准備
3台預裝 Alpine 3.13 的虛擬/物理機節點,網絡互通
TIPS: VirtualBox 可以給虛擬機添加兩塊網卡,第一塊 eth0 設置 host-only 網絡方便虛擬機和虛擬機&虛擬機和宿主機互通(不啟用 DHCP),第二塊 eth1 設置 NAT 網絡用於訪問外網(啟用 DHCP)
配置靜態 IP
默認情況下,節點 IP 由 DHCP 動態分配,IP 可能會變更帶來不必要的麻煩,編輯 /etc/network/interfaces 設置為靜態 IP
node-1
...
iface eth0 inet static
address 10.0.0.101/24
...
node-2
...
iface eth0 inet static
address 10.0.0.102/24
...
node-3
...
iface eth0 inet static
address 10.0.0.103/24
...
保存修改后重啟網絡
rc-service networking restart
(可選)添加靜態hosts記錄
cat >>/etc/hosts <<EOF
10.0.0.101 node-1
10.0.0.102 node-2
10.0.0.103 node-3
EOF
(可選)設置 hostname方便識別主機
echo node-1 >/etc/hostname
hostname -F /etc/hostname
(可選)使用阿里雲dns避免dns污染
cat >/etc/resolv.conf <<EOF
nameserver 223.5.5.5
nameserver 223.6.6.6
EOF
預下載安裝 k3s 需要的資源
apk add curl
mkdir k3s-download
( \
cd k3s-download; \
export HTTPS_PROXY=socks5h://<YOUR-PROXY-SERVER>; \
curl -L https://api.github.com/repos/k3s-io/k3s/releases/latest \
| sed -E -n 's/.*"browser_download_url": "([^"]+\/(k3s|k3s-airgap-images-amd64\.tar\.gz))".*/\1/p' \
| xargs -I {} curl -LO -C- {}; \
curl -Lo install.sh https://get.k3s.io; \
)
ls k3s-download
# 包含3個文件:k3s, k3s-airgap-images-amd64.tar.gz, install.sh
可以只在一個節點下載,其余節點用 scp 拷貝 k3s-download 文件夾
安裝 k3s
拷貝 k3s cli 到 /usr/local/bin,並設置可執行屬性
install k3s-download/k3s /usr/local/bin/k3s
拷貝 k3s 依賴的鏡像包到特定的 images 目錄
mkdir -p /var/lib/rancher/k3s/agent/images
cp k3s-download/k3s-airgap-images-amd64.tar.gz /var/lib/rancher/k3s/agent/images
啟動 k8s 集群
生成隨機 token
head -c12 /dev/urandom | base64
記住這個 token 用於替換后續的 <YOUR-TOKEN>
在 node-1 啟動第一個 k3s server
INSTALL_K3S_SKIP_DOWNLOAD=true \
K3S_TOKEN=<YOUR-TOKEN> \
sh k3s-download/install.sh server --flannel-backend=host-gw --flannel-iface=eth0 --node-ip 10.0.0.101 --cluster-init
在 node-2 啟動第二個 k3s server
INSTALL_K3S_SKIP_DOWNLOAD=true \
K3S_TOKEN=<YOUR-TOKEN> \
sh k3s-download/install.sh server --flannel-backend=host-gw --flannel-iface=eth0 --node-ip 10.0.0.102 --server https://10.0.0.101:6443
在 node-3 啟動第三個 k3s server
INSTALL_K3S_SKIP_DOWNLOAD=true \
K3S_TOKEN=<YOUR-TOKEN> \
sh k3s-download/install.sh server --flannel-backend=host-gw --flannel-iface=eth0 --node-ip 10.0.0.103 --server https://10.0.0.101:6443
等待 k8s 節點就緒(Ready 狀態)
kubectl get nodes
# NAME STATUS ROLES AGE VERSION
# node-1 Ready control-plane,etcd,master 20m v1.21.0+k3s1
# node-2 Ready control-plane,etcd,master 18m v1.21.0+k3s1
# node-3 Ready control-plane,etcd,master 18m v1.21.0+k3s1
查看 k8s pods 信息
kubectl get pods -A
# NAMESPACE NAME READY STATUS RESTARTS AGE
# kube-system coredns-7448499f4d-td44d 1/1 Running 0 18m
# kube-system helm-install-traefik-crd-scj8d 0/1 Completed 0 18m
# kube-system helm-install-traefik-f6zq7 0/1 Completed 1 18m
# kube-system local-path-provisioner-5ff76fc89d-4nlgj 1/1 Running 0 18m
# kube-system metrics-server-86cbb8457f-fckks 1/1 Running 0 18m
# kube-system svclb-traefik-4jz29 2/2 Running 0 16m
# kube-system svclb-traefik-kmcpj 2/2 Running 0 18m
# kube-system svclb-traefik-zb7jg 2/2 Running 0 16m
# kube-system traefik-97b44b794-l7dvf 1/1 Running 0 18m
設置 https 代理
2021年如果不使用外網代理,拖取外網鏡像會非常遭罪,可以通過環境變量為 k3s 設置 https 代理
cat >>/etc/rancher/k3s/k3s.env <<EOF
HTTPS_PROXY=http://<YOUR-PROXY-SERVER>
NO_PROXY=10.0.0.0/24,10.42.0.0/16,10.43.0.0/16
EOF
# 需要重啟 k3s server 讓設置生效
rc-service k3s restart
備注:10.0.0.0/24 為 node 的網段,10.42.0.0/16 為 pod ip 的網段,10.43.0.0/16 為 service cluster ip 的網段。
卸載 k3s
k3s-uninstall.sh