一、介紹

Kubeasz 是一個基于 Ansible 自動化工具，用于快速部署和管理 Kubernetes 集群的工具。它支持快速部署高可用的 Kubernetes 集群，支持容器化部署，可以方便地擴展集群規模，支持多租戶，提供了強大的監控和日志分析功能，可以大大簡化 Kubernetes 的部署和管理過程，提高系統的可靠性和彈性。

本文將介紹如何使用 Kubeasz 快速部署和管理 Kubernetes 集群。

二、基礎設置和免密設置

#關閉防火墻：
systemctl stop firewalld
systemctl disable firewalld
#關閉selinux：
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 臨時
#關閉swap：
swapoff -a # 臨時
sed -i 's/.*swap.*/#&/' /etc/fstab # 永久#更新epel
yum install epel-release git wget -y

cat  >> /etc/hosts << EOF
192.168.186.128    k8s-master01
192.168.186.129    k8s-node01
192.168.186.130    k8s-node02
192.168.186.131    k8s-node03
EOF

#永久修改主機名
hostnamectl set-hostname k8s-master01  && bash   #在master01上操作
hostnamectl set-hostname k8s-node01    && bash   #在node01上操作
hostnamectl set-hostname k8s-node02    && bash   #在node02上操作
hostnamectl set-hostname k8s-node03    && bash   #在node03上操作

#所有機器上都操作
ssh-keygen -t rsa #一路回車，不輸入密碼
###把本地的ssh公鑰文件安裝到遠程主機對應的賬戶
for i in k8s-master01  k8s-node01 k8s-node02 k8s-node03 ;do ssh-copy-id -i .ssh/id_rsa.pub $i ;done

三、安裝 Kubeasz

安裝 Kubeasz 非常簡單，只需要從 GitHub 下載 Kubeasz 的源碼，然后運行相應的 Ansible 腳本即可。

1.下載 Kubeasz 的源碼

#這里安裝的是=3.5.0 K8S是v1.26.0  
export release=3.5.0
wget https://github.com/easzlab/kubeasz/releases/download/${release}/ezdown
chmod +x ./ezdown

# 國內環境
./ezdown -D
# 海外環境
#./ezdown -D -m standard#./ezdown -X   #【可選】下載額外容器鏡像（cilium,flannel,prometheus等）
#./ezdown -P  #【可選】下載離線系統包 (適用于無法使用yum/apt倉庫情形)

# 容器化運行kubeasz
./ezdown -S
docker ps -a #看到了2個啟動的容器

#創建新集群 k8s-01
docker exec -it kubeasz ezctl new k8s-01 #安裝
cd  /etc/kubeasz/clusters/k8s-01/
# /etc/kubeasz/clusters/k8s-01/hosts
# /etc/kubeasz/clusters/k8s-01/config.yml

cat > /etc/kubeasz/clusters/k8s-01/hosts << EOF  #這里的配置就是看你的etcd,k8s集群幾個master,node都在這里配置
# 修改為
# 'etcd' cluster should have odd member(s) (1,3,5,...)
[etcd]
192.168.186.128
192.168.186.129
192.168.186.130# master node(s)
[kube_master]
192.168.186.128# work node(s)
[kube_node]
192.168.186.129
192.168.186.130
192.168.186.131# [optional] harbor server, a private docker registry
# 'NEW_INSTALL': 'true' to install a harbor server; 'false' to integrate with existed one
[harbor]
#192.168.1.8 NEW_INSTALL=false# [optional] loadbalance for accessing k8s from outside
[ex_lb]
#192.168.1.6 LB_ROLE=backup EX_APISERVER_VIP=192.168.1.250 EX_APISERVER_PORT=8443
#192.168.1.7 LB_ROLE=master EX_APISERVER_VIP=192.168.1.250 EX_APISERVER_PORT=8443# [optional] ntp server for the cluster
[chrony]
#192.168.1.1[all:vars]
# --------- Main Variables ---------------
# Secure port for apiservers
SECURE_PORT="6443"# Cluster container-runtime supported: docker, containerd
# if k8s version >= 1.24, docker is not supported
CONTAINER_RUNTIME="containerd"# Network plugins supported: calico, flannel, kube-router, cilium, kube-ovn
CLUSTER_NETWORK="calico"# Service proxy mode of kube-proxy: 'iptables' or 'ipvs'
PROXY_MODE="ipvs"# K8S Service CIDR, not overlap with node(host) networking
SERVICE_CIDR="10.68.0.0/16"# Cluster CIDR (Pod CIDR), not overlap with node(host) networking
CLUSTER_CIDR="172.20.0.0/16"# NodePort Range
NODE_PORT_RANGE="30000-32767"# Cluster DNS Domain
CLUSTER_DNS_DOMAIN="cluster.local"# -------- Additional Variables (don't change the default value right now) ---
# Binaries Directory
bin_dir="/opt/kube/bin"# Deploy Directory (kubeasz workspace)
base_dir="/etc/kubeasz"# Directory for a specific cluster
cluster_dir="{{ base_dir }}/clusters/k8s-01"# CA and other components cert/key Directory
ca_dir="/etc/kubernetes/ssl"
EOF

vim  /etc/kubeasz/clusters/k8s-01/config.yml  #只修改如下的幾個地方
############################
# role:kube-master
############################
# k8s 集群 master 節點證書配置，可以添加多個ip和域名（比如增加公網ip和域名）
MASTER_CERT_HOSTS:- "192.168.186.128"   #這里是master節點的IP- "k8s.easzlab.io"    #域名#- "www.test.com"     #域名

