实战环境涉及软件版本信息:
使用kubekey部署k8s
- 操作系统基础配置
设置主机名、DNS解析、时钟同步、防火墙关闭、ssh免密登录等等系统基本设置
dnf install -y curl socat conntrack ebtables ipset ipvsadm
- 安装部署 K8s
2.1 下载 KubeKey
bash
###地址
https://github.com/kubesphere/kubekey
#下载最新版的 KubeKey
export KKZONE=cn ####国内用户先执行此配置
mkdir ~/kubekey
cd ~/kubekey
curl -sfL https://get-kk.kubesphere.io | sh -查看 KubeKey 支持的 Kubernetes 版本列表
bash
./kk version --show-supported-k8s
...
v1.30.10
v1.30.11
v1.30.12
v1.31.0
v1.31.1
v1.31.2
v1.31.3
v1.31.4
v1.31.5
v1.31.6
v1.31.7
v1.31.8
v1.32.0
v1.32.1
v1.32.2
v1.32.3
v1.32.4
v1.33.0生成配置文件
bash
./kk create config -f k8s-v1318.yaml --with-kubernetes v1.31.82.2 创建 K8s 集群部署配置文件
修改配置文件
采用 3 个节点同时作为 control-plane、etcd 和 worker 节点。
编辑配置文件 k8s-v1288.yaml,主要修改 kind: Cluster 小节的相关配置
修改 kind: Cluster 小节中 hosts 和 roleGroups 等信息,修改说明如下。
hosts:指定节点的 IP、ssh 用户、ssh 密码、ssh 端口
roleGroups:指定 3 个 etcd、control-plane 节点,复用相同的机器作为 3 个 worker 节点
internalLoadbalancer:启用内置的 HAProxy 负载均衡器
domain:可自定义域名
clusterName:可使用默认值 cluster.local
autoRenewCerts:该参数可以实现证书到期自动续期,默认为 true
containerManager:使用 containerd
部署完成需要大约 10-20 分钟左右,会在终端上看到类似于下面的输出。
安装的时候最好走代理,因为大部分包在国外,不走代理慢到哭,首先要让服务器走代理
cat << 'EOF' > /etc/profile.d/proxy.sh
export HTTP_PROXY="http://ip"
export HTTPS_PROXY="http://ip"
export NO_PROXY="127.0.0.1,localhost,ip,10.233.0.0/18,10.233.64.0/18"
EOF
source /etc/profile.d/proxy.sh
bash
#####cat k8s-v1318.yaml
apiVersion: kubekey.kubesphere.io/v1alpha2
kind: Cluster
metadata:
name: sample
spec:
# ----------------- 节点列表 -----------------
hosts:
- name: k8s-master
address: ip
internalAddress: ip
user: root
password: "pass"
- name: k8s-node1
address: ip
internalAddress: ip
user: root
password: "pass"
- name: k8s-node2
address: ip
internalAddress: ip
user: root
password: "pass"
roleGroups:
etcd:
- k8s-master
control-plane:
- k8s-master
worker:
- k8s-node1
- k8s-node2
# --------------- ControlPlaneEndpoint ---------------
controlPlaneEndpoint:
## - 如果前面已经有独立的 LoadBalancer,请指定 internalLoadbalancer 地址
# internalLoadbalancer: haproxy
domain: 主ip # 虚拟 IP 或 DNS
address: "主ip" # 也可以写为负载均衡虚拟 IP
port: 6443
# ------------------- 代理设置 ----------------------
# 下面三行会让 KubeKey 在下载二进制文件、拉镜像时都走代理
proxies:
httpProxy: "http://ip"
httpsProxy: "http://ip"
noProxy: "127.0.0.1,localhost,ip,10.233.0.0/18,10.233.64.0/18"
# ------------------ Kubernetes 配置 ------------------
kubernetes:
version: v1.31.8
clusterName: cluster.local
autoRenewCerts: true
containerManager: containerd ####想用docker设置此项为docker
# ------------------- ETCD 配置 ----------------------
etcd:
type: kubekey
# ------------------- 网络插件 ----------------------
network:
plugin: calico
kubePodsCIDR: 10.233.64.0/18
kubeServiceCIDR: 10.233.0.0/18
multusCNI:
enabled: false
# ------------------- 镜像仓库 ----------------------
registry:
# 如果你想使用私有 Registry,可以在下面填写
privateRegistry: ""
namespaceOverride: ""
