Centos7.4使用rke V1.1.9安装K8s集群

jwangkun

发布于 2021-12-23 16:38:12

8530

发布于 2021-12-23 16:38:12

文章被收录于专栏：John Wong's BlogJohn Wong's Blog

Rancher Kubernetes引擎(RKE)是一个cncf认证的Kubernetes发行版，它可以在裸机和虚拟化服务器上工作。RKE解决了Kubernetes安装复杂性的问题，有了RKE, Kubernetes的安装和操作既简化又易于自动化，而且完全独立于您正在运行的操作系统和平台。只要可以运行受支持的Docker版本，就可以使用RKE部署和运行Kubernetes。

环境准备

更新yum源并安装docker

yum update -y

yum install docker -y

然后使之生效

systemctl daemon-reload

设置docker开机自启

systemctl enable docker

启动docker

systemctl start docker

关闭防火墙：

 $ systemctl stop firewalld
 $ systemctl disable firewalld
 $ iptables -F

关闭selinux：

 $ sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
 $ sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/selinux/config
 $ setenforce 0
 $ cat /etc/selinux/config

永久禁用swap，注释掉swap项

# vi /etc/fstab

配置yum 国内源

# 备份
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
# 下载国内源到/etc/yum.repo.d/
wget -O /etc/yum.repos.d/CentOS-Base.repo <http://mirrors.aliyun.com/repo/Centos-7.repo>

性能调优

cat >> /etc/sysctl.conf<<EOF
net.ipv4.ip_forward=1
net.bridge.bridge-nf-call-iptables=1
net.ipv4.neigh.default.gc_thresh1=4096
net.ipv4.neigh.default.gc_thresh2=6144
net.ipv4.neigh.default.gc_thresh3=8192
EOF
sysctl -p

RKE安装

https://github.com/rancher/rke/releases

下载二进制包，并解压rke_linux-amd64重命名为rke

 chmod +x rke
 rke --version

查看rke支持的Kubernetes版本

$ rke config --list-version --all
v1.15.3-rancher2-1
v1.13.10-rancher1-2
v1.14.6-rancher2-1
v1.16.0-beta.1-rancher1-1

安装k8s集群

编辑yml文件https://rancher.com/docs/rke/latest/en/example-yamls/#minimal-cluster-yml-example，注意缩进

 cat cluster.yml

#节点信息
nodes:  
 #master和etcd节点
  - address: 10.0.32.1 
    user: docker_user
    role: [controlplane,etcd]
#工作节点
  - address: 10.0.32.2 
    user: docker_user
    ssh_key_path: ~/.ssh/id_rsa
    role: [worker]
  - address: 10.0.32.3
    ssh_key_path: ~/.ssh/id_rsa
    user: docker_user
    role: [worker]
#服务信息
services: 
   etcd:
     image: quay.io/coreos/etcd:latest  
   kube-api:
     pod_security_policy: false
     image: rancher/k8s:v1.8.5-rancher4     
     service_cluster_ip_range: 10.233.0.0/18
   kube-controller:
     cluster_cidr: 10.233.64.0/18  
     image: rancher/k8s:v1.8.5-rancher4  
   scheduler:
     image: rancher/k8s:v1.8.5-rancher4  
   kubelet:
     cluster_domain: cluster.local
     cluster_dns_server: 10.233.0.3 
     infra_container_image: gcr.io/google_containers/pause-amd64:3.0     
     image: rancher/k8s:v1.8.5-rancher4  
    kubeproxy:
     image: rancher/k8s:v1.8.5-rancher4
#网络模式
network: 
  plugin: flannel
#镜像
system_images:
  flannel: rancher/coreos-flannel:v0.9.1  
  kubedns: rancher/k8s-dns-kube-dns-amd64:1.14.5  
  dnsmasq: rancher/k8s-dns-dnsmasq-nanny-amd64:1.14.5  
  kubedns_sidecar: rancher/k8s-dns-sidecar-amd64:1.14.5  
  kubedns_autoscaler: rancher/cluster-proportional-autoscaler-amd64:1.0.0  
  dashboard: k8s.gcr.io/kubernetes-dashboard-amd64:v1.8.3
#认证模式
authentication: 
  strategy: x509

注意，要增加一个普通用户，rke不支持root安装

 useradd rancher
 passwd rancher
 usermod -aG dockerroot rancher
 service docker restart
 chmod a+rw /var/run/docker.sock

免密登录，在master 10.0.32.1上执行

#ssh-keygen

#ssh-copy-id rancher@10.0.32.1
#ssh-copy-id rancher@10.0.32.2
#ssh-copy-id rancher@10.0.32.3

注意YML文件中的用户指建立的用户

./rke0.2.0 up --config ./cluster.yml

完成后当前目录会生成kube_config_cluster.yml文件和cluster.rkestate文件,把kube_config_rancher-cluster.yml文件复制为 ~/.kube/config

export KUBECONFIG=/home/admin/kube_config_cluster.yml
mkdir ~/.kube
cp kube_config_rancher-cluster.yml ~/.kube/config

安装kubectl

增加YUM库

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg <https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg>
EOF

更新YUM

yum update -y

执行安装

yum -y install kubelet kubeadm kubectl

测试

kubctl version

通过RKE安装k8s集群成功,启动的时候有些节点启动的比较慢。需要稍微等待一段时间

查看pods的状态，都启动成功及表示安装成功

kubectl get pods -A

安装 helm

https://github.com/helm/helm/releases

helm init --client-only --stable-repo-url https://aliacs-app-catalog.oss-cn-hangzhou.aliyuncs.com/charts/
helm repo add incubator https://aliacs-app-catalog.oss-cn-hangzhou.aliyuncs.com/charts-incubator/
helm repo update

kubectl和helm命令补全

yum install -y bash-completion
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc
source <(helm completion bash)
echo "source <(helm completion bash)" >> ~/.bashrc
source /usr/share/bash-completion/bash_completion