部署k3s和Helm-Rancher
提供者:MappleZF
版本:1.0.0
一、部署k3s server节点
1.1 下载安装包
//https://github.com/rancher/k3s/releases
1.2 部署程序
[root@k3s:/root]# cp k3s /usr/local/bin/ && chmod +x /usr/local/bin/k3s
[root@k3s:/root]# mkdir -p /var/lib/rancher/k3s/agent/images/
[root@k3s:/root]# cp k3s-airgap-images-amd64.tar /var/lib/rancher/k3s/agent/images/
1.3 系统设置
1.3.1 关闭防火墙
[root@k3s:/root]# systemctl stop firewalld && systemctl disable firewalld
1.3.2 内核优化
cat >> /etc/sysctl.d/k3s.conf << EOF
net.ipv4.tcp_fin_timeout = 2
net.ipv4.ip_forward = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.ip_local_port_range = 4000 65000
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.route.gc_timeout = 100
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.core.somaxconn = 16384
net.core.netdev_max_backlog = 16384
net.ipv4.tcp_max_orphans = 16384
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p /etc/sysctl.d/k8s.conf
sysctl --system
1.4 初始化k3s server
[root@k3s:/usr/local/bin]# k3s server --docker --bind-address=192.168.7.157 --cluster-cidr=10.128.0.0/16 --service-cidr=10.129.0.0/16 --kube-apiserver-arg service-node-port-range=1000-65000 --write-kubeconfig=/root/.kube/config --write-kubeconfig-mode=644 --node-label asrole=worker
[root@k3s:/root]# k3s kubectl get nodes
NAME STATUS ROLES AGE VERSION
k3s Ready master 4m16s v1.18.6+k3s1
[root@k3s:/root]# k3s kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system metrics-server-7566d596c8-7xc9c 1/1 Running 0 3m32s
kube-system helm-install-traefik-4whfn 0/1 Completed 0 3m32s
kube-system local-path-provisioner-6d59f47c7-rb9wn 1/1 Running 0 3m32s
kube-system coredns-8655855d6-m2qwk 1/1 Running 0 3m32s
kube-system traefik-758cd5fc85-lc9lp 1/1 Running 0 2m39s
kube-system svclb-traefik-hslbg 2/2 Running 0 2m39s
参数说明:
● –docker: k3s server组件以containerd作为容器运行时。可以顺便在k3s server节点上启动一个agent节点,agent节点可以使用docker作为容器运行时,这样k3s server节点也可以当做工作节点用。当然也可以不在server节点上启动agent节点(添加参数–disable-agent即可)。
● –bind-address:k3s监听的IP地址,非必选,默认是localhost。
● –cluster-cidr:与kubernetes一样,也就是pod所在网络平面,非必选,默认是10.42.0.0/16.
● –service-cidr:与kubernetes一样,服务所在的网络平面,非必选,默认是10.43.0.0/16● –kube-apiserver-arg:额外的api server配置参数,具体可以参考kuberntes官方网站了解支持的配置选项,非必选。
● –write-kubeconfig:安装时顺便写一个kubeconfig文件,方便使用kubectl工具直接访问。如果不加此参数,则默认的配置文件路径为/etc/rancher/k3s/k3s.yaml,默认只有root用户能读。
● –write-kubeconfig-mode:与–write-kubeconfig一起使用,指定kubeconfig文件的权限。
● –node-label:顺便给节点打上一个asrole=worker的label,非必选
1.5 配置k3s系统服务