一、新機環境準備

1.1主機名設置

hostnamectl  set-hostname  XXX

1.2 主機名與ip地址解析

vim /etc/hosts

192.168.0.140  rke
192.168.0.147  master1
192.168.0.152  node1
192.168.0.153  node2

1.3安裝docker

tar -xf docker-20.10.24.tgz
cp ${SHELL_FOLDER}/docker/* /usr/bin/
mkdir /etc/docker

cat >>/usr/lib/systemd/system/docker.service<<eof
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP \$MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
eof

vim /etc/docker/daemon.json

{"log-driver": "json-file","log-opts": {"max-size": "10m","max-file": "3"},"exec-opts": ["native.cgroupdriver=systemd"],"insecure-registries":["mirrors.com:80"],"storage-driver": "overlay2","storage-opts": ["overlay2.override_kernel_check=true"]
}

systemctl daemon-reload
systemctl enable docker
systemctl start docker

1.4修改內核參數

vim /etc/sysctl.d/90-k8s.conf
vm.swappiness=0
net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1
net.ipv4.ip_local_port_range = 1024     65000
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.neigh.default.gc_thresh1=4096
net.ipv4.neigh.default.gc_thresh2=6144
net.ipv4.neigh.default.gc_thresh3=8192

1.5修改句柄數可進程數

cat >>/etc/security/limits.d/90-nofile.conf<<eof
*      soft   nofile 131070
*      hard   nofile 131070
root   soft   nofile unlimited
eofcat >>/etc/security/limits.d/90-nproc.conf<<eof
*      soft   nproc 102400
*      hard   nproc 102400
root   soft   nproc unlimited
eof

1.6關閉防火墻和swap分區

systemctl stop firewalld && setenforce 0
sed  -ri  's/.*swap/#&/'  /etc/fstab
swapoff -a

1.7 添加rke用戶

useradd rke
usermod  -aG  docker  rke
echo 123 | passwd --stdin rke
mkdir /home/rke/.ssh

二、部署rke

2.1下載rke工具

下載地址

https://github.com/rancher/rke/releases/download/v1.4.5/rke_linux-amd64

2.2rke機器對其他節點做免密

ssh-copy-id rke@192.168.0.147
ssh-copy-id rke@192.168.0.152
ssh-copy-id rke@192.168.0.153

chown apps:apps -R /home/rke/.ssh
chmod 700 /home/rke/.ssh
chmod 600 /home/rke/.ssh/authorized_keys

2.3 rke配置與cluster文件

mv   rke_linux-amd64   /usr/local/bin/rke
chmod  +x  /usr/local/bin/rke
ln  -s  /usr/local/bin/rke  /usr/bin/rke
rke --version

vim cluster.yaml

nodes:- address: 192.168.0.147 # master節點IPuser: rootrole: ["controlplane", "etcd", "worker"]ssh_key_path: /root/.ssh/id_rsa- address: 192.168.0.152 # node節點 IPuser: rootrole: ["worker"]ssh_key_path: /root/.ssh/id_rsa- address: 192.168.0.153 # node節點 IPuser: rootrole: ["worker"]ssh_key_path: /root/.ssh/id_rsa
upgrade_strategy:max_unavailable_worker: 50%max_unavailable_controlplane: 1drain: false
ignore_docker_version: true
kubernetes_version: "v1.21.14-rancher1-1"
network:plugin: calico
services:etcd:snapshot: truecreation: 6hretention: 24hkube-api:extra_args:enable-admission-plugins: "NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota,NodeRestriction,Priority,TaintNodesByCondition,PersistentVolumeClaimResize,PodNodeSelector"

三、集群部署

rke up     #拉起集群
如果報錯失敗，可以根據報錯修改或者
rke remove 之后重新拉起集群

四、安裝kubectl(master節點)

wget  https://storage.googleapis.com/kubernetes-release/release/v1.27.2/bin/linux/amd64/kubectl
chmod  +x  kubectl
mv  kubectl  /usr/local/bin
mkdir -p /root/.kube/config
將rke節點上生成的kube_config_cluster.yml  scp到 /root/.kube/config。即可使用kubectl命令