rke2 offline install kubernetes v1.26

文章目录

    • 1. 准备
    • 2. 安装 ansible
    • 3. 基础配置
      • 3.1 配置 hosts
      • 3.2 安装软件包
      • 3.3 内核参数
      • 3.4 连接数限制
      • 3.5 关闭swap 、selinux、防火墙
      • 3.6 时间同步
    • 4. RKE2 安装
      • 4.1 下载安装
      • 4.2 配置其他管理节点
      • 4.3 新增 worker 节点

1. 准备

7 台主机

主机名ipcpu内存diskos角色user密码
kube-master01192.168.10.13181650redhat 8.8masterrootroot
kube-master02192.168.10.13281650redhat 8.8masterrootroot
kube-master03192.168.10.13381650redhat 8.8masterrootroot
kube-node01192.168.10.13481650redhat 8.8masterrootroot
kube-node02192.168.10.13581650redhat 8.8masterrootroot
kube-node03192.168.10.13681650redhat 8.8masterrootroot
bastion01192.168.10.13981650redhat 8.8masterrootroot

2. 安装 ansible

bastion01

yum  -y install epel-release
yum -y install ansible
vim /etc/ansible/hosts
[all]
kube-master01 ansible_host=10.80.10.131
kube-master02 ansible_host=10.80.10.132
kube-master03 ansible_host=10.80.10.133
kube-node01 ansible_host=10.80.10.134
kube-node02 ansible_host=10.80.10.135
kube-node03 ansible_host=10.80.10.136[bastion]
bastion01 ansible_host=10.80.10.139 ansible_user=root[kube_control_plane]
kube-master01
kube-master02
kube-master03[etcd]
kube-master01
kube-master02
kube-master03[kube_node]
kube-node01
kube-node02
kube-node03

3. 基础配置

3.1 配置 hosts

$ cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain610.80.10.131 kube-master01
10.80.10.132 kube-master02
10.80.10.133 kube-master03
10.80.10.134 kube-node01
10.80.10.135 kube-node02
10.80.10.136 kube-node03$ ansible all -m copy -a "src=/etc/hosts dest=/etc/hosts"

3.2 安装软件包

yum -y install lrzsz vim gcc glibc openssl openssl-devel net-tools http-tools wget curl  yum-utils telnet

3.3 内核参数

$ vim  sysctl.sh 
echo "
net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1
net.ipv4.ip_forward=1
net.ipv4.conf.all.forwarding=1
net.ipv4.neigh.default.gc_thresh1=4096
net.ipv4.neigh.default.gc_thresh2=6144
net.ipv4.neigh.default.gc_thresh3=8192
net.ipv4.neigh.default.gc_interval=60
net.ipv4.neigh.default.gc_stale_time=120# 参考 https://github.com/prometheus/node_exporter#disabled-by-default
kernel.perf_event_paranoid=-1#sysctls for k8s node config
net.ipv4.tcp_slow_start_after_idle=0
net.core.rmem_max=16777216
fs.inotify.max_user_watches=524288
kernel.softlockup_all_cpu_backtrace=1kernel.softlockup_panic=0kernel.watchdog_thresh=30
fs.file-max=2097152
fs.inotify.max_user_instances=8192
fs.inotify.max_queued_events=16384
vm.max_map_count=262144
net.core.netdev_max_backlog=16384
net.ipv4.tcp_wmem=4096 12582912 16777216
net.core.wmem_max=16777216
net.core.somaxconn=32768
net.ipv4.ip_forward=1
net.ipv4.tcp_max_syn_backlog=8096
net.ipv4.tcp_rmem=4096 12582912 16777216net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.lo.disable_ipv6=1kernel.yama.ptrace_scope=0
vm.swappiness=0# 可以控制core文件的文件名中是否添加pid作为扩展。
kernel.core_uses_pid=1# Do not accept source routing
net.ipv4.conf.default.accept_source_route=0
net.ipv4.conf.all.accept_source_route=0# Promote secondary addresses when the primary address is removed
net.ipv4.conf.default.promote_secondaries=1
net.ipv4.conf.all.promote_secondaries=1# Enable hard and soft link protection
fs.protected_hardlinks=1
fs.protected_symlinks=1# 源路由验证
# see details in https://help.aliyun.com/knowledge_detail/39428.html
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_announce=2
net.ipv4.conf.all.arp_announce=2# see details in https://help.aliyun.com/knowledge_detail/41334.html
net.ipv4.tcp_max_tw_buckets=5000
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_synack_retries=2
kernel.sysrq=1" >> /etc/sysctl.conf
modprobe br_netfilter
sysctl -p$ ansible all -m script -a "sysctl.sh"

