colben/www.colben.cn
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
www.colben.cn/content/post/k3s-install.md
colben ab18b6d55c update
2022-08-10 15:47:52 +08:00

159 lines
4.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: "RockyLinux 8.5 安装 K3S"
date: 2020-09-25T14:21:00+08:00
lastmod: 2022-08-10T15:40:00+08:00
keywords: []
tags: ["rancher", "k3s"]
categories: ["container"]
---
## 环境
角色 | 主机名 | 操作系统 | 软件
---- | ---- | ---- | ----
数据库 | - | - | docker 20.10
k3s server | k3s-server0 | RockyLinux 8.5 | docker 20.10, k3s v1.23.9
k3s server | k3s-server1 | RockyLinux 8.5 | docker 20.10, k3s v1.23.9
k3s agent | k3s-agent0 | RockyLinux 8.5 | docker 20.10, k3s v1.23.9
k3s agent | k3s-agent1 | RockyLinux 8.5 | docker 20.10, k3s v1.23.9
- **全部服务器关闭 firewalld、selinux 和 swap设置时间同步**
- **全部 k3s 服务器(除了数据库)必须设置唯一主机名**
## 安装数据库
- 在数据库服务器上执行如下操作
- 启动 docker 容器
```bash
docker run -d \
--name mysql \
-p 3306:3306 \
-v /data/mariadb/binlog:/var/lib/mysql-bin \
-v /data/mariadb/db:/var/lib/mysql \
-v /data/mariadb/log:/var/log/mysql \
harbor.colben.cn/general/mysql:8
```
- 创建 k3s 数据库
```bash
docker exec mysql mysql -e "
CREATE DATABASE k3s DEFAULT CHARSET UTF8MB4;
CREATE USER k3s@'%' IDENTIFIED BY 'Password_1234';
GRANT ALL ON k3s.* TO k3s@'%';
"
```
## 安装 k3s server
- 在每台 k3s server 服务器上执行如下操作
- 下载并安装 k3s
```bash
cd /usr/local/bin/
curl -LO https://github.com/k3s-io/k3s/releases/download/v1.23.9%2Bk3s1/k3s
chmod 0755 k3s
ln -s k3s kubectl
```
- 创建 systemd 服务文件 /etc/systemd/system/k3s-server.service内容如下
```ini
[Unit]
Description=Lightweight Kubernetes
Documentation=https://k3s.io
Wants=network-online.target
After=network-online.target
[Install]
WantedBy=multi-user.target
[Service]
Type=notify
KillMode=process
Delegate=yes
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
TimeoutStartSec=0
Restart=always
RestartSec=5s
SuccessExitStatus=1
ExecStartPre=-/sbin/modprobe br_netfilter
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/bin/k3s \
server \
--docker \
--token "123456" \
--bind-address "0.0.0.0" \
--https-listen-port "6443" \
--cluster-cidr "10.42.0.0/16" \
--service-cidr "10.43.0.0/16" \
--pause-image 'harbor.colben.cn/k3s/pause:3.6' \
--disable 'coredns,servicelb,traefik,local-storage,metrics-server' \
--datastore-endpoint 'mysql://k3s:Password_1234@tcp({mysql 地址}:{mysql 端口})/k3s'
```
- 重载 systemd 系统服务,启动 k3s-server 服务
```bash
systemctl daemon-reload
systemctl start k3s-server
```
- 多个 k3s-server 服务可通过 keepalived 配置高可用,参考[keepalived 笔记](/post/keepalived/)
## 安装 k3s agent
- 在每台 k3s agent 服务器上执行如下操作
- 下载并安装 k3s
```bash
cd /usr/local/bin/
curl -LO https://github.com/k3s-io/k3s/releases/download/v1.23.9%2Bk3s1/k3s
chmod 0755 k3s
```
- 创建 systemd 服务文件 /etc/systemd/system/k3s-agent.service内容如下
```ini
[Unit]
Description=Lightweight Kubernetes
Documentation=https://k3s.io
Wants=network-online.target
After=network-online.target
[Install]
WantedBy=multi-user.target
[Service]
Type=notify
KillMode=process
Delegate=yes
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
TimeoutStartSec=0
Restart=always
RestartSec=5s
SuccessExitStatus=1
ExecStartPre=-/sbin/modprobe br_netfilter
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/bin/k3s \
agent \
--docker \
--token "123456" \
--server 'https://{任一 server 地址或 server 高可用地址}:6443' \
--pause-image 'harbor.colben.cn/k3s/pause:3.6' \
```
- 重载 systemd 系统服务,启动 k3s-agent 服务
```bash
systemctl daemon-reload
systemctl start k3s-agent
```
## 查看节点信息
- 在任一 k3s server 服务器上执行如下操作
- 查看节点信息
```bash
kubectl get nodes
```
## 注意事项
- k3s 内部 ssl 证书有效期一年,可在到期前重启 k3s 集群轮换证书
Reference in New Issue View Git Blame Copy Permalink