RKE2安装k8s
前言
RKE2 - Rancher 的下一代 Kubernetes 发行版
提示:本次安装以3台机器示例 参考文档: https://docs.rke2.io https://docs.rancher.cn/docs/rancher2.5/installation/resources/k8s-tutorials/ha-rke2/_index/
https://blog.csdn.net/m0_49654228/article/details/120287498
先决条件及机器配置
- 3台机器
192.168.2.138 rke-1 master节点
192.168.2.139 rke-2 worker节点
192.168.2.140 rke-3 worker节点
机器配置为 centos7 2核 4G - 确保您的环境满足要求。 如果您的主机上安装并启用了 NetworkManager,请确保将其配置为忽略 CNI 管理的接口。
2.1 在此目录下/etc/NetworkManager/conf.d 创建rke2-canal.conf文件
2.2 在新文件中增加以下内容
[keyfile]
unmanaged-devices=interface-name:cali*;interface-name:flannel*
关闭防火墙 (必须)
systemctl stop firewalld && systemctl disable firewalld
关闭setlinux (必须)
setenforce 0
sed -i ‘s/enforcing/disabled/’ /etc/selinux/config
配置内核转发及网桥过滤
cat << EOF | tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
##########################
手动执行加载文件
modprobe overlay
modprobe br_netfilter
###
cat << EOF | tee /etc/modules-load.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables =1
net.bridge.bridge-nf-call-iptables =1
net.ipv4.ip_forward =1
EOF
######
sysctl --system
安装 ipset 及 ipvsadm
yum install ipset ipvsadm -y
配置 ipvsadm 模块
cat << EOF | tee /etc/modules-load.d/ipvs.conf
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack
EOF
cat << EOF | tee ipvs.sh
#!/bin/bash
modprobe ip_vs
modprobe ip_vs_rr
modprobe ip_vs_wrr
modprobe ip_vs_sh
modprobe nf_conntrack
EOF
##########
sh ipvs.sh
同步时间
yum install -y ntp #每台主机安装ntp服务
systemctl start ntpd #启动时钟同步服务
systemctl enable ntpd #设置开机启动
ntpq -p #查看时钟同步状态
二、安装步骤
1.安装master
代码如下(示例):
1. curl -sfL https://rancher-mirror.rancher.cn/rke2/install.sh | INSTALL_RKE2_MIRROR=cn INSTALL_RKE2_VERSION=v1.21.9+rke2r1 sh - ##INSTALL_RKE2_VERSION=v1.21.9+rke2r1 版本号
2. systemctl enable rke2-server.service
# 安装完成之后先别急着启动,在 /etc/rancher/rke2/ 目录下创建新文件 config.yaml
# token的来源 cat /var/lib/rancher/rke2/server/node-token
3. vim /etc/rancher/rke2/config.yaml
##
token:K1059e401ec34ba683ac00bcab2f9594dbe162d26fa8611bb18627582d4f66d28dc::server:b946dc526c0191bcded97fd57f89f178
tls-san: 172.16.200.1 ##tls-san参数,设置成本机
system-default-registry: "registry.cn-hangzhou.aliyuncs.com" ## 阿里云镜像库地址
node-taint:
- "CriticalAddonsOnly=true:NoExecute"
node-label:
- "node=Master"
systemctl enable rke2-server.service
4. systemctl start rke2-server.service
5. vim /etc/profile
export PATH=/var/lib/rancher/rke2/bin:$PATH
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
```/var/lib/rancher//rke2/bin/crictl --runtime-endpoint=unix:///run/k3s/containerd/containerd.sock ps
ln -s /var/lib/rancher/rke2/agent/etc/crictl.yaml /etc/crictl.yaml 建立containerd软连接
ln -s /var/lib/rancher/rke2/bin/kubectl /usr/bin/kubect
### 配置私有镜像仓库
vim /etc/rancher/rke2/registries.yaml
mirrors:
myregistry.com
到此为止marster节点已经安装完毕
## 3.安装worker节点
代码如下(示例):
```c
1. curl -sfL https://rancher-mirror.rancher.cn/rke2/install.sh | INSTALL_RKE2_MIRROR=cn INSTALL_RKE2_TYPE="agent" INSTALL_RKE2_VERSION=v1.21.9+rke2r1 sh -
2. systemctl enable rke2-agent.service
3. vim /etc/rancher/rke2/config.yaml
server: https://192.168.2.138:9345
token:K1072b269c11cefa687cac2aaf657aeb6148cc0a4d16fc8cb70c4ac667c9c6f42a1::server:694191e4eb3c32b5f26c496bbd479308
4. systemctl start rke2-agent.service
5. journalctl -u rke2-agent -f
后面worker节点加入的步骤一样
rke2集群中安装rancher
安装helm
https://github.com/helm/helm/releases 下载对应的版本
tar -zxvf helm-v3.13.2-linux-amd64.tar.gz
sudo mv linux-amd64/helm /usr/local/bin/
使用helm安装rancher
官方文档
https://ranchermanager.docs.rancher.com/zh/pages-for-subheaders/install-upgrade-on-a-kubernetes-cluster
安装 cert-manager证书
helm repo add jetstack https://charts.jetstack.io
helm repo update
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.2/cert-manager.crds.yaml
kubectl create namespace cattle-system
helm install
cert-manager jetstack/cert-manager
–namespace cert-manager
–create-namespace
–version v1.13.2
kubectl get pods --namespace cert-manager
helm install rancher rancher-stable/rancher
–namespace cattle-system
–set hostname=hlj.test.rancher
–set bootstrapPassword=admin
在本地hosts配置域名到集群pod端口
4650
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