3.4 连接数限制

ansible all -m lineinfile -a "path=/etc/security/limits.conf line='* soft nofile 655360\n* hard nofile 131072\n* soft nproc 655350\n* hard nproc 655350\n* soft memlock unlimited\n* hard memlock unlimited'" -b

3.5 关闭swap 、selinux、防火墙

ansible all -i hosts -s -m systemd -a "name=firewalld state=stopped enabled=no"
ansible all -m lineinfile -a "path=/etc/selinux/config regexp='^SELINUX=' line='SELINUX=disabled'" -b
ansible all -m shell -a "getenforce 0"
ansible all -m shell -a "sed -i '/.*swap.*/s/^/#/' /etc/fstab" -b
ansible all -m shell -a " swapoff -a && sysctl -w vm.swappiness=0"

3.6 时间同步

定义自己的时间服务器

yum -y install chrony
mv /etc/chrony.conf /etc/chrony.conf_bak
cat > /etc/chrony.conf <<EOF
pool ntp.aliyun.com iburst
pool ntp1.aliyun.com iburst
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
keyfile /etc/chrony.keys
leapsectz right/UTC
logdir /var/log/chrony
EOFsystemctl enable chronyd
systemctl restart chronyd
timedatectl status
chronyc sources -v

4. RKE2 安装

设置一个 HA 集群需要以下步骤:

配置一个固定的注册地址
启动第一个 server 节点
加入其他 server 节点
加入 agent 节点
参考:https://docs.rancher.cn/docs/rke2/install/ha/_index/

注意:由于主机有限,我们就把第一个启动的节点设置为注册地址,下面只进行2、3步骤。

4.1 下载安装

rke2版本信息:https://github.com/rancher/rke2/releases

sudo mkdir /root/rke2-artifacts && cd /root/rke2-artifacts/
wget https://github.com/rancher/rke2/releases/download/v1.26.12%2Brke2r1/rke2-images.linux-amd64.tar.zst
wget https://github.com/rancher/rke2/releases/download/v1.26.12%2Brke2r1/rke2.linux-amd64.tar.gz
wget https://github.com/rancher/rke2/releases/download/v1.26.12%2Brke2r1/sha256sum-amd64.txt
curl -sfL https://get.rke2.io --output install.sh

安装

INSTALL_RKE2_ARTIFACT_PATH=/root/rke2-artifacts sh install.sh

输出:

$ INSTALL_RKE2_ARTIFACT_PATH=/root/rke2-artifacts sh install.sh
[INFO]  staging local checksums from /root/rke2-artifacts/sha256sum-amd64.txt
[INFO]  staging zst airgap image tarball from /root/rke2-artifacts/rke2-images.linux-amd64.tar.zst
[INFO]  staging tarball from /root/rke2-artifacts/rke2.linux-amd64.tar.gz
[INFO]  verifying airgap tarball
[INFO]  installing airgap tarball to /var/lib/rancher/rke2/agent/images
[INFO]  verifying tarball
[INFO]  unpacking tarball file to /usr/local

启用 rke2-server 服务

systemctl enable rke2-server.service && systemctl start rke2-server.service

如有需要,可以查看日志

journalctl -u rke2-server -f

启动的过程可能需要3-8分钟,请耐心等候!

启动完成之后,你通过以下命令设置 kubectl 进行交互

设置环境变量

cat >>/root/.bashrc<< EOF
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml PATH=$PATH:/var/lib/rancher/rke2/bin
EOF
source /root/.bashrc

查看集群

$ kubectl get node
NAME            STATUS   ROLES                       AGE     VERSION
rke2-master01   Ready    control-plane,etcd,master   3m30s   v1.26.12+rke2r1$ kubectl get po -A
NAMESPACE     NAME                                                    READY   STATUS      RESTARTS   AGE
kube-system   cloud-controller-manager-rke2-master01                  1/1     Running     0          29m
kube-system   etcd-rke2-master01                                      1/1     Running     0          29m
kube-system   helm-install-rke2-canal-6v6qr                           0/1     Completed   0          29m
kube-system   helm-install-rke2-coredns-b5ttn                         0/1     Completed   0          29m
kube-system   helm-install-rke2-ingress-nginx-45cqw                   0/1     Completed   0          29m
kube-system   helm-install-rke2-metrics-server-mq6qh                  0/1     Completed   0          29m
kube-system   helm-install-rke2-snapshot-controller-crd-jn4zf         0/1     Completed   0          29m
kube-system   helm-install-rke2-snapshot-controller-zt8f5             0/1     Completed   2          29m
kube-system   helm-install-rke2-snapshot-validation-webhook-kgjbt     0/1     Completed   0          29m
kube-system   kube-apiserver-rke2-master01                            1/1     Running     0          29m
kube-system   kube-controller-manager-rke2-master01                   1/1     Running     0          29m
kube-system   kube-proxy-rke2-master01                                1/1     Running     0          29m
kube-system   kube-scheduler-rke2-master01                            1/1     Running     0          29m
kube-system   rke2-canal-ssvcb                                        2/2     Running     0          29m
kube-system   rke2-coredns-rke2-coredns-565dfc7d75-6dbr9              1/1     Running     0          29m
kube-system   rke2-coredns-rke2-coredns-autoscaler-6c48c95bf9-lb2xt   1/1     Running     0          29m
kube-system   rke2-ingress-nginx-controller-8lp6v                     1/1     Running     0          28m
kube-system   rke2-metrics-server-c9c78bd66-szclt                     1/1     Running     0          28m
kube-system   rke2-snapshot-controller-6f7bbb497d-b426h               1/1     Running     0          28m
kube-system   rke2-snapshot-validation-webhook-65b5675d5c-2b98t       1/1     Running     0          28m

