K3S 系列文章-RHEL7.8 离线有代理条件下安装 K3S
2023/2/26 21:20:52
本文主要是介绍K3S 系列文章-RHEL7.8 离线有代理条件下安装 K3S,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
一 基础信息
1.1 前提
- 本次安装的为 k3s 1.21.7+k3s1
- VM 版本为 RHEL 7.8, 7.9 或 8.2, 8.3, 8.4(K3s 官网要求)
- VM YUM 仓库:已配置对应版本的 RHEL 和 EPEL YUM 仓库
- VM 提供 root 权限
- 已配置 ntp(防止因为时间不一致导致的诡异问题)
- 提供 Proxy 访问互联网 K3s 相关域名;
- 端口要求,为了正常运行,K3s 需要在 K3s 节点和下游 Kubernetes 集群节点上开放一些端口。端口需求列出了不同集群类型的 K3s 和下游集群的所有必要端口。具体如下表:
K3S
| 协议 | 端口 | 源 | 目的 | 描述 |
|---|---|---|---|---|
| TCP | 6443 | K3s agent 节点 | K3s server 节点 | Kubernetes API Server |
| UDP | 8472 | K3s server 和 agent 节点 | K3s server 和 agent 节点 | 仅对 Flannel VXLAN 需要 |
| TCP | 10250 | K3s server 和 agent 节点 | K3s server 和 agent 节点 | Kubelet metrics |
✅ 成功:
如果以上前期条件均已满足。
即可以通过「离线 - 有代理」方式进行安装。
1.2 VM 信息
ℹ️ 信息:
OS 配置 Proxy 过程略
1.2 Proxy 信息
ftp_proxy="http://192.168.0.1:8080" http_proxy="http://192.168.0.1:8080" https_proxy="http://192.168.0.1:8080"
proxy 需要 allow 的 doamin 如下:
| 域名 | 用途 |
|---|---|
| http://mirror.cnrancher.com | Rancher 国内组件源 |
| https://registry.cn-hangzhou.aliyuncs.com | Rancher 国内镜像源 |
| https://dockerauth.cn-hangzhou.aliyuncs.com | Rancher 国内镜像源 |
| http://mirrors.aliyun.com | YUM 源 |
| https://mirrors.aliyun.com | YUM 源 |
| https://rpm.rancher.com | Rancher 源 |
🧠 评论:
以上的 allowed domain 可能不全,需要进一步补充。
二 「离线 - 有代理」方式安装
🧠 评论:
本次环境为:离线,有代理。
通过代理安装部署。
- 假设 K3s 所在主机 IP 地址为:192.168.0.101
- 假设需要安装在
/data目录下
2.1 安装 K3S
(可选)创建私有仓库配置:
# mkdir -p /data/rancher/k3s # vi /data/rancher/k3s/registries.yaml
mirrors:
docker.io:
endpoint:
- "https://registry.cn-hangzhou.aliyuncs.com"
- "https://docker.mirrors.ustc.edu.cn"
安装 K3S:
# curl -sfL http://rancher-mirror.cnrancher.com/k3s/k3s-install.sh | INSTALL_K3S_SKIP_DOWNLOAD=false INSTALL_K3S_VERSION=v1.21.7+k3s1 K3S_KUBECONFIG_MODE="644" INSTALL_K3S_MIRROR=cn K3S_CLUSTER_INIT INSTALL_K3S_EXEC="--tls-san 192.168.0.101 --pause-image registry.cn-hangzhou.aliyuncs.com/rancher/pause:3.6 --private-registry '/data/rancher/k3s/registries.yaml' --data-dir /data/rancher/k3s --default-local-storage-path /data/rancher/k3s/storage --disable-cloud-controller" sh -s -
输出如下:
[INFO] Using v1.21.7+k3s1 as release [INFO] Downloading hash http://rancher-mirror.cnrancher.com/k3s/v1.21.7-k3s1/sha256sum-amd64.txt [INFO] Downloading binary http://rancher-mirror.cnrancher.com/k3s/v1.21.7-k3s1/k3s [INFO] Verifying binary download [INFO] Installing k3s to /usr/local/bin/k3s Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com base | 3.6 kB 00:00:00 epel | 4.7 kB 00:00:00 extras | 2.9 kB 00:00:00 updates | 2.9 kB 00:00:00 (1/2): epel/x86_64/updateinfo | 1.0 MB 00:00:00 (2/2): epel/x86_64/primary_db | 7.0 MB 00:00:02 Resolving Dependencies --> Running transaction check ---> Package yum-utils.noarch 0:1.1.31-54.el7_8 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================================================= Package Arch Version Repository Size ============================================================================================================================================================= Installing: yum-utils noarch 1.1.31-54.el7_8 base 122 k Transaction Summary ============================================================================================================================================================= Install 1 Package Total download size: 122 k Installed size: 337 k Downloading packages: yum-utils-1.1.31-54.el7_8.noarch.rpm | 122 kB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : yum-utils-1.1.31-54.el7_8.noarch 1/1 Verifying : yum-utils-1.1.31-54.el7_8.noarch 1/1 Installed: yum-utils.noarch 0:1.1.31-54.el7_8 Complete! Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com rancher-k3s-common-stable | 2.9 kB 00:00:00 rancher-k3s-common-stable/primary_db | 2.8 kB 00:00:00 Resolving Dependencies --> Running transaction check ---> Package k3s-selinux.noarch 0:0.5-1.el7 will be installed --> Processing Dependency: container-selinux < 2:2.164.2 for package: k3s-selinux-0.5-1.el7.noarch --> Processing Dependency: container-selinux >= 2.107-3 for package: k3s-selinux-0.5-1.el7.noarch --> Running transaction check ---> Package container-selinux.noarch 2:2.119.2-1.911c772.el7_8 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================================================================= Package Arch Version Repository Size ============================================================================================================================================================= Installing: k3s-selinux noarch 0.5-1.el7 rancher-k3s-common-stable 15 k Installing for dependencies: container-selinux noarch 2:2.119.2-1.911c772.el7_8 extras 40 k Transaction Summary ============================================================================================================================================================= Install 1 Package (+1 Dependent package) Total download size: 55 k Installed size: 124 k Downloading packages: (1/2): container-selinux-2.119.2-1.911c772.el7_8.noarch.rpm | 40 kB 00:00:00 warning: /var/cache/yum/x86_64/$releasever/rancher-k3s-common-stable/packages/k3s-selinux-0.5-1.el7.noarch.rpm: Header V4 RSA/SHA1 Signature, key ID e257814a: NOKEY Public key for k3s-selinux-0.5-1.el7.noarch.rpm is not installed (2/2): k3s-selinux-0.5-1.el7.noarch.rpm | 15 kB 00:00:00 ------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 49 kB/s | 55 kB 00:00:01 Retrieving key from https://rpm.rancher.io/public.key Importing GPG key 0xE257814A: Userid : "Rancher (CI) <ci@rancher.com>" Fingerprint: c8cf f216 4551 26e9 b9c9 18be 925e a29a e257 814a From : https://rpm.rancher.io/public.key Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : 2:container-selinux-2.119.2-1.911c772.el7_8.noarch 1/2 Installing : k3s-selinux-0.5-1.el7.noarch 2/2 Verifying : k3s-selinux-0.5-1.el7.noarch 1/2 Verifying : 2:container-selinux-2.119.2-1.911c772.el7_8.noarch 2/2 Installed: k3s-selinux.noarch 0:0.5-1.el7 Dependency Installed: container-selinux.noarch 2:2.119.2-1.911c772.el7_8 Complete! [INFO] Creating /usr/local/bin/kubectl symlink to k3s [INFO] Creating /usr/local/bin/crictl symlink to k3s [INFO] Creating /usr/local/bin/ctr symlink to k3s [INFO] Creating killall script /usr/local/bin/k3s-killall.sh [INFO] Creating uninstall script /usr/local/bin/k3s-uninstall.sh [INFO] env: Creating environment file /etc/systemd/system/k3s.service.env [INFO] systemd: Creating service file /etc/systemd/system/k3s.service [INFO] systemd: Enabling k3s unit [INFO] systemd: Starting k3s
