties": {
                                "publicIPAddress": {
                                    "id": "[resourceId('Microsoft.Network/publicIPAddresses',variables('publicIPAddressName'))]"
                                }
                            }
                        }
                    ],
                    "backendAddressPools": [
                        {
                            "name": "BackendPoolNode"
                        },
                        {
                            "name": "BackendPoolMaster"
                        }
                    ],
                    "loadBalancingRules": [
                        {
                            "name": "HttpLBRule",
                            "properties": {
                                "frontendIPConfiguration": {
                                    "id": "[concat(variables('publicLBID'),'/frontendIPConfigurations/LoadBalancerFrontEnd')]"
                                },
                                "backendAddressPool": {
                                    "id": "[concat(variables('publicLBID'),'/backendAddressPools/BackendPoolNode')]"
                                },
                                "protocol": "Tcp",
                                "frontendPort": 80,
                                "backendPort": 80,
                                "enableFloatingIP": false,
                                "disableOutboundSnat": false,
                                "idleTimeoutInMinutes": 5,
                                "probe": {
                                    "id": "[concat(variables('publicLBID'),'/probes/tcpProbe')]"
                                }
                            }
                        },
                        {
                            "name": "APILBRule",
                            "properties": {
                                "frontendIPConfiguration": {
                                    "id": "[concat(variables('publicLBID'),'/frontendIPConfigurations/LoadBalancerFrontEnd')]"
                                },
                                "backendAddressPool": {
                                    "id": "[concat(variables('publicLBID'),'/backendAddressPools/BackendPoolMaster')]"
                                },
                                "protocol": "Tcp",
                                "frontendPort": 6443,
                                "backendPort": 6443,
                                "enableFloatingIP": false,
                                "disableOutboundSnat": false,
                                "idleTimeoutInMinutes": 5,
                                "probe": {
                                    "id": "[concat(variables('publicLBID'),'/probes/apitcpProbe')]"
                                }
                            }
                        }
                    ],
                    "probes": [
                        {
                            "name": "tcpProbe",
                            "properties": {
                                "protocol": "Tcp",
                                "port": 80,
                                "intervalInSeconds": 5,
                                "numberOfProbes": 2
                            }
                        },
                        {
                            "name": "apitcpProbe",
                            "properties": {
                                "protocol": "Tcp",
                                "port": 6443,
                                "intervalInSeconds": 5,
                                "numberOfProbes": 2
                            }
                        }
                    ],
                    "inboundNatRules": [
                        {
                            "name": "lbNAT-master0",
                            "properties": {
                                "frontendIPConfiguration": {
                                    "id": "[concat(variables('publicLBID'),'/frontendIPConfigurations/LoadBalancerFrontEnd')]"
                                },
                                "protocol": "Tcp",
                                "frontendPort": "50200",
                                "backendPort": "22"
                            }
                        },
                        {
                            "name": "lbNAT-master1",
                            "properties": {
                                "frontendIPConfiguration": {
                                    "id": "[concat(variables('publicLBID'),'/frontendIPConfigurations/LoadBalancerFrontEnd')]"
                                },
                                "protocol": "Tcp",
                                "frontendPort": "50201",
                                "backendPort": "22"
                            }
                        },
                        {
                            "name": "lbNAT-master2",
                            "properties": {
                                "frontendIPConfiguration": {
                                    "id": "[concat(variables('publicLBID'),'/frontendIPConfigurations/LoadBalancerFrontEnd')]"
                                },
                                "protocol": "Tcp",
                                "frontendPort": "50202",
                                "backendPort": "22"
                            }
                        }
                    ],
                    "inboundNatPools": [
                        {
                            "name": "lbNAT-node",
                            "properties": {
                                "frontendIPConfiguration": {
                                    "id": "[concat(variables('publicLBID'),'/frontendIPConfigurations/LoadBalancerFrontEnd')]"
                                },
                                "protocol": "Tcp",
                                "frontendPortRangeStart": 50100,
                                "frontendPortRangeEnd": 50199,
                                "backendPort": 22
                            }
                        }
                    ]
                }
            },
            {
                "type": "Microsoft.Compute/availabilitySets",
                "apiVersion": "2016-04-30-preview",
                "name": "[variables('availabilitySetName')]",
                "location": "[parameters('location')]",
                "properties": {
                    "platformFaultDomainCount": 2,
                    "platformUpdateDomainCount": 2,
                    "managed": true
                }
            },
            {
                "type": "Microsoft.Compute/virtualMachines",
                "apiVersion": "2019-07-01",
                "name": "[concat(parameters('vmNamePrefix'), copyindex())]",
                "location": "[parameters('location')]",
                "dependsOn": [
                    "[concat('Microsoft.Network/networkInterfaces/', variables('networkInterfaceName'), copyindex())]",
                    "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]",
                    "[concat('Microsoft.Compute/virtualMachineScaleSets/', parameters('vmssName'))]"
                ],
                "properties": {
                    "availabilitySet": {
                        "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]"
                    },
                    "hardwareProfile": {
