k3s是一个轻量级 Kubernetes,可提供快速提供容器服务,具有硬件要求低,安装文件少(二进制安装少于100MB),易安装,和易管理等特点,广泛应用于边缘云计算,IOT物联网云计算等轻量应用场景。
1、K3s应用场景
- Edge:边缘计算,满足边缘应用计算,存储需求。
- IoT:轻量级接入,并提供边缘计算能力,与云端联动,轻松构建物联网平台。
- Development:快速提供容器化开发环境,减少企业资源成本。
- ARM:支持ARM架构,满足国产信创硬件架构,可提供稳定容器服务。
- 拥抱K8s:与kubernetes紧密融合,轻松实现k8s功能,完全兼容,不用考虑应用的迁移改造。
2、K3s快速部署
1)支持芯片架构:aarch64/arm64
systems, the OS must use a 4k page size
- x86_64
- arm
- arm64/aarch64
- s390x
2)操作系统需求
(Red Hat/CentOS) Enterprise Linux:
systemctl disable firewalld --now
firewall-cmd --permanent --add-port=6443/tcp #apiserver
firewall-cmd --permanent --zone=trusted --add-source=10.42.0.0/16 #pods
firewall-cmd --permanent --zone=trusted --add-source=10.43.0.0/16 #services
firewall-cmd --reload
Ubuntu:
ufw disable
ufw allow 6443/tcp #apiserver
ufw allow from 10.42.0.0/16 to any #pods
ufw allow from 10.43.0.0/16 to any #services
Ubuntu 21.10, vxlan support:
sudo apt install linux-modules-extra-raspi
Raspberry Pi OS(Debian based):
在/boot/cmdline.txt 启用cgroups
: cgroup_memory=1 cgroup_enable=memory
console=serial0,115200 console=tty1 root=PARTUUID=58b06195-02 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait cgroup_memory=1 cgroup_enable=memory
3)硬件需求
Spec | Minimum | Recommended |
---|---|---|
CPU | 1 core | 2 cores |
RAM | 512 MB | 1 GB |
4)快速部署k3s
curl -sfL https://get.k3s.io | sh -
kubeconfig 文件位于: /etc/rancher/k3s/k3s.yaml
默认会安装:kubectl
5)多节点集群节点增加
调整成您第一个节点的IP和K3S_TOKEN:myserver:6443
K3S_TOKEN的信息位于:/var/lib/rancher/k3s/server/node-token
K3S_TOKEN=mynodetoken
在新节点执行下面命令:
curl -sfL https://get.k3s.io | K3S_URL=https://myserver:6443 K3S_TOKEN=mynodetoken sh -
6)检查您的集群节点:
k3s kubectl get node
NAME STATUS ROLES AGE VERSION
demo Ready control-plane,master 15d v1.26.4+k3s1
[root@demo ~]# k3s kubectl get ns
NAME STATUS AGE
default Active 15d
kube-system Active 15d
kube-public Active 15d
kube-node-lease Active 15d
[root@demo ~]# k3s kubectl get svc -A
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kuberneter ClusterIP 10.43.0.1 <none> 443/TCP 15d
kube-system kube-dns ClusterIP 10.43.0.10 <none> 53/UDP,53/TCP,9153/TCP 15d
kube-system metrics-server ClusterIP 10.43.90.100 <none> 443/TCP 15d
kube-system traefik LoadBalancer 10.43.111.236 10.0.0.254 80:30058/TCP,443:30470/TCP 15d
可见k3s集群已经准备好了,并且使用 traefik构建 LoadBalancer,可对外提供服务。
3、Kubernetes Dashboard部署
k3s kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/${VERSION_KUBE_DASHBOARD}/aio/deploy/recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
k3s kubectl create -f dashboard.admin-user.yml -f dashboard.admin-user-role.yml
serviceaccount/admin-user created
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
4)Obtain the Bearer Token
v1.24 and newer:
k3s kubectl -n kubernetes-dashboard create token admin-user
v1.23 and older:
sudo k3s kubectl -n kubernetes-dashboard describe secret admin-user-token | grep '^token'
Local Access to the Dashboard:
k3s kubectl proxy
Starting to serve on 127.0.0.1:8001
Dashboard访问链接:http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
输入以上面获取到的 Bearer Token,点击登录。
恭喜您,您已经成功部署Kubernetes Dashboard,可以通过UI方式管理您k3s集群!