查看镜像

crictl --runtime-endpoint  /run/k3s/containerd/containerd.sock images
I0105 03:04:04.797054   38955 util_unix.go:103] "Using this endpoint is deprecated, please consider using full URL format" endpoint="/run/k3s/containerd/containerd.sock" URL="unix:///run/k3s/containerd/containerd.sock"
IMAGE                                                                TAG                                        IMAGE ID            SIZE
docker.io/rancher/hardened-calico                                    v3.26.3-build20231109                      116d7534875a5       550MB
docker.io/rancher/hardened-cluster-autoscaler                        v1.8.6-build20230609                       4b341204b793f       158MB
docker.io/rancher/hardened-coredns                                   v1.10.1-build20230607                      e9693e4a055c6       178MB
docker.io/rancher/hardened-dns-node-cache                            1.22.20-build20230607                      b8c68fd62f6ec       185MB
docker.io/rancher/hardened-etcd                                      v3.5.9-k3s1-build20230802                  c6b7a4f2f79b2       168MB
docker.io/rancher/hardened-flannel                                   v0.23.0-build20231109                      c776826db2fda       222MB
docker.io/rancher/hardened-k8s-metrics-server                        v0.6.3-build20230607                       c32586d7f004e       172MB
docker.io/rancher/hardened-kubernetes                                v1.26.12-rke2r1-build20231220              f3833faba37f6       741MB
docker.io/rancher/klipper-helm                                       v0.8.2-build20230815                       5f89cb8137ccb       256MB
docker.io/rancher/klipper-lb                                         v0.4.4                                     af74bd845c4a8       12.5MB
docker.io/rancher/mirrored-ingress-nginx-kube-webhook-certgen        v20230312-helm-chart-4.5.2-28-g66a760794   5a86b03a88d23       48.5MB
docker.io/rancher/mirrored-sig-storage-snapshot-controller           v6.2.1                                     1ef6c138bd5f2       58.4MB
docker.io/rancher/mirrored-sig-storage-snapshot-validation-webhook   v6.2.2                                     ff52c2bcf9f88       49MB
docker.io/rancher/nginx-ingress-controller                           nginx-1.9.3-hardened1                      bfdece8fa3f14       800MB
docker.io/rancher/pause                                              3.6                                        6270bb605e12e       686kB
docker.io/rancher/rke2-cloud-provider                                v1.26.3-build20230406                      f906d1e7a5774       175MB
docker.io/rancher/rke2-runtime                                       v1.26.12-rke2r1                            b41c0bf12eaed       348MB#正是打包的18个镜像
$ crictl --runtime-endpoint  /run/k3s/containerd/containerd.sock images | wc -l
I0105 04:44:47.837366   27749 util_unix.go:103] "Using this endpoint is deprecated, please consider using full URL format" endpoint="/run/k3s/containerd/containerd.sock" URL="unix:///run/k3s/containerd/containerd.sock"
18$ ctr --address /run/k3s/containerd/containerd.sock ns ls
NAME   LABELS 
k8s.io        
$ ctr --address /run/k3s/containerd/containerd.sock -n k8s.io i ls
REF                                                                                                    TYPE                                                 DIGEST                                                                  SIZE      PLATFORMS   LABELS                          
docker.io/rancher/hardened-calico:v3.26.3-build20231109                                                application/vnd.docker.distribution.manifest.v2+json sha256:a04597f6c764a8a6b6efeea49c0b07192b5592356ecd2e9df93afd1cbd5b0040 524.3 MiB linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/hardened-cluster-autoscaler:v1.8.6-build20230609                                     application/vnd.docker.distribution.manifest.v2+json sha256:4482a289e12fe12b67be83ae9bd873632cf6aa831d18a79bf9956665ac5dc67b 150.5 MiB linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/hardened-coredns:v1.10.1-build20230607                                               application/vnd.docker.distribution.manifest.v2+json sha256:ff06feb91cd772ca1d11392bfb01c4403923980d0c479ee9b0c0b9cbd6a1037e 170.2 MiB linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/hardened-dns-node-cache:1.22.20-build20230607                                        application/vnd.docker.distribution.manifest.v2+json sha256:b668f8ab563d548467d92c51686f62291c55ab2ef891dc5f0936cfdf04933374 176.3 MiB linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/hardened-etcd:v3.5.9-k3s1-build20230802                                              application/vnd.docker.distribution.manifest.v2+json sha256:c3152682e39151efb3d56be9b9cec0a4c289430755250319d0590e372c2ae833 160.1 MiB linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/hardened-flannel:v0.23.0-build20231109                                               application/vnd.docker.distribution.manifest.v2+json sha256:ace90ebb20a719162a93455fada9361ebaa3de7c74543525172184cd8552f99e 212.2 MiB linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/hardened-k8s-metrics-server:v0.6.3-build20230607                                     application/vnd.docker.distribution.manifest.v2+json sha256:a62b2b9fdffe0a503508219b0ad85ff19266038a71471e83b80860a3007fe0b9 163.7 MiB linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/hardened-kubernetes:v1.26.12-rke2r1-build20231220                                    application/vnd.docker.distribution.manifest.v2+json sha256:406825324934b223aa163329d984dc0fd7f11ed7efa93cdbb12956aa9c6f8026 706.6 MiB linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/klipper-helm:v0.8.2-build20230815                                                    application/vnd.docker.distribution.manifest.v2+json sha256:9f6b0a352533fe34763f81f014952f0595b9bd2ad531b179767c81ef77172668 244.5 MiB linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/klipper-lb:v0.4.4                                                                    application/vnd.docker.distribution.manifest.v2+json sha256:1068256da90ae89e55b6b59cfd170f56285acfd8193abcaf0aeebce100fd1d6e 11.9 MiB  linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/mirrored-ingress-nginx-kube-webhook-certgen:v20230312-helm-chart-4.5.2-28-g66a760794 application/vnd.docker.distribution.manifest.v2+json sha256:57182383859f52f92a14a8f1a52a8c83c01314c9866c2aa94f3269c34ce8043e 46.2 MiB  linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/mirrored-sig-storage-snapshot-controller:v6.2.1                                      application/vnd.docker.distribution.manifest.v2+json sha256:ef36c4cf203caac19b894e7b03534e212c675c19f5e82bbc903ccc080818c69a 55.7 MiB  linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/mirrored-sig-storage-snapshot-validation-webhook:v6.2.2                              application/vnd.docker.distribution.manifest.v2+json sha256:e5edbd113f9d9310e4001baf92b1a70db0070755da55fe31181550eb4074cadd 46.7 MiB  linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/nginx-ingress-controller:nginx-1.9.3-hardened1                                       application/vnd.docker.distribution.manifest.v2+json sha256:bfd22a6fb7a6614c2c1c6efd645af9dac02c8a2eefeed8cefce9aaaf7dffeac8 763.1 MiB linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/pause:3.6                                                                            application/vnd.docker.distribution.manifest.v2+json sha256:79b611631c0d19e9a975fb0a8511e5153789b4c26610d1842e9f735c57cc8b13 669.8 KiB linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/rke2-cloud-provider:v1.26.3-build20230406                                            application/vnd.docker.distribution.manifest.v2+json sha256:fb39ba6b718d9444d92598ecefb94623c3c64af50d56b76e095bb7b28ebc67d2 167.3 MiB linux/amd64 io.cri-containerd.image=managed 
docker.io/rancher/rke2-runtime:v1.26.12-rke2r1                                                         application/vnd.docker.distribution.manifest.v2+json sha256:ac979e425e203f6374f32a97453af6072afe172786cef96375cf2db72eedaa75 332.0 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:116d7534875a5767406cd0b844e8bb4c88193831c72d78ccf00abb00dc1bf652                                application/vnd.docker.distribution.manifest.v2+json sha256:a04597f6c764a8a6b6efeea49c0b07192b5592356ecd2e9df93afd1cbd5b0040 524.3 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:1ef6c138bd5f2ac45f7b4ee54db0e513efad8576909ae9829ba649fb4b067388                                application/vnd.docker.distribution.manifest.v2+json sha256:ef36c4cf203caac19b894e7b03534e212c675c19f5e82bbc903ccc080818c69a 55.7 MiB  linux/amd64 io.cri-containerd.image=managed 