                        "vmSize": "[parameters('vmSize')]"
                    },
                    "storageProfile": {
                        "osDisk": {
                            "createOption": "FromImage",
                            "managedDisk": {
                                "storageAccountType": "[variables('osDiskType')]"
                            }
                        },
                        "imageReference": {
                            "publisher": "Canonical",
                            "offer": "0001-com-ubuntu-server-focal",
                            "sku": "20_04-lts-gen2",
                            "version": "latest"
                        }
                    },
                    "networkProfile": {
                        "networkInterfaces": [
                            {
                                "id": "[resourceId('Microsoft.Network/networkInterfaces',concat(variables('networkInterfaceName'),copyindex()))]"
                            }
                        ]
                    },
                    "osProfile": {
                        "computerName": "[concat(parameters('vmNamePrefix'), copyindex())]",
                        "adminUsername": "[parameters('adminUsername')]",
                        "adminPassword": "[parameters('adminKey')]",
                        "linuxConfiguration": {
                            "disablePasswordAuthentication": true,
                            "ssh": {
                                "publicKeys": [
                                    {
                                        "path": "[concat('/home/', parameters('adminUsername'), '/.ssh/authorized_keys')]",
                                        "keyData": "[parameters('adminKey')]"
                                    }
                                ]
                            }
                        }
                    }
                },
                "copy": {
                    "name": "virtualMachineLoop",
                    "count": "[parameters('defaultMasterCount')]"
                }
            },
            {
                "type": "Microsoft.Compute/virtualMachineScaleSets",
                "apiVersion": "2019-07-01",
                "name": "[parameters('vmssName')]",
                "location": "[parameters('location')]",
                "dependsOn": [
                    "[concat('Microsoft.Network/virtualNetworks/', parameters('virtualNetworkName'))]",
                    "[concat('Microsoft.Network/loadBalancers/', parameters('publicLBName'))]"
                ],
                "tags": {
                    "cluster-autoscaler-enabled": "true",
                    "cluster-autoscaler-name": "[resourceGroup().name]",
                    "min": "[parameters('minNodeCount')]",
                    "max": "[parameters('maxNodeCount')]",
                    "poolName": "[parameters('vmssName')]"
                },
                "sku": {
                    "name": "[parameters('vmSize')]",
                    "tier": "Standard",
                    "capacity": "[parameters('defaultNodeCount')]"
                },
                "properties": {
                    "overprovision": false,
                    "upgradePolicy": {
                        "mode": "Manual"
                    },
                    "virtualMachineProfile": {
                        "storageProfile": {
                            "osDisk": {
                                "createOption": "FromImage",
                                "caching": "ReadWrite"
                            },
                            "imageReference": {
                                "publisher": "Canonical",
                                "offer": "0001-com-ubuntu-server-focal",
                                "sku": "20_04-lts-gen2",
                                "version": "latest"
                            }
                        },
                        "osProfile": {
                            "computerNamePrefix": "[parameters('vmssName')]",
                            "adminUsername": "[parameters('adminUsername')]",
                            "adminPassword": "[parameters('adminKey')]",
                            "linuxConfiguration": {
                                "disablePasswordAuthentication": true,
                                "ssh": {
                                    "publicKeys": [
                                        {
                                            "path": "[concat('/home/', parameters('adminUsername'), '/.ssh/authorized_keys')]",
                                            "keyData": "[parameters('adminKey')]"
                                        }
                                    ]
                                }
                            }
                        },
                        "networkProfile": {
                            "networkInterfaceConfigurations": [
                                {
                                    "name": "[concat(parameters('vmssName'),'nic')]",
                                    "properties": {
                                        "primary": true,
                                        "ipConfigurations": [
                                            {
                                                "name": "[concat('ipconfigVmss', parameters('vmssName'))]",
                                                "properties": {
                                                    "subnet": {
                                                        "id": "[variables('vmssSubnetRef')]"
                                                    },
                                                    "loadBalancerBackendAddressPools": [
                                                        {
                                                            "id": "[concat(variables('publicLBID'), '/backendAddressPools/BackendPoolNode')]"
                                                        }
                                                    ],
                                                    "loadBalancerInboundNatPools": [
                                                        {
                                                            "id": "[concat(variables('publicLBID'), '/inboundNatPools/lbNAT-node')]"
                                                        }
                                                    ]
                                                }
                                            }
                                        ]
                                    }
                                }
                            ]
                        }
                    }
                }
            }
        ],
        "outputs": {
            "adminUsername": {
                "type": "String",
                "value": "[parameters('adminUsername')]"
            },
            "hostname": {
                "type": "String",
                "value": "[reference(variables('publicIPAddressName')).dnsSettings.fqdn]"
            },
            "sshCommand": {
                "type": "String",
                "value": "[concat('ssh ', parameters('adminUsername'), '@', reference(variables('publicIPAddressName')).dnsSettings.fqdn)]"
            }
        }
    }
    • 可以修改 master 和 node 的名字前缀、部署区域、数量和 VM 类型

