为了保持大家环境一致,这里采用sealos进行一键部署k8s
且sealos支持k8s环境的保存和离线交付。
-
配置服务器的静态ip,我这里的是
k8s-master 192.168.139.141
k8s-node01 192.168.139.142
k8s-node02 192.168.139.143
-
如果没有ssh,配置ssh
-
保证所有节点的密码一致,不要有特殊符号,我这里密码都是1234567890(或者可配置ssh免密登录)
-
修改
/etc/hosts文件,添加以下内容,ip和域名替换为自己对应的
192.168.139.141 k8s-master
192.168.139.142 k8s-node01
192.168.139.143 k8s-node02各版本对应情况,可去官网自行选择
amd64
wget https://github.com/labring/sealos/releases/download/v4.2.0/sealos_4.2.0_linux_amd64.tar.gz \
&& tar zxvf sealos_4.2.0_linux_amd64.tar.gz sealos && chmod +x sealos && mv sealos /usr/bin下载速度慢的话,下面有百度网盘
我这里选择的是使用docker作为容器运行时(CRI)的
labring/kubernetes-docker:v1.25.0镜像安装
labring/helm:v3.8.2包管理工具并选择了
labring/calico:v3.24.1作为网络解决方案
由于网络原因,可能无法下载镜像,这里提供三种方案(推荐方案三):
方案一:设置代理
我这里临时设置一下代理
[root@k8s-master ~]# export HTTP_PROXY=http://192.168.137.1:7890/ [root@k8s-master ~]# export HTTPS_PROXY=http://192.168.137.1:7890/然后拉取镜像
[root@k8s-master ~]# sealos pull labring/kubernetes-docker:v1.25.0 [root@k8s-master ~]# sealos pull labring/helm:v3.8.2 [root@k8s-master ~]# sealos pull labring/calico:v3.24.1
方案二:离线镜像
我通过
sealos save -o kubernetes-docker1.25.0.tar labring/kubernetes-docker:v1.25.0 sealos save -o helm3.8.2.tar labring/helm:v3.8.2 sealos save -o calico3.24.1.tar labring/calico:v3.24.1将镜像打包上传到了百度云
提取码:5ook
只需要下载之后,通过以下命令导入镜像
sealos load -i kubernetes-docker1.25.0.tar sealos load -i helm3.8.2.tar sealos load -i calico3.24.1.tar导入成功后执行(imageID替换成对应的id)
sealos tag [imageID] docker.io/labring/kubernetes-docker:v1.25.0 sealos tag [imageID] docker.io/labring/helm:v3.8.2 sealos tag [imageID] docker.io/labring/calico:v3.24.1
方案三:使用阿里云镜像
我已经将这两个镜像传到了我的阿里云镜像仓库,只需要执行
sealos pull registry.cn-shanghai.aliyuncs.com/fanb/kubernetes-docker:v1.25.0 sealos pull registry.cn-shanghai.aliyuncs.com/fanb/helm:v3.8.2 sealos pull registry.cn-shanghai.aliyuncs.com/fanb/calico:v3.24.1拉取成功后执行(imageID替换成对应的id)
sealos tag [imageID] docker.io/labring/kubernetes-docker:v1.25.0 sealos tag [imageID] docker.io/labring/helm:v3.8.2 sealos tag [imageID] docker.io/labring/calico:v3.24.1
最后执行以下命令一键部署k8s集群
(对应ip地址替换成自己的)
sealos run labring/kubernetes-docker:v1.25.0 labring/helm:v3.8.2 labring/calico:v3.24.1 \
--masters 192.168.139.141 \
--nodes 192.168.139.142,192.168.139.143 -p 1234567890如果是配置的ssh免密登录,可使用以下命令
sealos run labring/kubernetes-docker:v1.25.0 labring/helm:v3.8.2 labring/calico:v3.24.1 \
--masters 192.168.139.141 \
--nodes 192.168.139.142,192.168.139.143 --pk='/root/.ssh/id_rsa' 参数说明
| 参数名 | 参数值示例 | 参数说明 |
|---|---|---|
| --masters | 192.168.0.2 | kubernetes master 节点地址列表 |
| --nodes | 192.168.0.3 | kubernetes node 节点地址列表 |
| -p | 1234567890(你的密码) | ssh 登录密码 |
| kubernetes | labring/kubernetes:v1.25.0 | kubernetes 镜像 |
| --pk | '/root/.ssh/id_rsa' | 选择从其中读取公钥认证身份的私钥文件。 |
[root@k8s-master ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready control-plane 2m57s v1.25.0
k8s-node01 Ready <none> 2m19s v1.25.0
k8s-node02 Ready <none> 2m21s v1.25.0
[root@k8s-master ~]# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
calico-apiserver calico-apiserver-54fbb6b584-4wkxv 1/1 Running 0 24s
calico-apiserver calico-apiserver-54fbb6b584-tzz8n 1/1 Running 0 24s
calico-system calico-kube-api-85666c5b94-4xvzz 1/1 Running 0 78s
calico-system calico-node-drsqw 1/1 Running 0 78s
calico-system calico-node-mfzhm 1/1 Running 0 78s
