k8s搭建和helm安装-centos傻瓜版
k8s资源文件 链接:链接:pan.xunlei.com/s/VNcRqiJIe…
docker安装
# 安装yum工具
yum install -y yum-utils \ device-mapper-persistent-data \ lvm2 --skip-broken
# 更新本地镜像源
yum-config-manager \
--add-repo \
https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's/download.docker.com/mirrors.aliyun.com\/docker-ce/g' /etc/yum.repos.d/docker-ce.repo
yum makecache fast
# 安装docker
yum install -y docker-ce
# 启动docker服务
systemctl start docker
# 配置docker.daemon.json(非必须)
{
"registry-mirrors": ["https://82m9ar63.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
# 重启 docker 配置和服务
sudo systemctl daemon-reload
sudo systemctl restart docker
# docker验证
docker info
k8s安装准备
# 关闭swap(注释掉swap那行)
swapoff -a
sed -i 's/.*swap.*/#&/' /etc/fstab
# 关闭selinux:
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 临时
sudo su
# 关闭防火墙
service firewalld stop
# 设置主机名(hostname与添加到hosts中的name要保持一致)
hostnamectl set-hostname <hostname>
# 在master添加hosts:
cat >> /etc/hosts << EOF
192.168.252.14 k8s-master
192.168.252.15 k8s-gpu
192.168.252.16 k8s-nfs
EOF
# 将桥接的IPv4流量传递到iptables的链:
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system # 生效
# 时间同步:
apt install ntpdate -y
ntpdate time.windows.com
# 解压k8s资源文件
unzip 1.19.zip
# 安装k8s组件
cd /1.19/kubelet
rpm -ivh *.rpm
cd /1.19/kubectl
rpm -ivh *.rpm
cd /1.19/kubeadm
rpm -ivh *.rpm
# load镜像
cd /1.19/images
docker load -i <imagename>.tar
安装
# 初始化集群
kubeadm init --apiserver-advertise-address=<nodeip> --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.19.4 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=all
# 部署kubectl接口
sudo su
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
# 重启服务
systemctl restart kubelet.service
# 安装flannel
kubectl apply -f kube-flannel.yml
# 将node节点加入集群
kubeadm join 192.168.252.13:6443 --token 5qnov6.ssasvesqkvm3oefy \
--discovery-token-ca-cert-hash sha256:88f1256a12d54cef063d193f8a8b6063abecb13b50fff1140ec353e4f6e73526 --v=6
# 添加配置
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
# 注释-port=0
vim /etc/kubernetes/manifests/kube-controller-manager.yaml
vim /etc/kubernetes/manifests/kube-scheduler.yaml
# 安装flannel
kubectl apply -f kube-flannel.yml
安装helm
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
# 网络环境不理想或无网络环境下二进制安装
# 下载对应安装包
https://github.com/helm/helm/releases
# 解压安装包复制到对应位置
tar -zxvf helm-v3.0.0-linux-amd64.tar.gz
mv linux-amd64/helm /usr/local/bin/helm
搭建nfs
# 服务端安装nfs客户端
yum install -y nfs-utils
# 编辑挂载配置
vim /etc/exports
/home/k8s-nfs/data/sxkj/nfs *(rw,sync,fsid=0)
# 启动nfs服务
systemctl start rpcbind.service
systemctl start nfs-server.service
# 使用配置生效
exportfs -r
# 在另一个节点上验证
mkdir -p /data/sxkj/nfs
mount -t nfs 192.168.252.16:/home/k8s-nfs/data/sxkj/nfs /root/data/sxkj/nfs
# 查看挂载情况
df -h | grep /data/sxkj/nfs
# 将external拉到本地
helm pull nfs-subdir-external-provisioner/nfs-subdir-external-provisioner
# 修改values.yaml中的server和path
nfs:
server: 192.168.252.16
path: /home/k8s-nfs/data/sxkj/nfs
# 部署 NFS-Subdir-External-Provisionerh
helm install nfs nfs-subdir-external-provisioner -f ./nfs-subdir-external-provisioner/values.yaml -n meta-demo
# 创建测试 PVC
kubectl apply -f test-pvc.yaml
# 产看pvc状态bound状态为成功
kubectl get pcv
ingress
# ingres相关文件链接
链接:https://pan.xunlei.com/s/VNcRtXXvFceb2xrnYbNeh3XOA1?pwd=58ty#
# 执行deploy
kubectl apply -f deploy.yaml
# 并检查服务
kubectl get po -n ingress-nginx -o wide
# 给 ingress-nginx 配置 HTTPS 访问
openssl req -x509 -nodes -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=nginx/O=nginx"
# 创建secret
kubectl create secret tls tls-secret --key tls.key --cert tls.crt -n ingress-nginx
kubectl apply -f whoami.yaml
# 配置hosts
vim /etc/hosts
whoami <nodeip>
# 打开浏览器测试