sha256:4b341204b793f4135593707e7af9b74d17948ec78cf930c5555365d7ab8630e6                                application/vnd.docker.distribution.manifest.v2+json sha256:4482a289e12fe12b67be83ae9bd873632cf6aa831d18a79bf9956665ac5dc67b 150.5 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:5a86b03a88d2316e2317c2576449a95ddbd105d69b2fe7b01d667b0ebab37422                                application/vnd.docker.distribution.manifest.v2+json sha256:57182383859f52f92a14a8f1a52a8c83c01314c9866c2aa94f3269c34ce8043e 46.2 MiB  linux/amd64 io.cri-containerd.image=managed 
sha256:5f89cb8137ccbd39377d91b9d75faf4ec4ee0a2d2a3a63635535b10c69c935fa                                application/vnd.docker.distribution.manifest.v2+json sha256:9f6b0a352533fe34763f81f014952f0595b9bd2ad531b179767c81ef77172668 244.5 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:6270bb605e12e581514ada5fd5b3216f727db55dc87d5889c790e4c760683fee                                application/vnd.docker.distribution.manifest.v2+json sha256:79b611631c0d19e9a975fb0a8511e5153789b4c26610d1842e9f735c57cc8b13 669.8 KiB linux/amd64 io.cri-containerd.image=managed 
sha256:af74bd845c4a83b7e4fa48e0c5a91dcda8843f586794fbb8b7f4bb7ed9e8cc56                                application/vnd.docker.distribution.manifest.v2+json sha256:1068256da90ae89e55b6b59cfd170f56285acfd8193abcaf0aeebce100fd1d6e 11.9 MiB  linux/amd64 io.cri-containerd.image=managed 
sha256:b41c0bf12eaed3b9c891524491271f9bbc69f7d64d329c19a2fc03081e665e35                                application/vnd.docker.distribution.manifest.v2+json sha256:ac979e425e203f6374f32a97453af6072afe172786cef96375cf2db72eedaa75 332.0 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:b8c68fd62f6eca96605fb7c008ac85d6f04c03f35871e99e6d02b5aa0b7af209                                application/vnd.docker.distribution.manifest.v2+json sha256:b668f8ab563d548467d92c51686f62291c55ab2ef891dc5f0936cfdf04933374 176.3 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:bfdece8fa3f1449a2b25c12f3e375c57258a6cd4d925f7983177f5f652afc885                                application/vnd.docker.distribution.manifest.v2+json sha256:bfd22a6fb7a6614c2c1c6efd645af9dac02c8a2eefeed8cefce9aaaf7dffeac8 763.1 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:c32586d7f004ede455a89444586801f9d30669c671e48ddad7be05c54dce9d3b                                application/vnd.docker.distribution.manifest.v2+json sha256:a62b2b9fdffe0a503508219b0ad85ff19266038a71471e83b80860a3007fe0b9 163.7 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:c6b7a4f2f79b24f9310e769ce7c1e0caba47fbf2d03a2025b19bee2090dae94d                                application/vnd.docker.distribution.manifest.v2+json sha256:c3152682e39151efb3d56be9b9cec0a4c289430755250319d0590e372c2ae833 160.1 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:c776826db2fda39152c467ecee8dd0d8f0414b1443423a2c819174f5d3bef7c1                                application/vnd.docker.distribution.manifest.v2+json sha256:ace90ebb20a719162a93455fada9361ebaa3de7c74543525172184cd8552f99e 212.2 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:e9693e4a055c697c4914cd6ac0eec06f5900f4d5f1d448f52b13c467b3599462                                application/vnd.docker.distribution.manifest.v2+json sha256:ff06feb91cd772ca1d11392bfb01c4403923980d0c479ee9b0c0b9cbd6a1037e 170.2 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:f3833faba37f6afbf70b2d11bc4871936a9c6c99927b0a1c01e4702d95af75fe                                application/vnd.docker.distribution.manifest.v2+json sha256:406825324934b223aa163329d984dc0fd7f11ed7efa93cdbb12956aa9c6f8026 706.6 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:f906d1e7a5774a6e36dddaadcefa240b1813bc921b50303fd0b0874519ccf889                                application/vnd.docker.distribution.manifest.v2+json sha256:fb39ba6b718d9444d92598ecefb94623c3c64af50d56b76e095bb7b28ebc67d2 167.3 MiB linux/amd64 io.cri-containerd.image=managed 
sha256:ff52c2bcf9f8893ac479bade578b25e9f4315173bcba6f605ca94a4c7ab84235                                application/vnd.docker.distribution.manifest.v2+json sha256:e5edbd113f9d9310e4001baf92b1a70db0070755da55fe31181550eb4074cadd 46.7 MiB  linux/amd64 io.cri-containerd.image=managed 