运行完成后,使用以下命令查看 K3S 运行状态:
# systemctl status k3s.service
● k3s.service - Lightweight Kubernetes
Loaded: loaded (/etc/systemd/system/k3s.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2022-01-29 17:05:45 CST; 18s ago
Docs: https://k3s.io
Process: 19436 ExecStartPre=/sbin/modprobe overlay (code=exited, status=0/SUCCESS)
Process: 19433 ExecStartPre=/sbin/modprobe br_netfilter (code=exited, status=0/SUCCESS)
Main PID: 19442 (k3s-server)
Tasks: 119
Memory: 586.7M
CGroup: /system.slice/k3s.service
├─19442 /usr/local/bin/k3s server
└─19557 containerd
Jan 29 17:06:03 example01 k3s[19442]: I0129 17:06:03.138349 19442 iptables.go:228] Adding iptables rule: -s 10.42.0.0/16 -d 10.42.0.0/16 -j RETURN
Jan 29 17:06:03 example01 k3s[19442]: I0129 17:06:03.140940 19442 iptables.go:228] Adding iptables rule: -d 10.42.0.0/16 -j ACCEPT
Jan 29 17:06:03 example01 k3s[19442]: I0129 17:06:03.142355 19442 iptables.go:228] Adding iptables rule: -s 10.42.0.0/16 ! -d 224.0.0.0...ASQUERADE
Jan 29 17:06:03 example01 k3s[19442]: I0129 17:06:03.145752 19442 iptables.go:228] Adding iptables rule: ! -s 10.42.0.0/16 -d 10.42.0.0...-j RETURN
Jan 29 17:06:03 example01 k3s[19442]: I0129 17:06:03.148358 19442 iptables.go:228] Adding iptables rule: ! -s 10.42.0.0/16 -d 10.42.0.0...ASQUERADE
Jan 29 17:06:03 example01 k3s[19442]: W0129 17:06:03.297662 19442 handler_proxy.go:101] no RequestInfo found in the context
Jan 29 17:06:03 example01 k3s[19442]: E0129 17:06:03.297804 19442 controller.go:116] loading OpenAPI spec for "v1beta1.metrics.k8s.io" ...available
Jan 29 17:06:03 example01 k3s[19442]: , Header: map[Content-Type:[text/plain; charset=utf-8] X-Content-Type-Options:[nosniff]]
Jan 29 17:06:03 example01 k3s[19442]: I0129 17:06:03.297827 19442 controller.go:129] OpenAPI AggregationController: action for item v1b... Requeue.
Jan 29 17:06:03 example01 k3s[19442]: I0129 17:06:03.551453 19442 request.go:668] Waited for 1.08111535s due to client-side throttling,...unt/token
Hint: Some lines were ellipsized, use -l to show in full.
使用如下命令查看 k3s 节点:
# k3s kubectl get node NAME STATUS ROLES AGE VERSION example01 Ready control-plane,master 3m37s v1.21.7+k3s1
ℹ️ 信息:
调整 K3S 安装目录后,k3s token 位置在:
/data/rancher/k3s/server/token
总结
至此,K3s 在离线-有代理条件下安装完成。🎉🎉🎉
- Master 和 Server 地址:
192.168.0.101 - K3S API Server 地址:https://192.168.0.101:6443
- K3S kubeconfig 配置:位于
/etc/rancher/k3s/k3s.yaml - K3S 存放数据的目录:
/data/rancher/k3s - K3S 本地存储类的默认存储路径:
/data/rancher/k3s/storage
三人行, 必有我师; 知识共享, 天下为公. 本文由东风微鸣技术博客 EWhisper.cn 编写.
这篇关于K3S 系列文章-RHEL7.8 离线有代理条件下安装 K3S的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
- 2024-11-14使用AWS Lambda和S3打造智能文件整理器 - (动手搭建系列)
- 2024-11-14Netflix简化营收基础设施中的合同管理工具
- 2024-11-142024年必备的6款开源Terraform神器
- 2024-11-14Spin 3.0来啦:全新功能让你的无服务器Wasm应用开发更上一层楼
- 2024-11-14如何高效管理项目?小团队到大企业的多功能项目管理工具推荐
- 2024-11-1333 张高清大图,带你玩转 KubeSphere 4.1.2 部署与扩展组件安装
- 2024-11-11Spark 新作《循序渐进 Spark 大数据应用开发》简介
- 2024-11-11KubeSphere 社区双周报| 2024.10.25-11.07
- 2024-11-11云原生周刊:Istio 1.24.0 正式发布
- 2024-11-10一个故事,为你理清云开发服务的选择思路
