在RockyLinux9.4上安装Microk8s

在线安装Microk8s

1、安装snap

复制代码
yum install -y epel-release
yum install -y snapd
systemctl enable --now snapd.socket
systemctl start snapd
ln -s /var/lib/snapd/snap /snap

2、安装microk8s

bash 复制代码
snap install microk8s --classic # 在RockyLinux9.4上, 默认下载Microk8s 1.31版本
snap install microk8s --classic --channel=1.31/stable # --channnel参数可以指定Microk8s的版本
snap alias microk8s.kubectl kubectl

3、安装microk8s插件(addons)

bash 复制代码
microk8s enable dns ingress metrics-server

成功安装后,通过kubectl查看Pod和Image

bash 复制代码
# kubectl get pods -A
kube-system   calico-node-srvfr                         1/1     Running   0          11m
kube-system   calico-kube-controllers-5b577d865-xwqjh   1/1     Running   0          11m
kube-system   coredns-64c6478b6c-fcvkk                  1/1     Running   0          23s
ingress       nginx-ingress-microk8s-controller-rqtj2   1/1     Running   0          32s
kube-system   metrics-server-679c5f986d-vb6z7           1/1     Running   0          53m

microk8s.ctr i list | grep -vw DIGEST | grep -v ^sha256 | grep -v @sha256 | awk '{print $1}'
coredns/coredns:1.10.1
docker.io/calico/cni:v3.25.1
docker.io/calico/kube-controllers:v3.25.1
docker.io/calico/node:v3.25.1
docker.io/coredns/coredns:1.10.1
registry.k8s.io/ingress-nginx/controller:v1.11.2
registry.k8s.io/metrics-server/metrics-server:v0.6.3
registry.k8s.io/pause:3.7

在线安装可能遇到的问题

问题1: pod启动失败, 通过kubectl -n kube-system describe pod 查到失败原因是下载镜像失败

解决方法: 使用microk8s.ctr从国内源下载镜像,再给镜像打个tag,需要下载的镜像如下:

复制代码
k8s.gcr.io/pause:3.7
docker.io/calico/cni:v3.25.1
docker.io/calico/node:v3.25.1
docker.io/calico/kube-controllers:v3.25.1
docker.io/coredns/coredns:1.10.1
registry.k8s.io/ingress-nginx/controller:v1.11.2
registry.k8s.io/metrics-server/metrics-server:v0.6.3

从国内源下载镜像,再给镜像打tag

复制代码
microk8s.ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/pause:3.7
microk8s.ctr images tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/pause:3.7  registry.k8s.io/pause:3.7

microk8s.ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/cni:v3.25.1
microk8s.ctr images tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/cni:v3.25.1  docker.io/calico/cni:v3.25.1

microk8s.ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/node:v3.25.1
microk8s.ctr images tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/node:v3.25.1  docker.io/calico/node:v3.25.1

microk8s.ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/kube-controllers:v3.25.1
microk8s.ctr images tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/calico/kube-controllers:v3.25.1  docker.io/calico/kube-controllers:v3.25.1

microk8s.ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/coredns/coredns:v1.10.1
microk8s.ctr images tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/coredns/coredns:v1.10.1  docker.io/coredns/coredns:1.10.1

microk8s.ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller:v1.11.2
microk8s.ctr images tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller:v1.11.2  registry.k8s.io/ingress-nginx/controller:v1.11.2

microk8s.ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/metrics-server/metrics-server:v0.6.3
microk8s.ctr images tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/metrics-server/metrics-server:v0.6.3  registry.k8s.io/metrics-server/metrics-server:v0.6.3

问题2 : metrics-server启动失败, 'dial tcp XXX:10250: connect: no route to host"

解决方法:关闭防火墙,禁用SELinux

复制代码
systemctl disable firewalld --now
setenforce 0
vim /etc/selinux/config
SELINX=enforcing这行改成SELINUX=permissive

离线安装Microk8s

1、在可联网的环境下载Microk8s的snap安装包

bash 复制代码
snap download microk8s --channel=1.31/stable # 下载指定版本1.31

2、将下载好的snap包传输到目标机器上,安装microk8s

bash 复制代码
snap ack microk8s_<版本号>.assert
snap install microk8s_<版本号>.snap --classic

3、启动Microk8s服务

bash 复制代码
microk8s start

4、在可联网的环境下载Microk8s插件的Image并导出

bash 复制代码
microk8s.ctr i list | grep -vw DIGEST | grep -v ^sha256 | grep -v @sha256 | awk '{print $1}'
k8s.gcr.io/pause:3.7
docker.io/calico/cni:v3.25.1
docker.io/calico/node:v3.25.1
docker.io/calico/kube-controllers:v3.25.1
docker.io/coredns/coredns:1.10.1
registry.k8s.io/ingress-nginx/controller:v1.11.2
registry.k8s.io/metrics-server/metrics-server:v0.6.3

microk8s.ctr i export cni.tar docker.io/calico/cni:v3.25.1
microk8s.ctr i export kube-controllers.tar docker.io/calico/kube-controllers:v3.25.1
microk8s.ctr i export .....

5、将image传到目标机器上并导入

bash 复制代码
microk8s.ctr image import *.tar

6、启动microk8s插件

bash 复制代码
microk8s enable dns ingress metrics-server
microk8s status --wait-ready

7、配置kubectl访问Microk8s

bash 复制代码
microk8s.kubectl config view --raw > $HOME/.kube/config

卸载microk8s

bash 复制代码
microk8s stop 
snap remove microk8s
rm -rf /root/.kube
相关推荐
运维开发故事4 天前
基于 Arthas 的多集群在线诊断系统设计与实现
kubernetes
Patrick_Wilson6 天前
从「改个端口」到 502:Next.js on k8s 的容器端口、Service 映射与 env 覆盖
docker·kubernetes·next.js
探索云原生6 天前
K8s 1.36 这个 GA 特性,把 initContainer 拉模型的 hack 干掉了
ai·云原生·kubernetes
Java之美7 天前
一次k8s升级引发的DevicePlugin注册失败
云原生·kubernetes
java_cj14 天前
深入kube-apiserver认证机制:从Bearer Token到mTLS的完整认证链解析
linux·运维·服务器·云原生·容器·kubernetes
qq_4523962314 天前
第十三篇:《K8s 安全基础:RBAC、ServiceAccount、Pod Security》
java·安全·kubernetes
睡不醒男孩03082314 天前
云原生运维实战:高并发架构下的云原生可观测性、韧性降级与自动化干预体系
数据库·kubernetes·高并发·prometheus·devops·sre·缓存调优
qq_4523962314 天前
第十四篇:《K8s 网络模型与 CNI 插件(Calico、Flannel、Cilium)》
网络·kubernetes·php
Hadoop_Liang14 天前
Kubernetes 应用 HTTPS 安全访问配置实践
https·kubernetes