项目地址
https://github.com/easzlab/kubeasz
部署构架说明
本次所有主机均采用 ubuntu22.04 系统,主机角色以下
IP | 主机名 | 角色 |
10.0.0.201 | master1.wang.org | K8s 集群主节点 1,K8s 集群etcd节点 1,建议内存2G以 上,部署服务器 |
10.0.0.202 | master2.wang.org | K8s 集群主节点 2,K8s 集群etcd节点 2,建议内存2G以上 |
10.0.0.203 | master3.wang.org | K8s 集群主节点 3,K8s 集群etcd节点 3,建议内存2G以上 |
10.0.0.204 | node1.wang.org | K8s 集群工作节点 1 |
10.0.0.205 | node2.wang.org | K8s 集群工作节点 2 |
10.0.0.206 | node3.wang.org | K8s 集群工作节点 3 |
实现从部署主机到其它主机的基于ssh-key验证
[root@ubuntu2204 ~]#hostname -I 10.0.0.201 [root@ubuntu2204 ~]#ssh-keygen [root@ubuntu2204 ~]#ssh-copy-id 10.0.0.101 [root@ubuntu2204 ~]#ssh-copy-id 10.0.0.102 [root@ubuntu2204 ~]#ssh-copy-id 10.0.0.103 [root@ubuntu2204 ~]#ssh-copy-id 10.0.0.104 [root@ubuntu2204 ~]#ssh-copy-id 10.0.0.105 [root@ubuntu2204 ~]#ssh-copy-id 10.0.0.106
下载工具脚本ezdown
https://github.com/easzlab/kubeasz/releases/tag/3.6.4
#下载工具脚本ezdown
[root@ubuntu2204 ~]#export release=3.6.4
[root@ubuntu2204 ~]#wget https://mirror.ghproxy.com/https://github.com/easzlab/kubeasz/releases/download/${release}/ezdown
#添加权限
[root@ubuntu2204 ~]#chmod +x ./ezdown
下载kubeasz代码、二进制、默认容器镜像
#下载kubeasz代码、二进制、默认下载容器镜像到/etc/kubeasz目录并同时安装Docker,(更多关于
ezdown的参数,运行./ezdown 查看)
[root@ubuntu2204 ~]#./ezdown -D
#上面脚本执行,第一次失败,因为官方镜像从国内无法访问,需要修改docker配置
[root@ubuntu2204 ~]#vim /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": [
"https://docker.m.daocloud.io", #修改两行
"https://docker.1panel.live" #修改两行
],
"insecure-registries": ["http://easzlab.io.local:5000"],
"max-concurrent-downloads": 10,
"log-driver": "json-file",
"log-level": "warn",
"log-opts": {
"max-size": "10m",
"max-file": "3"
},
"data-root": "/var/lib/docker"
}
[root@ubuntu2204 ~]#systemctl restart docker.service
#再次执行上面脚本
[root@ubuntu2204 ~]#./ezdown -D
#查看下载的文件
[root@ubuntu2204 ~]#du -sh /etc/kubeasz/
2.5G /etc/kubeasz/
[root@ubuntu2204 ~]#ls /etc/kubeasz/
ansible.cfg bin docs down example ezctl ezdown manifests pics playbooks
README.md roles tools
#查看下载启动的镜像和容器
[root@ubuntu2204 ~]#docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS
PORTS NAMES
9c0e0421aebb registry:2 "/entrypoint.sh /etc…" 4 minutes ago Up 4
minutes local_registry
准备集群所需的配置环境信息
#容器化运行kubeasz,用于安装k8s集群工具
[root@ubuntu2204 ~]#./ezdown -S
[root@ubuntu2204 ~]#docker ps
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
d6630358ee76 easzlab/kubeasz:3.6.3 "tail -f /dev/null" 15 seconds ago
Up 15 seconds kubeasz
9c0e0421aebb registry:2 "/entrypoint.sh /etc…" 7 minutes ago
Up 7 minutes local_registry
#自动生成别名
[root@ubuntu2204 ~]#tail -n1 .bashrc
alias dk='docker exec -it kubeasz' # generated by kubeasz
[root@ubuntu2204 ~]#. .bashrc
#创建集群的初始的配置信息,指定集群名称k8s-mycluster-01
[root@ubuntu2204 ~]#dk ezctl new k8s-mycluster-01
[root@ubuntu2204 ~]#docker exec -it kubeasz ezctl new k8s-mycluster-01
2024-04-11 09:50:35 DEBUG generate custom cluster files in
/etc/kubeasz/clusters/k8s-mycluster-01
2024-04-11 09:50:35 DEBUG set versions
2024-04-11 09:50:35 DEBUG cluster k8s-mycluster-01: files successfully created.
