环境信息
| 操作系统 | 主机名 | IP地址 | 节点 | 配置 |
|---|---|---|---|---|
| centos7.7minimal | master-1 | 192.168.121.11 | master、etcd | 2C4G |
| centos7.7minimal | master-2 | 192.168.121.12 | master、etcd | 2C4G |
| centos7.7minimal | master-3 | 192.168.121.13 | master、etcd | 2C4G |
| centos7.7minimal | node-1 | 192.168.121.14 | node | 2C4G |
| centos7.7minimal | node-2 | 192.168.121.15 | node | 2C4G |
docker版本:18.09.5
rke版本:v1.1.11
kubernetes版本: v1.18.10
确保ETCD角色数量为奇数
一、安装docker
192.168.121.11已经部署过rke的allinone k8s集群,环境信息表中除了192.168.121.11其余节点都安装docker 18.09.5
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache
yum -y install docker-ce-18.09.5-3.el7
systemctl start docker
systemctl enable docker
adduser docker -g docker
echo -e "rke@docker\nrke@docker" | passwd docker
#优化docker配置
touch /etc/docker/daemon.json
cat /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"max-concurrent-downloads": 15,
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"registry-mirrors": ["https://t3xbrfwz.mirror.aliyuncs.com"],
"insecure-registries":[
"192.168.121.33"
]
}
systemctl daemon-reload
systemctl restart docker
二、rke节点和新添加的节点做互信
ssh-copy-id -i ~/.ssh/rke_id_rsa.pub docker@192.168.121.12、13、14、15
三、修改cluster.yml根据规划添加节点指定角色
1、修改cluster.yml
# An example of an HA Kubernetes cluster
nodes:
- address: 192.168.121.11
port: "22"
internal_address: 192.168.121.11
role:
- controlplane
- etcd
hostname_override: "master-1"
user: docker
ssh_key_path: "~/.ssh/rke_id_rsa"
- address: 192.168.121.12
port: "22"
internal_address: 192.168.121.12
role:
- controlplane
- etcd
hostname_override: "master-2"
user: docker
ssh_key_path: "~/.ssh/rke_id_rsa"
- address: 192.168.121.13
port: "22"
internal_address: 192.168.121.13
role:
- controlplane
- etcd
hostname_override: "master-3"
user: docker
ssh_key_path: "~/.ssh/rke_id_rsa"
- address: 192.168.121.14
port: "22"
internal_address: 192.168.121.14
role:
- worker
hostname_override: "node-1"
user: docker
ssh_key_path: "~/.ssh/rke_id_rsa"
- address: 192.168.121.15
port: "22"
internal_address: 192.168.121.15
role:
- worker
hostname_override: "node-2"
user: docker
ssh_key_path: "~/.ssh/rke_id_rsa"
services:
etcd:
snapshot: true
creation: 5m0s
retention: 24h
extra_args:
quota-backend-bytes: '4294967296'
max-request-bytes: '33554432'
kube-api:
service_cluster_ip_range: 10.43.0.0/16
service_node_port_range: 30000-32767
pod_security_policy: false
always_pull_images: false
kube-controller:
cluster_cidr: 10.42.0.0/16
service_cluster_ip_range: 10.43.0.0/16
extra_args:
node-cidr-mask-size: '24'
pod-eviction-timeout: '1m'
kubelet:
cluster_domain: cluster.local
cluster_dns_server: 10.43.0.10
fail_swap_on: false
extra_args:
pod-manifest-path: "/etc/kubernetes/manifest/"
root-dir: "/var/lib/kubelet"
docker-root: "/var/lib/docker"
max-pods: 250
kube-api-burst: '100'
kube-api-qps: '100'
max-open-files: '2000000'
enforce-node-allocatable: 'pods'
system-reserved: 'cpu=0.5,memory=500Mi'
kube-reserved: 'cpu=0.5,memory=1000Mi'
eviction-hard: 'memory.available<500Mi,nodefs.available<10%,imagefs.available<15%,nodefs.inodesFree<5%'
network:
plugin: calico
authentication:
strategy: x509
ssh_key_path: "~/.ssh/rke_id_rsa"
ssh_agent_auth: false
authorization:
mode: rbac
ignore_docker_version: false
kubernetes_version: "v1.18.10-rancher1-2"
private_registries:
- url: 192.168.121.33
user: ""
password: ""
is_default: true
cluster_name: "kubernetes"
restore:
restore: false
snapshot_name: ""
2、应用修改后的配置
cd /root/rke-init/
rke up
共有条评论 网友评论