4.2 配置其他管理节点

第一服务器节点建立秘密令牌,当连接到集群时,其他服务器或代理节点将向该秘密令牌注册。
要将自己的预共享密钥指定为令牌,请在启动时设置令牌参数。

如果您没有指定预共享密钥,RKE 2将生成一个并将其放置在/var/lib/rancher/rke 2/server/node-token中.
在rke2-master01 查看

$ cat /var/lib/rancher/rke2/server/node-token 
K10280f64f7fcf7d94dfa45b6867fd55ef18597e966e5b817552970a24bf15ec6d1::server:417c78df294d6fb88640ef7c9304c070

传递介质

$ tree 
.
├── install.sh
├── rke2-images-all.linux-amd64.txt
├── rke2-images.linux-amd64.tar.zst
├── rke2.linux-amd64.tar.gz
└── sha256sum-amd64.txt
$ scp -r rke2-artifacts root@192.168.23.92:/root

rke2-master02 配置

$ mkdir -p /etc/rancher/rke2/
$ vim /etc/rancher/rke2/config.yaml
server: https://192.168.23.91:9345
token: K10280f64f7fcf7d94dfa45b6867fd55ef18597e966e5b817552970a24bf15ec6d1::server:417c78df294d6fb88640ef7c9304c070

安装 rke2-server

INSTALL_RKE2_ARTIFACT_PATH=/root/rke2-artifacts sh install.sh
cat >>/root/.bashrc<< EOF
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml PATH=$PATH:/var/lib/rancher/rke2/bin
EOF
source /root/.bashrc
systemctl enable rke2-server.service && systemctl start rke2-server.service

查看日志

journalctl -u rke2-server -f

在rke2-master01 查看集群

$ kubectl get node
NAME            STATUS   ROLES                       AGE   VERSION
rke2-master01   Ready    control-plane,etcd,master   80m   v1.26.12+rke2r1
rke2-master02   Ready    control-plane,etcd,master   65s   v1.26.12+rke2r1$ kubectl get po -A
NAMESPACE     NAME                                                    READY   STATUS      RESTARTS   AGE
kube-system   cloud-controller-manager-rke2-master01                  1/1     Running     0          90m
kube-system   cloud-controller-manager-rke2-master02                  1/1     Running     0          10m
kube-system   etcd-rke2-master01                                      1/1     Running     0          89m
kube-system   etcd-rke2-master02                                      1/1     Running     0          10m
kube-system   helm-install-rke2-canal-6v6qr                           0/1     Completed   0          90m
kube-system   helm-install-rke2-coredns-b5ttn                         0/1     Completed   0          90m
kube-system   helm-install-rke2-ingress-nginx-45cqw                   0/1     Completed   0          90m
kube-system   helm-install-rke2-metrics-server-mq6qh                  0/1     Completed   0          90m
kube-system   helm-install-rke2-snapshot-controller-crd-jn4zf         0/1     Completed   0          90m
kube-system   helm-install-rke2-snapshot-controller-zt8f5             0/1     Completed   2          90m
kube-system   helm-install-rke2-snapshot-validation-webhook-kgjbt     0/1     Completed   0          90m
kube-system   kube-apiserver-rke2-master01                            1/1     Running     0          90m
kube-system   kube-apiserver-rke2-master02                            1/1     Running     0          10m
kube-system   kube-controller-manager-rke2-master01                   1/1     Running     0          90m
kube-system   kube-controller-manager-rke2-master02                   1/1     Running     0          10m
kube-system   kube-proxy-rke2-master01                                1/1     Running     0          90m
kube-system   kube-proxy-rke2-master02                                1/1     Running     0          10m
kube-system   kube-scheduler-rke2-master01                            1/1     Running     0          90m
kube-system   kube-scheduler-rke2-master02                            1/1     Running     0          10m
kube-system   rke2-canal-kzvc9                                        2/2     Running     0          11m
kube-system   rke2-canal-ssvcb                                        2/2     Running     0          89m
kube-system   rke2-coredns-rke2-coredns-565dfc7d75-6dbr9              1/1     Running     0          89m
kube-system   rke2-coredns-rke2-coredns-565dfc7d75-tvf2f              1/1     Running     0          11m
kube-system   rke2-coredns-rke2-coredns-autoscaler-6c48c95bf9-lb2xt   1/1     Running     0          89m
kube-system   rke2-ingress-nginx-controller-8lp6v                     1/1     Running     0          88m
kube-system   rke2-ingress-nginx-controller-x2p78                     1/1     Running     0          10m
kube-system   rke2-metrics-server-c9c78bd66-szclt                     1/1     Running     0          89m
kube-system   rke2-snapshot-controller-6f7bbb497d-b426h               1/1     Running     0          88m
kube-system   rke2-snapshot-validation-webhook-65b5675d5c-2b98t       1/1     Running     0          89m

