K3s是由Rancher Labs于今年年初发布的一款开源、极轻量的Kubernetes发行版,完美适用于在资源有限的环境中运行Kubernetes。K3s一经发布就得到了业界的高度关注和认可,发布半年以来已在GitHub上拥有近8500颗Star。
最初k3s只是一个用于本地Kubernetes开发的POC项目,而如今已有很多企业用户在生产环境中使用它。
官方GitRepo:
https://github.com/rancher/k3s
官方定义:k3s是完全符合标准的生产级Kubernetes发行版,具有以下四个方面的主要变化:
删除旧的、非必须的代码:K3s不包括任何默认禁用的Alpha功能或者过时的功能,原有的API组件目前仍运行于标准部署当中。除此之外,Rancher还删除了所有非默认许可控制器,in- tree云提供商和存储驱动程序,但允许用户添加任何他们需要的驱动程序。
整合正在运行的打包进程:为了节省RAM,Rancher将通常在Kubernetes管理服务器上运行的多流程合并为单个流程。Rancher还将在工作节点上运行的kubelet、kubeproxy和flannel代理进程组合成一个进程。
使用containerd代替Docker作为运行时的容器引擎:通过用containderd替换Docker,Rancher能够显著减少运行时占用空间,删除libnetwork、swarm、Docker存储驱动程序和其他插件等功能。
除了 etcd 之外,引入 SQLite 作为可选的数据存储:Rancher在k3s中添加了SQLite作为可选的数据存储,从而为etcd提供了一个轻量级的替代方案。该方案不仅占用了较少的内存,而且大幅简化了操作。
鉴于k3s受到极高的关注度以及广泛的应用,大量的开源社区用户开始搭建有关k3s的项目,本文将分享如何使用其中一个项目——k3sup,来实现一分钟内从零到完全配置k3s Kubeconfig。
K3sup:1分钟之内,从零到完全配置Kubeconfig
K3sup:https://github.com/alexellis/k3sup
K3sup是由Alex Ellis创建的一个开源项目,这使得k3s的安装和kubeconfig文件的生成变得快速和方便。这一工具能以极快的速度自动化安装k3s、将SAN地址更新为公共IP、下载k3s配置文件然后使用VM的公共IP地址将其更新,以便可以使用kubectl连接它。
以下步骤使用Amazon EC2实例说明了此过程:
步骤1:启动Amazon EC2实例,让安全组打开端口并通过ssh登录。
登录亚马逊控制台并单击EC2
在EC2 Dashboard上,点击启动实例
选择 Amazon Linux 2 AMI 镜像
选择实例类型(我们将使用t2.medium)
选择VPC/Subnet/IAM等并且启用自动分配公共IP(一切都保持默认)
添加存储(使用默认配置)
添加标签(如果需要的话)
配置安全组以允许不同端口上的流量(本demo中启用所有流量)
选择一个密钥对并且启动实例
EC2与Amazon AMI一起运行
步骤2:下载k3sup的二进制文件
curl -sLS https://raw.githubusercontent.com/alexellis/k3sup/master/get.sh | sh[root@ip-172-31-33-136 ec2-user]# curl -sLS https://raw.githubusercontent.com/alexellis/k3sup/master/get.sh | shwhich: no k3sup in (/sbin:/bin:/usr/sbin:/usr/bin)x86_64Downloading package https://github.com/alexellis/k3sup/releases/download/0.2.0/k3sup as /tmp/k3supDownload complete.Running as root - Attempting to move k3sup to /usr/local/binNew version of k3sup installed to /usr/local/bin
步骤3:将ssh密钥复制到VM中的'vi /root/.ssh/id_rsa'位置,导出IP并使用k3sup安装k3s
[root@ip-172-31-33-136 ec2-user]# **cd /usr/local/bin**[root@ip-172-31-33-136 bin]# **export IP=54.159.112.255**[root@ip-172-31-33-136 bin]# **./k3sup install --ip $IP --user ec2-user**Public IP: 54.159.112.255ssh -i /root/.ssh/id_rsa ec2-user@54.159.112.255ssh: curl -sLS https://get.k3s.io | INSTALL_K3S_EXEC='server --tls-san 54.159.112.255' sh -[INFO] Finding latest release[INFO] Using v0.8.0 as release[INFO] Downloading hash [https://github.com/rancher/k3s/releases/download/v0.8.0/sha256sum-amd64.txt](https://github.com/rancher/k3s/releases/download/v0.8.0/sha256sum-amd64.txt)[INFO] Downloading binary [https://github.com/rancher/k3s/releases/download/v0.8.0/k3s](https://github.com/rancher/k3s/releases/download/v0.8.0/k3s)[INFO] Verifying binary download[INFO] Installing k3s to /usr/local/bin/k3swhich: no kubectl in (/usr/local/bin:/usr/bin)[INFO] Creating /usr/local/bin/kubectl symlink to k3swhich: no crictl in (/usr/local/bin:/usr/bin)[INFO] Creating /usr/local/bin/crictl symlink to k3swhich: no ctr in (/usr/local/bin:/usr/bin)[INFO] Creating /usr/local/bin/ctr symlink to k3s[INFO] Creating killall script /usr/local/bin/k3s-killall.sh[INFO] Creating uninstall script /usr/local/bin/k3s-uninstall.sh[INFO] env: Creating environment file /etc/systemd/system/k3s.service.env[INFO] systemd: Creating service file /etc/systemd/system/k3s.service[INFO] systemd: Enabling k3s unitCreated symlink from /etc/systemd/system/multi-user.target.wants/k3s.service to /etc/systemd/system/k3s.service.