kubeasz在线安装K8S集群单master集群（kubeasz安装之二）

一、介绍

Kubeasz 是一个基于 Ansible 自动化工具，用于快速部署和管理 Kubernetes 集群的工具。它支持快速部署高可用的 Kubernetes 集群，支持容器化部署，可以方便地扩展集群规模，支持多租户，提供了强大的监控和日志分析功能，可以大大简化 Kubernetes 的部署和管理过程，提高系统的可靠性和弹性。

本文将介绍如何使用 Kubeasz 快速部署和管理 Kubernetes 集群。

二、基础设置和免密设置

#关闭防火墙：
systemctl stop firewalld
systemctl disable firewalld
#关闭selinux：
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 临时
#关闭swap：
swapoff -a # 临时
sed -i 's/.*swap.*/#&/' /etc/fstab # 永久#更新epel
yum install epel-release git wget -y

cat  >> /etc/hosts << EOF
192.168.186.128    k8s-master01
192.168.186.129    k8s-node01
192.168.186.130    k8s-node02
192.168.186.131    k8s-node03
EOF

#永久修改主机名
hostnamectl set-hostname k8s-master01  && bash   #在master01上操作
hostnamectl set-hostname k8s-node01    && bash   #在node01上操作
hostnamectl set-hostname k8s-node02    && bash   #在node02上操作
hostnamectl set-hostname k8s-node03    && bash   #在node03上操作

#所有机器上都操作
ssh-keygen -t rsa #一路回车，不输入密码
###把本地的ssh公钥文件安装到远程主机对应的账户
for i in k8s-master01  k8s-node01 k8s-node02 k8s-node03 ;do ssh-copy-id -i .ssh/id_rsa.pub $i ;done

三、安装 Kubeasz

安装 Kubeasz 非常简单，只需要从 GitHub 下载 Kubeasz 的源码，然后运行相应的 Ansible 脚本即可。

1.下载 Kubeasz 的源码

#这里安装的是=3.5.0 K8S是v1.26.0  
export release=3.5.0
wget https://github.com/easzlab/kubeasz/releases/download/${release}/ezdown
chmod +x ./ezdown

# 国内环境
./ezdown -D
# 海外环境
#./ezdown -D -m standard#./ezdown -X   #【可选】下载额外容器镜像（cilium,flannel,prometheus等）
#./ezdown -P  #【可选】下载离线系统包 (适用于无法使用yum/apt仓库情形)

# 容器化运行kubeasz
./ezdown -S
docker ps -a #看到了2个启动的容器

#创建新集群 k8s-01
docker exec -it kubeasz ezctl new k8s-01 #安装
cd  /etc/kubeasz/clusters/k8s-01/
# /etc/kubeasz/clusters/k8s-01/hosts
# /etc/kubeasz/clusters/k8s-01/config.yml

cat > /etc/kubeasz/clusters/k8s-01/hosts << EOF  #这里的配置就是看你的etcd,k8s集群几个master,node都在这里配置
# 修改为
# 'etcd' cluster should have odd member(s) (1,3,5,...)
[etcd]
192.168.186.128
192.168.186.129
192.168.186.130# master node(s)
[kube_master]
192.168.186.128# work node(s)
[kube_node]
192.168.186.129
192.168.186.130
192.168.186.131# [optional] harbor server, a private docker registry
# 'NEW_INSTALL': 'true' to install a harbor server; 'false' to integrate with existed one
[harbor]
#192.168.1.8 NEW_INSTALL=false# [optional] loadbalance for accessing k8s from outside
[ex_lb]
#192.168.1.6 LB_ROLE=backup EX_APISERVER_VIP=192.168.1.250 EX_APISERVER_PORT=8443
#192.168.1.7 LB_ROLE=master EX_APISERVER_VIP=192.168.1.250 EX_APISERVER_PORT=8443# [optional] ntp server for the cluster
[chrony]
#192.168.1.1[all:vars]
# --------- Main Variables ---------------
# Secure port for apiservers
SECURE_PORT="6443"# Cluster container-runtime supported: docker, containerd
# if k8s version >= 1.24, docker is not supported
CONTAINER_RUNTIME="containerd"# Network plugins supported: calico, flannel, kube-router, cilium, kube-ovn
CLUSTER_NETWORK="calico"# Service proxy mode of kube-proxy: 'iptables' or 'ipvs'
PROXY_MODE="ipvs"# K8S Service CIDR, not overlap with node(host) networking
SERVICE_CIDR="10.68.0.0/16"# Cluster CIDR (Pod CIDR), not overlap with node(host) networking
CLUSTER_CIDR="172.20.0.0/16"# NodePort Range
NODE_PORT_RANGE="30000-32767"# Cluster DNS Domain
CLUSTER_DNS_DOMAIN="cluster.local"# -------- Additional Variables (don't change the default value right now) ---
# Binaries Directory
bin_dir="/opt/kube/bin"# Deploy Directory (kubeasz workspace)
base_dir="/etc/kubeasz"# Directory for a specific cluster
cluster_dir="{{ base_dir }}/clusters/k8s-01"# CA and other components cert/key Directory
ca_dir="/etc/kubernetes/ssl"
EOF

vim  /etc/kubeasz/clusters/k8s-01/config.yml  #只修改如下的几个地方
############################
# role:kube-master
############################
# k8s 集群 master 节点证书配置，可以添加多个ip和域名（比如增加公网ip和域名）
MASTER_CERT_HOSTS:- "192.168.186.128"   #这里是master节点的IP- "k8s.easzlab.io"    #域名#- "www.test.com"     #域名

