跳到主要内容

OS: Ubuntu:18.04 64位

1 k3s 安装

国外版

    curl -sfL https://get.k3s.io | sh -

国内版

curl -sfL http://rancher-mirror.cnrancher.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn sh -

验证

kubectl get all -n kube-system

2 helm安装

helm安装指导 传送门

curl https://baltocdn.com/helm/signing.asc | sudo apt-key add -
sudo apt-get install apt-transport-https --yes
echo "deb https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helm

3 rancher

k8s hub 库 搜索rancher 传送门 或者 传送门

helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
kubectl create namespace cattle-system

4 cert-manager

# Install the CustomResourceDefinition resources separately
kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.0.4/cert-manager.crds.yaml

# **Important:**
# If you are running Kubernetes v1.15 or below, you
# will need to add the `--validate=false` flag to your
# kubectl apply command, or else you will receive a
# validation error relating to the
# x-kubernetes-preserve-unknown-fields field in
# cert-manager’s CustomResourceDefinition resources.
# This is a benign error and occurs due to the way kubectl
# performs resource validation.

# Create the namespace for cert-manager
kubectl create namespace cert-manager

# Add the Jetstack Helm repository
helm repo add jetstack https://charts.jetstack.io

# Update your local Helm chart repository cache
helm repo update

# Install the cert-manager Helm chart
helm install \
  cert-manager jetstack/cert-manager \
  --namespace cert-manager \
  --version v1.0.4

报错解决

报错信息:

Error: Kubernetes cluster unreachable: Get "http://localhost:8080/version?timeout=32s": dial tcp [::1]:8080: connect: connection refused

报错原因: helm v3版本不再需要Tiller,而是直接访问ApiServer来与k8s交互,通过环境变量KUBECONFIG来读取存有ApiServre的地址与token的配置文件地址,默认地址为~/.kube/config

解决方法:

手动配置 KUBECONFIG环境变量

临时解决: export KUBECONFIG=/etc/rancher/k3s/k3s.yaml

永久解决:

执行: vi /etc/profile
写入内容: export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
执行: source /etc/profile
# 查看cert-manager 是否ok
kubectl get pods --namespace cert-manager

cert-manager 网站 传送门

5 使用helm 和 所选证书验证方式 安装rancher

helm install rancher rancher-stable/rancher \
  --namespace cattle-system \
  --set hostname=地址 \
  --set replicas=3 \
  --set ingress.tls.source=letsEncrypt \
  --set letsEncrypt.email=1@qq.com


# 查看状态
kubectl -n cattle-system rollout status deploy/rancher

访问配置的地址,设置密码,进行rancher管理

helm install
cert-manager jetstack/cert-manager
--namespace cert-manager
--version v1.7.1

helm install rancher rancher-stable/rancher
--namespace cattle-system
--set hostname=ti.goyyds.com
--set replicas=3
--set ingress.tls.source=letsEncrypt
--set letsEncrypt.email=429534533@qq.com

helm install rancher rancher-stable/rancher
--namespace cattle-system
--set hostname=ti.goyyds.com
--set replicas=1
--set ingress.tls.source=letsEncrypt
--set letsEncrypt.email=429534533@qq.com
--set systemDefaultRegistry=registry.cn-hangzhou.aliyuncs.com
--set rancherImage=registry.cn-hangzhou.aliyuncs.com/rancher/rancher

curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn INSTALL_K3S_VERSION=v1.28.11+k3s2 sh -s - --system-default-registry "registry.cn-hangzhou.aliyuncs.com"