文章目录
参考文档
## 官方文档
# docker 部署rancher文档
https://ranchermanager.docs.rancher.com/zh/v2.9/getting-started/installation-and-upgrade/other-installation-methods/rancher-on-a-single-node-with-docker
# rancher 国内镜像站
https://mirror.rancher.cn/
## 社会文档
# rancher 兼容性列表
https://www.suse.com/suse-rancher/support-matrix
# 社会部署文档
https://www.cnblogs.com/you-fish/p/18324746
https://www.imxcai.com/k8s/deploy_k3s-rke2-rancher_in_mainland_china.html前置准备
## 主机名修改
hostnamectl set-hostname k8s-rancher
## 关闭selinux、关闭firewalld、关闭swap
systemctl stop firewalld ; systemctl disable firewalld
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
swapoff -a # 临时关闭
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
## 避免EL9 运行rancher 容器报错,需执行如下指令(其他的发行版不需要)
# rockylinux9 docker run 启动rancher会无限重启的解决办法 https://github.com/rancher/rancher/issues/44279
dnf install iptables -y
modprobe iptable_filter
modprobe iptable_nat
modprobe iptable_mangle
# 或者直接一步到位,重启后也生效
cat >/etc/modules-load.d/rancher.conf <<EOF
br_netfilter
iptable_filter
iptable_nat
iptable_mangle
EOF
## 优化内核参数(内核转发,必须做的)
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
# sysctl -p /etc/sysctl.d/k8s.conf
rebootdocker compose 部署rancher(无高可用,生产环境不推荐)
## 部署docker、并配置docker 镜像加速---略
## docker compse 方式部署rancher
mkdir -p /opt/devops/rancher/
# 准备dockerhub的自建加速站
cat > /opt/devops/rancher/registries.yaml <<EOF
mirrors:
"docker.io":
endpoint:
- "https://43.156.32.68"
configs:
"43.156.32.68":
tls:
insecure_skip_verify: true
EOF
# 或者这样(实测这样也行)
cat > /opt/devops/rancher/registries.yaml <<EOF
mirrors:
"docker.io":
endpoint:
- "https://docker.m.daocloud.io"
- "https://mirror.ccs.tencentyun.com"
"ghcr.io":
endpoint:
- "https://ghcr.m.daocloud.io"
EOF
# 准备docker compose 文件,优化时区,并把数据存储到本地,挂在自己的加速站(对于国内,非常重要)
cat > /opt/devops/rancher/docker-compose.yml <<EOF
services:
rancher:
image: rancher/rancher:stable
# 注意若是你使用国内阿里云镜像仓库是没有stable这个tag的,需要指定具体版本号
# image: registry.cn-hangzhou.aliyuncs.com/rancher/rancher:v2.12.3
container_name: rancher
privileged: true
environment:
- TZ=Asia/Shanghai
ports:
- "80:80"
- "443:443"
volumes:
#- /opt/devops/rancher/data:/var/lib/rancher
# 下面保留数据、指定rancher自身k3s拉取镜像的仓库
- ./data:/var/lib/rancher
- ./registries.yaml:/etc/rancher/k3s/registries.yaml:ro
restart: always
EOF
## 启动
docker compose pull
docker compose up -d
# 或者初始密码
docker logs rancher 2>&1 | grep "Bootstrap Password:"
# 浏览器访问 rancher 的ip地址,web配置、管理、创建集群.
http://192.168.31.84
# 开两个tty,一个看日志,一个进入rancher容器看pod启动正常不,
docker logs -f rancher
## rancher:v2.12.2 正常的大致长这样,有18个pod
bash-4.4# kubectl get pods -A | wc -l
19
bash-4.4# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
cattle-fleet-local-system fleet-agent-666ddcddf8-vjl8v 1/1 Running 0 83s
cattle-fleet-system fleet-controller-d7499f6c-drwpw 3/3 Running 0 10m
cattle-fleet-system gitjob-5d587c898d-mfwgp 1/1 Running 0 10m
cattle-fleet-system helmops-66c4f59f65-wjtbt 1/1 Running 0 10m
cattle-provisioning-capi-system capi-controller-manager-bc54b5446-jxhf7 1/1 Running 0 8m29s
cattle-system api-extension-944888f69-f2c9w 1/1 Running 0 9m29s
cattle-system helm-operation-22zpf 0/2 Completed 0 9m40s
cattle-system helm-operation-8bxtn 0/2 Completed 0 9m46s
cattle-system helm-operation-bwtjg 0/2 Completed 0 9m31s
cattle-system helm-operation-fvr7g 0/2 Completed 0 9m18s
cattle-system helm-operation-nh9mw 0/2 Completed 0 8m31s
cattle-system helm-operation-pwjf9 0/2 Completed 0 89s
cattle-system helm-operation-q6l2r 0/2 Completed 0 8m47s
cattle-system helm-operation-sw7wm 0/2 Completed 0 10m
cattle-system helm-operation-sxdbf 0/2 Completed 0 8m42s
cattle-system rancher-webhook-6544769b7d-44rwh 1/1 Running 0 9m16s
cattle-system system-upgrade-controller-5c6c7f8b57-ljc87 1/1 Running 0 8m40s
kube-system coredns-697968c856-7mfq6 1/1 Running 0 10m声明:本文为原创,作者为 辣条①号,转载时请保留本声明及附带文章链接:https://boke.wsfnk.com/archives/1589.html
赏
谢谢你请我吃辣条
谢谢你请我吃辣条
如果文章对你有帮助,欢迎点击上方按钮打赏作者
暂无评论