Kubernetes部署(十一):管理之Helm和Rancher部署

发布时间:2020-07-26 04:36:44 作者:李永峰Billy
来源:网络 阅读:8960

相关内容:

Kubernetes部署(一):架构及功能说明
Kubernetes部署(二):系统环境初始化
Kubernetes部署(三):CA证书制作
Kubernetes部署(四):ETCD集群部署
Kubernetes部署(五):Haproxy、Keppalived部署
Kubernetes部署(六):Master节点部署
Kubernetes部署(七):Node节点部署
Kubernetes部署(八):Flannel网络部署
Kubernetes部署(九):CoreDNS、Dashboard、Ingress部署
Kubernetes部署(十):储存之glusterfs和heketi部署
Kubernetes部署(十一):管理之Helm和Rancher部署
Kubernetes部署(十二):helm部署harbor企业级镜像仓库

Helm部署

helm官方下载地址:https://github.com/helm/helm/releases

官方可用的chart列表:https://hub.kubeapps.com

所有的软件及配置文件都保存在前面文章提到的百度网盘里 :百度共享链接在此文章里

helm简介

Helm是一种简化Kubernetes应用程序安装和管理的工具。可以把它想象成apt/yum/homebrew。

核心术语

helm部署

因某些原因我们无法直接从google下载tiller镜像,所以需要下载我网盘共享的镜像tiller-image-v2.12.1.tar.gz,然后在每个node节点加载镜像

[root@node-04 ~]# docker load < tiller-image-v2.12.1.tar.gz
apiVersion: v1
kind: ServiceAccount
metadata:
  name: tiller
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: tiller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: tiller
    namespace: kube-system
[root@node-01 helm]# kubectl create -f rbac-config.yaml

[root@node-01 helm]# helm init --service-account tiller
Creating /root/.helm 
Creating /root/.helm/repository 
Creating /root/.helm/repository/cache 
Creating /root/.helm/repository/local 
Creating /root/.helm/plugins 
Creating /root/.helm/starters 
Creating /root/.helm/cache/archive 
Creating /root/.helm/repository/repositories.yaml 
Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com 
Adding local repo with URL: http://127.0.0.1:8879/charts 
$HELM_HOME has been configured at /root/.helm.

Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.

Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
To prevent this, run `helm init` with the --tiller-tls-verify flag.
For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation
Happy Helming!

[root@node-01 helm]# kubectl -n kube-system get pod|grep tiller
tiller-deploy-85744d9bfb-cm5jz         1/1       Running   0          11m

[root@node-01 helm]# helm version
Client: &version.Version{SemVer:"v2.12.1", GitCommit:"02a47c7249b1fc6d8fd3b94e6b4babf9d818144e", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.12.1", GitCommit:"02a47c7249b1fc6d8fd3b94e6b4babf9d818144e", GitTreeState:"clean"}
helm常用命令:

至此helm就已经部署完了,下面会通过helm安装k8s的管理平台,也顺便演示helm的使用。

Rancher部署

rancher简介

[root@node-01 helm]# helm install stable/cert-manager  --name cert-manager --namespace kube-system
NAME:   cert-manager
LAST DEPLOYED: Thu Jan  3 15:35:22 2019
NAMESPACE: kube-system
STATUS: DEPLOYED

RESOURCES:
==> v1/ServiceAccount
NAME          SECRETS  AGE
cert-manager  1        1s

==> v1beta1/ClusterRole
NAME          AGE
cert-manager  1s

==> v1beta1/ClusterRoleBinding
NAME          AGE
cert-manager  1s

==> v1beta1/Deployment
NAME          DESIRED  CURRENT  UP-TO-DATE  AVAILABLE  AGE
cert-manager  1        1        1           0          1s

==> v1/Pod(related)
NAME                           READY  STATUS             RESTARTS  AGE
cert-manager-7d4bfc44ff-5flvg  0/1    ContainerCreating  0         0s

NOTES:
cert-manager has been deployed successfully!

In order to begin issuing certificates, you will need to set up a ClusterIssuer
or Issuer resource (for example, by creating a 'letsencrypt-staging' issuer).

More information on the different types of issuers and how to configure them
can be found in our documentation:

https://cert-manager.readthedocs.io/en/latest/reference/issuers.html

For information on how to configure cert-manager to automatically provision
Certificates for Ingress resources, take a look at the `ingress-shim`
documentation:

https://cert-manager.readthedocs.io/en/latest/reference/ingress-shim.html

[root@node-01 helm]# 

安装rancher server

[root@node-01 helm]# helm install rancher-stable/rancher --name rancher --namespace cattle-system --set hostname=rancher.cnlinux.club

默认情况下,Rancher会自动生成CA根证书并使用cert-manager颁发证书,因此,这里设置了 hostname=rancher.cnlinux.club,后续只能通过域名访问UI

为Agent Pod添加主机别名(可选)

如果你没有内部DNS服务器而是通过添加/etc/hosts主机别名的方式指定的Rancher server域名,那么不管通过哪种方式(自定义、导入、Host驱动等)创建K8S集群,K8S集群运行起来之后,因为cattle-cluster-agent Pod和cattle-node-agent无法通过DNS记录找到Rancher server,最终导致无法通信。

可以通过给cattle-cluster-agent Pod和cattle-node-agent添加主机别名(/etc/hosts),让其可以正常通信(前提是IP地址可以互通)。

注意:替换以下命令中的域名和IP

cattle-cluster-agent pod
[root@node-01 helm]#  kubectl -n cattle-system patch  deployments cattle-cluster-agent --patch '{
    "spec": {
        "template": {
            "spec": {
                "hostAliases": [
                    {
                        "hostnames":
                        [
                            "rancher.cnlinux.club"
                        ],
                            "ip": "10.31.90.200"
                    }
                ]
            }
        }
    }
}'
cattle-node-agent pod
[root@node-01 helm]#  kubectl -n cattle-system patch  daemonsets cattle-node-agent --patch '{
    "spec": {
        "template": {
            "spec": {
                "hostAliases": [
                    {
                        "hostnames":
                        [
                            "rancher.cnlinux.club"
                        ],
                            "ip": "10.31.90.200"
                    }
                ]
            }
        }
    }
}'
访问rancher
  1. 通过浏览器访问https://rancher.cnlinux.club/,出现如下页面,然后设置密码

Kubernetes部署(十一):管理之Helm和Rancher部署

  1. 然后就可以出现如下界面,就证明已经正常运行了
    Kubernetes部署(十一):管理之Helm和Rancher部署

3.至此就可以通过rancher来管理pod、ingress、service等资源了。
Kubernetes部署(十一):管理之Helm和Rancher部署

  1. rancher也创建新的k8s集群,如果管理其他现有的k8s集群,可以选择如下图的导入
    Kubernetes部署(十一):管理之Helm和Rancher部署

Kubernetes部署(十一):管理之Helm和Rancher部署

后续会陆续更新所有的k8s相关文档,如果你觉得我写的不错,希望大家多多关注点赞,非常感谢!

推荐阅读:
  1. kubernetes中helm的安装和部署
  2. Helm工具的介绍和部署

免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。

kubernets helm rancher

上一篇:struts不可直接方式jsp的web.xml配置

下一篇:RHEL7.x版本,设置IP地址、网关和DNS的3种方法

相关阅读

您好,登录后才能下订单哦!

密码登录
登录注册
其他方式登录
点击 登录注册 即表示同意《亿速云用户服务条款》