基于rancher安装部署k8s

基础配置

systemctl stop firewalld && systemctl disable firewalld
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/configvi /etc/hosts
ip1 node1
ip2 node2
ip3 node3#免密登录
ssh-keygenssh-copy-id -i ~/.ssh/id_rsa.pub 普通用户@ip1
ssh-copy-id -i ~/.ssh/id_rsa.pub 普通用户@ip2
ssh-copy-id -i ~/.ssh/id_rsa.pub 普通用户@ip3
#验证
ssh 普通用户@ip1

rancher

kubectl

yum install -y epel-release
yum -y install snapdsnap install kubectl --classic
kubectl help

rke

二进制安装文件，创建k8s集群

wget https://github.com/rancher/rke/releases/download/v1.3.20/rke_linux-amd64
cp rke_linux-amd64 /usr/local/bin/rke
chmod +x /usr/local/bin/rkerke --version

helm

k8s的包管理器，charts与helm的关系类似于rpm与yum。

wget https://get.helm.sh/helm-v3.12.0-linux-amd64.tar.gz
tar zxvf helm-v3.12.0-linux-amd64.tar.gz
cp linux-amd64/helm /usr/local/bin/helmhelm help

docker-ce

yum list docker-ce --showduplicates
yum install -y docker-ce-18.06.3.ce-3.el7

部署k8s

#vi rancher-cluster.yml
nodes:- address: ip1user: 普通用户role: [controlplane,worker,etcd] #节点角色- address: ip2user: 普通用户role: [controlplane,worker,etcd]- address: ip3user: 普通用户role: [controlplane,worker,etcd]services:etcd:snapshot: truecreation: 6hretention: 12

rke up --config ./rancher-cluster.yml
#返回下面的消息则说明执行成功：Finished building Kubernetes cluster successfully.
#kubectl get pods --all-namespaces，pod为running

保存以下文件：
rancher-cluster.yml：rke孵化k8s集群的配置文件
kube_config_rancher-cluster.yml：k8s被访问的kubeconfig文件，此文件包含完全访问群集的凭据
rancher-cluster.rkestate：k8s群集的状态文件，此文件包含完全访问群集的凭据

mkdir .kube
cp kube_config_rancher-cluster.yml .kube/
export KUBECONFIG=$(pwd)/kube_config_rancher-cluster.yml
#查看
kubectl get nodes

部署rancher

#加仓库
helm repo add rancher-stable https://releases.rancher.com/server-charts/stablekubectl create namespace cattle-system#安装CustomResourceDefinition资源
kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.12/deploy/manifests/00-crds.yamlkubectl create namespace cert-manager
#添加Jetstack仓库，更新缓存
helm repo add jetstack https://charts.jetstack.io
helm repo update#通过helm chart安装cert-manager
helm install cert-manager jetstack/cert-manager --namespace cert-manager --version v0.12.0#验证
kubectl get pods --namespace cert-manager