先决条件
配置负载平衡器和康健查抄
我这里使用的是VMware NSX-T负载平衡
这里有个坑,80端口的响应代码,必要把307,308,303标志为康健的状态码
第一个server节点安装
官方文档的形貌感觉对于新手来说太不友爱了,建议以下链接都看一下。Rancher新老文档都建议看一下,不然刚刚入门很蒙。
RKE2快速开始:https://docs.rke2.io/zh/install/quickstart
RKE2高可用:https://docs.rke2.io/zh/install/ha
RKE2离线安装:https://docs.rke2.io/zh/install/airgap
RKE2卸载:https://docs.rke2.io/zh/install/linux_uninstall
Rancher Helm CLI快速入门:https://ranchermanager.docs.rancher.com/zh/getting-started/quick-start-guides/deploy-rancher-manager/helm-cli
Rancher 离线Helm安装:https://ranchermanager.docs.rancher.com/zh/getting-started/installation-and-upgrade/other-installation-methods/air-gapped-helm-cli-install/install-rancher-ha
老版Rancher文档 离线安装:https://docs.rancher.cn/docs/rancher2/installation/other-installation-methods/air-gap/install-rancher/_index
老版Rancher文档 怎样在国内使用 Rancher:https://docs.rancher.cn/docs/rancher2/best-practices/use-in-china/_index/
- # 卸载
- /usr/local/bin/rke2-uninstall.sh
- # 配置文件,load_balancer_addr 负载均衡ip或者第一台serverip
- load_balancer_addr=172.16.10.241
- mkdir -p /etc/rancher/rke2 && echo "
- tls-san:
- - ${load_balancer_addr}
- system-default-registry: "docker.nju.edu.cn"
- " > /etc/rancher/rke2/config.yaml
- # 检查配置
- cat /etc/rancher/rke2/config.yaml
- # 指定版本安装
- curl -sfL https://rancher-mirror.rancher.cn/rke2/install.sh | INSTALL_RKE2_MIRROR=cn INSTALL_RKE2_VERSION=v1.22.17+rke2r1 sh -
- # 安装最新stable版本
- # curl -sfL https://rancher-mirror.rancher.cn/rke2/install.sh | INSTALL_RKE2_MIRROR=cn sh -
- systemctl enable rke2-server.service && systemctl start rke2-server.service
- # 查看日志
- # journalctl -u rke2-server -f
复制代码 实用程序注册到PATH
kubeconfig默认的server地址是127.0.0.1
在最小集群安装完成之后必要修改为负载平衡地址
- echo 'export PATH=$PATH:/var/lib/rancher/rke2/bin;' >> ~/.bashrc && source ~/.bashrc
- mkdir -p ~/.kube && rm -f ~/.kube/config && ln -s /etc/rancher/rke2/rke2.yaml ~/.kube/config
复制代码 等待全部pod运行
- root@rke1:~# watch -n 1 kubectl get pods -A
- Every 1.0s: kubectl get pods -A rke1: Thu Mar 16 21:22:08 2023
- NAMESPACE NAME READY STATUS RESTARTS AGE
- kube-system cloud-controller-manager-rke1 1/1 Running 0 33m
- kube-system etcd-rke1 1/1 Running 0 33m
- kube-system helm-install-rke2-canal-mscjh 0/1 Completed 0 34m
- kube-system helm-install-rke2-coredns-qrmgn 0/1 Completed 0 34m
- kube-system helm-install-rke2-ingress-nginx-ddt95 0/1 Completed 0 34m
- kube-system helm-install-rke2-metrics-server-6cm27 0/1 Completed 0 34m
- kube-system kube-apiserver-rke1 1/1 Running 0 33m
- kube-system kube-controller-manager-rke1 1/1 Running 0 33m
- kube-system kube-proxy-rke1 1/1 Running 0 33m
- kube-system kube-scheduler-rke1 1/1 Running 0 33m
- kube-system rke2-canal-f56nc 2/2 Running 0 32m
- kube-system rke2-coredns-rke2-coredns-69844654d9-lsvw6 1/1 Running 0 32m
- kube-system rke2-coredns-rke2-coredns-autoscaler-95d984597-p9r6k 1/1 Running 0 32m
- kube-system rke2-ingress-nginx-controller-4ddx9 1/1 Running 0 29m
- kube-system rke2-metrics-server-765b64878b-jtq2v 1/1 Running 0 30m
