基于rancher安装部署k8s

基础配置

systemctl stop firewalld && systemctl disable firewalld
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config

vi /etc/hosts
ip1 node1
ip2 node2
ip3 node3


#免密登录
ssh-keygen

ssh-copy-id -i ~/.ssh/id_rsa.pub 普通用户@ip1
ssh-copy-id -i ~/.ssh/id_rsa.pub 普通用户@ip2
ssh-copy-id -i ~/.ssh/id_rsa.pub 普通用户@ip3
#验证
ssh 普通用户@ip1

rancher

kubectl

yum install -y epel-release
yum -y install snapd

snap install kubectl --classic
kubectl help

rke

二进制安装文件，创建k8s集群

wget https://github.com/rancher/rke/releases/download/v1.3.20/rke_linux-amd64
cp rke_linux-amd64 /usr/local/bin/rke
chmod +x /usr/local/bin/rke

rke --version

helm

k8s的包管理器，charts与helm的关系类似于rpm与yum。

wget https://get.helm.sh/helm-v3.12.0-linux-amd64.tar.gz
tar zxvf helm-v3.12.0-linux-amd64.tar.gz
cp linux-amd64/helm /usr/local/bin/helm

helm help

docker-ce

yum list docker-ce --showduplicates
yum install -y docker-ce-18.06.3.ce-3.el7

部署k8s

#vi rancher-cluster.yml
nodes:
  - address: ip1
    user: 普通用户
    role: [controlplane,worker,etcd] #节点角色
  - address: ip2
    user: 普通用户
    role: [controlplane,worker,etcd]
  - address: ip3
    user: 普通用户
    role: [controlplane,worker,etcd]

services:
  etcd:
    snapshot: true
    creation: 6h
    retention: 12

rke up --config ./rancher-cluster.yml
#返回下面的消息则说明执行成功：Finished building Kubernetes cluster successfully.
#kubectl get pods --all-namespaces，pod为running

保存以下文件：

rancher-cluster.yml：rke孵化k8s集群的配置文件

kube_config_rancher-cluster.yml：k8s被访问的kubeconfig文件，此文件包含完全访问群集的凭据

rancher-cluster.rkestate：k8s群集的状态文件，此文件包含完全访问群集的凭据

mkdir .kube
cp kube_config_rancher-cluster.yml .kube/
export KUBECONFIG=$(pwd)/kube_config_rancher-cluster.yml
#查看
kubectl get nodes

部署rancher

#加仓库
helm repo add rancher-stable https://releases.rancher.com/server-charts/stable

kubectl create namespace cattle-system

#安装CustomResourceDefinition资源
kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.12/deploy/manifests/00-crds.yaml

kubectl create namespace cert-manager
#添加Jetstack仓库，更新缓存
helm repo add jetstack https://charts.jetstack.io
helm repo update

#通过helm chart安装cert-manager
helm install cert-manager jetstack/cert-manager --namespace cert-manager --version v0.12.0

#验证
kubectl get pods --namespace cert-manager