SundayHK
主机说明
| 主机名 | 硬件 | 操作及内核 | IP |
|---|---|---|---|
| rancher | CPU 4 Memory 4G Disk 100G | Ubuntu 22.04 | 192.168.77.120 |
| rke-control-plane01 | CPU 4 Memory 4G Disk 100G | Ubuntu 22.04 | 192.168.77.121 |
| rke-worker01 | CPU 4 Memory 4G Disk 100G | Ubuntu 22.04 | 192.168.77.122 |
| rke-worker02 | CPU 4 Memory 4G Disk 100G | Ubuntu 22.04 | 192.168.77.123 |
主机配置
主机名
hostnamectl set-hostname rancher
hostnamectl set-hostname rke-k8s-control01
hostnamectl set-hostname rke-k8s-worker01
hostnamectl set-hostname rke-k8s-worker02IP
sunday@rancher:~$ cat /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
ethernets:
ens160:
dhcp4: false
addresses:
- 192.168.77.120/24
nameservers:
addresses:
- 192.168.77.8
routes:
- to: default
via: 192.168.77.2
version: 2生效
netplay apply主机解析
root@rancher:~# cat /etc/hosts
127.0.0.1 localhost
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.77.120 rancher
192.168.77.121 rke-control-plane01
192.168.77.122 rke-worker01
192.168.77.123 rke-worker02时间同步
timedatectl set-timezone Asia/Shanghai
timedatectl set-local-rtc 0rancher做chrony主
apt-get install -y chrony
cp /etc/chrony/chrony.conf{,.bak}
vim /etc/chrony/chrony.conf
...
#pool ntp.ubuntu.com iburst maxsources 4
#pool 0.ubuntu.pool.ntp.org iburst maxsources 1
#pool 1.ubuntu.pool.ntp.org iburst maxsources 1
#pool 2.ubuntu.pool.ntp.org iburst maxsources 2
pool ntp.aliyun.com iburst
...
systemctl restart chrony
chronyc sources -v其他服务器指向rancher ip
vim /etc/chrony/chrony.conf
#pool ntp.ubuntu.com iburst maxsources 4
#pool 0.ubuntu.pool.ntp.org iburst maxsources 1
#pool 1.ubuntu.pool.ntp.org iburst maxsources 1
#pool 2.ubuntu.pool.ntp.org iburst maxsources 2
pool 192.168.77.120 iburst防火墙
ufw statusswapoff -a
sed -i '/swap/s/^\(.*\)$/#\1/g' /etc/fstab Rancher部署
Docker安装
apt install -y apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get updateapt-get install -y docker-ce
systemctl enable docker
systemctl start dockerRancher运行
docker run -d --restart=unless-stopped \
-p 80:80 \
-p 443:443 \
--name rancher \
--privileged \
-v /data/docker_data/rancher:/var/lib/rancher \
rancher/rancher:v2.8.5首次初始化需要等2分钟
root@rancher:~# docker logs rancher 2>&1 | grep "Bootstrap Password"
2024/09/20 05:15:09 [INFO] Bootstrap Password: kwpp5pt9qgknxdtfd7crf9dxwpz58k2hp9zmttz2mmgjhq7tbb3xxd通过Rancher创建Kubernetes集群
注:rancher 2.8 版本 RKE 使用的是containerd, 所以不用安装docker
其他默认 点击创建
添加Control Plane节点
root@rke-control-plane01:~# curl --insecure -fL https://192.168.77.120/system-agent-install.sh | sudo sh -s - --server https://192.168.77.120 --label 'cattle.io/os=linux' --token mc2grw8kft698x6tnj9hv2nbv65fbx2qfcs26vnddkksvrg6w7rchm --ca-checksum e09bb1c09f98178d0d87ebc6c2c7e034625bd180aa23b6053b05045360ed1ee2 --etcd --controlplane --worker
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 32287 0 32287 0 0 355k 0 --:--:-- --:--:-- --:--:-- 358k
[INFO] Label: cattle.io/os=linux
[INFO] Role requested: etcd
[INFO] Role requested: controlplane
[INFO] Role requested: worker
[INFO] Using default agent configuration directory /etc/rancher/agent
[INFO] Using default agent var directory /var/lib/rancher/agent
[INFO] Determined CA is necessary to connect to Rancher
[INFO] Successfully downloaded CA certificate
[INFO] Value from https://192.168.77.120/cacerts is an x509 certificate
[INFO] Successfully tested Rancher connection
[INFO] Downloading rancher-system-agent binary from https://192.168.77.120/assets/rancher-system-agent-amd64
[INFO] Successfully downloaded the rancher-system-agent binary.
[INFO] Downloading rancher-system-agent-uninstall.sh script from https://192.168.77.120/assets/system-agent-uninstall.sh
[INFO] Successfully downloaded the rancher-system-agent-uninstall.sh script.
[INFO] Generating Cattle ID
[INFO] Successfully downloaded Rancher connection information
[INFO] systemd: Creating service file
[INFO] Creating environment file /etc/systemd/system/rancher-system-agent.env
[INFO] Enabling rancher-system-agent.service
Created symlink /etc/systemd/system/multi-user.target.wants/rancher-system-agent.service → /etc/systemd/system/rancher-system-agent.service.
[INFO] Starting/restarting rancher-system-agent.servicesystemctl status rke2-server
初始化及下载 需要些时间,可以同时操作添加worker节点
添加Worker节点
root@rke-worker01:~# curl --insecure -fL https://192.168.77.120/system-agent-install.sh | sudo sh -s - --server https://192.168.77.120 --label 'cattle.io/os=linux' --token mc2grw8kft698x6tnj9hv2nbv65fbx2qfcs26vnddkksvrg6w7rchm --ca-checksum e09bb1c09f98178d0d87ebc6c2c7e034625bd180aa23b6053b05045360ed1ee2 --etcd --worker
root@rke-worker02:~# curl --insecure -fL https://192.168.77.120/system-agent-install.sh | sudo sh -s - --server https://192.168.77.120 --label 'cattle.io/os=linux' --token mc2grw8kft698x6tnj9hv2nbv65fbx2qfcs26vnddkksvrg6w7rchm --ca-checksum e09bb1c09f98178d0d87ebc6c2c7e034625bd180aa23b6053b05045360ed1ee2 --etcd --worker
命令行执行
下载对应版本
curl -LO https://dl.k8s.io/release/v1.28.13/bin/linux/amd64/kubectl -o /usr/local/bin/kubectl
chmod /usr/local/bin/kubectl
root@rke-control-plane01:~# mkdir ~/.kube
root@rke-control-plane01:~# vim ~/.kube/config # 贴入kubeconfig
iroot@rke-control-plane01:~# kubectl get node
NAME STATUS ROLES AGE VERSION
rke-control-plane01 Ready control-plane,etcd,master,worker 22m v1.28.13+rke2r1
rke-worker01 Ready worker 12m v1.28.13+rke2r1
rke-worker02 Ready worker 12m v1.28.13+rke2r1