[INFO] systemd: Starting k3sResult: [INFO] Finding latest release[INFO] Using v0.8.0 as release[INFO] Downloading hash [https://github.com/rancher/k3s/releases/download/v0.8.0/sha256sum-amd64.txt](https://github.com/rancher/k3s/releases/download/v0.8.0/sha256sum-amd64.txt)[INFO] Downloading binary [https://github.com/rancher/k3s/releases/download/v0.8.0/k3s](https://github.com/rancher/k3s/releases/download/v0.8.0/k3s)[INFO] Verifying binary download[INFO] Installing k3s to /usr/local/bin/k3s[INFO] Creating /usr/local/bin/kubectl symlink to k3s[INFO] Creating /usr/local/bin/crictl symlink to k3s[INFO] Creating /usr/local/bin/ctr symlink to k3s[INFO] Creating killall script /usr/local/bin/k3s-killall.sh[INFO] Creating uninstall script /usr/local/bin/k3s-uninstall.sh[INFO] env: Creating environment file /etc/systemd/system/k3s.service.env[INFO] systemd: Creating service file /etc/systemd/system/k3s.service[INFO] systemd: Enabling k3s unit[INFO] systemd: Starting k3swhich: no kubectl in (/usr/local/bin:/usr/bin)which: no crictl in (/usr/local/bin:/usr/bin)which: no ctr in (/usr/local/bin:/usr/bin)Created symlink from /etc/systemd/system/multi-user.target.wants/k3s.service to /etc/systemd/system/k3s.service.ssh: sudo cat /etc/rancher/k3s/k3s.yamlSaving file to: /usr/local/bin/kubeconfig
它将创建一个kubeconfig文件并且保存在你运行命令的目录中。
步骤4:导出KUBECONFIG
[root@ip-172-31-33-136 bin]#** export KUBECONFIG=`pwd`/kubeconfig**
步骤5:开始玩转k3s
[root@ip-172-31-33-136 bin]# **./kubectl get nodes**NAME STATUS ROLES AGE VERSIONip-172-31-33-136.ec2.internal Ready master 24s v1.14.5-k3s.1[root@ip-172-31-33-136 bin]# **./kubectl get pods -n kube-system**NAME READY STATUS RESTARTS AGEcoredns-b7464766c-ngf46 1/1 Running 0 4m3shelm-install-traefik-x6wfj 0/1 Completed 0 4m3ssvclb-traefik-65gw9 2/2 Running 0 3m49straefik-56688c4464-5rdss 1/1 Running 0 3m49s
运行一个简单的服务:
# Create a Deployment**./kubectl run nginx --image=nginx**# Create Service[root@ip-172-31-33-136 bin]# **./kubectl expose deployment nginx --port=80 --target-port=80**service/nginx exposed[root@ip-172-31-33-136 bin]# **./kubectl get svc**NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.43.0.1 <none> 443/TCP 45mnginx ClusterIP 10.43.99.179 <none> 80/TCP 5s[root@ip-172-31-33-136 bin]# **curl 10.43.99.179**<html><head><title>Welcome to nginx!title><style>body {width: 35em;margin: 0 auto;font-family: Tahoma, Verdana, Arial, sans-serif;}style>head><body><h1>Welcome to nginx!h1><p>If you see this page, the nginx web server is successfully installed andworking. Further configuration is required.p><p>For online documentation and support please refer to<a href="http://nginx.org/">nginx.orga>.<br/>Commercial support is available at<a href="http://nginx.com/">nginx.coma>.p><p><em>Thank you for using nginx.em>p>body>html>
加入两个节点:是否可以在不登录节点的情况下将节点与主节点连接?是的,k3sup可以做到这一点。
在VM上获得k3s设置后,你可以轻松地将节点加入到集群:
#AGENT_IP is the IP of the VM that you want to add to the cluster that has k3s running**export AGENT_IP=54.196.113.156**#SERVER_IP is the IP of the server where k3 is installed export SERVER_IP=54.159.112.255**export USER=ec2-user**[root@ip-172-31-33-136 bin]# **./k3sup join --ip $AGENT_IP --server-ip $SERVER_IP --user ec2-user**Server IP: 54.159.112.255ssh -i /root/.ssh/id_rsa ec2-user@54.159.112.255ssh: sudo cat /var/lib/rancher/k3s/server/node-tokenK1077d707d0868b652aca7adfc21b5f34a1f0357e71b216bf8b3c94a559cd4f93a6::node:014c8ed3f6574d27db73b9c8bf67f617ssh: