k3s 最新部署

k3s relase地址
https://github.com/rancher/k3s/releases/

环境准备：
selinux关闭 /usr/sbin/sestatus -v查看状态
vim /etc/selinux/config

将SELINUX=enforcing改为SELINUX=disabled

临时关闭

setenforce 0

防火墙关闭或者配置防火墙规则

systemctl stop firewalld

docker版本有限制，如果太低会出现
/etc/coredns/Corefile permission denied

docker旧版本卸载

sudo yum remove docker \
docker-common \
container-selinux \
docker-selinux \
docker-engine

卸载Docker后,/var/lib/docker/目录下会保留原Docker的镜像,网络,存储卷等文件. 如果需要全新安装Docker,需要删除/var/lib/docker/目录

rm -rf /var/lib/docker/

docker下载

curl -sSL https://get.daocloud.io/docker | sh

server端搭建

下载k3s运行的依赖包

wget https://github.com/rancher/k3s/releases/download/v0.10.2/k3s-airgap-images-amd64.tar

下载k3s二进制文件

wget https://github.com/rancher/k3s/releases/download/v0.10.2/k3s

下载安装脚本

wget https://github.com/rancher/k3s/blob/master/install.sh

赋予权限

chmod 755 k3s
chmod 755 insatll.sh
chmod 755 k3s-airgap-images-amd64.tar

修改install.sh文件，添加或设置如下

export INSTALL_K3S_SKIP_DOWNLOAD=true           //设置跳过下载k3s二进制文件

创建链接

cp k3s /usr/local/bin/k3s   

将所需镜像文件拷贝

mkdir -p /var/lib/rancher/k3s/agent/images/
cp k3s-airgap-images-amd64.tar /var/lib/rancher/k3s/agent/images/

docker导入镜像

docker load -i k3s-airgap-images-amd64.tar

注：如搭好k3s后，没有docker load -i操作，之后修改k3s.service，添加–docker --no-deploy traefik后，创建demo失败

启动安装文件

./install.sh

#也可以INSTALL_K3S_EXEC="–no-deploy=traefik" ./install.sh 操作

启动k3s

systemctl daemon-reload
systemctl restart k3s

之后启动失败，ExecStart结尾后多了/，需要删除，并且指定–docker，否则docker pull images会失败

修改配置文件/etc/systemd/system/k3s.service，修改内容如下（主要修改ExecStart=/usr/bin/k3s server --docker --no-deploy traefik）

[Unit]
Description=Lightweight Kubernetes
Documentation=https://k3s.io
After=network-online.target

[Service]
Type=notify
EnvironmentFile=/etc/systemd/system/k3s.service.env
ExecStartPre=-/sbin/modprobe br_netfilter
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/bin/k3s server --docker --no-deploy traefik
KillMode=process
Delegate=yes
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
TimeoutStartSec=0
Restart=always

[Install]
WantedBy=multi-user.targe

之后重启并查看状态

systemctl restart k3s
systemctl status k3s   #或者运行此命令  systemctl is-active k3s

之后kubectl get nodes查看，出现node即成功

node节点加入

K3S_TOKEN是server端的，位于/var/lib/rancher/k3s/server/node-token下

cat /var/lib/rancher/k3s/server/node-token

在node节点执行命令，格式为

K3S_URL=${k3s_url} K3S_TOKEN=${k3s_token}  ./install.sh

执行如下命令

K3S_TOKEN=xxxxxx K3S_URL=https://serverIP:6443 ./install.sh

启动失败，编辑配置文件/etc/systemd/system/k3s-agent.service
内容如下：

[Unit]
Description=Lightweight Kubernetes
Documentation=https://k3s.io
Wants=network-online.target
[Install]
WantedBy=multi-user.target
[Service]
Type=exec
EnvironmentFile=/etc/systemd/system/k3s-agent.service.env
KillMode=process
Delegate=yes
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
TimeoutStartSec=0
Restart=always
RestartSec=5s
ExecStartPre=-/sbin/modprobe br_netfilter
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/bin/k3s \
    agent --docker            #修改这行，添加从docker拉取镜像

之后再server端查看即可