2024-04-11 09:50:35 INFO next steps 1: to config '/etc/kubeasz/clusters/k8smycluster-01/hosts'
2024-04-11 09:50:35 INFO next steps 2: to config '/etc/kubeasz/clusters/k8smycluster-01/config.yml'
#按规划修改配置
[root@ubuntu2204 ~]#vim /etc/kubeasz/clusters/k8s-mycluster-01/hosts
[etcd]
10.0.0.201
10.0.0.202
10.0.0.203
# master node(s), set unique 'k8s_nodename' for each node
# CAUTION: 'k8s_nodename' must consist of lower case alphanumeric characters, '-'
or '.',
# and must start and end with an alphanumeric character
[kube_master]
10.0.0.201 k8s_nodename='master-01' #修改此处三行
10.0.0.202 k8s_nodename='master-02'
10.0.0.203 k8s_nodename='master-03'
# work node(s), set unique 'k8s_nodename' for each node
# CAUTION: 'k8s_nodename' must consist of lower case alphanumeric characters, '-'
or '.',
# and must start and end with an alphanumeric character
[kube_node]
10.0.0.204 k8s_nodename='worker-01' #修改此处三行
10.0.0.205 k8s_nodename='worker-02'
10.0.0.206 k8s_nodename='worker-03'
.......
# --------- Main Variables ---------------
# Secure port for apiservers
SECURE_PORT="6443"
# Cluster container-runtime supported: docker, containerd
# if k8s version >= 1.24, docker is not supported
CONTAINER_RUNTIME="containerd" #k8s version >= 1.24不支持docker,默认使用
containerd
# Network plugins supported: calico, flannel, kube-router, cilium, kube-ovn
CLUSTER_NETWORK="calico" #默认使用calico
# Service proxy mode of kube-proxy: 'iptables' or 'ipvs'
PROXY_MODE="ipvs"
# K8S Service CIDR, not overlap with node(host) networking
SERVICE_CIDR="10.96.0.0/12" #根据需要修改Service网络配置,默认为10.68.0.0/16,修改此
处
# Cluster CIDR (Pod CIDR), not overlap with node(host) networking
CLUSTER_CIDR="10.244.0.0/16" #根据需要修改Pod网络配置,默认为172.20.0.0/16 ,修改此处
......
#查看ansible的playbook
[root@ubuntu2204 ~]#ls /etc/kubeasz/playbooks/
01.prepare.yml 05.kube-node.yml 11.harbor.yml 31.deletcd.yml
91.start.yml 95.restore.yml
02.etcd.yml 06.network.yml 21.addetcd.yml 32.delnode.yml
92.stop.yml 96.update-certs.yml
03.runtime.yml 07.cluster-addon.yml 22.addnode.yml 33.delmaster.yml
93.upgrade.yml 99.clean.yml
04.kube-master.yml 10.ex-lb.yml 23.addmaster.yml 90.setup.yml
94.backup.yml
#创建集群 如果集群有多套,需要指定集群
#方法1:一键安装,等价于执行docker exec -it kubeasz ezctl setup k8s-mycluster-01 all
[root@ubuntu2204 ~]#dk ezctl setup k8s-mycluster-01 all
验证集群
[root@master-01 ~]#kubectl get nodes
NAME STATUS ROLES AGE VERSION
master-01 Ready,SchedulingDisabled master 17m v1.30.1
master-02 Ready,SchedulingDisabled master 17m v1.30.1
master-03 Ready,SchedulingDisabled master 17m v1.30.1
worker-01 Ready node 15m v1.30.1
worker-02 Ready node 15m v1.30.1