curl -sfL https://get.k3s.io/ | K3S_URL="https://54.159.112.255:6443" K3S_TOKEN="K1077d707d0868b652aca7adfc21b5f34a1f0357e71b216bf8b3c94a559cd4f93a6::node:014c8ed3f6574d27db73b9c8bf67f617" sh -[INFO] Finding latest release[INFO] Using v0.8.0 as release[INFO] Downloading hash [https://github.com/rancher/k3s/releases/download/v0.8.0/sha256sum-amd64.txt](https://github.com/rancher/k3s/releases/download/v0.8.0/sha256sum-amd64.txt)[INFO] Downloading binary [https://github.com/rancher/k3s/releases/download/v0.8.0/k3s](https://github.com/rancher/k3s/releases/download/v0.8.0/k3s)[INFO] Verifying binary download[INFO] Installing k3s to /usr/local/bin/k3swhich: no kubectl in (/usr/local/bin:/usr/bin)[INFO] Creating /usr/local/bin/kubectl symlink to k3swhich: no crictl in (/usr/local/bin:/usr/bin)[INFO] Creating /usr/local/bin/crictl symlink to k3swhich: no ctr in (/usr/local/bin:/usr/bin)[INFO] Creating /usr/local/bin/ctr symlink to k3s[INFO] Creating killall script /usr/local/bin/k3s-killall.sh[INFO] Creating uninstall script /usr/local/bin/k3s-agent-uninstall.sh[INFO] env: Creating environment file /etc/systemd/system/k3s-agent.service.env[INFO] systemd: Creating service file /etc/systemd/system/k3s-agent.service[INFO] systemd: Enabling k3s-agent unitCreated symlink from /etc/systemd/system/multi-user.target.wants/k3s-agent.service to /etc/systemd/system/k3s-agent.service.[INFO] systemd: Starting k3s-agentLogs: which: no kubectl in (/usr/local/bin:/usr/bin)which: no crictl in (/usr/local/bin:/usr/bin)which: no ctr in (/usr/local/bin:/usr/bin)Created symlink from /etc/systemd/system/multi-user.target.wants/k3s-agent.service to /etc/systemd/system/k3s-agent.service.Output: [INFO] Finding latest release[INFO] Using v0.8.0 as release[INFO] Downloading hash [https://github.com/rancher/k3s/releases/download/v0.8.0/sha256sum-amd64.txt](https://github.com/rancher/k3s/releases/download/v0.8.0/sha256sum-amd64.txt)[INFO] Downloading binary [https://github.com/rancher/k3s/releases/download/v0.8.0/k3s](https://github.com/rancher/k3s/releases/download/v0.8.0/k3s)[INFO] Verifying binary download[INFO] Installing k3s to /usr/local/bin/k3s[INFO] Creating /usr/local/bin/kubectl symlink to k3s[INFO] Creating /usr/local/bin/crictl symlink to k3s[INFO] Creating /usr/local/bin/ctr symlink to k3s[INFO] Creating killall script /usr/local/bin/k3s-killall.sh[INFO] Creating uninstall script /usr/local/bin/k3s-agent-uninstall.sh[INFO] env: Creating environment file /etc/systemd/system/k3s-agent.service.env[INFO] systemd: Creating service file /etc/systemd/system/k3s-agent.service[INFO] systemd: Enabling k3s-agent unit[INFO] systemd: Starting k3s-agent[root@ip-172-31-33-136 bin]# **./kubectl get nodes**NAME STATUS ROLES AGE VERSIONip-172-31-33-136.ec2.internal Ready master 19m v1.14.5-k3s.1ip-172-31-37-118.ec2.internal Ready worker 11s v1.14.5-k3s.1
你可以看到使用k3sup设置k3s集群并在不到60秒的时间内将其作为Amazon EC2实例上运行的节点加入VM是如此容易。赶紧上手尝试吧!
推荐阅读
实操教程丨如何将一个k3s集群集成到Gitlab项目中
Step by Step!Rancher 2.2+K3s集成部署实践教程
Kubernetes身份认证和授权操作全攻略:上手操作Kubernetes授权
About Rancher Labs
Rancher Labs由CloudStack之父梁胜创建。旗舰产品Rancher是一个开源的企业级Kubernetes管理平台,实现了Kubernetes集群在混合云+本地数据中心的集中部署与管理。Rancher一向因操作体验的直观、极简备受用户青睐,被Forrester评为2018年全球容器管理平台领导厂商,被Gartner评为2018年全球最酷的云基础设施供应商。
目前Rancher在全球拥有超过一亿的下载量,并拥有包括中国人寿、华为、中国平安、兴业银行、民生银行、平安证券、海航科技、厦门航空、上汽集团、海尔、米其林、丰田、本田、中船重工、中联重科、迪斯尼、IBM、Cisco、Nvidia、辉瑞制药、西门子、CCTV、中国联通等全球著名企业在内的共25000家企业客户。