离线安装k8s/kubernetes v1.17.1并部署服务验证功能
【代码】离线安装k8s/kubernetesv1.17.1。
·
条件:
3台没有网络的centos7.9服务器
1.系统优化
hostnamectl set-hostname k8s-master && bash #只在master节点上执行
hostnamectl set-hostname k8s-node1 && bash #只在node1节点上执行
hostnamectl set-hostname k8s-node2 && bash #只在node2节点上执行
cat >> /etc/hosts << EOF
192.168.243.180 k8s-master
192.168.243.181 k8s-node1
192.168.243.182 k8s-node2
EOF
#关闭防火墙:
systemctl stop firewalld
systemctl disable firewalld
#关闭selinux:
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 临时
#关闭swap:
swapoff -a # 临时
sed -i 's/.*swap.*/#&/' /etc/fstab # 永久
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system # 生效
2. 安装docker
请点击:离线安装可以参考博客
3. 安装k8s
安装包下载:
链接:https://pan.baidu.com/s/1RmWylpXekr4Am2yd_42aDQ?pwd=MAQQ
提取码:MAQQ
–来自百度网盘的分享
3.1 所有服务器执行
cd /root #上传到此目录下
mkdir /root/k8sOfflineSetup
tar -zxvf k8sofflineSetup.tar.gz -C /root/k8sOfflineSetup
cd /root/k8sOfflineSetup
chmod +x scripts/*
3.2 master节点上执行
cd /root/k8sOfflineSetup
export HOSTNAME=k8s-master # master节点的主机名
export APISERVER_NAME=apiserver.k8s.com # k8s apiserver的主机地址
export MASTER_IP=192.168.243.180 # 集群中master节点的ip地址
export POD_SUBNET=10.11.10.0/16 # Pod 使用的网段
sh setup_master.sh
kubectl get nodes
kubectl get pods -n kube-system
kubeadm token create --print-join-command #创建加入集群的token和秘钥,记录下来
[root@k8s-master ~]# kubeadm token create --print-join-command
W0415 15:22:22.571978 61871 validation.go:28] Cannot validate kube-proxy config - no validator is available
W0415 15:22:22.572369 61871 validation.go:28] Cannot validate kubelet config - no validator is available
kubeadm join apiserver.k8s.com:6443 --token rry6jz.x0fegbxxojlo59zw --discovery-token-ca-cert-hash sha256:59d0ff9225b587ea64901496ae1e1a0916da13a0448e07fa8feebcbd36b0171e
[root@k8s-master ~]#
3.3 node1上执行
export HOSTNAME=k8s-node1 # node1节点的主机名
export APISERVER_NAME=apiserver.k8s.com #k8s apiserver的主机地址
export MASTER_IP=192.168.243.180 # 集群中master节点的ip地址
# 加入master的token,就是上述步骤记住的token后面的内容
export TOKEN=rry6jz.x0fegbxxojlo59zw
# 加入master的证书,就是上述步骤九标红的discovery-token-ca-cert-hash后面的内容
export CERT=sha256:59d0ff9225b587ea64901496ae1e1a0916da13a0448e07fa8feebcbd36b0171e
cd /root/k8sOfflineSetup
chmod +x scripts/*
sh setup_worker.sh
3.4 node2上执行
export HOSTNAME=k8s-node2 # node1节点的主机名
export APISERVER_NAME=apiserver.k8s.com #k8s apiserver的主机地址
export MASTER_IP=192.168.243.180 # 集群中master节点的ip地址
# 加入master的token,就是上述步骤记住的token后面的内容
export TOKEN=rry6jz.x0fegbxxojlo59zw
# 加入master的证书,就是上述步骤九标红的discovery-token-ca-cert-hash后面的内容
export CERT=sha256:59d0ff9225b587ea64901496ae1e1a0916da13a0448e07fa8feebcbd36b0171e
cd /root/k8sOfflineSetup
chmod +x scripts/*
sh setup_worker.sh
4.验证查看
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 22m v1.17.1
k8s-node1 Ready <none> 4m26s v1.17.1
k8s-node2 Ready <none> 39s v1.17.1
[root@k8s-master ~]#
在浏览器输入:masterIP:32567
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 36m v1.17.1
k8s-node1 Ready <none> 32m v1.17.1
k8s-node2 Ready <none> 31m v1.17.1
[root@k8s-master ~]#
# 在 Master 节点上执行此命令
kubectl -n kube-system get secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}') -o go-template='{{.data.token}}' | base64 -d
5.登录页面
使用方面请自行研究
6.安装仓库
cd /opt #代码上传到这里
docker load -i registry.tar.gz
tar zxvf docker-registry.tar.gz -C /opt
rm -fr registry.tar.gz docker-registry.tar.gz
docker run -d -p 5000:5000 --restart=always --name registry -v /opt/docker-registry:/var/lib/registry registry:2
6.安装rancher2.4
docker run -d --restart=unless-stopped \
-p 8080:80 -p 8443:443 \
-e CATTLE_SYSTEM_DEFAULT_REGISTRY=192.168.243.180:5000 \
-e CATTLE_SYSTEM_CATALOG=bundled \
-v /opt/rancher:/var/lib/rancher \
--name rancher2 192.168.243.180:5000/rancher/rancher:v2.4.17
#rancher2.4登录 thhps://ip:8443
用户:admin 密码自己设置
7. 利用rancher添加K8S集群
看到集群是Active就说明正常了!
8. 离线部署服务验证
#由于是离线,需要在所有node节点上上传nginx镜像包并导入
docker load -i nginx.tar.gz
cat > nginx.yaml << EOF
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: nginx
name: nginx
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- image: nginx
name: nginx
imagePullPolicy: IfNotPresent
---
apiVersion: v1
kind: Service
metadata:
labels:
app: nginx
name: nginx
spec:
type: NodePort
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx
EOF
[root@k8s-master ~]# kubectl apply -f nginx.yaml
deployment.apps/nginx created
service/nginx created
[root@k8s-master ~]# kubectl get pods,svc
NAME READY STATUS RESTARTS AGE
pod/nginx-5ffb5df89f-g5lrg 1/1 Running 0 14s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 15h
service/nginx NodePort 10.96.182.168 <none> 80:32755/TCP 14s
[root@k8s-master ~]#
8.1 命令行进行访问验证
任意节点ip:32755
8.2 rancher界面验证
希望能够帮助到您,欢迎一个点赞,给博主一个支持,谢谢!有任何问题欢迎留言!
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献47条内容
所有评论(0)