-
k3s 快速入门 - 集群搭建
K3s快速搭建入门
1、什么是 K3s?#
K3s 是一个轻量级的 Kubernetes 发行版,它针对边缘计算、物联网等场景进行了高度优化。K3s 有以下增强功能:
- 打包为单个二进制文件。
- 使用基于 sqlite3 的轻量级存储后端作为默认存储机制。同时支持使用 etcd3、MySQL 和 PostgreSQL 作为存储机制。
- 封装在简单的启动程序中,通过该启动程序处理很多复杂的 TLS 和选项。
- 默认情况下是安全的,对轻量级环境有合理的默认值。
- 添加了简单但功能强大的
2、环境准备
这次主要是搭建多节点环境,所以准备的两台服务器进行搭建,服务器是在同一个网段内。环境相关配置如下: 主节点操作系统:CentOS Linux release 7.9.2009 (Core) 内存:8G,cpu:4core 从节点操作系统:Ubuntu-20.04 内存:8G,cpu:8core- 1
- 2
- 3
- 4
- 5
- 6
3、执行脚本搭建
在官网文档中,k3s提供了一个安装脚本,可以方便在systemd 或 openrc 的系统上将其作为服务安装。相关脚步如下:
curl -sfL https://rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn sh -- 1
执行脚本之后会在文件夹/usr/local/bin生成以下文件:crictl 、ctr、k3s、k3s-killall.sh、k3s-uninstall.sh、kubectl
同时会启动k3s服务。[root@localhost bin]# curl -sfL https://rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn sh - [INFO] Finding release for channel stable [INFO] Using v1.24.3+k3s1 as release [INFO] Downloading hash rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/v1.24.3-k3s1/sha256sum-amd64.txt [INFO] Downloading binary rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/v1.24.3-k3s1/k3s [INFO] Verifying binary download [INFO] Installing k3s to /usr/local/bin/k3s Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirrors.njupt.edu.cn * extras: mirrors.njupt.edu.cn * updates: mirror.lzu.edu.cn Package yum-utils-1.1.31-54.el7_8.noarch already installed and latest version Nothing to do Loaded plugins: fastestmirror, langpacks Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirrors.njupt.edu.cn * extras: mirrors.njupt.edu.cn * updates: mirror.lzu.edu.cn rancher-k3s-common-stable | 2.9 kB 00:00:00 Resolving Dependencies --> Running transaction check ---> Package k3s-selinux.noarch 0:1.2-2.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ====================================================================================================================================================================== Package Arch Version Repository Size ====================================================================================================================================================================== Installing: k3s-selinux noarch 1.2-2.el7 rancher-k3s-common-stable 16 k Transaction Summary ====================================================================================================================================================================== Install 1 Package Total download size: 16 k Installed size: 94 k Downloading packages: k3s-selinux-1.2-2.el7.noarch.rpm | 16 kB 00:00:06 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : k3s-selinux-1.2-2.el7.noarch 1/1 Verifying : k3s-selinux-1.2-2.el7.noarch 1/1 Installed: k3s-selinux.noarch 0:1.2-2.el7 Complete! [INFO] Creating /usr/local/bin/kubectl symlink to k3s [INFO] Creating /usr/local/bin/crictl symlink to k3s [INFO] Creating /usr/local/bin/ctr symlink to k3s [INFO] Creating killall script /usr/local/bin/k3s-killall.sh [INFO] Creating uninstall script /usr/local/bin/k3s-uninstall.sh [INFO] env: Creating environment file /etc/systemd/system/k3s.service.env [INFO] systemd: Creating service file /etc/systemd/system/k3s.service [INFO] systemd: Enabling k3s unit Created symlink from /etc/systemd/system/multi-user.target.wants/k3s.service to /etc/systemd/system/k3s.service. [INFO] systemd: Starting k3s [root@localhost bin]#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
当执行到“[INFO] systemd: Starting k3s”的会启动k3s,在这需要等待一段时间,启动成功之后,会返回命令行操作。
# 执行k3s-uninstall.sh对k3s进行卸载 [root@localhost bin]# ./k3s-uninstall.sh- 1
- 2
4、测试k3s是否安装成功
执行“k3s kubectl get pods -A” 查看k3s安装之后容器内存在的pod。
[root@localhost bin]# k3s kubectl get pods -A NAMESPACE NAME READY STATUS RESTARTS AGE kube-system helm-install-traefik-rxqbm 0/1 ContainerCreating 0 2m35s kube-system helm-install-traefik-crd-wtlpt 0/1 ContainerCreating 0 2m35s kube-system local-path-provisioner-7b7dc8d6f5-vn4sh 0/1 ContainerCreating 0 2m34s kube-system coredns-b96499967-hvc6b 0/1 ContainerCreating 0 2m34s kube-system metrics-server-668d979685-m96v2 0/1 ContainerCreating 0 2m34s- 1
