参考:https://www.kubernetes.org.cn/4004.html
1. 安装Ubuntu 18.04
下载地址:https://ubuntu.com/download/server
2. 配置Ubuntu系统
配置时区
tzselect
# Asia->China->Beijing
sudo cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
sudo apt -y install ntpdate
sudo ntpdate cn.pool.ntp.org
sudo hwclock --systohc
3.安装docker
sudo add-apt-repository --remove "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt update &&sudo apt -y install apt-transport-https ca-certificates curl gnupg-agent software-properties-common
sudo curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
sudo apt update &&sudo apt -y install docker-ce=5:18.09.5~3-0~ubuntu-bionic docker-ce-cli=5:18.09.5~3-0~ubuntu-bionic containerd.io
4.禁用swap
vim /etc/fstab
UUID=671d6002-d511-424d-9e3d-cfb40abfbff7 / ext4 defaults 0 0
UUID=c71c0b6d-9c29-4e00-961b-6f10ff202712 /boot ext4 defaults 0 0
#/swap.img none swap sw 0 0
5.启用cgroup
#vim /etc/default/grub
GRUB_CMDLINE_LINUX_DEFAULT="cgroup_enable=memory swapaccount=1"
GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"
6、rke需要免密钥登陆
我所有的都做了。
authorized_keys id_rsa
3. 安装K8S集群
集群外选一台主机,安装rke和rancher和kubectl(
#sudo snap install kubectl --classic
)
生成秘钥对,将公钥分发到集群的节点主机
cluster.yml
nodes:
- address: 192.168.100.181
user: root
role:
- controlplane
- etcd
- address: 192.168.100.182
user: root
role:
- controlplane
- etcd
- address: 192.168.100.183
user: root
role:
- controlplane
- etcd
- address: 192.168.100.184
user: root
role:
- worker
- address: 192.168.100.185
user: root
role:
- worker
ignore_docker_version: false
ssh_key_path: /root/.ssh/id_rsa
#ssh_agent_auth: true
cluster_name: test-cluster
kubernetes_version: v1.14.1-rancher1-1
system_images:
kubernetes: rancher/hyperkube:v1.14.1-rancher1
etcd: rancher/coreos-etcd:v3.3.10-rancher1
alpine: rancher/rke-tools:v0.1.28
nginx_proxy: rancher/rke-tools:v0.1.28
cert_downloader: rancher/rke-tools:v0.1.28
kubernetes_services_sidecar: rancher/rke-tools:v0.1.28
kubedns: rancher/k8s-dns-kube-dns-amd64:1.15.0
dnsmasq: rancher/k8s-dns-dnsmasq-nanny-amd64:1.15.0
kubedns_sidecar: rancher/k8s-dns-sidecar-amd64:1.15.0
kubedns_autoscaler: rancher/cluster-proportional-autoscaler-amd64:1.3.0
pod_infra_container: rancher/pause-amd64:3.1
canal_node: rancher/calico-node:v3.4.0
canal_cni: rancher/calico-cni:v3.4.0
canal_flannel: rancher/coreos-flannel:v0.10.0
flannel: rancher/coreos-flannel:v0.10.0-rancher1
flannel_cni: rancher/flannel-cni:v0.3.0-rancher1
services:
etcd:
kube-api:
service_cluster_ip_range: 10.43.0.0/16
service_node_port_range: 30000-32767
pod_security_policy: false
extra_args:
audit-log-path: "-"
delete-collection-workers: 3
v: 4
kube-controller:
cluster_cidr: 10.42.0.0/16
service_cluster_ip_range: 10.43.0.0/16
kubelet:
cluster_domain: cluster.local
cluster_dns_server: 10.43.0.10
fail_swap_on: false
extra_args:
max-pods: 250
authentication:
strategy: x509
authorization:
mode: rbac
addon_job_timeout: 30
network:
plugin: flannel
options:
ingress:
provider: nginx
下载rke二进制文件
下载地址:https://github.com/rancher/rke/releases/
chmod +x rke
./rke up
rke目录下生成的kube_config_cluster.yml文件时kubectl的配置文件
4. 安装Rancher
docker-compose.yml
version: "3.3"
services:
rancher:
image: 'rancher/rancher:v2.2.2'
restart: always
ports:
- 80:80
- 443:443
volumes:
- type: volume
source: rancher
target: /var/lib/rancher
command:
["entrypoint.sh", "--no-cacerts"]
volumes:
rancher: