差異處

這裏顯示兩個版本的差異處。

--- tech:rke-k8s [2021/04/07 00:27] – 建立 jonathan
+++ tech:rke-k8s [2022/07/19 16:55] (目前版本) – [關閉 rke (移除 K8s Cluster)] jonathan
@@ 行 1: / 行 1: @@
 ====== 使用 rke 安裝 K8s 的程序 ======
   * 安裝環境 Ubuntu 20.04.2 LTS x86_64
-  * 單一節點 IP : 10.20.0.35
+  * 兩個節點 IP : 10.20.0.35 / 10.20.0.37
-=====
+===== 前置作業 =====
+  *  apt 更新與安裝套件 <cli>
+sudo apt update
+sudo apt-get install unzip curl software-properties-common snap -y
+</cli>
+  * 安裝 Docker 19.03.14 <cli>
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
+sudo apt-get install docker-ce=5:19.03.14~3-0~ubuntu-focal docker-ce-cli=5:19.03.14~3-0~ubuntu-focal containerd.io -y
+</cli>
+  * 安裝 kubectl <cli>
+sudo curl -LO https://dl.k8s.io/release/v1.18.17/bin/linux/amd64/kubectl
+sudo chmod a+x kubectl
+sudo mv ./kubectl /usr/local/bin/
+mkdir -p ~/.kube/
+</cli>
+  * 關閉 swap <cli>sudo swapoff -a</cli>
-  * cluster.yml<file>
+===== 各主機節點建立與設定 rkeuser 用戶 =====
+  * 所有節點建立 rkeuser 帳號 <cli>
+sudo useradd -s /bin/bash -d /home/rkeuser/ -m -G sudo rkeuser
+sudo passwd rkeuser
+sudo usermod -aG docker rkeuser
+</cli>
+  * 配置免密登入-master節點-10.20.0.35
+    * master節點-10.20.0.35 產生公鑰<cli>
+ssh-keygen  -t rsa -C '[email protected]'
+</cli>
+    * 將公鑰複製到各節點的 rkeuser 用戶內 <cli>
+ssh-copy-id [email protected]
+ssh-copy-id [email protected]
+</cli>
+  * 確認所有節點 rkeuser 可以執行 docker 命令 <cli>
+ssh [email protected]
+docker ps
+</cli>
+  * 如有啟動 firewall 要開啟 port
+    * 6443-KubeAPI
+    * 2379-etcd
+  * SSH server配置 TCP 轉發 <cli>
+sudo vi /etc/ssh/sshd_config
+</cli><file>
+:
+AllowTcpForwarding yes
+:
+</file><cli>
+sudo systemctl reload sshd
+</cli>
+===== 安裝 rke 與建立 K8s Cluster =====
+  * 參考 - https://github.com/rancher/rke/releases/
+  * 下載 rke 1.2.7 <cli>
+wget https://github.com/rancher/rke/releases/download/v1.2.7/rke_linux-amd64
+sudo mv rke_linux-amd64 /usr/local/bin/rke
+sudo chmod +x /usr/local/bin/rke
+rke --version
+</cli>
+  * 產生 rke 配置 K8s Cluster 檔<cli>
+rke config --name cluster.yml
+</cli>
+  * ++看輸入資訊|<cli>
+localadmin@Cori-test3:~$ rke config --name cluster.yml
+[+] Cluster Level SSH Private Key Path [~/.ssh/id_rsa]:
+[+] Number of Hosts [1]: 2
+[+] SSH Address of host (1) [none]: 10.20.0.35
+[+] SSH Port of host (1) [22]:
+[+] SSH Private Key Path of host (10.20.0.35) [none]:
+[-] You have entered empty SSH key path, trying fetch from SSH key parameter
+[+] SSH Private Key of host (10.20.0.35) [none]:
+[-] You have entered empty SSH key, defaulting to cluster level SSH key: ~/.ssh/id_rsa
+[+] SSH User of host (10.20.0.35) [ubuntu]: rkeuser
+[+] Is host (10.20.0.35) a Control Plane host (y/n)? [y]:
+[+] Is host (10.20.0.35) a Worker host (y/n)? [n]: y
+[+] Is host (10.20.0.35) an etcd host (y/n)? [n]: y
+[+] Override Hostname of host (10.20.0.35) [none]:
+[+] Internal IP of host (10.20.0.35) [none]: 10.20.0.35
+[+] Docker socket path on host (10.20.0.35) [/var/run/docker.sock]:
+[+] SSH Address of host (2) [none]: 10.20.0.37
+[+] SSH Port of host (2) [22]:
+[+] SSH Private Key Path of host (10.20.0.37) [none]:
+[-] You have entered empty SSH key path, trying fetch from SSH key parameter
+[+] SSH Private Key of host (10.20.0.37) [none]:
+[-] You have entered empty SSH key, defaulting to cluster level SSH key: ~/.ssh/id_rsa
+[+] SSH User of host (10.20.0.37) [ubuntu]: rkeuser
+[+] Is host (10.20.0.37) a Control Plane host (y/n)? [y]: n
+[+] Is host (10.20.0.37) a Worker host (y/n)? [n]: y
+[+] Is host (10.20.0.37) an etcd host (y/n)? [n]: n
+[+] Override Hostname of host (10.20.0.37) [none]:
+[+] Internal IP of host (10.20.0.37) [none]: 10.20.0.37
+[+] Docker socket path on host (10.20.0.37) [/var/run/docker.sock]:
+[+] Network Plugin Type (flannel, calico, weave, canal, aci) [canal]: calico
