k8s 上部署kubeSphere

一、部署kubeSphere

1.1、kubesphere 简介

KubeSphere 是一款面向云原生设计的开源项目，在目前主流容器调度平台 Kubernetes 之上构建的分布式多租户容器管理平台，提供简单易用的操作界面以及向导式操作方式，在降低用户使用容器调度平台学习成本的同时，极大降低开发、测试、运维的日常工作的复杂度。

1.2、环境需求

1.3.、安装 helm 和 tiller

Helm 是 Kubernetes 的包管理器。包管理器类似于我们在 Ubuntu 中使用的 apt、Centos中使用的 yum 或者 Python 中的 pip 一样，能快速查找、下载和安装软件包。
Helm 由客 户端组件 helm 和服务端组件 Tiller 组成，能够将一组 K8S 资源打包统一管理，是查找、共享和使用为 Kubernetes 构建的软件的最佳方式

①、 安装helm

#上传安装包到目录下
[root@master ~]#ll helm-v2.17.0-linux-amd64.tar.gz 
-rw-r--r-- 1 root root 25097357 12月 31 10:39 helm-v2.17.0-linux-amd64.tar.gz
[root@master ~]#tar zxvf helm-v2.17.0-linux-amd64.tar.gz 
[root@master ~]#ls
helm-v2.17.0-linux-amd64.tar.gz  kube-flannel.yaml  linux-amd64
[root@master ~]#cp linux-amd64/helm /usr/local/bin/
[root@master ~]#cp linux-amd64/tiller /usr/local/bin/
[root@master ~]#helm version
Client: &version.Version{
   SemVer:"v2.17.0", GitCommit:"a690bad98af45b015bd3da1a41f6218b1a451dbe", GitTreeState:"clean"}
Error: could not find tiller

②、创建 rbac 权限文件

cat > helm-rbac.yaml << EOF
apiVersion: v1
kind: ServiceAccount
metadata:
  name: tiller
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: tiller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: tiller
    namespace: kube-system
EOF



[root@master ~]#kubectl apply -f helm-rbac.yaml
serviceaccount/tiller created
clusterrolebinding.rbac.authorization.k8s.io/tiller created

③、安装 tiller

helm init --service-account tiller --upgrade -i registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.17.0  --
stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts






[root@master ~]#kubectl get pods --all-namespaces
NAMESPACE     NAME                             READY   STATUS    RESTARTS   AGE
default       nginx-86c57db685-gxnmf           1/1     Running   0          87m
kube-system   coredns-9d85f5447-s8f77          1/1     Running   0          109m
kube-system   coredns-9d85f5447-t6fd4          1/1     Running   0          109m
kube-system   etcd-master                      1/1     Running   0          109m
kube-system   kube-apiserver-master            1/1     Running   0          109m
kube-system   kube-controller-manager-master   1/1     Running   0          109m
kube-system   kube-flannel-ds-amd64-c9mst      1/1     Running   0          89m
kube-system   kube-flannel-ds-amd64-hfmgw      1/1     Running   0          97m
kube-system   kube-flannel-ds-amd64-nsnc7      1/1     Running   0          97m
kube-system   kube-proxy-kcpcj                 1/1     Running   0          99m
kube-system   kube-proxy-kjsg8                 1/1     Running   0          99m
kube-system   kube-proxy-ms6rg                 1/1     Running   0          109m
kube-system   kube-scheduler-master            1/1     Running   0          109m
kube-system   tiller-deploy-59665c97b6-h9bd8   1/1     Running   0          2m53s

④、检查

[root@master ~]#tiller 
[main] 2021/12/31 21:57:16 Starting Tiller v2.17.0 (tls=false)
[main] 2021/12/31 21:57:16 GRPC listening on :44134
[main] 2021/12/31 21:57:16 Probes listening on :44135
[main] 2021/12/31 21:57:16 Storage driver is ConfigMap
[main] 2021/12/31 21:57:16 Max history per release is 0


[root@master ~]#helm version
Client: &version.Version{
   SemVer:"v2.17.0", GitCommit:"a690bad98af45b015bd3da1a41f6218b1a451dbe", GitTreeState:"clean"}
Server: &version.Version{
   SemVer:"v2.17.0", GitCommit:"a690bad98af45b015bd3da1a41f6218b1a451dbe", GitTreeState:"clean"}

1.4安装 OpenEBS

官方文档供参考

①、去除 master上污点

[root@master ~]#kubectl get node -o wide
NAME     STATUS   ROLES    AGE    VERSION   INTERNAL-IP    EXTERNAL-IP   OS-IMAGE                KERNEL-VERSION          CONTAINER-RUNTIME
master   Ready    master   114m   v1.17.3   192.168.8.12   <none>        CentOS Linux 7 (Core)   3.10.0-693.el7.x86_64   docker://20.10.12
node01   Ready    <none>   103m   v1.17.3   192.168.8.13   <none>        CentOS Linux 7 (Core)   3.10.0-693.el7.x86_64   docker://20.10.12
node02   Ready    <none>   103m   v1.17.3   192.168.8.14   <none>        CentOS Linux 7 (Core)   3.10.0-693.el7.x86_64   docker://20.10.12

[root@master ~]#kubectl describe node master | grep Taint
Taints:             node-role.kubernetes.io/master:NoSchedule

[root@master ~]#kubectl taint nodes master node-role.kubernetes.io/master:NoSchedule-
node/master untainted

[root@master ~]#kubectl describe node master | grep Taint
Taints:             <none>

②、安装 OpenEBS

使用阿里的源会导致在后续安装openebs时,资源库没有1.5的镜像资源,错误如下

[root@k8s-node1 ~]# helm install --namespace openebs --name openebs stable/openebs --version 1.5.0
Error: failed to download "stable/openebs" (hint: running `helm repo update` may help)

解决方法如下：

• 先下载要用到的docker镜像如下

docker pull openebs/m-apiserver:1.5.0
docker pull openebs/openebs-k8s-provisioner:1.5.0
docker pull openebs/snapshot-controller:1.5.0
docker pull openebs/snapshot-provisioner:1.5.0
docker pull openebs/node-disk-manager-amd64:v0.4.5
docker pull openebs/node-disk-operator-amd64:v0.4.5
docker pull openebs/admission-server:1.5.0
docker pull openebs/provisioner-localpv:1.5.0

• 下载修改后的 yaml 文件如下

# This manifest deploys the OpenEBS control plane components, with associated CRs & RBAC rules
# NOTE: On GKE, deploy the openebs-operator.yaml in admin context
 
# Create the OpenEBS namespace
apiVersion: v1
kind: Namespace
metadata:
  name: openebs
---
# Create Maya Service Account
apiVersion: v1
kind: ServiceAccount
metadata:
  name: openebs-maya-operator
  namespace: openebs
---
# Define Role that allows operations on K8s pods/deployments
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: openebs-maya-operator
rules:
- apiGroups: ["*"]
  resources: [