- 2
- 3
- 4
- 5
- 6
- 7
查看pod的状态为“ContainerCreating”正在创建中,等待片刻。大概过了5分钟左右,pod的状态还是没有改变。这个时候需要查看一下pod详情及日志查看一下是否pod出现了问题。可以看我在“minikube 快速使用入门 - 命令篇 - 4”中的命令:
# 查看 pod 详情 kubectl describe pod {{PodName}} # 查看 log kubectl logs {{PodName}}- 1
- 2
- 3
- 4
首先查看一下pod详情:
[root@localhost bin]# kubectl describe pod helm-install-traefik-rxqbm -n kube-system Name: helm-install-traefik-rxqbm Namespace: kube-system Priority: 0 Node: localhost.localdomain/192.168.2.42 Start Time: Tue, 16 Aug 2022 19:00:17 -0700 Labels: controller-uid=80acabd9-0e86-44bc-ba9a-179ab934ff5f helmcharts.helm.cattle.io/chart=traefik job-name=helm-install-traefik Annotations: helmcharts.helm.cattle.io/configHash: SHA256=4FB81B006A924ED2BC02CE1CB7DFCFE3E5970FC345CBF525F6CC773F78938C37 Status: Pending IP: IPs: <none> Controlled By: Job/helm-install-traefik Containers: helm: Container ID: Image: rancher/klipper-helm:v0.7.3-build20220613 Image ID: Port: <none> Host Port: <none> Args: install --set-string global.systemDefaultRegistry= State: Waiting Reason: ContainerCreating Ready: False Restart Count: 0 Environment: NAME: traefik VERSION: REPO: HELM_DRIVER: secret CHART_NAMESPACE: kube-system CHART: https://%{KUBERNETES_API}%/static/charts/traefik-10.19.300.tgz HELM_VERSION: TARGET_NAMESPACE: kube-system NO_PROXY: .svc,.cluster.local,10.42.0.0/16,10.43.0.0/16 FAILURE_POLICY: reinstall Mounts: /chart from content (rw) /config from values (rw) /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-5ghgq (ro) Conditions: Type Status Initialized True Ready False ContainersReady False PodScheduled True Volumes: values: Type: ConfigMap (a volume populated by a ConfigMap) Name: chart-values-traefik Optional: false content: Type: ConfigMap (a volume populated by a ConfigMap) Name: chart-content-traefik Optional: false kube-api-access-5ghgq: Type: Projected (a volume that contains injected data from multiple sources) TokenExpirationSeconds: 3607 ConfigMapName: kube-root-ca.crt ConfigMapOptional: <nil> DownwardAPI: true QoS Class: BestEffort Node-Selectors: kubernetes.io/os=linux Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s node.kubernetes.io/unreachable:NoExecute op=Exists for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 6m56s default-scheduler Successfully assigned kube-system/helm-install-traefik-rxqbm to localhost.localdomain Warning FailedCreatePodSandBox 80s (x26 over 6m49s) kubelet Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create containerd task: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: open /proc/sys/net/ipv4/ip_unprivileged_port_start: no such file or directory: unknown- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
在详情的末尾,可以看到如下信息:
Warning FailedCreatePodSandBox 80s (x26 over 6m49s) kubelet Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create containerd task: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: open /proc/sys/net/ipv4/ip_unprivileged_port_start: no such file or directory: unknown。
大概意思是:/proc/sys/net/ipv4/ip_unprivileged_port_start ,这个文件或者文件夹找不到了。网上找了一下资料说是需要升级linux内核,或者是对kubernetes进行降级操作。我根据网上的提示对kubernetes进行了降级。执行降级之前首先要卸载原来的k3s。我们进入/usr/local/bin下面执行卸载脚步,如下:# 执行k3s-uninstall.sh对k3s进行卸载 [root@localhost bin]# ./k3s-uninstall.sh- 1
- 2
然后执行安装脚本:
curl -sfL https://rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn INSTALL_K3S_VERSION=v1.24.1+k3s1 sh -- 1
最后显示安装成功。
5、查看pod状态
执行完脚本之后等待几分钟左右查看一下pod状态,如下:
[root@localhost bin]# k3s kubectl get pods -A NAMESPACE NAME READY STATUS RESTARTS AGE kube-system coredns-b96499967-ggjk5 1/1 Running 0 67s kube-system local-path-provisioner-7b7dc8d6f5-fxwgk 1/1 Running 0 67s kube-system helm-install-traefik-crd-tql4c 0/1 Completed 0 67s kube-system helm-install-traefik-rs5g6 0/1 Completed 1 67s kube-system svclb-traefik-2zcq6 2/2 Running 0 40s kube-system metrics-server-668d979685-ff78t 1/1 Running 0 67s kube-system traefik-7cd4fcff68-r6kgf 1/1 Running 0 40s- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
pod的状态为Running和Completed说明安装成功。总体来说k3s安装要比k8s快很多
