k8s使用helm,安装部署rancher

helm 安装

https://mirrors.huaweicloud.com/helm/

wget https://mirrors.huaweicloud.com/helm/v3.15.4/helm-v3.15.4-linux-amd64.tar.gz
tar -xvf helm-v3.15.4-linux-amd64.tar.gz
cp linux-amd64/helm /usr/local/bin

➜  ~ helm version
version.BuildInfo{Version:"v3.15.4", GitCommit:"fa9efb07d9d8debbb4306d72af76a383895aa8c4", GitTreeState:"clean", GoVersion:"go1.22.6"}

宿主机

cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 12 (bookworm)"
NAME="Debian GNU/Linux"
VERSION_ID="12"
VERSION="12 (bookworm)"
VERSION_CODENAME=bookworm
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

helm version

version.BuildInfo{Version:"v3.15.4", GitCommit:"fa9efb07d9d8debbb4306d72af76a383895aa8c4", GitTreeState:"clean", GoVersion:"go1.22.6"}

k8s version

sudo kubectl version
Client Version: v1.30.4+k3s1
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.30.4+k3s1

给当前用户授权访问k8s

sudo cp -r /root/.kube ~/ && sudo chown -R {user} ~/ && sudo chown -R jon /etc/rancher/k3s

# add repo
 helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
 helm repo add rancher-latest-cn https://rancher-mirror.rancher.cn/server-charts/latest
 helm repo list
 # 创建namespace
sudo kubectl create namespace cattle-system
sudo kubectl create namespace  cert-manager
 
# 配置环境变量 用来helm连接k3s集群
 export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
	永久解决:
	
	sudo su
	执行: vi /etc/profile
	写入内容: export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
	执行: source /etc/profile
	echo "export KUBECONFIG=/etc/rancher/k3s/k3s.yaml" >> ~/.zshrc && source ~/.zshrc
# 查询 rancher 版本
 helm search repo rancher
# 部署cert-manager.crds
 wget https://github.com/cert-manager/cert-manager/releases/download/v1.15.3/cert-manager.crds.yaml
sudo kubectl apply -f cert-manager.crds.yaml

安装 cert-manager 
helm repo add jetstack https://charts.jetstack.io
helm repo update
helm install cert-manager jetstack/cert-manager \
	--namespace cert-manager \
	--create-namespace \
	--set installCRDs=true \
	--version v1.15.3

注意: 这里如果报Error: INSTALLATION FAILED: Kubernetes cluster unreachable: Get "http://localhost:8080/version": dial tcp 127.0.0.1:8080: connect: connection refused
就执行:

 export KUBECONFIG=/etc/rancher/k3s/k3s.yaml

NAME: cert-manager
LAST DEPLOYED: Fri Sep 13 16:37:54 2024
NAMESPACE: cert-manager
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
cert-manager v1.15.3 has been deployed successfully!

In order to begin issuing certificates, you will need to set up a ClusterIssuer
or Issuer resource (for example, by creating a 'letsencrypt-staging' issuer).

More information on the different types of issuers and how to configure them
can be found in our documentation:

https://cert-manager.io/docs/configuration/

For information on how to configure cert-manager to automatically provision
Certificates for Ingress resources, take a look at the `ingress-shim`
documentation:

https://cert-manager.io/docs/usage/ingress/

sudo kubectl get pods --namespace cert-manager

NAME                                       READY   STATUS    RESTARTS   AGE
cert-manager-9647b459d-m947k               1/1     Running   0          94s
cert-manager-cainjector-5d8798687c-g8842   1/1     Running   0          94s
cert-manager-webhook-c77744d75-vsnmc       1/1     Running   0          94s

安装rancher

# 查询 rancher 版本
 helm search repo rancher

rancher-values.yaml

cat <<EOF> rancher-values.yaml
hostname: rancher.xxx.com
ingress:
  extraAnnotations:
    kubernetes.io/ingress.class: "nginx"
    kubernetes.io/tls-acme: "true"
  tls:
    source: letsEncrypt
    secretName: tls-rancher-ingress
letsEncrypt:
  email: email@126.com
  environment: production
  ingress:
    class: "nginx"
replicas: 1
EOF

helm install rancher rancher-latest/rancher --version 2.9.1 \
    --no-hooks \
    --namespace cattle-system \
    --set hostname=rancher.xxx.org \
    --set ingress.extraAnnotations.'kubernetes\.io/ingress\.class'=nginx \
    --set replicas=1

helm list -n cattle-system
NAME   	NAMESPACE    	REVISION	UPDATED                                	STATUS  	CHART        	APP VERSION
rancher	cattle-system	1       	2024-09-13 18:28:21.601867858 +0800 CST	deployed	rancher-2.9.1	v2.9.1

kubectl get service -n cattle-system
NAME      TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE
rancher   ClusterIP   10.43.241.206   <none>        80/TCP,443/TCP   47s

开始部署后显示

--namespace cattle-system \
--set hostname=rancher
NAME: rancher
LAST DEPLOYED: Fri Sep 13 13:23:59 2024
NAMESPACE: cattle-system
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Rancher Server has been installed.

NOTE: Rancher may take several minutes to fully initialize. Please standby while Certificates are being issued, Containers are started and the Ingress rule comes up.

Check out our docs at https://rancher.com/docs/

If you provided your own bootstrap password during installation, browse to https://rancher to get started.

If this is the first time you installed Rancher, get started by running this command and clicking the URL it generates:


echo https://rancher/dashboard/?setup=$(kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{.data.bootstrapPassword|base64decode}}')


To get just the bootstrap password on its own, run:


kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{.data.bootstrapPassword|base64decode}}{{ "\n" }}'



Happy Containering!

查看部署状态

kubectl -n cattle-system rollout status deploy/rancher

kubectl get ingress -n cattle-system
NAME      CLASS    HOSTS                      ADDRESS   PORTS     AGE
rancher   <none>   rancher.xxx.org             80, 443   3m18s

kubectl get pods -n 命名空间 -o wide |grep pod名称
kubectl get pods -n cattle-system -o wide |grep rancher

kubectl get po -A
NAMESPACE       NAME                                       READY   STATUS              RESTARTS   AGE
cattle-system   rancher-cf4dd4b9-25jkc                     0/1     ContainerCreating   0          15s
cattle-system   rancher-cf4dd4b9-8w2vf                     0/1     ContainerCreating   0          15s
cattle-system   rancher-cf4dd4b9-gm786                     0/1     ContainerCreating   0          15s
cert-manager    cert-manager-9647b459d-m947k               1/1     Running             0          2m31s
cert-manager    cert-manager-cainjector-5d8798687c-g8842   1/1     Running             0          2m31s
cert-manager    cert-manager-webhook-c77744d75-vsnmc       1/1     Running             0          2m31s
kube-system     coredns-576bfc4dc7-k6vft                   1/1     Running             0          45m
kube-system     helm-install-traefik-crd-hhrs2             0/1     Completed           0          45m
kube-system     helm-install-traefik-tgmhn                 0/1     Completed           1          45m
kube-system     local-path-provisioner-6795b5f9d8-xnmcn    1/1     Running             0          45m
kube-system     metrics-server-557ff575fb-nn42w            1/1     Running             0          45m
kube-system     svclb-traefik-f9e48d80-fx7pl               2/2     Running             0          45m
kube-system     traefik-5fb479b77-27wkl                    1/1     Running             0          45m

卸载

helm uninstall rancher -n cattle-system

参考: https://docs.rancher.cn/docs/rancher2.5/installation/install-rancher-on-k8s/_index/