4.3 新增 worker 节点

传递介质

$ tree 
.
├── install.sh
├── rke2-images-all.linux-amd64.txt
├── rke2-images.linux-amd64.tar.zst
├── rke2.linux-amd64.tar.gz
└── sha256sum-amd64.txt
$ scp -r rke2-artifacts root@192.168.23.92:/root
$ mkdir -p /etc/rancher/rke2/
$ vim /etc/rancher/rke2/config.yaml
server: https://192.168.23.91:9345
token: K10280f64f7fcf7d94dfa45b6867fd55ef18597e966e5b817552970a24bf15ec6d1::server:417c78df294d6fb88640ef7c9304c070

安装 rke2-server

INSTALL_RKE2_ARTIFACT_PATH=/root/rke2-artifacts INSTALL_RKE2_TYPE="agent" sh install.sh
cat >>/root/.bashrc<< EOF
export KUBECONFIG=/etc/rancher/rke2/rke2.yaml PATH=$PATH:/var/lib/rancher/rke2/bin
EOF
source /root/.bashrc
systemctl enable rke2-agent.service && systemctl start rke2-agent.service

rke2-master01查看集群

$ kubectl get node
NAME            STATUS   ROLES                       AGE    VERSION
rke2-master01   Ready    control-plane,etcd,master   132m   v1.26.12+rke2r1
rke2-master02   Ready    control-plane,etcd,master   53m    v1.26.12+rke2r1
rke2-node01     Ready    <none>                      58s    v1.26.12+rke2r1

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.mzph.cn/news/605026.shtml

如若内容造成侵权/违法违规/事实不符,请联系多彩编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

11.3编写Linux串口驱动

编写串口驱动主要步骤 构建并初始化 struct console 对象&#xff0c;若串口无需支持 console 可省略此步骤 //UART驱动的console static struct uart_driver virt_uart_drv; static struct console virt_uart_console {//console 的名称&#xff0c;配合index字段使用&…

unity C#中Array、Stack、Queue、Dictionary、HashSet优缺点和使用场景总结

文章目录 数组 (Array)列表 (List<T>)栈 (Stack<T>)队列 (Queue<T>)链表 (LinkedList<T>)哈希表 (Dictionary<TKey, TValue>) 或 HashSet<T>集合 (Collection<T>) 数组 (Array) 优点&#xff1a; 高效访问&#xff1a;通过索引可以…

1-04C语言执行过程

一、概述 本小节主要讲解一个C程序从源代码到最终执行的过程&#xff0c;这个过程又可以细分为两部分&#xff1a; 源代码到可执行文件的过程可执行文件在内存中执行 本小节是C语言基础当中&#xff0c;比较容易被初学者忽视的知识点。而实际上&#xff1a; 熟悉C程序从源文…

前端超好玩的小游戏合集来啦--周末两天用html5做一个3D飞行兔子萝卜小游戏

文章目录 💖飞行兔子萝卜小游戏💟效果展示💟代码展示源码获取💖飞行兔子萝卜小游戏 💟效果展示 💟代码展示 <body> <script src=

如何选猫粮:买主食冻干猫粮需要注意什么?

随着养猫的人越来越多&#xff0c;铲屎官们对猫咪的饮食也越来越注重。除了猫粮&#xff0c;很多铲屎官还会给猫咪准备小零食。那么&#xff0c;猫咪是不是除了猫粮就没有其他可吃的了呢&#xff1f;答案当然不是。猫咪还有猫冻干、冻干猫粮、猫条等可以选择。每个铲屎官都希望…

【MySQL】索引基础

文章目录 1. 索引介绍2. 创建索引 create index…on…2.1 explain2.2 创建索引create index … on…2.3 删除索引 drop index … on 表名 3. 查看索引 show indexes in …4. 前缀索引4.1 确定最佳前缀长度&#xff1a;索引的选择性 5. 全文索引5.1 创建全文索引 create fulltex…

Vue3.4更新 “Slam Dunk“发布!!!

Announcing Vue 3.4 | The Vue Point. vue3.4更新官方文档 在vue2即将结束更新的时候&#xff0c;vue3迎来了一个重要的更新。代号为“&#x1f3c0; Slam Dunk”&#xff0c;即"灌篮高手"。这个版本进行了很多显著的内部改进&#xff0c;最重要的是模版解析的底层逻…

Github 2024-01-08开源项目周报 Top14

根据Github Trendings的统计&#xff0c;本周(2024-01-08统计)共有14个项目上榜。根据开发语言中项目的数量&#xff0c;汇总情况如下&#xff1a; 开发语言项目数量Python项目5TypeScript项目3C项目2Dart项目1QML项目1Go项目1Shell项目1Rust项目1JavaScript项目1C#项目1 免费…

IO进程线程Day5

1> 将互斥机制代码重新实现一遍 #include<myhead.h>char buf[128]; //临界资源pthread_mutex_t mutex; //创建锁资源//分支线程 void* task(void* arg) {while(1){//获取锁资源pthread_mutex_lock(&mutex);printf("这里是分支线程:%s\n",buf);st…

