前言:与rke1部署方式不同,rke2使用rke2-server、rke2-agent管理k8s集群,无须对各个节点进行ssh互信,此外,rke2-server具备worker的能力。
- 一、安装前准备工作
- 1. 替换yum源
- 2. 修改系统参数
- 3. 关闭防火墙,并关闭开机自启
- 4. 配置/etc/host
- 二、安装rke2-server
- 1. 安装server
- 2. 获取token
- 3. 配置rke server 默认配置路径在 `/etc/rancher/rke2/`
- 三、安装rke2-agent
mv /etc/yum.repos.d/CentOS-base.repo /etc/yum.repos.d/CentOS-base.repo.backup curl -o /etc/yum.repos.d/CentOS-base.repo https://mirrors.aliyun.com/repo/Centos-7.repo #非阿里云用户需要做替换 sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-base.repo yum makecache yum install -y ntpdate vim wget tree httpd-tools telnet lrzsz net-tools bridge-utils unzip ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime ntpdate -u ntp.aliyun.com2. 修改系统参数
cat >> /etc/sysctl.conf<3. 关闭防火墙,并关闭开机自启 systemctl stop firewalld systemctl disable firewalld4. 配置/etc/host[root@k8s-01 rke2]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.31.145 k8s-01 192.168.31.146 k8s-02 192.168.31.147 k8s-03二、安装rke2-server 1. 安装server# 下载 server并安装服务、此过程是下载一些依赖包,如containerd、etcd等 curl -sfL https://get.rke2.io | sh - # 设置开机自启 systemctl enable rke2-server.service # 启动server systemctl start rke2-server.service # 查看日志 journalctl -u rke2-server -f2. 获取tokenrke2-server 启动后会生成一个token 路径/var/lib/rancher/rke2/server/node-token
[root@k8s-01 rke2]# cat /var/lib/rancher/rke2/server/node-token K1044df557b4600e51c0b64cbc1fd106a3a203cae51f2f5c08856c19f5dd9a1270d::server:6d382e93bb4508df5b396fcff36050b83. 配置rke server 默认配置路径在 /etc/rancher/rke2/config.yaml: 是集群配置文件、可以设置集群节点、label信息
rke2.yaml: 此配置为kubeconfig 文件[root@k8s-01 ~]# ll /etc/rancher/rke2/ total 8 -rw-r--r--. 1 root root 320 Nov 20 01:28 config.yaml -rw-------. 1 root root 2969 Nov 20 01:28 rke2.yaml [root@k8s-01 rke2]# cat config.yaml # 服务kubelet 地址端口默认位9345 server: https://192.168.31.145:9345 # 服务启动后生成的token信息 token: K1044df557b4600e51c0b64cbc1fd106a3a203cae51f2f5c08856c19f5dd9a1270d::server:6d382e93bb4508df5b396fcff36050b8 # 允许加入集群的节点、可以是ip、域名,此处我是将hostname设置到了每台的/etc/hosts文件中 tls-san: - k8s-01 - k8s-02 - k8s-03 node-name: "k8s-01" # 设置此参数则该节点上无法运行workloads #node-taint: # - "CriticalAddonsOnly=true:NoExecute" #设置node的label信息 node-label: - "node=Master" - "k8s-01=Master"如果要进行高可用部署server,将 config.yaml 拷贝到各个节点上,安装
scp /etc/rancher/rke2/config.yaml k8s-02://etc/rancher/rke2/config.yaml scp /etc/rancher/rke2/config.yaml k8s-03://etc/rancher/rke2/config.yaml在执行安装rke2-server
# 下载 server并安装服务、此过程是下载一些依赖包,如containerd、etcd等 curl -sfL https://get.rke2.io | sh - # 设置开机自启 systemctl enable rke2-server.service # 启动server systemctl start rke2-server.service # 查看日志 journalctl -u rke2-server -f查看各个node是否已经加入集群
[root@k8s-01 rke2]# /var/lib/rancher/rke2/bin/kubectl get node --kubeconfig /etc/rancher/rke2/rke2.yaml NAME STATUS ROLES AGE VERSION k8s-01 Ready control-plane,etcd,master 17h v1.21.6+rke2r1 k8s-02 Ready control-plane,etcd,master 16h v1.21.6+rke2r1 k8s-03 Ready control-plane,etcd,master 16h v1.21.6+rke2r1简化kubectl命令
# kubectl 默认配置路径在/root/.kube/config文件 ln -s /etc/rancher/rke2/rke2.yaml /root/.kube/config ln -s /var/lib/rancher/rke2/bin/kubectl /usr/local/bin/kubectl [root@k8s-01 rke2]# kubectl get node NAME STATUS ROLES AGE VERSION k8s-01 Ready control-plane,etcd,master 17h v1.21.6+rke2r1 k8s-02 Ready control-plane,etcd,master 16h v1.21.6+rke2r1 k8s-03 Ready control-plane,etcd,master 16h v1.21.6+rke2r1三、安装rke2-agent1、下载rke2-agent
#下载worker节点相关的依赖 curl -sfL https://get.rke2.io | INSTALL_RKE2_TYPE="agent" sh - systemctl enable rke2-agent.service2、配置agent
默认配置路径和server配置路径一样
只需要配置rke2-server地址和token信息mkdir -p /etc/rancher/rke2/ vim /etc/rancher/rke2/config.yaml [root@k8s-01 rke2]# cat config.yaml server: https://192.168.31.145:9345 token: K1044df557b4600e51c0b64cbc1fd106a3a203cae51f2f5c08856c19f5dd9a1270d::server:6d382e93bb4508df5b396fcff36050b8链接: rke2官方安装文档