calico-system calico-node-mnm6p 1/1 Running 0 78s
calico-system calico-typha-7ffb774947-dkt2m 1/1 Running 0 78s
calico-system calico-typha-7ffb774947-fr2w2 1/1 Running 0 70s
calico-system csi-node-driver-dlpj4 2/2 Running 0 39s
calico-system csi-node-driver-nxrbs 2/2 Running 0 39s
calico-system csi-node-driver-r6cx8 2/2 Running 0 47s
kube-system coredns-565d847f94-qqlsx 1/1 Running 0 118s
kube-system coredns-565d847f94-t68zn 1/1 Running 0 118s
kube-system etcd-k8s-master 1/1 Running 0 2m11s
kube-system kube-apiserver-k8s-master 1/1 Running 0 2m11s
kube-system kube-controller-manager-k8s-master 1/1 Running 0 2m11s
kube-system kube-proxy-7mzw6 1/1 Running 0 118s
kube-system kube-proxy-cmfbg 1/1 Running 0 98s
kube-system kube-proxy-lszz5 1/1 Running 0 100s
kube-system kube-scheduler-k8s-master 1/1 Running 0 2m11s
kube-system kube-sealos-lvscare-k8s-node01 1/1 Running 0 91s
kube-system kube-sealos-lvscare-k8s-node02 1/1 Running 0 93s
tigera-operator tigera-operator-6675dc47f4-wntv5 1/1 Running 0 91s一键安装 GPU 驱动,监控 GPU 资源,轻松打造具备 AI 能力的深度学习平台。
sealos run labring/gpu-operator:v1.10.1- OpenEBS 是一款使用 Go 语言编写的基于容器的块存储开源软件。
- OpenEBS 使得在容器中运行关键性任务和需要数据持久化的负载变得更可靠。
# 在需要作为存储的机器
yum install iscsi-initiator-utils -y
cat /etc/iscsi/initiatorname.iscsi
sudo systemctl enable --now iscsid
systemctl status iscsid- 由于官方openebs的镜像在国外(下载速度慢),且会用到k8s.gcr.io的镜像(无法下载)
- 我已经将安装的yaml文件内的镜像改为了我的阿里云(替换openebs)和lank8s.cn(替换k8s.gcr.io),对应的yaml文件在daoc目录
- openebs官网可自行选择安装类型,并根据所选类型进行安装
我这里选择的是cstor
kubectl apply -f openebs-operator.yaml
kubectl apply -f cstor-operator.yaml
# 在node01和node02检测到两个blockdevice
[root@k8s-master yaml]# kubectl get bd -n openebs
NAME NODENAME SIZE CLAIMSTATE STATUS AGE
blockdevice-04f302ffe61688e8c529923714c791ef k8s-node02 10736352768 Unclaimed Active 14s
blockdevice-c797122b11695c427d6ef7793d270ff7 k8s-node01 21473771008 Unclaimed Active 19m
# Creating cStor storage pools
# 根据刚才的两个bd创建storage pools
# Stripe(条带化)提供了高性能,但没有数据冗余和故障恢复能力。
# Mirror(镜像)提供了数据冗余和故障恢复能力,但需要更多的存储空间。
kubectl apply -f cstor-pool.yaml
[root@k8s-master yaml]# kubectl get cspc -n openebs
NAME HEALTHYINSTANCES PROVISIONEDINSTANCES DESIREDINSTANCES AGE
cstor-disk-pool 2 2 4m51s
[root@k8s-master yaml]# kubectl get cspi -n openebs
NAME HOSTNAME FREE CAPACITY READONLY PROVISIONEDREPLICAS HEALTHYREPLICAS STATUS AGE
cstor-disk-pool-bsr2 k8s-node02 9630M 9630262k false 1 1 ONLINE 50m
cstor-disk-pool-qzxn k8s-node01 19300M 19300096500 false 1 0 ONLINE 50m
如果证书问题报错的话,issues地址
[root@k8s-master yaml]# kubectl get ValidatingWebhookConfiguration -A NAME WEBHOOKS AGE openebs-cstor-validation-webhook 1 86m [root@k8s-master yaml]# kubectl delete ValidatingWebhookConfiguration openebs-cstor-validation-webhook
[root@k8s-master yaml]# kubectl apply -f cstor-sc.yaml
storageclass.storage.k8s.io/cstor-csi-disk created
[root@k8s-master yaml]# kubectl get sc
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
cstor-csi-disk cstor.csi.openebs.io Delete Immediate true 3s
openebs-device openebs.io/local Delete WaitForFirstConsumer false 31m
openebs-hostpath openebs.io/local Delete WaitForFirstConsumer false 31m- 由于openebs时块存储,不支持ReadWriteOnce(RWX),无法满足同一个deploy的多个pod(不在同一个node)共享一个pvc
- 官方提供了一种方案,即在openebs之上配置NFS
# 所有节点
sudo yum install nfs-utils -y
kubectl apply -f nfs-operator.yaml