      • ssh 22 对外由 LB 配置 NAT 端口实现,如配置文件中 50200 → master-0

        • 已经包含的规则转换(不含 30880)

          服务 协议 规则 后端端口 前端端口 节点池
          ssh TCP 入站 NAT 22 50200, 50201, 50202, 50100~50199 主节点, 普通节点
          api 服务器 TCP 负载均衡 6443 6443 主节点
          ks 控制台 TCP 负载均衡 30880 30880 主节点
          http TCP 负载均衡 80 80 普通节点
          https TCP 负载均衡 443 443 普通节点
      • node 使用 VMSS

  • 部署 K8S cluster

    最简单的方式还是用 kk 完成,注意在 kubernetes 1.24 以后,psp 弃用,在 kk 中还有 psp 权限管理,安装的时候会报错。建议使用 1.23.10,也是 kk 现在默认的版本。

    • 证书传输 → Master-0

      powershell 复制代码
      scp  -i zyi.pem -P 50200 zyi.pem zyi@20.247.0.170:/home/zyi/.ssh/
    • 每一台安装 socat 等必须的软件

      powershell 复制代码
      ssh -i zyi.pem -p50200 zyi@20.247.0.170 'sudo apt install socat conntrack'
    • 登录到 Mater-0

      powershell 复制代码
      ssh -i zyi.pem -p50200 zyi@20.247.0.170
    • 下载 kk 并赋予可执行权限

    powershell 复制代码
    curl -sfL https://get-kk.kubesphere.io | VERSION=v3.0.10 sh -
    
    chmod +x kk
    • 创建配置文件模板

      powershell 复制代码
      ./kk create config --with-kubesphere v3.3.2 --with-kubernetes v1.22.12
      • KubeSphere 3.3 对应 Kubernetes 版本推荐:v1.20.x、v1.21.x、* v1.22.x、* v1.23.x 和 * v1.24.x。带星号的版本可能出现边缘节点部分功能不可用的情况。因此,如需使用边缘节点,推荐安装 v1.21.x。如果未指定 Kubernetes 版本,KubeKey 将默认安装 Kubernetes v1.23.10。有关支持的 Kubernetes 版本请参阅支持矩阵

      • 如果在此步骤中的命令中未添加标志 -with-kubesphere,则不会部署 KubeSphere,除非您使用配置文件中的 addons 字段进行安装,或稍后使用 ./kk create cluster 时再次添加此标志。

