kubernetes部署

参考：https://www.kubernetes.org.cn/4004.html

1. 安装Ubuntu 18.04

下载地址：https://ubuntu.com/download/server

2. 配置Ubuntu系统

配置时区

tzselect
# Asia->China->Beijing
sudo cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
sudo apt -y install ntpdate
sudo ntpdate cn.pool.ntp.org
sudo hwclock --systohc

3.安装docker

sudo add-apt-repository  --remove  "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt update &&sudo apt -y install apt-transport-https ca-certificates curl gnupg-agent software-properties-common
sudo curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
sudo apt update &&sudo apt -y install docker-ce=5:18.09.5~3-0~ubuntu-bionic docker-ce-cli=5:18.09.5~3-0~ubuntu-bionic containerd.io

 

4.禁用swap

vim  /etc/fstab
UUID=671d6002-d511-424d-9e3d-cfb40abfbff7 / ext4 defaults 0 0
UUID=c71c0b6d-9c29-4e00-961b-6f10ff202712 /boot ext4 defaults 0 0
#/swap.img      none    swap    sw      0       0

5.启用cgroup

#vim /etc/default/grub
GRUB_CMDLINE_LINUX_DEFAULT="cgroup_enable=memory swapaccount=1"
GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"

6、rke需要免密钥登陆

我所有的都做了。
authorized_keys  id_rsa

3. 安装K8S集群

集群外选一台主机，安装rke和rancher和kubectl（

 #sudo snap install kubectl --classic

）

生成秘钥对，将公钥分发到集群的节点主机

cluster.yml

nodes:
    - address: 192.168.100.181
      user: root
      role:
        - controlplane
        - etcd
    - address: 192.168.100.182
      user: root
      role:
        - controlplane
        - etcd
    - address: 192.168.100.183
      user: root
      role:
        - controlplane
        - etcd
    - address: 192.168.100.184
      user: root
      role:
        - worker
    - address: 192.168.100.185
      user: root
      role:
        - worker

ignore_docker_version: false

ssh_key_path: /root/.ssh/id_rsa

#ssh_agent_auth: true

cluster_name: test-cluster

kubernetes_version: v1.14.1-rancher1-1

system_images:
    kubernetes: rancher/hyperkube:v1.14.1-rancher1
    etcd: rancher/coreos-etcd:v3.3.10-rancher1
    alpine: rancher/rke-tools:v0.1.28
    nginx_proxy: rancher/rke-tools:v0.1.28
    cert_downloader: rancher/rke-tools:v0.1.28
    kubernetes_services_sidecar: rancher/rke-tools:v0.1.28
    kubedns: rancher/k8s-dns-kube-dns-amd64:1.15.0
    dnsmasq: rancher/k8s-dns-dnsmasq-nanny-amd64:1.15.0
    kubedns_sidecar: rancher/k8s-dns-sidecar-amd64:1.15.0
    kubedns_autoscaler: rancher/cluster-proportional-autoscaler-amd64:1.3.0
    pod_infra_container: rancher/pause-amd64:3.1
    canal_node: rancher/calico-node:v3.4.0
    canal_cni: rancher/calico-cni:v3.4.0
    canal_flannel: rancher/coreos-flannel:v0.10.0
    flannel: rancher/coreos-flannel:v0.10.0-rancher1
    flannel_cni: rancher/flannel-cni:v0.3.0-rancher1

services:
    etcd:
    kube-api:
      service_cluster_ip_range: 10.43.0.0/16
      service_node_port_range: 30000-32767    
      pod_security_policy: false
      extra_args:
        audit-log-path: "-"
        delete-collection-workers: 3
        v: 4
    kube-controller:
      cluster_cidr: 10.42.0.0/16
      service_cluster_ip_range: 10.43.0.0/16
    kubelet:
      cluster_domain: cluster.local
      cluster_dns_server: 10.43.0.10
      fail_swap_on: false
      extra_args:
        max-pods: 250

authentication:
    strategy: x509
authorization:
    mode: rbac

addon_job_timeout: 30

network:
  plugin: flannel
  options:

ingress:
    provider: nginx

下载rke二进制文件

下载地址：https://github.com/rancher/rke/releases/

chmod +x rke
./rke up

rke目录下生成的kube_config_cluster.yml文件时kubectl的配置文件 

4. 安装Rancher

docker-compose.yml

version: "3.3"
services:
  rancher:
    image: 'rancher/rancher:v2.2.2'
    restart: always
    ports:
      - 80:80
      - 443:443
    volumes:
      - type: volume
        source: rancher
        target: /var/lib/rancher
    command:
      ["entrypoint.sh", "--no-cacerts"]

volumes:
  rancher: