alpeaiK零S
KubeSphere 容器平台安装
云环境准备
华为云环境
| 主机IP地址 | 主机名称 | SSH密码 |
|---|---|---|
| 192.168.0.19 | [gateway-node1] | ##### |
| 192.168.0.79 | [docker-node2] | ##### |
| 192.168.0.208 | [docker-master1] | ##### |
| 192.168.0.55 | [docker-master2] | ##### |
| 192.168.0.112 | [docker-node3] | ##### |
由于存在两台主机不能上网,因此需先设置上网代理,保证每个节点均可上网。需要完成以下几步:
在代理服务器【192.168.0.19】的标签页选择网卡,将源/目的检查设置为OFF;
登录代理服务器,执行ping,检查是否可以链接外网;
执行cat /proc/sys/net/ipv4/ip_forward指令,查看结果是否为1;
若结果不为1,执行echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf,再执行vi /etc/sysctl.conf检查net.ipv4.ip_forward的值;
执行sysctl -p /etc/sysctl.conf保存配置修改;
执行iptables -F命令,清除原有iptables规则。
执行以下命令,配置SNAT;
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/16 -j SNAT --to 192.168.0.19为了确保重启后上述规则不丢失,可以执行vi /etc/rc.local编辑rc.local文件,将规则复制到rc.local文件,按“ESC”退出编辑模式,输入“:wq”保存并退出。
组件预装
执行 yum install -y socat
执行yum install conntrack-tools
下载 KubeKey
执行以下指令:
wget -c https://kubesphere.io/download/kubekey-v1.0.0-linux-amd64.tar.gz -O - | tar -xz
chmod +x kk生成安装配置并修改
./kk create config --with-kubesphere v3.0.0 --with-kubernetes v1.17.9 -f master-HA.yaml指定永久化存储
./kk create config --with-storage nfs-client执行
apiVersion: kubekey.kubesphere.io/v1alpha1
kind: Cluster
metadata:
name: sample
spec:
hosts:
- {name: master1, address: 192.168.0.208, internalAddress: 192.168.0.208, user: root, password: ABC@5wei}
- {name: master2, address: 192.168.0.55, internalAddress: 192.168.0.55, user: root, password: ABC@5wei}
- {name: node1, address: 192.168.0.19, internalAddress: 192.168.0.19, user: root, password: ABC@5wei}
- {name: node2, address: 192.168.0.79, internalAddress: 192.168.0.79, user: root, password: ABC@5wei}
- {name: node3, address: 192.168.0.112, internalAddress: 192.168.0.112, user: root, password: ABC@5wei}
roleGroups:
etcd:
- master[1:2]
master:
- master[1:2]
worker:
- node1
- node2
- node3
kubernetes:
version: v1.17.9
imageRepo: kubesphere
clusterName: cluster.local
network:
plugin: calico
kubePodsCIDR: 10.233.64.0/18
kubeServiceCIDR: 10.233.0.0/18
registry:
registryMirrors: ["https://*.mirror.aliyuncs.com"]
insecureRegistries: []
addons:
- name: nfs-client
namespace: kube-system
sources:
chart:
name: nfs-client-provisioner
repo: https://charts.kubesphere.io/main
values:
- nfs.server=sfs-nas1.cn-north-1b.myhuaweicloud.com:/aaxssx
- nfs.path=/mnt/NFS/DEV
- storageClass.defaultClass=true
---
apiVersion: installer.kubesphere.io/v1alpha1
kind: ClusterConfiguration
metadata:
name: ks-installer
namespace: kubesphere-system
labels:
version: v3.0.0
spec:
local_registry: ""
persistence:
storageClass: ""
authentication:
jwtSecret: ""
etcd:
monitoring: true
endpointIps: 192.168.0.208,192.168.0.55
port: 2379
tlsEnable: true
common:
es:
elasticsearchDataVolumeSize: 20Gi
elasticsearchMasterVolumeSize: 4Gi
elkPrefix: logstash
logMaxAge: 7
mysqlVolumeSize: 20Gi
minioVolumeSize: 20Gi
etcdVolumeSize: 20Gi
openldapVolumeSize: 2Gi
redisVolumSize: 2Gi
console:
enableMultiLogin: false # enable/disable multi login
port: 30880
alerting:
enabled: true
auditing:
enabled: true
devops:
enabled: true
jenkinsMemoryLim: 2Gi
jenkinsMemoryReq: 1500Mi
jenkinsVolumeSize: 8Gi
jenkinsJavaOpts_Xms: 512m
jenkinsJavaOpts_Xmx: 512m
jenkinsJavaOpts_MaxRAM: 2g
events:
enabled: true
ruler:
enabled: true
replicas: 2
logging:
enabled: true
logsidecarReplicas: 2
metrics_server:
enabled: true
monitoring:
prometheusMemoryRequest: 400Mi
prometheusVolumeSize: 20Gi
multicluster:
clusterRole: none # host | member | none
networkpolicy:
enabled: true
notification:
enabled: true
openpitrix:
enabled: true
servicemesh:
enabled: true使用KubeKey执行安装
执行以下指令
./kk create cluster -f master-HA.yaml等待安装完成…
安装完成后的检查
执行以下语句进行组件安装检查
kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') -f安装时候出问题的点在NFS的配置。
values:
- nfs.server=sfs-nas1.cn-north-1b.myhuaweicloud.com:/aaxssx
- nfs.path=/mnt/NFS/DEV
这个nfs-server是远程访问路径,一定要有:/path。
nfs.path这个是本地映射路径。不是server的path。