6、加入新的节点
主节点环境部署好了,现在开始部署从节点环境,从k3s的文档中描述,加入从节点需要执行脚本:
curl -sfL https://rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn K3S_URL=https://myserver:6443 K3S_TOKEN=mynodetoken sh -- 1
其中“K3S_URL=https://myserver:6443”,K3S_URL是主节点的接入地址,我的主节点ip地址为:192.168.2.42。
其中“K3S_TOKEN=mynodetoken”,K3S_TOKEN是主节点的token,存在token节点的位置为:/var/lib/rancher/k3s/server/node-token#查看token信息 [root@localhost bin]# cat /var/lib/rancher/k3s/server/node-token K101092b90aed05ef75579f24a19bbdbdc766209c581c3d84e421915230081f3b87::server:680ea0edcc69f898d976e6b2a4346691- 1
- 2
- 3
根据上面的参数重写注册节点的脚本:
curl -sfL https://rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn INSTALL_K3S_VERSION=v1.24.1+k3s1 K3S_URL=https://192.168.2.42:6443 K3S_TOKEN=K101092b90aed05ef75579f24a19bbdbdc766209c581c3d84e421915230081f3b87::server:680ea0edcc69f898d976e6b2a4346691 sh -- 1
重写完之后,执行注册节点的脚本。
root@LAPTOP-7HC3FEQ9:/usr/local/bin# curl -sfL https://rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn K3S_URL=https://192.168.2.42:6443 K3S_TOKEN=K101092b90aed05ef75579f24a19bbdbdc766209c581c3d84e421915230081f3b87::server:680ea0edcc69f898d976e6b2a4346691 sh - [INFO] Finding release for channel stable [INFO] Using v1.24.3+k3s1 as release [INFO] Downloading hash rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/v1.24.3-k3s1/sha256sum-amd64.txt [INFO] Downloading binary rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/v1.24.3-k3s1/k3s [INFO] Verifying binary download [INFO] Installing k3s to /usr/local/bin/k3s [INFO] Skipping installation of SELinux RPM [INFO] Creating /usr/local/bin/kubectl symlink to k3s [INFO] Creating /usr/local/bin/crictl symlink to k3s [INFO] Creating /usr/local/bin/ctr symlink to k3s [INFO] Creating killall script /usr/local/bin/k3s-killall.sh [INFO] Creating uninstall script /usr/local/bin/k3s-agent-uninstall.sh [INFO] env: Creating environment file /etc/systemd/system/k3s-agent.service.env [INFO] systemd: Creating service file /etc/systemd/system/k3s-agent.service [INFO] systemd: Enabling k3s-agent unit Created symlink /etc/systemd/system/multi-user.target.wants/k3s-agent.service → /etc/systemd/system/k3s-agent.service. [INFO] systemd: Starting k3s-agent root@LAPTOP-7HC3FEQ9:/usr/local/bin#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
执行完成之后,在主节点查看新节点是否注册成功,执行命令
k3s kubectl get node -A。[root@localhost bin]# k3s kubectl get node -A NAME STATUS ROLES AGE VERSION localhost.localdomain Ready control-plane,master 5h6m v1.24.1+k3s1 laptop-7hc3feq9 Ready <none> 66s v1.24.1+k3s1- 1
- 2
- 3
- 4
laptop-7hc3feq9是新注册的节点,说明已经注册成功。
查看一下pod信息:[root@localhost bin]# kubectl get pods -A -o wide NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES kube-system coredns-b96499967-ggjk5 1/1 Running 0 5h13m 10.42.0.5 localhost.localdomain <none> <none> kube-system local-path-provisioner-7b7dc8d6f5-fxwgk 1/1 Running 0 5h13m 10.42.0.2 localhost.localdomain <none> <none> kube-system helm-install-traefik-crd-tql4c 0/1 Completed 0 5h13m 10.42.0.6 localhost.localdomain <none> <none> kube-system helm-install-traefik-rs5g6 0/1 Completed 1 5h13m 10.42.0.4 localhost.localdomain <none> <none> kube-system svclb-traefik-2zcq6 2/2 Running 0 5h12m 10.42.0.7 localhost.localdomain <none> <none> kube-system metrics-server-668d979685-ff78t 1/1 Running 0 5h13m 10.42.0.3 localhost.localdomain <none> <none> kube-system traefik-7cd4fcff68-r6kgf 1/1 Running 0 5h12m 10.42.0.8 localhost.localdomain <none> <none> kube-system svclb-traefik-wv6jn 2/2 Running 2 7m56s 10.42.1.2 laptop-7hc3feq9 <none> <none>- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
laptop-7hc3feq9 已经成功安装了svclb-traefik-wv6jn 这个pod。
之后可以按照我写的关于“minikube 快速使用入门 - 部署 - 3”、“minikube 实战篇 - 镜像打包部署 - 1”等相关的文章进行部署,查看一下节点是否正常。 -
相关阅读:
java计算机毕业设计仁爱公益网站源码+数据库+系统+lw文档+mybatis+运行部署
关于语雀 23 日故障的公告
基于FPGA的分形编码器verilog设计——详细版
BioVendor sRAGE蛋白解决方案
【Linux】linux | 生产事故 | openssl升级导致ssh无法连接
JavaWeb-CSS
Loki | 数据过期自动删除策略设计
如何找出最优的【SVC】核函数和参数值—以乳腺癌数据集为例
无服务器学习02:挑战及发展
产品经理需要熟悉的网站
- 原文地址:https://blog.csdn.net/exception_class/article/details/126391811