2.開始安裝

#建議配置命令alias，方便執行
echo "alias dk='docker exec -it kubeasz'" >> /root/.bashrc
source /root/.bashrc

#一鍵安裝，等價于執行docker exec -it kubeasz ezctl setup k8s-01 all
dk ezctl setup k8s-01 all

#重新打開xshell鏈接查詢集群狀態kubectl version         # 驗證集群版本     kubectl get node        # 驗證節點就緒 (Ready) 狀態kubectl get pod，svc -A      # 驗證集群pod狀態，默認已安裝網絡插件、coredns、metrics-server等

[root@k8s-master01 ~]# kubectl get nodes -o wide
NAME              STATUS                     ROLES    AGE     VERSION   INTERNAL-IP       EXTERNAL-IP   OS-IMAGE                KERNEL-VERSION           CONTAINER-RUNTIME
192.168.186.128   Ready,SchedulingDisabled   master   2m41s   v1.26.0   192.168.186.128   <none>        CentOS Linux 7 (Core)   3.10.0-1160.el7.x86_64   containerd://1.6.8
192.168.186.129   Ready                      node     49s     v1.26.0   192.168.186.129   <none>        CentOS Linux 7 (Core)   3.10.0-1160.el7.x86_64   containerd://1.6.8
192.168.186.130   Ready                      node     49s     v1.26.0   192.168.186.130   <none>        CentOS Linux 7 (Core)   3.10.0-1160.el7.x86_64   containerd://1.6.8
192.168.186.131   Ready                      node     47s     v1.26.0   192.168.186.131   <none>        CentOS Linux 7 (Core)   3.10.0-1160.el7.x86_64   containerd://1.6.8
[root@k8s-master01 ~]# 

[root@k8s-master01 ~]# kubectl get pods,svc  -n kube-system
NAME                                             READY   STATUS    RESTARTS        AGE
pod/calico-kube-controllers-89b744d6c-s67mj      1/1     Running   1               20m
pod/calico-node-m9dv6                            1/1     Running   1               20m
pod/calico-node-pz54t                            1/1     Running   0               20m
pod/calico-node-qxtcx                            1/1     Running   0               20m
pod/calico-node-xzhs8                            1/1     Running   0               20m
pod/coredns-6665999d97-4j8pm                     1/1     Running   0               16m
pod/dashboard-metrics-scraper-57566685b4-cbsfr   1/1     Running   0               101s
pod/kubernetes-dashboard-57db9bfd5b-hm7qw        1/1     Running   0               101s
pod/metrics-server-6bd9f986fc-g96bf              1/1     Running   9               6m8s
pod/node-local-dns-22cjm                         1/1     Running   0               16m
pod/node-local-dns-fhz7k                         1/1     Running   0               16m
pod/node-local-dns-fwg96                         1/1     Running   0               16m
pod/node-local-dns-wpgt4                         1/1     Running   0               16mNAME                                TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)                  AGE
service/dashboard-metrics-scraper   ClusterIP   10.68.217.99   <none>        8000/TCP                 101s
service/kube-dns                    ClusterIP   10.68.0.2      <none>        53/UDP,53/TCP,9153/TCP   16m
service/kube-dns-upstream           ClusterIP   10.68.30.80    <none>        53/UDP,53/TCP            16m
service/kubernetes-dashboard        NodePort    10.68.30.126   <none>        443:30137/TCP            102s
service/metrics-server              ClusterIP   10.68.15.185   <none>        443/TCP                  16m
service/node-local-dns              ClusterIP   None           <none>        9253/TCP                 16m
[root@k8s-master01 ~]# 

3.登錄Dashboard

#獲取用戶Token
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')  #獲取用戶Token

瀏覽器打開 https://IP:30137 https://192.168.186.128:30137

4. 部署nginx服務器測試環境

cat > nginx.yaml << EOF
apiVersion: apps/v1
kind: Deployment
metadata:labels:app: nginxname: nginx
spec:replicas: 1selector:matchLabels:app: nginxtemplate:metadata:labels:app: nginxspec:containers:- image: nginxname: nginximagePullPolicy: IfNotPresent
---
apiVersion: v1
kind: Service
metadata:labels:app: nginxname: nginx
spec:type: NodePortports:- port: 80protocol: TCPtargetPort: 80selector:app: nginx
EOFkubectl apply -f nginx.yaml 

5.添加node節點

5.1 操作第二步

5.2 執行添加命令

dk ezctl setup k8s-01   --help #查看命令
dk ezctl setup k8s-01   05 #添加新node節點

總結

Kubeasz 是一個非常方便、快速、易用的 Kubernetes 部署和管理工具。使用 Kubeasz 可以大大簡化 Kubernetes 的部署和管理過程，提高系統的可靠性和彈性。通過本文的介紹，相信讀者已經掌握了 Kubeasz 的基本使用方法，希望能夠對讀者有所幫助。