环境信息
| 操作系统 | 主机名 | IP地址 | 节点 | 配置 |
|---|---|---|---|---|
| centos7.7minimal | master1 | 192.168.121.11 | master、node | 2C4G |
docker版本:18.09.5
rke版本:v1.1.11
kubernetes版本: v1.18.10
资源下载地址:kubectl、rke(需要的同学可以通过百度网盘下载)
下载kubectl v1.18.10
wget https://storage.googleapis.com/kubernetes-release/release/v1.18.10/bin/linux/amd64/kubectl
链接:https://pan.baidu.com/s/1VS8jhZUaGPFrbmdL2-Bevw
提取码:6qnc
下载rke v1.1.11
RKE下载地址:https://github.com/rancher/rke/releases/tag/v1.1.11
链接:https://pan.baidu.com/s/1BbFAkg8-OdW3eA8lAN-zUg
提取码:ee6t
一、安装docker
#安装docker依赖和yum源
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache
#查看仓库所有docker版本选指定版本安装
yum list docker-ce --showduplicates | sort -r
yum -y install docker-ce-18.09.5-3.el7
systemctl start docker
systemctl enable docker
#根据实际环境修改用户名和密码(rke部署需要)
adduser docker -g docker
echo -e "rke@docker\nrke@docker" | passwd docker
#优化docker配置
touch /etc/docker/daemon.json
cat /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"max-concurrent-downloads": 15,
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"registry-mirrors": ["https://t3xbrfwz.mirror.aliyuncs.com"],
"insecure-registries":[
"192.168.121.33"
]
}
systemctl daemon-reload
systemctl restart docker
二、下载RKE部署Kubernetes
#下载好的包放到/usr/bin下并赋予可执行权限
mv rke_linux-amd64 /usr/bin/rke
chmod a+x /usr/bin/rke
mv kubectl /usr/bin/kubectl
chmod a+x /usr/bin/kubectl
#查看rke支持的k8s版本
rke config --system-images --all |grep hyperkube
rancher/hyperkube:v1.17.13-rancher1
rancher/hyperkube:v1.15.12-rancher2
rancher/hyperkube:v1.16.15-rancher1
rancher/hyperkube:v1.18.10-rancher1
2、配置当中用户和节点docker用户互信
ssh-keygen -t rsa -P "" -f ~/.ssh/rke_id_rsa
ssh-copy-id -i /root/.ssh/rke_id_rsa.pub docker@192.168.121.11
3、创建rke的cluster.yml文件
mkdir /root/rke-init
cd /root/rke-init
通过rke config创建或者使用下面的配置
#rke config --empty --name cluster.yml
touch /root/rke-init/cluster.yml
cat /root/rke-init/cluster.yml
# An example of an Allinone Kubernetes cluster
nodes:
- address: 192.168.121.11
port: "22"
internal_address: 192.168.121.11
role:
- controlplane
- etcd
- worker
hostname_override: "allinone"
user: docker
ssh_key_path: "~/.ssh/rke_id_rsa"
services:
etcd:
snapshot: true
creation: 5m0s
retention: 24h
extra_args:
quota-backend-bytes: '4294967296'
max-request-bytes: '33554432'
kube-api:
service_cluster_ip_range: 10.43.0.0/16
service_node_port_range: 30000-32767
pod_security_policy: false
always_pull_images: false
kube-controller:
cluster_cidr: 10.42.0.0/16
service_cluster_ip_range: 10.43.0.0/16
extra_args:
node-cidr-mask-size: '24'
pod-eviction-timeout: '1m'
kubelet:
cluster_domain: cluster.local
cluster_dns_server: 10.43.0.10
fail_swap_on: false
extra_args:
pod-manifest-path: "/etc/kubernetes/manifest/"
root-dir: "/var/lib/kubelet"
docker-root: "/var/lib/docker"
max-pods: 250
kube-api-burst: '100'
kube-api-qps: '100'
max-open-files: '2000000'
enforce-node-allocatable: 'pods'
system-reserved: 'cpu=0.5,memory=500Mi'
kube-reserved: 'cpu=0.5,memory=1000Mi'
eviction-hard: 'memory.available<500Mi,nodefs.available<10%,imagefs.available<15%,nodefs.inodesFree<5%'
network:
plugin: calico
authentication:
strategy: x509
ssh_key_path: "~/.ssh/rke_id_rsa"
ssh_agent_auth: false
authorization:
mode: rbac
ignore_docker_version: false
kubernetes_version: "v1.18.10-rancher1-2"
private_registries:
- url: 192.168.121.33
user: ""
password: ""
is_default: false
cluster_name: "kubernetes"
restore:
restore: false
snapshot_name: ""
4、部署k8s
cd /root/rke-init/
rke up
mkdir ~/.kube/
cat kube_config_cluster.yml >~/.kube/config
kubectl version
kubectl get cs
kubectl get node
5、配置kubectl补全
检查bash-completion是否安装,没安装需要yum安装一下
rpm -qa|grep bash-completion
yum -y install bash-completion
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc
三、卸载k8s集群
卸载rke集群
cd /root/rke-init/
rke remove --force
执行清理脚本
docker rm -f $(sudo docker ps -aq);
docker volume rm $(sudo docker volume ls -q);
rm -rf /etc/ceph \
/etc/cni \
/etc/kubernetes \
/opt/cni \
/opt/rke \
/run/secrets/kubernetes.io \
/run/calico \
/run/flannel \
/var/lib/calico \
/var/lib/etcd \
/var/lib/cni \
/var/lib/kubelet \
/var/lib/rancher/rke/log \
/var/log/containers \
/var/log/pods \
/var/run/calico
for mount in $(mount | grep tmpfs | grep '/var/lib/kubelet' | awk '{ print $3 }') /var/lib/kubelet /var/lib/rancher; do umount $mount; done
rm -f /var/lib/containerd/io.containerd.metadata.v1.bolt/meta.db
sudo systemctl restart containerd
sudo systemctl restart docker
IPTABLES="/sbin/iptables"
cat /proc/net/ip_tables_names | while read table; do
$IPTABLES -t $table -L -n | while read c chain rest; do
if test "X$c" = "XChain" ; then
$IPTABLES -t $table -F $chain
fi
done
$IPTABLES -t $table -X
done
四、镜像全量导出和推入harbor仓库
全量导出:
docker images|tail -n +2|awk '{print $1":"$2}'|xargs docker save -o rke-k8sv1.18.10.tar
全量push到harbor仓库
docker login 192.168.121.33 --username=admin --password=Harbor12345
docker images|tail -n +2|awk '{print "docker tag " $1":"$2 " 192.168.121.33/"$1":"$2}'|bash
docker images|grep 192.168.121.33|awk '{print "docker push "$1":"$2}'|bash
共有条评论 网友评论