Ubuntu18.04安装k8s
Ubuntu18.04安装docker
参考: https://mp.weixin.qq.com/s/2LWWHkQk61UmvZvI3zVuUg
参考: https://blog.csdn.net/omaidb/article/details/122062219
添加kubeadm源
# 安装依赖包
sudo apt update
sudo apt install -y apt-transport-https ca-certificates curl
# 添加key
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
# 添加国内源
echo "deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
安装kubectl
# 刷新源
sudo apt update
# 不指定版本则安装最新版
sudo apt install -y kubelet kubeadm kubectl
# 锁定版本
sudo apt-mark hold kubelet kubeadm kubectl
初始化k8s
参考: https://blog.csdn.net/omaidb/article/details/121549382
使用rancher构建k8s
参考 https://www.rancher.cn/quick-start/
# 创建本地挂载目录
mkdir -p /data/rancher_data
# 启动rancher
sudo docker run --name rancher --privileged -dti --restart=unless-stopped -p 8080:8080 -p 80:80 -p 443:443 -p 6443:6443 -v /data/rancher_data:/var/lib/rancher/ rancher/rancher:stable
高级配置
sudo docker run --name rancher --privileged -dti --restart=unless-stopped \
-p 80:80 -p 443:443 -p 8080:8080 -p 6443:6443 \
-v /data/rancher_data:/var/lib/rancher/ \
-v /<CERT_DIRECTORY>/<FULL_CHAIN.pem>:/etc/rancher/ssl/cert.pem \
-v /<CERT_DIRECTORY>/<PRIVATE_KEY.pem>:/etc/rancher/ssl/key.pem \
-v /<CERT_DIRECTORY>/<CA_CERTS.pem>:/etc/rancher/ssl/cacerts.pem \
rancher/rancher:stable \
--acme-domain <YOUR.DNS.NAME>
查看初次的登陆密码
# 查看初次的登陆密码
docker logs rancher | grep "Password"
使用kubectl管理
# 将kubeconfig文件拷贝到本机
docker cp rancher:/etc/rancher/k3s/k3s.yaml /root/.kube/config
# 使用kubectl管理k8s
kubectl get nodes -A
解决docker无法拉取k8s.gcr.io镜像问题
使用ansible-plybook安装taojan
https://blog.csdn.net/omaidb/article/details/120028228
---
- name: 安装trojan
hosts: all
tasks:
- name: 创建/opt/trojan目录
file:
path: /opt/trojan
state: directory
- name: copy trojan 主程序
copy:
src: /opt/trojan/trojan
dest: /opt/trojan/trojan
mode: '0755'
- name: copy trojan config
copy:
src: /opt/trojan/config.json
dest: /opt/trojan/config.json
- name: install pkg
hosts: all
tasks:
- name: install proxychains
apt:
name: proxychains
state: latest
- name: edit config
lineinfile:
path: /etc/proxychains.conf
regexp: 'socks4 127.0.0.1 9050'
line: 'socks5 127.0.0.1 1080'
- name: copy sup trojan config
copy:
src: /etc/supervisor/conf.d/trojan.conf
dest: /etc/supervisor/conf.d/trojan.conf
- name: install supervisor
apt:
name: supervisor
- name: enable supervisor service
service:
name: supervisor
enabled: yes
state: started
- name: 重启 supctl
shell: supervisorctl reload && supervisorctl update
- name: 创建目录
file:
path: /etc/systemd/system/docker.service.d
state: directory
- name: 配置docker代理
copy:
src: /etc/systemd/system/docker.service.d/proxy.conf
dest: /etc/systemd/system/docker.service.d/proxy.conf
- name: 重载服务
shell: systemctl daemon-reload
- name: 重启docker服务
service:
name: docker
state: restarted