rke安装k8s

1、修改集群中各物理机主机名hostname文件

# 查看
cat /etc/hostname
# 命令修改
hostnamectl  set-hostname  k8s-master

2、实现主机名与ip地址解析

# 查看
 cat /etc/hosts
# 修改
vi /etc/hosts

3、配置ip_forward过滤机制

# 修改
vi /etc/sysctl.conf
net.ipv4.ip_forward=1
net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1
# 查看
sysctl -p
# 执行sysctl -p 报错执行
modprobe br_netfilter

4、关闭防火墙

# 停止放火墙
# systemctl  stop  firewalld
# 禁用防火墙
# systemctl  disable  firewalld
# 查看防火墙状态
# systemctl  status  firewalld
# 查看防火墙状态
# firewall-cmd --state

5、禁用swap

# 查看swap
free -m

# 查看swap文件
cat /etc/fstab

# 注释掉fstab的swap配置
vi /etc/fstab
# 使配置文件生效
swapoff -a

6、添加时间同步

# 查看时间
date
# 安装插件
yum  -y  install  update
# 设置
crontab -e
# 设置内容
0  */1  *  *  *  ntpdate  ntp.aliyun.com
# 查看
crontab  -l

7、关闭selinux

# 查看
getenforce
# 查看
sestatus

# 编辑配置文件
vi /etc/selinux/config
SELINUX=disabled

重启系统后

8、启用Cgroup；修改配置文件/etc/default/grub，启用cgroup内存限额功能,配置两个参数：

vi /etc/default/grub
GRUB_CMDLINE_LINUX_DEFAULT="cgroup_enable=memory swapaccount=1"
GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"
# 更新grub
grub2-mkconfig -o /boot/grub2/grub.cfg

9、添加rancher用户

# 添加用户
useradd -m rancher
# 添加至docker组
usermod  -aG  docker  rancher
# 添加用户密码
passwd rancher

10、配置ssh,需要切换到rancher用户

# 切换至rancher用户
su rancher
# master生成ssh
ssh-keygen
# 将ssh密钥复制到其它node节点上
cd .ssh/
ssh-copy-id rancher@k8s-master
ssh-copy-id rancher@k8s-node1
ssh-copy-id rancher@k8s-node2

11、下载rke安装包
https://github.com/rancher/rke/releases
下载后上传到master上
切换至root用户执行

su root
mv rke_linux-amd64 /usr/local/bin/rke && chmod +x /usr/local/bin/rke
rke --version

12、创建rke安装k8s集群产生的配置文件

mkdir -p /app/rancher
rke config --name cluster.yml

官方配置参考
命令生成cluster.yml文件

[+] Cluster Level SSH Private Key Path [~/.ssh/id_rsa]:               集群私钥路径：~/.ssh/id_rsa

[+] Number of Hosts [1]: 3                                     集群拥有几个节点：3

[+] SSH Address of host (1) [none]: 192.168.149.200                       第一个节点ip地址：192.168.149.200 

[+] SSH Port of host (1) [22]: 22                                        第一个节点端口：22

[+] SSH Private Key Path of host (192.168.149.200) [none]: ~/.ssh/id_rsa       第一个节点私钥路径：~/.ssh/id_rsa

[+] SSH User of host (192.168.149.200) [ubuntu]: rancher                   远程用户名：rancher

[+] Is host (192.168.149.200) a Control Plane host (y/n)? [y]: y               是否是k8s集群控制节点：y

[+] Is host (192.168.149.200) a Worker host (y/n)? [n]: n                    是否是k8s集群工作节点：n

[+] Is host (192.168.149.200) an etcd host (y/n)? [n]: n                     是否是k8s集群etcd节点：n

[+] Override Hostname of host (192.168.149.200) [none]:                   不覆盖现有主机：回车默认

[+] Internal IP of host (192.168.149.200) [none]:                         主机局域网地址：没有更改回车默认