多线程模板应用实现(实践学习笔记)

出处&#xff1a;B站码出名企路 个人笔记&#xff1a;因为是跟着b站的教学视频以及文档初步学习&#xff0c;可能存在诸多的理解有误&#xff0c;对大家仅供借鉴&#xff0c;参考&#xff0c;然后是B站up阳哥的视频&#xff0c;我是跟着他学。大家有兴趣的可以到b站搜索。加油…

CAD安装教程

CAD安装教程 目录 一&#xff0e; 下载CAD二&#xff0e; 安装CAD 一&#xff0e; 下载CAD 如果需要CAD安装包请私信。 二&#xff0e; 安装CAD 解压压缩包AutoCAD2022中文版&#xff0c;以管理员身份运行AutoCAD_2022_Simplified_Chinese_Win_64bit_dlm.sfx。 选择解压路径。…

【sklearn练习】datasets的使用

一、数据集分类 1、fetch类的数据集&#xff1a; 以 "fetch" 开头的数据集&#xff0c;这些数据集通常不包含在 scikit-learn 的标准安装中&#xff0c;需要从远程服务器上下载。这些数据集通常比标准数据集更大&#xff0c;因此在使用它们之前&#xff0c;需要通过…

Spring MVC中@ExceptionHandler注解的智能处理机制——无需显示指定异常类型

概述 在深入探讨Spring MVC框架时&#xff0c;我们经常会遇到异常处理的相关场景。其中&#xff0c;ExceptionHandler注解是一个非常重要的工具&#xff0c;它允许我们声明一个方法来专门处理特定类型的异常。有趣的是&#xff0c;Spring容器具备智能化的异常类型关联功能&…

自动驾驶:低阶可部署的单目测距算法-基于YOLO与透视变换

一、开发环境 部署平台&#xff1a;英伟达的Jetson Nano 环境&#xff1a;Linux ROS 语言&#xff1a;C 设备&#xff1a;1920*1080像素的摄像头、开发板。 模型&#xff1a;yolo-v8s 二、单目测距实现思路 0、标定相机和车辆&#xff08;假设已经标定完成&#xff09; 1、通…

06-微服务-SpringAMQP

SpringAMQP SpringAMQP是基于RabbitMQ封装的一套模板&#xff0c;并且还利用SpringBoot对其实现了自动装配&#xff0c;使用起来非常方便。 SpringAmqp的官方地址&#xff1a;https://spring.io/projects/spring-amqp SpringAMQP提供了三个功能&#xff1a; 自动声明队列、交…

[论文阅读] Revisiting Feature Propagation and Aggregation in Polyp Segmentation

[论文地址] [代码] [MICCAI 23] Abstract 息肉的准确分割是筛查过程中有效诊断结直肠癌的关键步骤。 由于能够有效捕获多尺度上下文信息&#xff0c;普遍采用类似UNet 的编码器-解码器框架。 然而&#xff0c;两个主要限制阻碍了网络实现有效的特征传播和聚合。 首先&#xff…

基于SSM的企业员工管理系统

末尾获取源码 开发语言&#xff1a;Java Java开发工具&#xff1a;JDK1.8 后端框架&#xff1a;SSM 前端&#xff1a;Vue 数据库&#xff1a;MySQL5.7和Navicat管理工具结合 服务器&#xff1a;Tomcat8.5 开发软件&#xff1a;IDEA / Eclipse 是否Maven项目&#xff1a;是 目录…

[AutoSar]基础部分 RTE 04 数据类型的定义及使用

目录 关键词平台说明一、数据类型分类二、Adt三、Idt四、Base 数据类型五、units六、compu methods七、data constraint 关键词 嵌入式、C语言、autosar、Rte 平台说明 项目ValueOSautosar OSautosar厂商vector芯片厂商TI编程语言C&#xff0c;C编译器HighTec (GCC) 一、数据…

python自动化测试面试题与答案汇总

对于机器学习算法工程师而言,Python是不可或缺的语言,它的优美与简洁令人无法自拔,下面这篇文章主要给大家介绍了关于30道python自动化测试面试题与答案汇总的相关资料,需要的朋友可以参考下 1、什么项目适合做自动化测试&#xff1f; 关键字&#xff1a;不变的、重复的、规范…

ts axios 指定返回值类型,返回数据类型不确定该怎么办 typescript

ts axios 指定返回值类型&#xff0c;返回数据类型不确定该怎么办 typescript 转到 ts 以来&#xff0c;一直有个问题困扰着我&#xff0c;就是每次用 axios 获取数据时&#xff0c;返回值 res 的类型都不能确定&#xff0c;这就导致编辑器一直提示我&#xff1a; 原因 原因是…