Kubekey离线安装kubesphere+kubernetes集群

1.上传离线包

上传离线包到对应的服务服务器

安装包制作：

离线安装 (kubesphere.io)

2.创建集群配置文件

./kk create config --with-kubesphere v3.3.2 --with-kubernetes v1.23.10 -f config-sample.yaml

2.1修改配置文件

vim config-sample.yaml

apiVersion: kubekey.kubesphere.io/v1alpha2
kind: Cluster
metadata:
  name: sample
spec:
  hosts:
  - {name: master, address: 192.168.1.10, internalAddress: 192.168.1.10, user: root, password: "junan@123"}
  - {name: node1, address: 192.168.1.11, internalAddress: 192.168.1.11, user: root, password: "junan@123"}
  - {name: node2, address: 192.168.1.12, internalAddress: 192.168.1.12, user: root, password: "junan@123"}
  roleGroups:
    etcd:
    - master #这里修改为master
    control-plane: 
    - master #这里修改为master
    worker:
    - node1
    - node2
    # 设置使用 kk 自动部署镜像仓库的节点，一定要注意这个地方必须加上
    registry:
    - master
  controlPlaneEndpoint:
    ## Internal loadbalancer for apiservers 
    # internalLoadbalancer: haproxy

    domain: lb.kubesphere.local
    address: ""
    port: 6443
  kubernetes:
    version: v1.23.10
    clusterName: cluster.local
    autoRenewCerts: true
    containerManager: docker
  etcd:
    type: kubekey
  network:
    plugin: calico
    kubePodsCIDR: 10.233.64.0/18
    kubeServiceCIDR: 10.233.0.0/18
    ## multus support. https://github.com/k8snetworkplumbingwg/multus-cni
    multusCNI:
      enabled: false
  registry:
    # 这里的类型设置为harbor
    type: harbor
    privateRegistry: ""
    namespaceOverride: ""
    registryMirrors: []
    insecureRegistries: []
  addons: []



---
apiVersion: installer.kubesphere.io/v1alpha1
kind: ClusterConfiguration
metadata:
  name: ks-installer
  namespace: kubesphere-system
  labels:
    version: v3.3.2
spec:
  persistence:
    storageClass: ""
  authentication:
    jwtSecret: ""
  zone: ""
  local_registry: ""
  namespace_override: ""
  # dev_tag: ""
  etcd:
    monitoring: false
    endpointIps: localhost
    port: 2379
    tlsEnable: true
  common:
    core:
      console:
        enableMultiLogin: true
        port: 30880
        type: NodePort
    # apiserver:
    #  resources: {}
    # controllerManager:
    #  resources: {}
    redis:
      enabled: false
      volumeSize: 2Gi
    openldap:
      enabled: false
      volumeSize: 2Gi
    minio:
      volumeSize: 20Gi
    monitoring:
      # type: external
      endpoint: http://prometheus-operated.kubesphere-monitoring-system.svc:9090
      GPUMonitoring:
        enabled: false
    gpu:
      kinds:
      - resourceName: "nvidia.com/gpu"
        resourceType: "GPU"
        default: true
    es:
      # master:
      #   volumeSize: 4Gi
      #   replicas: 1
      #   resources: {}
      # data:
      #   volumeSize: 20Gi
      #   replicas: 1
      #   resources: {}
      logMaxAge: 7
      elkPrefix: logstash
      basicAuth:
        enabled: false
        username: ""
        password: ""
      externalElasticsearchHost: ""
      externalElasticsearchPort: ""
  alerting:
    enabled: false
    # thanosruler:
    #   replicas: 1
    #   resources: {}
  auditing:
    enabled: false
    # operator:
    #   resources: {}
    # webhook:
    #   resources: {}
  devops:
    enabled: false
    # resources: {}
    jenkinsMemoryLim: 8Gi
    jenkinsMemoryReq: 4Gi
    jenkinsVolumeSize: 8Gi
  events:
    enabled: false
    # operator:
    #   resources: {}
    # exporter:
    #   resources: {}
    # ruler:
    #   enabled: true
    #   replicas: 2
    #   resources: {}
  logging:
    enabled: false
    logsidecar:
      enabled: true
      replicas: 2
      # resources: {}
  metrics_server:
    enabled: false
  monitoring:
    storageClass: ""
    node_exporter:
      port: 9100
      # resources: {}
    # kube_rbac_proxy:
    #   resources: {}
    # kube_state_metrics:
    #   resources: {}
    # prometheus:
    #   replicas: 1
    #   volumeSize: 20Gi
    #   resources: {}
    #   operator:
    #     resources: {}
    # alertmanager:
    #   replicas: 1
    #   resources: {}
    # notification_manager:
    #   resources: {}
    #   operator:
    #     resources: {}
    #   proxy:
    #     resources: {}
    gpu:
      nvidia_dcgm_exporter:
        enabled: false
        # resources: {}
  multicluster:
    clusterRole: none
  network:
    networkpolicy:
      enabled: false
    ippool:
      type: none
    topology:
      type: none
  openpitrix:
    store:
      enabled: false
  servicemesh:
    enabled: false
    istio:
      components:
        ingressGateways:
        - name: istio-ingressgateway
          enabled: false
        cni:
          enabled: false
  edgeruntime:
    enabled: false
    kubeedge:
      enabled: false
      cloudCore:
        cloudHub:
          advertiseAddress:
            - ""
        service:
          cloudhubNodePort: "30000"
          cloudhubQuicNodePort: "30001"
          cloudhubHttpsNodePort: "30002"
          cloudstreamNodePort: "30003"
          tunnelNodePort: "30004"
        # resources: {}
        # hostNetWork: false
      iptables-manager:
        enabled: true
        mode: "external"
        # resources: {}
      # edgeService:
      #   resources: {}
  terminal:
    timeout: 600

