文章目录
节点规划(所有节点都是rocky9)
## 主机名修改
hostnamectl set-hostname k8s-master01
hostnamectl set-hostname k8s-worker01
hostnamectl set-hostname k8s-worker02
hostnamectl set-hostname k8s-rancher
## 修改hosts
cat >> /etc/hosts <<EOF
192.168.31.81 k8s-master01.localhost k8s-master01
192.168.31.82 k8s-worker01.localhost k8s-worker01
192.168.31.83 k8s-worker02.localhost k8s-worker02
192.168.31.84 k8s-rancher.localhost k8s-rancher
EOF基础准备
## 关闭selinux、关闭firewalld
systemctl stop firewalld ; systemctl disable firewalld
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
## 关闭swap
swapoff -a # 临时关闭
cat /etc/fstab # 去关掉
## 加载内核相关模块(rancher主机需要 后三个模块,其他k8s节点只需要第一个模块,都加上吧)
# 若是EL9系列主机,不加载 iptable_filter、iptable_nat、iptable_mangle 是无法通过docker 方式运行rancher的,无限重启
# 参考地址 https://github.com/rancher/rancher/issues/44279
cat >/etc/modules-load.d/modules.conf <<EOF
br_netfilter
iptable_filter
iptable_nat
iptable_mangle
EOF
## 优化内核参数
cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
# sysctl -p /etc/sysctl.d/k8s.conf
reboot
# 验证是否生效
lsmod |grep br_netfilterdocker compose 部署rancher(无高可用,生产环境不推荐)
## 部署docker----步骤略
## docker compse 方式部署rancher
mkdir -p /opt/devops/rancher/
# 准备dockerhub的自建加速站
cat > /opt/devops/rancher/registries.yaml <<EOF
mirrors:
"docker.io":
endpoint:
- "https://43.156.32.68"
configs:
"43.156.32.68":
tls:
insecure_skip_verify: true
EOF
# 准备docker compose 文件,优化时区,并把数据存储到本地,挂在自己的加速站(对于国内,非常重要)
# 为何用自己的加速站,实测rancher中国社区推荐的 -e CATTLE_SYSTEM_DEFAULT_REGISTRY: registry.cn-hangzhou.aliyuncs.com 这个方式不成功
cat > /opt/devops/rancher/docker-compose.yml <<EOF
services:
rancher:
image: rancher/rancher:stable
container_name: rancher
privileged: true
environment:
- TZ=Asia/Shanghai
ports:
- "80:80"
- "443:443"
volumes:
#- /opt/devops/rancher/data:/var/lib/rancher
- ./data:/var/lib/rancher
- ./registries.yaml:/etc/rancher/k3s/registries.yaml:ro
restart: always
EOF
## 启动
docker compose pull
docker compose up -d
# 或者初始密码
docker logs rancher 2>&1 | grep "Bootstrap Password:"
# 浏览器访问 rancher 的ip地址,web配置、管理、创建集群.
# 开两个tty,一个看日志,一个进入rancher容器看pod启动正常不,
docker logs -f rancher
## rancher:v2.12.2 正常的大致长这样,有18个pod
bash-4.4# kubectl get pods -A | wc -l
19
bash-4.4# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
cattle-fleet-local-system fleet-agent-666ddcddf8-vjl8v 1/1 Running 0 83s
cattle-fleet-system fleet-controller-d7499f6c-drwpw 3/3 Running 0 10m
cattle-fleet-system gitjob-5d587c898d-mfwgp 1/1 Running 0 10m
cattle-fleet-system helmops-66c4f59f65-wjtbt 1/1 Running 0 10m
cattle-provisioning-capi-system capi-controller-manager-bc54b5446-jxhf7 1/1 Running 0 8m29s
cattle-system api-extension-944888f69-f2c9w 1/1 Running 0 9m29s
cattle-system helm-operation-22zpf 0/2 Completed 0 9m40s
cattle-system helm-operation-8bxtn 0/2 Completed 0 9m46s
cattle-system helm-operation-bwtjg 0/2 Completed 0 9m31s
cattle-system helm-operation-fvr7g 0/2 Completed 0 9m18s
cattle-system helm-operation-nh9mw 0/2 Completed 0 8m31s
cattle-system helm-operation-pwjf9 0/2 Completed 0 89s
cattle-system helm-operation-q6l2r 0/2 Completed 0 8m47s
cattle-system helm-operation-sw7wm 0/2 Completed 0 10m
cattle-system helm-operation-sxdbf 0/2 Completed 0 8m42s
cattle-system rancher-webhook-6544769b7d-44rwh 1/1 Running 0 9m16s
cattle-system system-upgrade-controller-5c6c7f8b57-ljc87 1/1 Running 0 8m40s
kube-system coredns-697968c856-7mfq6 1/1 Running 0 10m
## 给所有k8s节点添加kubectl命令
cat >> /etc/profile <<EOF
export PATH=$PATH:/var/lib/rancher/rke2/bin
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml
EOF
source /etc/profile声明:本文为原创,作者为 辣条①号,转载时请保留本声明及附带文章链接:https://boke.wsfnk.com/archives/1589.html
赏
谢谢你请我吃辣条
谢谢你请我吃辣条
如果文章对你有帮助,欢迎点击上方按钮打赏作者
暂无评论