[+] Docker socket path on host (192.168.149.200) [/var/run/docker.sock]: /var/run/docker.sock         主机上docker.sock路径：/var/run/docker.sock

[+] SSH Address of host (2) [none]: 192.168.149.205                         第二个节点ip地址：192.168.149.205

[+] SSH Port of host (2) [22]: 22                                          第二个节点远程端口：22

[+] SSH Private Key Path of host (192.168.149.205) [none]: ~/.ssh/id_rsa         第二个节点私钥路径：~/.ssh/id_rsa

[+] SSH User of host (192.168.149.205) [ubuntu]: rancher                     第二个节点远程用户名：rancher

[+] Is host (192.168.149.205) a Control Plane host (y/n)? [y]: n                 是否是k8s集群控制节点：n

[+] Is host (192.168.149.205) a Worker host (y/n)? [n]: y                      是否是k8s集群工作节点：y

[+] Is host (192.168.149.205) an etcd host (y/n)? [n]: n                       是否是k8s集群etcd节点：n

[+] Override Hostname of host (192.168.149.205) [none]:                    不覆盖现有主机：回车默认

[+] Internal IP of host (192.168.149.205) [none]:                            主机局域网地址：没有更改回车默认

[+] Docker socket path on host (192.168.149.205) [/var/run/docker.sock]: /var/run/docker.sock        主机上docker.sock路径：/var/run/docker.sock

[+] SSH Address of host (3) [none]: 192.168.149.210                             第三个节点ip地址：192.168.149.210

[+] SSH Port of host (3) [22]: 22                                              第三个节点远程端口：22

[+] SSH Private Key Path of host (192.168.149.210) [none]: ~/.ssh/id_rsa             第三个节点私钥路径：~/.ssh/id_rsa 

[+] SSH User of host (192.168.149.210) [ubuntu]: rancher                         第三个节点远程用户名：rancher

[+] Is host (192.168.149.210) a Control Plane host (y/n)? [y]: n                     是否是k8s集群控制节点：n

[+] Is host (192.168.149.210) a Worker host (y/n)? [n]: n                          是否是k8s集群工作节点：n

[+] Is host (192.168.149.210) an etcd host (y/n)? [n]: y                            是否是k8s集群etcd节点：y

[+] Override Hostname of host (192.168.149.210) [none]:                         不覆盖现有主机：回车默认

[+] Internal IP of host (192.168.149.210) [none]:                                主机局域网地址：没有更改回车默认

[+] Docker socket path on host (192.168.149.210) [/var/run/docker.sock]: /var/run/docker.sock  主机上docker.sock路径：/var/run/docker.sock

[+] Network Plugin Type (flannel, calico, weave, canal, aci) [canal]: calico                              网络插件类型：自选，我选择的是calico

[+] Authentication Strategy [x509]:                                                            认证策略形式：X509

[+] Authorization Mode (rbac, none) [rbac]: rbac                                                 认证模式：rbac

[+] Kubernetes Docker image [rancher/hyperkube:v1.25.9-rancher2]: rancher/hyperkube:v1.25.9-rancher2  k8s集群使用的docker镜像：rancher/hyperkube:v1.25.9-rancher2

[+] Cluster domain [cluster.local]: sbcinfo.com                                                   集群域名：默认即可    

[+] Service Cluster IP Range [10.43.0.0/16]:                                                     集群IP、server地址：默认即可

[+] Enable PodSecurityPolicy [n]:                                                             开启pod安全策略：n

[+] Cluster Network CIDR [10.42.0.0/16]:                                                       集群pod ip地址：默认即可

[+] Cluster DNS Service IP [10.43.0.10]:                                                        集群DNS ip地址：默认即可

[+] Add addon manifest URLs or YAML files [no]:                                                添加加载项清单url或yaml文件：回车默认即可或者no

13、开始安装集群

rke  up

14、安装kubectl客户端管理工具

rke高可用k8s集群安装和实现手册

CentOS7下，RKE部署k8s集群，及Helm Chart 安装Rancher高可用