复制代码 注册令牌,接下来要用
- cat /var/lib/rancher/rke2/server/node-token
复制代码 其他server节点安装
- # 配置文件,load_balancer_addr 负载均衡ip或者第一台serverip
- load_balancer_addr=172.16.10.241 node_token=xxxxxxxx
- mkdir -p /etc/rancher/rke2 && echo "
- server: https://${load_balancer_addr}:9345
- token: ${node_token}
- tls-san:
- - ${load_balancer_addr}
- system-default-registry: "docker.nju.edu.cn"
- " > /etc/rancher/rke2/config.yaml
- # 检查配置
- cat /etc/rancher/rke2/config.yaml
- # 安装
- curl -sfL https://rancher-mirror.rancher.cn/rke2/install.sh | INSTALL_RKE2_MIRROR=cn INSTALL_RKE2_VERSION=v1.22.17+rke2r1 sh -
- systemctl enable rke2-server.service && systemctl start rke2-server.service
复制代码 实用程序注册到PATH
- echo 'export PATH=$PATH:/var/lib/rancher/rke2/bin;' >> ~/.bashrc && source ~/.bashrc
- mkdir -p ~/.kube && rm -f ~/.kube/config && ln -s /etc/rancher/rke2/rke2.yaml ~/.kube/config
复制代码 这里使用kubectl可能会反应很慢,必要修改kubeconfig中server的地址为负载平衡地址
- load_balancer_addr=rancher2.ent.top
- sed -i.bak "s/127.0.0.1:6443/${load_balancer_addr}:6443/" /etc/rancher/rke2/rke2.yaml
复制代码 安装helm
- # 下载 helm 并上传 https://github.com/helm/helm/releases
- rm -rf linux-amd64/helm && tar -zxvf helm-v3.10.3-linux-amd64.tar.gz && mv linux-amd64/helm /usr/local/bin/helm && helm version
复制代码 安装Cert-Manager
- # 可以下载过来然后在 kubectl apply -f cert-manager.crds.yaml
- kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.7.1/cert-manager.crds.yaml
- helm repo add jetstack https://charts.jetstack.io && helm repo update
- helm install cert-manager jetstack/cert-manager \
- --set image.repository=quay.nju.edu.cn/jetstack/cert-manager-controller \
- --set webhook.image.repository=quay.nju.edu.cn/jetstack/cert-manager-webhook \
- --set cainjector.image.repository=quay.nju.edu.cn/jetstack/cert-manager-cainjector \
- --set startupapicheck.image.repository=quay.nju.edu.cn/jetstack/cert-manager-ctl \
- --namespace cert-manager \
- --create-namespace \
- --version v1.7.1
复制代码 安装Rancher
这里也有个坑,不能安装离线安装文档中加
--set certmanager.version=<CERTMANAGER_VERSION> 参数,会报错如下
unable to build kubernetes objects from release manifest: resource mapping not found for name: "rancher" namespace: ""
- helm repo add rancher-latest https://rancher-mirror.rancher.cn/server-charts/latest
- kubectl create namespace cattle-system
- # rancher域名,要么解析dns,要么加入自己电脑hosts
- rancher_domain=rancher01.ent.top
- helm install rancher rancher-latest/rancher \
- --namespace cattle-system \
- --set hostname=${rancher_domain} \
- --set rancherImage=docker.nju.edu.cn/rancher/rancher \
- --set systemDefaultRegistry=docker.nju.edu.cn
复制代码 安装完成
密码看提示
$(kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{.data.bootstrapPassword|base64decode}}')
或者直接用链接(其实就是跳过输入上面随秘密码的阶段,直接到下一步设置admin密码)
echo https://rancher01.ent.top/dashboard/?setup=$(kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{.data.bootstrapPassword|base64decode}}')
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。 |