更新时间:2021年03月18日 09时14分47秒 来源:黑马程序员
我们知道kubernetes学习成本非常高,如果想要快速体验Paas云平台的话,连部署搭建对于新手来说都是难以下手。
rancher是一个kubernetes-as-a-service 解决方案,也就是说rancher将kubernetes集群搭建与应用编排实现了打包一体化,可以通过图形界面的操作就可以来部署kubernetes集群与应用了。【推荐了解黑马程序员linux运维课程】
下面我们来使用容器方式快速部署单节点rancher。
环境准备
系统 | docker版本 | rancher版本 | ip |
centos7.6 | 19.03.1 | 2.X | 192.168.122.12 |
准备工作
1. 配置静态IP地址(要求能上公网,因为要拉取镜像)
# vim /etc/sysconfig/network-scripts/ifcfg-eth0 BOOTPROTO="static" NAME="eth0" DEVICE="eth0" ONBOOT="yes" IPADDR=192.168.122.12 NETMASK=255.255.255.0 GATEWAY=192.168.122.1 DNS1=192.168.122.1 # systemctl stop NetworkManager # systemctl disable NetworkManager # systemctl restart network # systemctl enable network
2.主机名和主机名绑定
# hostnamectl set-hostname --static rancher
# vim /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.122.12 rancher
3. 所有节点关闭centos7的firewalld防火墙,打开iptables并保存为空规则
# systemctl stop firewalld # systemctl disable firewalld # yum install iptables-services -y # systemctl restart iptables # systemctl enable iptables # iptables -F # iptables -F -t nat # iptables -F -t mangle # iptables -F -t raw # service iptables save iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
4.所有节点关闭selinux
# vim /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled 确认为disabled,如果不是请改成disabled(需要reboot重 启生效) # SELINUXTYPE= can take one of three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
5.所有节点 时间同步
# systemctl restart ntpd # systemctl enabled ntpd
需要保证安装docker,并启动服务
# wget https://download.docker.com/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo # yum install docker-ce -y # systemctl restart docker # systemctl enable docker
配置镜像加速器
# vim /etc/docker/daemon.json { "registry-mirrors": ["https://42h8kzrh.mirror.aliyuncs.com"] } # systemctl daemon-reload # systemctl restart docker
启动rancher
[root@rancher ~]# docker run -d --restart=unless-stopped -p 80:80 -p 443:443 -- name rancher -v /var/lib/rancher/:/var/lib/rancher/ rancher/rancher:stable
通过浏览器访问配置
直接访问节点IP即可: https://192.168.122.12
注意: 因为我们没有配置SSL证书, 所以浏览器会报不安全的连接,如果要对公网使用,建议使用CA认证的证书。
添加kubernetes集群
直接在主页面添加集群选
选择集群类型
集群名称与选项自定义
定义集群主机选项
安装rancher-agent
通过下面命令安装rancher-agent后点完成
[root@rancher ~]# sudo docker run -d --privileged --restart=unless-stopped -- net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent:v2.2.8 --server https://192.168.122.12 --token 66bknpqf44ghdfxsx7rmsmhdf2ggpkvpbz6mr8cfxd8s2684mms2lz --ca-checksum 68fae84b07cb71dd7dfd3c1edb86d2972049bfb93011e65f2c3ba39a48e2f4ee --node-name node1 --internal-address 192.168.122.12 --etcd --controlplane --worker