前言
因项目需要上云,因此选取kubesphere作为云管理平台,主要参考文档为官方文档(kubesphere官方文档链接),但是自己在部署的过程中发现有些小差别,因此特意记录下来。
服务器配置
官方文档的建议如下:
我的服务器选取的配置如下:
我选了两台aws ec2服务器,内核和型号如下所示
注:因为我只是个人学习使用,因此服务器配置和数量均选取的最低配置,实际配置请根据自己项目的实际需要来合理选配!!!
安装步骤
安装依赖项
官方文档说明
对于aws linux2,还需要安装iptables和iproute,否则在部署的时候会报错如下
因此我的安装依赖项的命令如下
bash
sudo yum install socat conntrack ebtables ipset iptables iproute -y安装k8s和kubesphere
根据官方文档来即可,根据官方文档给的配置文件和命令一步步执行即可
安装默认存储
官方文档说明:
我这里选择使用NFS,大家根据自己实际情况来选取
在集群中每个服务器上都要安装nfs-utils
bash
yum install -y nfs-utils
# 执行以下命令,启动 nfs 服务;创建共享目录
mkdir -p /nfs/data在NFS主节点 执行以下命令
bash
echo "/nfs/data/ *(insecure,rw,sync,no_root_squash)" > /etc/exports
systemctl enable rpcbind
systemctl enable nfs-server
systemctl start rpcbind
systemctl start nfs-server
# 使配置生效
exportfs -r
#检查配置是否生效
exportfs输出如下图所示即可
在NFS客户端节点执行如下命令
bash
# 将xxx.xxx.xxx.xxx替换成你的NFS主节点的IP地址
showmount -e xxx.xxx.xxx.xxx
mount -t nfs xxx.xxx.xxx.xxx:/nfs/data /nfs/data在kubesphere master节点创建默认存储类的yaml文件
注:把文件中的172.31.0.4改成自己NFS主服务器的IP地址
创建了一个存储类
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: nfs-storage
annotations:
storageclass.kubernetes.io/is-default-class: "true"
provisioner: k8s-sigs.io/nfs-subdir-external-provisioner
parameters:
archiveOnDelete: "true" ## 删除pv的时候,pv的内容是否要备份
apiVersion: apps/v1
kind: Deployment
metadata:
name: nfs-client-provisioner
labels:
app: nfs-client-provisioner
replace with namespace where provisioner is deployed
namespace: default
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: nfs-client-provisioner
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
serviceAccountName: nfs-client-provisioner
containers:
- name: nfs-client-provisioner
image: registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/nfs-subdir-external-provisioner:v4.0.2
resources:
limits:
cpu: 10m
requests:
cpu: 10m
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: k8s-sigs.io/nfs-subdir-external-provisioner
- name: NFS_SERVER
value: 172.31.0.4 ## 指定自己nfs服务器地址
- name: NFS_PATH
value: /nfs/data ## nfs服务器共享的目录
volumes:
- name: nfs-client-root
nfs:
server: 172.31.0.4
path: /nfs/data
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-client-provisioner
replace with namespace where provisioner is deployed
namespace: default
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: nfs-client-provisioner-runner
rules:
- apiGroups: ""
resources: "nodes"
verbs: "get", "list", "watch"
- apiGroups: ""
resources: "persistentvolumes"
verbs: "get", "list", "watch", "create", "delete"
- apiGroups: ""
resources: "persistentvolumeclaims"
verbs: "get", "list", "watch", "update"
- apiGroups: "storage.k8s.io"
resources: "storageclasses"
verbs: "get", "list", "watch"
- apiGroups: ""
resources: "events"
verbs: "create", "update", "patch"
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-client-provisioner
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
replace with namespace where provisioner is deployed
namespace: default
roleRef:
kind: ClusterRole
name: nfs-client-provisioner-runner
apiGroup: rbac.authorization.k8s.io
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
replace with namespace where provisioner is deployed
namespace: default
rules:
- apiGroups: ""
resources: "endpoints"
verbs: "get", "list", "watch", "create", "update", "patch"
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
replace with namespace where provisioner is deployed
namespace: default
subjects:
- kind: ServiceAccount
name: nfs-client-provisioner
replace with namespace where provisioner is deployed
namespace: default
roleRef:
kind: Role
name: leader-locking-nfs-client-provisioner
apiGroup: rbac.authorization.k8s.io
输入如下命令应用这个存储类
bash
kubectl apply -f sc.yaml