K8s之KubeSphere平台部署

  KubeSphere是一个分布式操作系统,提供以Kubernetes为核心的云原生堆栈,旨在成为第三方应用程序的即插即用架构,以促进其生态系统的发展。 KubeSphere还是一个多租户企业级容器平台,具有全栈自动IT操作和简化的DevOps工作流程。它提供了开发人员友好的向导Web UI,可帮助企业构建更健壮且功能丰富的平台,其中包括企业Kubernetes战略所需的最常用功能,例如Kubernetes资源管理,DevOps(CI / CD),应用程序生命周期管理、监控、日志记录、服务网格、多租户、报警和通知,存储和网络、自动定量、访问控制、GPU的支持等,以及多集群管理、网络策略、注册表管理,更多即将发布的安全增强特性。

KubeSphere提供了整合的视图,同时围绕Kubernetes集成了广泛的生态系统工具,并提供一致的用户体验以降低复杂性,并开发了上游Kubernetes中尚不可用的新功能,以减轻Kubernetes的痛苦之处,包括存储,网络 ,安全性和易用性。 KubeSphere不仅允许开发人员和DevOps团队在统一控制台中使用他们喜欢的工具,而且最重要的是,由于这些功能是可插拔和可选的,因此它们与平台松散地结合在一起。

Kubernetes平台,专为DevOps团队量身定制

KubeSphere,以应用为中心的容器平台

极简、易用、灵活、高效


在k8s集群上安装部署

软硬件要求
Kubernetes 版本必须为 “1.15.x,1.16.x,1.17.x 或 1.18.x”;
确保您的计算机满足最低硬件要求:CPU > 1 核,内存 > 2 G;
在安装之前,需要配置 Kubernetes 集群中的默认存储类;

配置k8s默认存储类(StorageClass)
 要使用 StorageClass,我们就得安装对应的自动配置程序,比如我们这里存储后端使用的是 nfs,那么我们就需要使用到一个 nfs-client 的自动配置程序,我们也叫它 Provisioner,这个程序使用我们已经配置好的 nfs 服务器,来自动创建持久卷,也就是自动帮我们创建 PV。
第一步:搭建一个nfs服务器,创建共享目录。

选定一台nfs服务器,我这里ip为:192.168.47.50
创建共享目录:
mkdir -pv /data/nfs-share/k8s
chmod 666 /data/nfs-share/k8s
安装nfs:
yum install nfs-utils rpcbind -y
vim /etc/exports
/data/nfs-share/k8s 192.168.47.0/24(rw)

systemctl start nfs

exportfs -v  查看本机所有NFS共享
exportfs -r  重读配置文件,并共享目录

在k8s节点检查并挂载nfs:
showmount -e 192.168.47.50
mount -t nfs 192.168.47.50:/data/nfs-share/k8s /data/nfs-share/k8s

第二步:创建一个独立的storgeclass,为nfs-client-provisioner创建一个serviceAccount,然后绑定上对应的权限。

cat rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-client-provisioner
  # replace with namespace where provisioner is deployed
  namespace: storgeclass
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-client-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update","create"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-client-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    # replace with namespace where provisioner is deployed
    namespace: storgeclass
roleRef:
  kind: ClusterRole
  name: nfs-client-provisioner-runner
  apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-client-provisioner
  # replace with namespace where provisioner is deployed
  namespace: storgeclass
rules:
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-client-provisioner
  # replace with namespace where provisioner is deployed
  namespace: storgeclass
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    # replace with namespace where provisioner is deployed
    namespace: storgeclass
roleRef:
  kind: Role
  name: leader-locking-nfs-client-provisioner
  apiGroup: rbac.authorization.k8s.io
[root@k8s-master storgeclass]# cat rbac.yaml 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-client-provisioner
  # replace with namespace where provisioner is deployed
  namespace: storgeclass
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-client-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update","create"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["create", "update", "patch"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-client-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    # replace with namespace where provisioner is deployed
    namespace: storgeclass
roleRef:
  kind: ClusterRole
  name: nfs-client-provisioner-runner
  apiGroup: rbac.authorization.k8s.io
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-client-provisioner
  # replace with namespace where provisioner is deployed
  namespace: storgeclass
rules:
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["get", "list", "watch", "create", "update", "patch"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: leader-locking-nfs-client-provisioner
  # replace with namespace where provisioner is deployed
  namespace: storgeclass
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    # replace with namespace where provisioner is deployed
    namespace: storgeclass
roleRef:
  kind: Role
  name: leader-locking-nfs-client-provisioner
  apiGroup: rbac.authorization.k8s.io

应用创建:kubectl apply -f rbac.yaml

第三步:配置 Deployment,将里面的对应的参数替换成我们自己的 nfs 配置(nfs-client.yaml)

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nfs-client-provisioner
  labels:
    app: nfs-client-provisioner
  # replace with namespace where provisioner is deployed
  namespace: storgeclass
spec:
  replicas: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: nfs-client-provisioner
  template:
    metadata:
      labels:
        app: nfs-client-provisioner
    spec:
      serviceAccountName: nfs-client-provisioner
      containers:
        - name: nfs-client-provisioner
          image: quay.io/external_storage/nfs-client-provisioner:latest
          volumeMounts:
            - name: nfs-client-root
              mountPath: /persistentvolumes
          env:
            - name: PROVISIONER_NAME
              value: fuseim.pri/ifs
            - name: NFS_SERVER
              value: 192.168.47.50
            - name: NFS_PATH
              value: /data/nfs-share/k8s
      volumes:
        - name: nfs-client-root
          nfs:
            server: 192.168.47.50
            path: /data/nfs-share/k8s

应用并验证:

kubectl get pod -n storgeclass
storgeclass                    nfs-client-provisioner-78c8fdf8fc-zn76k                  1/1     Running   0          4h18m

第四步:创建默认存储类

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: managed-nfs-storage
  annotations:
    storageclass.kubernetes.io/is-default-class: "true"
provisioner: fuseim.pri/ifs # or choose another name, must match deployment's env PROVISIONER_NAME'
parameters:
  archiveOnDelete: "false"

其中 annotations 下面的 storageclass.kubernetes.io/is-default-class: “true” 是必须的:

[root@k8s-master storgeclass]# kubectl get sc
NAME                            PROVISIONER      RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
managed-nfs-storage (default)   fuseim.pri/ifs   Delete          Immediate           false                  4h26m

部署 KubeSphere
执行下面yaml文件:

kubectl apply -f https://github.com/kubesphere/ks-installer/releases/download/v3.0.0/kubesphere-installer.yaml

kubectl apply -f https://github.com/kubesphere/ks-installer/releases/download/v3.0.0/cluster-configuration.yaml

检查安装日志:

kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') -f

安装成功可以看见最终下面结果:
在这里插入图片描述
确认pod启动情况:
在这里插入图片描述
最后确保在安全组中打开了端口 30880,并通过 NodePort(IP:30880)使用默认帐户和密码(admin/P@88w0rd)访问 Web 控制台。
在这里插入图片描述
浏览器登录:
在这里插入图片描述
验证使用:
在这里插入图片描述

评论 2 您还未登录,请先 登录 后发表或查看评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
©️2022 CSDN 皮肤主题:大白 设计师:CSDN官方博客 返回首页

打赏作者

Real_cTo

你的鼓励将是我创作的最大动力

¥2 ¥4 ¥6 ¥10 ¥20
输入1-500的整数
余额支付 (余额:-- )
扫码支付
扫码支付:¥2
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、C币套餐、付费专栏及课程。

余额充值