      • 如果在未指定 KubeSphere 版本的情况下添加标志 --with kubesphere`,将安装 KubeSphere 的最新版本。

      • 修改的内容用红色标注

        powershell 复制代码
        apiVersion: kubekey.kubesphere.io/v1alpha2
        kind: Cluster
        metadata:
          name: kubeCluster
        spec:
          hosts:
          - {name: master-0, address: 20.210.0.156, port: 50200, internalAddress: 10.211.1.5, user: zyi, privateKeyPath: "~/.ssh/zyi.pem"}
          - {name: master-1, address: 20.210.0.156, port: 50201, internalAddress: 10.211.1.6, user: zyi, privateKeyPath: "~/.ssh/zyi.pem"}
          - {name: master-2, address: 20.210.0.156, port: 50202, internalAddress: 10.211.1.4, user: zyi, privateKeyPath: "~/.ssh/zyi.pem"}
          - {name: node000000, address: 20.210.0.156, port: 50100, internalAddress: 10.211.0.4, user: zyi, privateKeyPath: "~/.ssh/zyi.pem"}
          - {name: node000001, address: 20.210.0.156, port: 50101, internalAddress: 10.211.0.5, user: zyi, privateKeyPath: "~/.ssh/zyi.pem"}
          - {name: node000002, address: 20.210.0.156, port: 50102, internalAddress: 10.211.0.6, user: zyi, privateKeyPath: "~/.ssh/zyi.pem"}
          roleGroups:
            etcd:
            - master-0
            - master-1
            - master-2
            control-plane:
            - master-0
            - master-1
            - master-2
            worker:
            - node000000
            - node000001
            - node000002
          controlPlaneEndpoint:
            ## Internal loadbalancer for apiservers
            # internalLoadbalancer: haproxy
            domain: lb.etaon.lab
            address: "20.210.0.156"
            port: 6443
          kubernetes:
            version: v1.23.10
            clusterName: cluster.local
            autoRenewCerts: true
            containerManager: docker
          etcd:
            type: kubekey
          network:
            plugin: flannel
            kubePodsCIDR: 10.233.64.0/18
            kubeServiceCIDR: 10.233.0.0/18
            ## multus support. https://github.com/k8snetworkplumbingwg/multus-cni
            multusCNI:
              enabled: false
          registry:
            privateRegistry: ""
            namespaceOverride: ""
            registryMirrors: []
            insecureRegistries: []
          addons: []
        
        ---
        apiVersion: installer.kubesphere.io/v1alpha1
        kind: ClusterConfiguration
        metadata:
          name: ks-installer
          namespace: kubesphere-system
          labels:
            version: v3.3.2
        spec:
          persistence:
            storageClass: ""
          authentication:
            jwtSecret: ""
          zone: ""
          local_registry: ""
          namespace_override: ""
          # dev_tag: ""
          etcd:
            monitoring: false
            endpointIps: localhost
            port: 2379
            tlsEnable: true
          common:
            core:
              console:
                enableMultiLogin: true
                port: 30880
                type: NodePort
            # apiserver:
            #  resources: {}
            # controllerManager:
            #  resources: {}
            redis:
              enabled: false
              volumeSize: 2Gi
            openldap:
              enabled: false
              volumeSize: 2Gi
            minio:
              volumeSize: 20Gi
            monitoring:
              # type: external
              endpoint: http://prometheus-operated.kubesphere-monitoring-system.svc:9090
              GPUMonitoring:
                enabled: false
            gpu:
              kinds:
              - resourceName: "nvidia.com/gpu"
                resourceType: "GPU"
                default: true
            es:
              # master:
              #   volumeSize: 4Gi
              #   replicas: 1
              #   resources: {}
              # data:
              #   volumeSize: 20Gi
              #   replicas: 1
              #   resources: {}
              logMaxAge: 7
              elkPrefix: logstash
              basicAuth:
                enabled: false
                username: ""
                password: ""
              externalElasticsearchHost: ""
              externalElasticsearchPort: ""
          alerting:
            enabled: false
            # thanosruler:
            #   replicas: 1
            #   resources: {}
          auditing:
            enabled: false
            # operator:
            #   resources: {}
            # webhook:
            #   resources: {}
          devops:
            enabled: false
            # resources: {}
            jenkinsMemoryLim: 8Gi
            jenkinsMemoryReq: 4Gi
            jenkinsVolumeSize: 8Gi
          events:
            enabled: false
            # operator:
            #   resources: {}
            # exporter:
            #   resources: {}
            # ruler:
            #   enabled: true
            #   replicas: 2
            #   resources: {}
          logging:
            enabled: false
            logsidecar:
              enabled: true
              replicas: 2
              # resources: {}
          metrics_server:
            enabled: false
          monitoring:
            storageClass: ""
            node_exporter:
              port: 9100
              # resources: {}
            # kube_rbac_proxy:
            #   resources: {}
            # kube_state_metrics:
            #   resources: {}
            # prometheus:
            #   replicas: 1
            #   volumeSize: 20Gi
            #   resources: {}
            #   operator:
            #     resources: {}
            # alertmanager:
            #   replicas: 1
            #   resources: {}
            # notification_manager:
            #   resources: {}
            #   operator:
            #     resources: {}
            #   proxy:
            #     resources: {}
            gpu:
              nvidia_dcgm_exporter:
                enabled: false
                # resources: {}
          multicluster:
            clusterRole: none
          network:
            networkpolicy:
              enabled: false
            ippool:
              type: none
            topology:
              type: none
          openpitrix:
            store:
              enabled: false
          servicemesh:
            enabled: false
            istio:
              components:
                ingressGateways:
                - name: istio-ingressgateway
                  enabled: false
                cni:
                  enabled: false
          edgeruntime:
            enabled: false
            kubeedge:
              enabled: false
              cloudCore:
                cloudHub:
                  advertiseAddress:
                    - ""
                service:
                  cloudhubNodePort: "30000"
                  cloudhubQuicNodePort: "30001"
                  cloudhubHttpsNodePort: "30002"
                  cloudstreamNodePort: "30003"
                  tunnelNodePort: "30004"
                # resources: {}
                # hostNetWork: false
              iptables-manager:
                enabled: true
                mode: "external"
                # resources: {}
              # edgeService:
              #   resources: {}
          terminal:
            timeout: 600
    • 安装部署

