在Kubernetes集群中,对于一些基础能力较弱的群体来说K8S控制面板操作存在一定的难度,此时kubesphere可以有效的解决这类难题。以下是部署kubesphere的操作步骤:
操作部署:
1. 部署nfs共享存储目录
yum -y install nfs-server
echo "/nfs/data *(rw,sync,no_root_squash)" >> /etc/exports
systemctl enable --now nfs-server
# 验证
showmount -e 10.0.0.231
2. 部署nfs-storageclass
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:name: nfs-client
provisioner: k8s-sigs.io/nfs-subdir-external-provisioner # or choose another name, must matchdeployment's env PROVISIONER_NAME'
parameters:archiveOnDelete: "false"
3. 部署deployment
apiVersion: apps/v1
kind: Deployment
metadata:name: nfs-client-provisionerlabels:app: nfs-client-provisioner
spec:replicas: 2strategy:type: Recreateselector:matchLabels:app: nfs-client-provisionertemplate:metadata:labels:app: nfs-client-provisionerspec:serviceAccountName: nfs-client-provisionercontainers:- name: nfs-client-provisionerimage: registry.cn-hangzhou.aliyuncs.com/qinge/nfs-subdir-external-provisioner:v1volumeMounts:- name: nfs-client-rootmountPath: /persistentvolumesenv:- name: PROVISIONER_NAMEvalue: k8s-sigs.io/nfs-subdir-external-provisioner- name: NFS_SERVERvalue: 10.0.0.231- name: NFS_PATHvalue: /nfs/datavolumes:- name: nfs-client-rootnfs:server: 10.0.0.231 #nfs服务地址path: /nfs/data
4. 部署rbac
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:name: nfs-client-provisioner-runner
rules:
- apiGroups: [""]resources: ["persistentvolumes"]verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]resources: ["persistentvolumeclaims"]verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]resources: ["storageclasses"]verbs: ["get", "list", "watch"]
- apiGroups: [""]resources: ["events"]verbs: ["create", "update", "patch"]---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:name: run-nfs-client-provisioner
subjects:
- kind: ServiceAccountname: nfs-client-provisionernamespace: default # 确保这里的namespace与你的nfs-client-provisioner服务账户所在的namespace相匹配
roleRef:kind: ClusterRolename: nfs-client-provisioner-runnerapiGroup: rbac.authorization.k8s.io
配置集群
1. 将部署的nfs-storageclass设置成默认的Storageclass
kubectl patch storageclass nfs-client -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
2. 下载kubesphere的资源并部署
wget https://github.com/kubesphere/ks-installer/releases/download/v3.4.1/kubesphere-installer.yaml
wget https://github.com/kubesphere/ks-installer/releases/download/v3.4.1/cluster-configuration.yamlkubectl apply -f kubesphere-installer.yaml
kubectl apply -f cluster-configuration.yaml
# 查看部署的进度
kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l 'app in (ks-install, ks-installer)' -o jsonpath='{.items[0].metadata.name}') -f
效果展示
当pod全部部署成功后,此时就可以在浏览直接访问任意节点的30880端口了,默认用户名/密码:admin/P@88w0rd
