k3s 默认安装的是 containerd,这次安装换成 docker 来进行。
先升级一下系统
1
2
|
apt update
apt upgrade -y
|
在系统中安装 docker
然后安装 k3s 的 master 节点
1
2
3
4
5
6
7
8
9
10
|
curl -sfL https://get.k3s.io | sh -s - --docker
curl –sfL \
https://rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/k3s-install.sh | \
INSTALL_K3S_MIRROR=cn sh -s - --docker \
--system-default-registry "registry.cn-hangzhou.aliyuncs.com" \
--write-kubeconfig ~/.kube/config \
--write-kubeconfig-mode 666 \
--disable traefik
|
安装完成后,检查一下结果
如果想再添加一个节点,需要进行如下操作
1
2
3
|
cat /var/lib/rancher/k3s/server/node-token
拿到token
curl -sfL https://get.k3s.io | K3S_URL=https://server:6443 K3S_TOKEN=token sh -s - --docker
|
这样就可以获取一个 k3s 集群。
接下来复制一下文件
1
2
|
把服务器上的kube的配置文件下载到当前机器,修改一下config文件即可。
helm upgrade --install kubernetes-dashboard kubernetes-dashboard/kubernetes-dashboard --create-namespace --namespace kubernetes-dashboard
|
国内安装
1
2
3
4
5
6
7
8
9
|
# curl -sfL https://get.k3s.io | sh -
[INFO] Finding release for channel stable
[INFO] Using v1.25.3+k3s1 as release
[INFO] Downloading hash https://github.com/k3s-io/k3s/releases/download/v1.25.3+k3s1/sha256sum-amd64.txt
[INFO] Downloading binary https://github.com/k3s-io/k3s/releases/download/v1.25.3+k3s1/k3s
[INFO] Verifying binary download
...
...
[INFO] systemd: Starting k3s
|
现在来安装 traefik,先下载 traefik 包
1
2
3
|
helm pull traefik/traefik
#得到一个29.0.0
traefik-29.0.0.tgz
|
下面改写一下文件进行安装
k3s-value.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
# 默认的 ingressRouter 是开启的,使用内部 CRD service,自定义dashboard ingressroute时,可设置为 false,自己创建。
# ingressRoute:
# dashboard:
# enabled: false
#
deployment:
enabled: true
# Can be either Deployment or DaemonSet
kind: Deployment
# Number of pods of the deployment (only applies when kind == Deployment)
replicas: 1
ports:
traefik:
port: 9000
# You SHOULD NOT expose the traefik port on production deployments.
# If you want to access it from outside of your cluster,
# use `kubectl port-forward` or create a secure ingress
# kubectl port-forward $(kubectl get pods --selector "app.kubernetes.io/name=traefik" --output=name -n cattle-system) 9000:9000 -n cattle-system
expose:
default: true
exposedPort: 9000
web:
port: 8000
expose:
default: true
exposedPort: 80
websecure:
port: 8443
expose:
default: true
exposedPort: 443
tls:
enabled: true # 需要开启,否则配置的ingress不支持配置tls证书
metrics:
port: 9100
expose:
default: true
exposedPort: 9100
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- traefik
topologyKey: kubernetes.io/hostname
|
安装命令如下:
./traefik 是上面下载的 tar.gz 包的解压文件目录。
1
|
helm upgrade traefik ./traefik -n cattle-system -f k3s-value.yaml
|
dashboard-ingressroute.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: traefik-dashboard
namespace: cattle-system
spec:
entryPoints:
- web
routes:
- match: Host(`traefik.k8s`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
kind: Rule
services:
- name: api@internal
kind: TraefikService
|
访问 traefik.k8s/dashboard 即可。