      powershell 复制代码
      ./kk create cluster -f config-sample.yaml
      • 安装日志
      powershell 复制代码
      kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l 'app in (ks-install, ks-installer)' -o jsonpath='{.items[0].metadata.name}') -f
      powershell 复制代码
      #####################################################
      ###              Welcome to KubeSphere!           ###
      #####################################################
      
      Console: http://10.211.1.5:30880
      Account: admin
      Password: P@88w0rd
      NOTES:
        1. After you log into the console, please check the
           monitoring status of service components in
           "Cluster Management". If any service is not
           ready, please wait patiently until all components 
           are up and running.
        2. Please change the default password after login.
      
      #####################################################
      https://kubesphere.io             2023-08-11 03:31:56
      #####################################################
    • 在 LBer 上为 30880端口 配置规则并在 ASG 上 permit

    • http://hostip:30880

  • 测试

    powershell 复制代码
    apiVersion: v1
    kind: Service
    metadata:
      name: hello-kubernetes
    spec:
      type: NodePort
      ports:
      - port: 80
        targetPort: 8080
      selector:
        app: hello-kubernetes
    ---
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: hello-kubernetes
    spec:
      replicas: 3
      selector:
        matchLabels:
          app: hello-kubernetes
      template:
        metadata:
          labels:
            app: hello-kubernetes
        spec:
          containers:
          - name: hello-kubernetes
            image: paulbouwer/hello-kubernetes:1.5
            ports:
            - containerPort: 8080
            env:
            - name: MESSAGE
              value: I just deployed a PodVM on the Azure VM Cluster!!
    • 配置外部访问30596 → 80

      powershell 复制代码
      kubectl get svc
      NAME               TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
      hello-kubernetes   NodePort    10.233.31.158   <none>        80:30596/TCP   167m
    • 负载均衡上配置

    • 访问前端 公网 IP 或 DNS 名称

相关推荐
Python私教1 小时前
ubuntu搭建k8s环境详细教程
linux·ubuntu·kubernetes
O&REO3 小时前
单机部署kubernetes环境下Overleaf-基于MicroK8s的Overleaf应用部署指南
云原生·容器·kubernetes
politeboy3 小时前
k8s启动springboot容器的时候,显示找不到application.yml文件
java·spring boot·kubernetes
运维小文4 小时前
K8S资源限制之LimitRange
云原生·容器·kubernetes·k8s资源限制
登云时刻4 小时前
Kubernetes集群外连接redis集群和使用redis-shake工具迁移数据(二)
redis·容器·kubernetes
wuxingge13 小时前
k8s1.30.0高可用集群部署
云原生·容器·kubernetes
志凌海纳SmartX14 小时前
趋势洞察|AI 能否带动裸金属 K8s 强势崛起?
云原生·容器·kubernetes
锅总14 小时前
nacos与k8s service健康检查详解
云原生·容器·kubernetes
BUG弄潮儿14 小时前
k8s 集群安装
云原生·容器·kubernetes
颜淡慕潇16 小时前
【K8S系列】kubectl describe pod显示ImagePullBackOff,如何进一步排查?
后端·云原生·容器·kubernetes