helm 安装
https://mirrors.huaweicloud.com/helm/
wget https://mirrors.huaweicloud.com/helm/v3.15.4/helm-v3.15.4-linux-amd64.tar.gz
tar -xvf helm-v3.15.4-linux-amd64.tar.gz
cp linux-amd64/helm /usr/local/bin
➜ ~ helm version
version.BuildInfo{Version:"v3.15.4", GitCommit:"fa9efb07d9d8debbb4306d72af76a383895aa8c4", GitTreeState:"clean", GoVersion:"go1.22.6"}
宿主机
cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 12 (bookworm)"
NAME="Debian GNU/Linux"
VERSION_ID="12"
VERSION="12 (bookworm)"
VERSION_CODENAME=bookworm
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
helm version
version.BuildInfo{Version:"v3.15.4", GitCommit:"fa9efb07d9d8debbb4306d72af76a383895aa8c4", GitTreeState:"clean", GoVersion:"go1.22.6"}
k8s version
sudo kubectl version
Client Version: v1.30.4+k3s1
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.30.4+k3s1
给当前用户授权访问k8s
sudo cp -r /root/.kube ~/ && sudo chown -R {user} ~/ && sudo chown -R jon /etc/rancher/k3s
# add repo
helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
helm repo add rancher-latest-cn https://rancher-mirror.rancher.cn/server-charts/latest
helm repo list
# 创建namespace
sudo kubectl create namespace cattle-system
sudo kubectl create namespace cert-manager
# 配置环境变量 用来helm连接k3s集群
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
永久解决:
sudo su
执行: vi /etc/profile
写入内容: export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
执行: source /etc/profile
echo "export KUBECONFIG=/etc/rancher/k3s/k3s.yaml" >> ~/.zshrc && source ~/.zshrc
# 查询 rancher 版本
helm search repo rancher
# 部署cert-manager.crds
wget https://github.com/cert-manager/cert-manager/releases/download/v1.15.3/cert-manager.crds.yaml
sudo kubectl apply -f cert-manager.crds.yaml
安装 cert-manager
helm repo add jetstack https://charts.jetstack.io
helm repo update
helm install cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--set installCRDs=true \
--version v1.15.3
注意: 这里如果报Error: INSTALLATION FAILED: Kubernetes cluster unreachable: Get "http://localhost:8080/version": dial tcp 127.0.0.1:8080: connect: connection refused
就执行:
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
NAME: cert-manager
LAST DEPLOYED: Fri Sep 13 16:37:54 2024
NAMESPACE: cert-manager
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
cert-manager v1.15.3 has been deployed successfully!
In order to begin issuing certificates, you will need to set up a ClusterIssuer
or Issuer resource (for example, by creating a 'letsencrypt-staging' issuer).
More information on the different types of issuers and how to configure them
can be found in our documentation:
https://cert-manager.io/docs/configuration/
For information on how to configure cert-manager to automatically provision
Certificates for Ingress resources, take a look at the `ingress-shim`
documentation:
https://cert-manager.io/docs/usage/ingress/
sudo kubectl get pods --namespace cert-manager
NAME READY STATUS RESTARTS AGE
cert-manager-9647b459d-m947k 1/1 Running 0 94s
cert-manager-cainjector-5d8798687c-g8842 1/1 Running 0 94s
cert-manager-webhook-c77744d75-vsnmc 1/1 Running 0 94s
安装rancher
# 查询 rancher 版本
helm search repo rancher
rancher-values.yaml
cat <<EOF> rancher-values.yaml
hostname: rancher.xxx.com
ingress:
extraAnnotations:
kubernetes.io/ingress.class: "nginx"
kubernetes.io/tls-acme: "true"
tls:
source: letsEncrypt
secretName: tls-rancher-ingress
letsEncrypt:
email: email@126.com
environment: production
ingress:
class: "nginx"
replicas: 1
EOF
helm install rancher rancher-latest/rancher --version 2.9.1 \
--no-hooks \
--namespace cattle-system \
--set hostname=rancher.xxx.org \
--set ingress.extraAnnotations.'kubernetes\.io/ingress\.class'=nginx \
--set replicas=1
helm list -n cattle-system
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
rancher cattle-system 1 2024-09-13 18:28:21.601867858 +0800 CST deployed rancher-2.9.1 v2.9.1
kubectl get service -n cattle-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
rancher ClusterIP 10.43.241.206 <none> 80/TCP,443/TCP 47s
开始部署后显示
--namespace cattle-system \
--set hostname=rancher
NAME: rancher
LAST DEPLOYED: Fri Sep 13 13:23:59 2024
NAMESPACE: cattle-system
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Rancher Server has been installed.
NOTE: Rancher may take several minutes to fully initialize. Please standby while Certificates are being issued, Containers are started and the Ingress rule comes up.
Check out our docs at https://rancher.com/docs/
If you provided your own bootstrap password during installation, browse to https://rancher to get started.
If this is the first time you installed Rancher, get started by running this command and clicking the URL it generates:
echo https://rancher/dashboard/?setup=$(kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{.data.bootstrapPassword|base64decode}}')
To get just the bootstrap password on its own, run:
kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{.data.bootstrapPassword|base64decode}}{{ "\n" }}'
Happy Containering!
查看部署状态
kubectl -n cattle-system rollout status deploy/rancher
kubectl get ingress -n cattle-system
NAME CLASS HOSTS ADDRESS PORTS AGE
rancher <none> rancher.xxx.org 80, 443 3m18s
kubectl get pods -n 命名空间 -o wide |grep pod名称
kubectl get pods -n cattle-system -o wide |grep rancher
kubectl get po -A
NAMESPACE NAME READY STATUS RESTARTS AGE
cattle-system rancher-cf4dd4b9-25jkc 0/1 ContainerCreating 0 15s
cattle-system rancher-cf4dd4b9-8w2vf 0/1 ContainerCreating 0 15s
cattle-system rancher-cf4dd4b9-gm786 0/1 ContainerCreating 0 15s
cert-manager cert-manager-9647b459d-m947k 1/1 Running 0 2m31s
cert-manager cert-manager-cainjector-5d8798687c-g8842 1/1 Running 0 2m31s
cert-manager cert-manager-webhook-c77744d75-vsnmc 1/1 Running 0 2m31s
kube-system coredns-576bfc4dc7-k6vft 1/1 Running 0 45m
kube-system helm-install-traefik-crd-hhrs2 0/1 Completed 0 45m
kube-system helm-install-traefik-tgmhn 0/1 Completed 1 45m
kube-system local-path-provisioner-6795b5f9d8-xnmcn 1/1 Running 0 45m
kube-system metrics-server-557ff575fb-nn42w 1/1 Running 0 45m
kube-system svclb-traefik-f9e48d80-fx7pl 2/2 Running 0 45m
kube-system traefik-5fb479b77-27wkl 1/1 Running 0 45m
卸载
helm uninstall rancher -n cattle-system
参考: https://docs.rancher.cn/docs/rancher2.5/installation/install-rancher-on-k8s/_index/