registryMirrors: []
insecureRegistries: []
# ------------------ 插件或组件 ---------------------
addons: []执行安装,安装时长看网速
bash
./kk create cluster -f k8s-v1318.yaml - 验证 K8s 集群
3.1 验证集群状态
查看集群节点信息
bash
kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
default nginx-77657886dc-bhr94 1/1 Running 0 15h
default nginx-77657886dc-cxkmn 1/1 Running 0 15h
kube-system calico-kube-controllers-75c587cc8d-tlz4x 1/1 Running 1 (15h ago) 18h
kube-system calico-node-47j2l 1/1 Running 1 (15h ago) 18h
kube-system calico-node-cf47t 1/1 Running 1 (15h ago) 18h
kube-system calico-node-wcfpc 1/1 Running 1 (15h ago) 18h
kube-system coredns-54b855dcd7-gvvmt 1/1 Running 1 (15h ago) 18h
kube-system coredns-54b855dcd7-lj6jv 1/1 Running 1 (15h ago) 18h
kube-system kube-apiserver-k8s-master 1/1 Running 1 (15h ago) 18h
kube-system kube-controller-manager-k8s-master 1/1 Running 1 (15h ago) 18h
kube-system kube-proxy-7m4c5 1/1 Running 1 (15h ago) 18h
kube-system kube-proxy-8d4hq 1/1 Running 1 (15h ago) 18h
kube-system kube-proxy-lq7bb 1/1 Running 1 (15h ago) 18h
kube-system kube-scheduler-k8s-master 1/1 Running 1 (15h ago) 18h
kube-system metrics-server-76bf575666-sfnpg 1/1 Running 1 (15h ago) 18h
kube-system nodelocaldns-mkrzd 1/1 Running 1 (15h ago) 18h
kube-system nodelocaldns-n6bqx 1/1 Running 1 (15h ago) 18h
kube-system nodelocaldns-rhg9n 1/1 Running 1 (15h ago) 18h
kuboard metrics-scraper-5c688489ff-cbfzk 1/1 Running 1 (15h ago) 18h
kubectl get node
NAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane 18h v1.31.8
k8s-node1 Ready worker 18h v1.31.8
k8s-node2 Ready worker 18h v1.31.8- 部署测试资源
bash
###部署NGINX
kubectl create deployment nginx --image=nginx:alpine --replicas=2
###暴露port
kubectl create service nodeport nginx --tcp=80:80
####查看地址
kubectl get deployment -o wide
kubectl get pods -o wide5.验证服务
验证直接访问 Pod
bash
root@k8s-master:~# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-77657886dc-bhr94 1/1 Running 0 15h 10.233.81.4 k8s-node1
nginx-77657886dc-cxkmn 1/1 Running 0 15h 10.233.76.4 k8s-node2
root@k8s-master:~# curl -I http://10.233.81.4
HTTP/1.1 200 OK
Server: nginx/1.27.5
Date: Fri, 23 May 2025 01:31:11 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Wed, 16 Apr 2025 12:55:34 GMT
Connection: keep-alive
ETag: "67ffa8c6-267"
Accept-Ranges: bytes
root@k8s-master:~# curl -I http://10.233.76.4
HTTP/1.1 200 OK
Server: nginx/1.27.5
Date: Fri, 23 May 2025 01:31:21 GMT
Content-Type: text/html
Content-Length: 615
Last-Modified: Wed, 16 Apr 2025 12:55:34 GMT
Connection: keep-alive
ETag: "67ffa8c6-267"
Accept-Ranges: bytes6.docker安装kuboard作为安装管理界面,默认用户名密码:admin、Kuboard123
docker run -itd --restart=unless-stopped --name=kuboard -p 31000:80/tcp -p 10081:10081/tcp -e KUBOARD_ENDPOINT="http://本机ip:80:80" -e KUBOARD_AGENT_SERVER_TCP_PORT="10081" -v /root/kuboard-data:/data eipwork/kuboard:v3.5.2.7