安装kubesphere需要有默认的storageclass。如果没有请参照以下先进行安装
安装storageclass
- 安装基于NFS服务
[root@master1 ~]# yum -y install nfs-utils #所有节点都要装
[root@master1 ~]# vim /etc/exports
/nfsdata *(rw,sync,no_root_squash)
[root@master1 ~]# mkdir /nfsdata
[root@master1 ~]# systemctl start rpcbind
[root@master1 ~]# systemctl enable rpcbind
[root@master1 ~]# systemctl start nfs
[root@master1 ~]# systemctl enable nfs-server
[root@master1 ~]# showmount -e
Export list for master1:
/nfsdata *
rbac(基于角色的访问控制),就是用户通过角色与权限进行关联。 是一个从认证-----> 授权-----> 准入机制。(rbac-rolebind.yaml)
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-provisioner
namespace: ns-test #自己的命名空间
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: nfs-provisioner-runner
namespace: ns-test #自己的命名空间
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["services", "endpoints"]
verbs: ["get","create","list", "watch","update"]
- apiGroups: ["extensions"]
resources: ["podsecuritypolicies"]
resourceNames: ["nfs-provisioner"]
verbs: ["use"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-provisioner
subjects:
- kind: ServiceAccount
name: nfs-provisioner
namespace: ns-test #自己的命名空间
roleRef:
kind: ClusterRole
name: nfs-provisioner-runner
apiGroup: rbac.authorization.k8s.io
部署 rbac-rolebind.yaml
kubectl apply -f rbac-rolebind.yaml
创建一个nfs的Deployment(nfs-deployment.yaml)
apiVersion: apps/v1
kind: Deployment
metadata:
name: nfs-client-provisioner
namespace: ns-test #自己的命名空间
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: nfs-client-provisioner
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
serviceAccount: nfs-provisioner
containers:
- name: nfs-client-provisioner
image: quay.io/external_storage/nfs-client-provisioner
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: nfs-deploy #供给方的名称
- name: NFS_SERVER
value: 10.0.2.15 #nfs服务器IP
- name: NFS_PATH
value: /nfsdata #nfs共享目录
volumes:
- name: nfs-client-root
nfs:
server: 10.0.2.15
path: /nfsdata
部署nfs-deployment(nfs-deployment.yaml)
kubectl apply -f nfs-deployment.yaml
查看是否正常运行
kubectl get pod -n ns-test
创建storage class(nfs-sc.yaml)
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: statefu-nfs
namespace: default
provisioner: nfs-deploy #这里的名字要和上面deploy定义的PROVISIONER_NAME一样
reclaimPolicy: Retain
部署 nfs-sc.yaml
kubectl apply -f nfs-sc.yaml
查看storageclass。是否有刚刚创建的
kubectl get storageclass
设置为默认
kubectl patch storageclass statefu-nfs【storageclass的名称】 -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
name后有(default)字样即成功。
至此storage已经安装完成。
安装kubesphere
如果中途安装出现错误,要先强制卸载所有的组件,再重新安装
kubectl delete Namespace kubesphere-system --force --grace-period=0
kubectl delete CustomResourceDefinition clusterconfigurations.installer.kubesphere.io --force --grace-period=0
kubectl delete ServiceAccount ks-installer --force --grace-period=0
kubectl delete ClusterRole ks-installer --force --grace-period=0
kubectl delete ClusterRoleBinding ks-installer --force --grace-period=0
kubectl delete Deployment ks-installer --force --grace-period=0
如果是国内网络的情况下会出现拉取镜像失败是情况,请执行
export KKZONE=cn
部署kubesphere【如果下载yaml失败,请自行下载好传到服务器】
kubectl apply -f https://github.com/kubesphere/ks-installer/releases/download/v3.2.1/kubesphere-installer.yaml
kubectl apply -f https://github.com/kubesphere/ks-installer/releases/download/v3.2.1/cluster-configuration.yaml
查看安装log
kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') -f
log中出现了地址,账号密码即安装完成