2.开始安装

#建议配置命令alias，方便执行
echo "alias dk='docker exec -it kubeasz'" >> /root/.bashrc
source /root/.bashrc

#一键安装，等价于执行docker exec -it kubeasz ezctl setup k8s-01 all
dk ezctl setup k8s-01 all

#重新打开xshell链接查询集群状态kubectl version         # 验证集群版本     kubectl get node        # 验证节点就绪 (Ready) 状态kubectl get pod，svc -A      # 验证集群pod状态，默认已安装网络插件、coredns、metrics-server等

[root@k8s-master01 ~]# kubectl get nodes -o wide
NAME              STATUS                     ROLES    AGE     VERSION   INTERNAL-IP       EXTERNAL-IP   OS-IMAGE                KERNEL-VERSION           CONTAINER-RUNTIME
192.168.186.128   Ready,SchedulingDisabled   master   2m41s   v1.26.0   192.168.186.128   <none>        CentOS Linux 7 (Core)   3.10.0-1160.el7.x86_64   containerd://1.6.8
192.168.186.129   Ready                      node     49s     v1.26.0   192.168.186.129   <none>        CentOS Linux 7 (Core)   3.10.0-1160.el7.x86_64   containerd://1.6.8
192.168.186.130   Ready                      node     49s     v1.26.0   192.168.186.130   <none>        CentOS Linux 7 (Core)   3.10.0-1160.el7.x86_64   containerd://1.6.8
192.168.186.131   Ready                      node     47s     v1.26.0   192.168.186.131   <none>        CentOS Linux 7 (Core)   3.10.0-1160.el7.x86_64   containerd://1.6.8
[root@k8s-master01 ~]# 

[root@k8s-master01 ~]# kubectl get pods,svc  -n kube-system
NAME                                             READY   STATUS    RESTARTS        AGE
pod/calico-kube-controllers-89b744d6c-s67mj      1/1     Running   1               20m
pod/calico-node-m9dv6                            1/1     Running   1               20m
pod/calico-node-pz54t                            1/1     Running   0               20m
pod/calico-node-qxtcx                            1/1     Running   0               20m
pod/calico-node-xzhs8                            1/1     Running   0               20m
pod/coredns-6665999d97-4j8pm                     1/1     Running   0               16m
pod/dashboard-metrics-scraper-57566685b4-cbsfr   1/1     Running   0               101s
pod/kubernetes-dashboard-57db9bfd5b-hm7qw        1/1     Running   0               101s
pod/metrics-server-6bd9f986fc-g96bf              1/1     Running   9               6m8s
pod/node-local-dns-22cjm                         1/1     Running   0               16m
pod/node-local-dns-fhz7k                         1/1     Running   0               16m
pod/node-local-dns-fwg96                         1/1     Running   0               16m
pod/node-local-dns-wpgt4                         1/1     Running   0               16mNAME                                TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)                  AGE
service/dashboard-metrics-scraper   ClusterIP   10.68.217.99   <none>        8000/TCP                 101s
service/kube-dns                    ClusterIP   10.68.0.2      <none>        53/UDP,53/TCP,9153/TCP   16m
service/kube-dns-upstream           ClusterIP   10.68.30.80    <none>        53/UDP,53/TCP            16m
service/kubernetes-dashboard        NodePort    10.68.30.126   <none>        443:30137/TCP            102s
service/metrics-server              ClusterIP   10.68.15.185   <none>        443/TCP                  16m
service/node-local-dns              ClusterIP   None           <none>        9253/TCP                 16m
[root@k8s-master01 ~]# 

3.登录Dashboard

#获取用户Token
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')  #获取用户Token

浏览器打开 https://IP:30137 https://192.168.186.128:30137

4. 部署nginx服务器测试环境

cat > nginx.yaml << EOF
apiVersion: apps/v1
kind: Deployment
metadata:labels:app: nginxname: nginx
spec:replicas: 1selector:matchLabels:app: nginxtemplate:metadata:labels:app: nginxspec:containers:- image: nginxname: nginximagePullPolicy: IfNotPresent
---
apiVersion: v1
kind: Service
metadata:labels:app: nginxname: nginx
spec:type: NodePortports:- port: 80protocol: TCPtargetPort: 80selector:app: nginx
EOFkubectl apply -f nginx.yaml 

5.添加node节点

5.1 操作第二步

5.2 执行添加命令

dk ezctl setup k8s-01   --help #查看命令
dk ezctl setup k8s-01   05 #添加新node节点

总结

Kubeasz 是一个非常方便、快速、易用的 Kubernetes 部署和管理工具。使用 Kubeasz 可以大大简化 Kubernetes 的部署和管理过程，提高系统的可靠性和弹性。通过本文的介绍，相信读者已经掌握了 Kubeasz 的基本使用方法，希望能够对读者有所帮助。