3.创建镜像仓库

./kk init registry -f config-sample.yaml -a kubesphere.tar.gz

4.创建harbor仓库

我们需要创建harbor仓库把我们的离线包推送到harbor仓库里面，所以我们得提前在harbor里面创建好项目，离线包才能被推送上面

创建文件

vim create_project_harbor.sh

复制下面脚本

#!/usr/bin/env bash



# Copyright 2018 The KubeSphere Authors.

#

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

#

#     http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.



url="https://dockerhub.kubekey.local"  #修改url的值为https://dockerhub.kubekey.local

user="admin"

passwd="Harbor12345"



harbor_projects=(library

    kubesphereio

    kubesphere

    argoproj

    calico

    coredns

    openebs

    csiplugin

    minio

    mirrorgooglecontainers

    osixia

    prom

    thanosio

    jimmidyson

    grafana

    elastic

    istio

    jaegertracing

    jenkins

    weaveworks

    openpitrix

    joosthofman

    nginxdemos

    fluent

    kubeedge

    openpolicyagent

)



for project in "${harbor_projects[@]}"; do

    echo "creating $project"

    curl -u "${user}:${passwd}" -X POST -H "Content-Type: application/json" "${url}/api/v2.0/projects" -d "{ \"project_name\": \"${project}\", \"public\": true}" -k #curl命令末尾加上 -k

done

设置权限

chmod +x create_project_harbor.sh

执行脚本

sh ./create_project_harbor.sh

5.再次修改配置文件

vim config-sample.yaml

配置harbor的地址

  ...

  registry:

    type: harbor

    auths:
      "dockerhub.kubekey.local":
        username: admin
        password: Harbor12345
    privateRegistry: "dockerhub.kubekey.local"
    namespaceOverride: "kubesphereio"

    registryMirrors: []

    insecureRegistries: []

  addons: []

6.推送仓库创建集群

./kk create cluster -f config-sample.yaml -a kubesphere.tar.gz --with-packages

如果不需要安装iso中的包那么就不需要加 --with-packages

如果出现了k8s集群安装成功了，kubesphere长时间没有安装成功可以ctrl+c停止安装，使用以下命令重新安装，不用指定离线包了。

./kk create cluster -f config-sample.yaml

通过下面命令来查看哪些pod启动了

kubectl get pod --all-namespaces

通过下面命令来查看哪些pod启动了

kubectl describe pod pod名称 -n 命名空间

可以通过一下命令查看，kubesphere的执行日志

kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l 'app in (ks-install, ks-installer)' -o jsonpath='{.items[0].metadata.name}') -f

当看到这个日志的时候，证明安装成功了

Console: http://10.0.0.30:30880
Account: admin
Password: P@88w0rd