k8s 1.17.3 安裝 kubesphere 3.0.0
阿新 • • 發佈:2021-12-31
1. 安裝 k8s 1.17.3
###安裝Docker、kubeadm、kubelet 1、安裝docker源 yum install -y yum-utils device-mapper-persistent-data lvm2 yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo 2、安裝docker yum install -y docker-ce systemctl start docker systemctl enable docker tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://jqqwsp8f.mirror.aliyuncs.com"] } EOF sudo systemctl daemon-reload sudo systemctl restart docker 3、設定開機自啟 systemctl enable docker && systemctl start docker 檢視版本 docker --version 4、安裝kubeadm、kubelet核kubectl #指定安裝源 cat > /etc/yum.repos.d/kubernetes.repo << EOF [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF #本地對映/etc/hosts vim /etc/hosts 192.168.226.128 master 192.168.226.129 node1 192.168.226.130 node2 --->wq #指定安裝版本 yum install -y kubelet-1.17.3 kubeadm-1.17.3 kubectl-1.17.3 rpm -qa | grep kube #設定開機自啟動 systemctl enable kubelet #關閉swap swapoff -a sed -i 's/.*swap.*/#&/' /etc/fstab cat <<EOF > /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF sysctl --system ######操作位置:master mkdir k8s && cd k8s kubeadm init \ --apiserver-advertise-address=192.168.226.128 \ #本地IP --image-repository registry.aliyuncs.com/google_containers \ --kubernetes-version v1.15.0 \ --service-cidr=10.1.0.0/16 \ --pod-network-cidr=10.244.0.0/16 mkdir k8s && cd k8s kubeadm init \ --apiserver-advertise-address=192.168.226.128 \ --image-repository registry.aliyuncs.com/google_containers \ --kubernetes-version v1.15.0 \ --service-cidr=10.1.0.0/16 \ --pod-network-cidr=10.244.0.0/16 #使用kubectl工具 mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config ###記錄kubeadm join xxxxxxxxx(用於新增node節點) kubeadm join 192.168.226.128:6443 --token vvbp4o.91yfaklznloczfnb \ --discovery-token-ca-cert-hash sha256:ace39b8db9d1c40fe31b85ff2923eedbe16d6587491eca10488fa9c31041faea #安裝pod網路外掛(flannel) kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/a70459be0084506e4ec919aa1c114638878db11b/Documentation/kube-flannel.yml #檢視元件狀態 && 檢視節點狀態(稍等一會) kubectl get cs kubectl get nodes #####操作位置:node #docker 拉取flannel映象 docker pull lizhenliang/flannel:v0.11.0-amd64 swapoff -a sed -i 's/.*swap.*/#&/' /etc/fstab cat <<EOF > /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF sysctl --system #新增節點(kubeadm join,節點token會週期性變化,kubeadm token list檢視token) kubeadm join 192.168.226.128:6443 --token ld7odd.egdzg4z9h37dvumc \ --discovery-token-ca-cert-hash sha256:8e904682e6c1d670cf8b5524b3e03d1e5e5cb4156984f87414f093dc80e1fb23 #出錯的時候過載配置(node節點) kubeadm reset #過載配置(master節點的) mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config 需要刪除以上配置才可以繼續kube init 初始化 #master節點檢視node狀態 “三個ready” kubectl get nodes #打node標籤 kubectl label node node1 node-role.kubernetes.io/node=node kubectl label node node2 node-role.kubernetes.io/node=node #kubectl get pods -n kube-system 檢視pod 狀態 "1/1 Running"為正常 kubectl get pods -n kube-system ####重新生成token #若token 過期或丟失,需要先申請新的token 令牌 kubeadm token create #列出token kubeadm token list | awk -F" " '{print $1}' |tail -n 1 #然後獲取CA公鑰的的hash值 openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^ .* //' #替換join中token及sha256: kubeadm join 192.168.226.128:6443 --token ld7odd.egdzg4z9h37dvumc \ --discovery-token-ca-cert-hash sha256:8e904682e6c1d670cf8b5524b3e03d1e5e5cb4156984f87414f093dc80e1fb23
2. kubesphere 介紹
KubeSphere 是一款面向雲原生設計的開源專案,在目前主流容器排程平臺 Kubernetes 之上構建的分散式多租戶容器管理平臺,提供簡單易用的操作介面以及嚮導式操作方式,在降低使用者使用容器排程平臺學習成本的同時,極大降低開發、測試、運維的日常工作的複雜度。
3.0安裝文件:https://kubesphere.io/zh/docs/installing-on-kubernetes/introduction/overview/
2.1安裝文件:https://v2-1.docs.kubesphere.io/docs/zh-CN/installation/install-on-k8s/
3. 安裝 Helm 和 tiller
wget http://101.34.22.188/k8s/helm-v2.17.0-linux-amd64.tar.gz tar xf helm-v2.17.0-linux-amd64.tar.gz cp linux-amd64/helm /usr/local/bin cp linux-amd64/tiller /usr/local/bin helm version #此時 helm 已經安裝好 ##建立 rbac 許可權檔案 cat > helm-rbac.yaml << EOF apiVersion: v1 kind: ServiceAccount metadata: name: tiller namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: tiller roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: tiller namespace: kube-system EOF kubectl apply -f helm-rbac.yaml #安裝 tiller helm init --service-account tiller --upgrade -i registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.17.0 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts kubectl get pods --all-namespaces #檢查 tiller helm version
4.安裝 OpenEBS
文件:https://v2-1.docs.kubesphere.io/docs/zh-CN/appendix/install-openebs/
#去除 master 上汙點 kubectl get node -o wide kubectl describe node master | grep Taint kubectl taint nodes master node-role.kubernetes.io/master:NoSchedule- kubectl describe node master | grep Taint #安裝 openebs kubectl create ns openebs kubectl apply -f https://openebs.github.io/charts/openebs-operator-1.5.0.yaml #安裝 storageclass cat > sc.yaml << EOF apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: storage-nfs provisioner: storage.pri/nfs reclaimPolicy: Delete EOF kubectl apply -f sc.yaml kubectl get sc #設定預設 storageclass kubectl patch storageclass openebs-hostpath -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' kubectl get pod -n openebs kubectl get sc
5. 安裝 kubesphere
文件:https://kubesphere.io/zh/docs/installing-on-kubernetes/introduction/overview/
kubectl apply -f https://github.com/kubesphere/ks-installer/releases/download/v3.0.0/kubesphere-installer.yaml kubectl apply -f https://github.com/kubesphere/ks-installer/releases/download/v3.0.0/cluster-configuration.yaml #使用如下命令監控 kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') -f kubectl get pod --all-namespaces
重新給 master 打上汙點
kubectl taint nodes master node-role.kubernetes.io/master=:NoSchedule kubectl describe node master | grep Taint
6.可插拔安裝外掛
文件:https://kubesphere.io/zh/docs/pluggable-components/devops/
——————————————————————————————————————————————————