+[+] Authentication Strategy [x509]:
+[+] Authorization Mode (rbac, none) [rbac]:
+[+] Kubernetes Docker image [rancher/hyperkube:v1.20.5-rancher1]: rancher/hyperkube:v1.18.17-rancher1
+[+] Cluster domain [cluster.local]: iiidevops-k8s
+[+] Service Cluster IP Range [10.43.0.0/16]:
+[+] Enable PodSecurityPolicy [n]:
+[+] Cluster Network CIDR [10.42.0.0/16]:
+[+] Cluster DNS Service IP [10.43.0.10]:
+[+] Add addon manifest URLs or YAML files [no]:
+</cli>++
+  * 檢視與編輯 cluster.yml 內容<file>
 nodes:
-- address: "10.20.0.35"
+- address: 10.20.0.35
   port: "22"
-  internal_address: "10.20.0.35"
+  internal_address: 10.20.0.35
   role:
   - controlplane
   - worker
   - etcd
-  hostname_override: "Cori-test3"
+  hostname_override: ""
+  user: rkeuser
+  docker_socket: /var/run/docker.sock
+  ssh_key: ""
+  ssh_key_path: ~/.ssh/id_rsa
+  ssh_cert: ""
+  ssh_cert_path: ""
+  labels: {}
+  taints: []
+- address: 10.20.0.37
+  port: "22"
+  internal_address: 10.20.0.37
+  role:
+  - worker
+  hostname_override: ""
+  user: rkeuser
+  docker_socket: /var/run/docker.sock
+  ssh_key: ""
+  ssh_key_path: ~/.ssh/id_rsa
+  ssh_cert: ""
+  ssh_cert_path: ""
+  labels: {}
+  taints: []
+services:
+  etcd:
+    image: ""
+:
+:
+</file>
+  * 開始執行安裝 <cli>
+rke up --config cluster.yml
+</cli> 因為要下載一些 images 需要等一些時間才會完成, 最後應該可以看到類似以下的訊息<cli>
+:
+INFO[0378] [addons] Executing deploy job rke-ingress-controller
+INFO[0405] [ingress] ingress controller nginx deployed successfully
+INFO[0405] [addons] Setting up user addons
+INFO[0405] [addons] no user addons defined
+INFO[0405] Finished building Kubernetes cluster successfully
+</cli>
+  * 將產生的檔案備份起來 <cli>
+$ ls -lt
+total 4476
+-rw-r-----  1 localadmin localadmin  105805 Apr  7 19:18 cluster.rkestate
+-rw-r-----  1 localadmin localadmin    5381 Apr  7 19:13 kube_config_cluster.yml
+-rw-r-----  1 localadmin localadmin    5653 Apr  7 19:12 cluster.yml
+</cli>
+  * 複製 kubeconfig 檔案及驗證 kubeconfig 檔案<cli>
+cp kube_config_cluster.yml ~/.kube/config
+kubectl get nodes
+</cli>如果沒問題應該會出現類似以下的訊息<cli>
+$ kubectl get node
+NAME         STATUS   ROLES                      AGE     VERSION
+.20.0.35   Ready    controlplane,etcd,worker   7m52s   v1.18.17
+.20.0.37   Ready    worker                     7m47s   v1.18.17
+</cli>
+===== 新增與移除 K8s Node ====
+  * 只要修改 cluster.yml 節點資料, 再執行以下指令即可 <cli>rke up --update-only --config cluster.yml </cli>
+  * Exp. 加上 10.20.0.36
+    * 前面所有節點準備程序都要進行
+    * 修改 cluster.yml <file>
+nodes:
+- address: 10.20.0.35
+  port: "22"
+  internal_address: 10.20.0.35
+  role:
+  - controlplane
+  - worker
+  - etcd
+  hostname_override: ""
+  user: rkeuser
+  docker_socket: /var/run/docker.sock
+  ssh_key: ""
+  ssh_key_path: ~/.ssh/id_rsa
+  ssh_cert: ""
+  ssh_cert_path: ""
+  labels: {}
+  taints: []
+- address: 10.20.0.36
+  port: "22"
+  internal_address: 10.20.0.36
+  role:
+  - worker
+  hostname_override: ""
+  user: rkeuser
+  docker_socket: /var/run/docker.sock
+  ssh_key: ""
+  ssh_key_path: ~/.ssh/id_rsa
+  ssh_cert: ""
+  ssh_cert_path: ""
+  labels: {}
+  taints: []
+- address: 10.20.0.37
+  port: "22"
+  internal_address: 10.20.0.37
+  role:
+  - worker
+  hostname_override: ""
   user: rkeuser
   docker_socket: /var/run/docker.sock
@@ 行 28: / 行 224: @@
 :
 </file>
+  * 執行更新 <cli>
+rke up --update-only --config cluster.yml
+</cli>
+===== 關閉 rke (移除 K8s Cluster) ====
+  * 直接執行 rke remove 就會將 K8s 移除 <cli>
+rke remove --config cluster.yml
+</cli>
+  * 執行後原本運行中的 rancher 服務還會持續運行, 可以透過重新開機解決
 ===== 參考網址 =====
   * https://www.mdeditor.tw/pl/glor/zh-tw
+  * https://rancher.com/docs/rke/latest/en/managing-clusters/
-{{tag>RKE K8s}}
+{{tag>Rancher RKE K8s}}