前言:
rancher是一个比较特殊的开源的kubernetes管理工具,特殊在它是一个名称为k3s的简单kubernetes集群,而该集群是在kubernetes集群内的。
rancher还可以在一个裸的仅具有docker环境的机器部署,然后通过该机器将其它的kubernetes集群纳入rancher管理(简称纳管),或者是通过该机器快速的在其它节点安装一个全新的由rancher纳管的kubernetes集群。
OK,本文将讲述如何在centos7服务器上,在已有的kubernetes-1.23.15集群内,通过docker安装rancher-2.6.4,并调试到可用状态。
一,
环境介绍
已有的kubernetes集群大体情况:
[root@k8s-master ~]# kubectl get no -owide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
k8s-master Ready control-plane,master 110d v1.23.15 192.168.123.11 <none> CentOS Linux 7 (Core) 5.4.228-1.el7.elrepo.x86_64 docker://20.10.7
k8s-node1 Ready <none> 110d v1.23.15 192.168.123.12 <none> CentOS Linux 7 (Core) 5.4.228-1.el7.elrepo.x86_64 docker://20.10.7
k8s-node2 Ready <none> 110d v1.23.15 192.168.123.13 <none> CentOS Linux 7 (Core) 5.4.228-1.el7.elrepo.x86_64 docker://20.10.7
[root@k8s-master ~]# kubectl get po -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-6d8c4cb4d-8fqvx 1/1 Running 1 (110d ago) 110d
kube-system coredns-6d8c4cb4d-wwmkf 1/1 Running 1 (110d ago) 110d
kube-system etcd-k8s-master 1/1 Running 2 (110d ago) 110d
kube-system kube-apiserver-k8s-master 1/1 Running 2 (110d ago) 110d
kube-system kube-controller-manager-k8s-master 1/1 Running 2 (110d ago) 110d
kube-system kube-flannel-ds-jhnhc 1/1 Running 1 (110d ago) 110d
kube-system kube-flannel-ds-v59k2 1/1 Running 1 (110d ago) 110d
kube-system kube-flannel-ds-vlrtj 1/1 Running 1 (110d ago) 110d
kube-system kube-proxy-2xlzz 1/1 Running 2 (110d ago) 110d
kube-system kube-proxy-pndtl 1/1 Running 2 (110d ago) 110d
kube-system kube-proxy-z4zdp 1/1 Running 2 (110d ago) 110d
kube-system kube-scheduler-k8s-master 1/1 Running 2 (110d ago) 110d
OK,现有的kubernetes集群版本是1.23.15,服务器的IP地址什么的都在上面,该集群是一个比较干净的集群,没有安装什么多的pod。
二,
使用docker安装rancher
镜像下载:
链接:https://pan.baidu.com/s/1DuP4ZGDES9EhTGGPLprZmQ?pwd=ranc
提取码:ranc
注:rancher的镜像都是比较大的,主要是两个镜像,一个是server 镜像,一个是客户端镜像,都是1.5G左右大小,如果是使用下面的第一个命令,最好还是先导入镜像在执行docker启动命令
[root@k8s-master ~]# ls -alh |grep rancher
-rw-r--r-- 1 root root 1.4G Apr 23 05:59 rancher-2.6.4.tar.gz
-rw-r--r-- 1 root root 1.4G Apr 23 05:59 rancher-agent-2.6.4.tar.gz
docker启动命令为(在master节点,也就是192.168.123.11节点执行此命令):
docker run --privileged -d --name rancher --restart=unless-stopped -p 80:80 -p 443:443 -v /opt/rancher:/var/lib/rancher rancher/rancher:v2.6.4该命令可以使用阿里云的镜像,如果是阿里云的镜像,命令为:
docker run --privileged -d --name rancher \
--restart=unless-stopped -p 80:80 -p 443:443 -v /opt/rancher:/var/lib/rancher \
-e CATTLE_AGENT_IMAGE="registry.cn-hangzhou.aliyuncs.com/rancher/rancher-agent:v2.6.4" \
registry.cn-hangzhou.aliyuncs.com/rancher/rancher:v2.6.4等待大概3分钟即可,然后就可以进入rancher的web界面了:
三,
rancher 的设置
1,获取web界面的密码
[root@k8s-master ~]# docker ps -a |grep rancher
c922a62d3c15 rancher/rancher:v2.6.4 "entrypoint.sh" 11 minutes ago Up 11 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp rancher
[root@k8s-master ~]# docker logs c922a 2>&1 | grep "Bootstrap Password:"
2023/04/22 22:09:56 [INFO] Bootstrap Password: rhs4j82d9bmqqqlqwfkprls5pmx6wmdqnwvjqgcmvkfklsdz9v5bwx
2,登陆rancher,并修改上面获取到的随机密码:
只打第二个√
3,rancher 的初始界面
可以看到,现在是有一个名为local的k3s集群,版本还挺高,是1.22.7,状态是active,但这些不是重要的,重要的是,我们需要导入已存在的kubernetes-1.23.15
4,导入已存在的现有集群
注:rancher-agent-2.6.4.tar.gz 三个节点都应该导入
这个命令输出大体如下:
[root@k8s-master ~]# curl --insecure -sfL https://192.168.123.11/v3/import/ll2gkc5v4mwlxllw8dgld7zfkp2sdclxspmg8hvrkkxksf2zwzr8xg_c-m-vrmw68ql.yaml | kubectl apply -f -
clusterrole.rbac.authorization.k8s.io/proxy-clusterrole-kubeapiserver unchanged
clusterrolebinding.rbac.authorization.k8s.io/proxy-role-binding-kubernetes-master unchanged
namespace/cattle-system unchanged
serviceaccount/cattle unchanged
clusterrolebinding.rbac.authorization.k8s.io/cattle-admin-binding unchanged
secret/cattle-credentials-c4a8a0f created
clusterrole.rbac.authorization.k8s.io/cattle-admin unchanged
Warning: spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key: beta.kubernetes.io/os is deprecated since v1.14; use "kubernetes.io/os" instead
deployment.apps/cattle-cluster-agent created
service/cattle-cluster-agent unchanged
可以看到确实有三个节点:
OK,我们现在已经初步的导入了已存在的集群,但,现在很多功能还是用不了的,因为,一些插件还没有部署:
[root@k8s-master ~]# kubectl get po -A -owide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
cattle-fleet-system fleet-agent-6b98dfb776-nqw5j 0/1 ImagePullBackOff 0 17m 10.244.2.4 k8s-node2 <none> <none>
cattle-system cattle-cluster-agent-8f9c97c59-bq57h 1/1 Running 0 5m3s 10.244.2.5 k8s-node2 <none> <none>
cattle-system cattle-cluster-agent-8f9c97c59-hxwfq 1/1 Running 0 17m 10.244.1.4 k8s-node1 <none> <none>
kube-system coredns-6d8c4cb4d-8fqvx 1/1 Running 1 (110d ago) 110d 10.244.0.4 k8s-master <none> <none>
最终应该是四个running:
[root@k8s-master ~]# kubectl get po -A -owide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
cattle-fleet-system fleet-agent-55b948fdd7-lvrkx 1/1 Running 0 19m 10.244.1.7 k8s-node1 <none> <none>
cattle-system cattle-cluster-agent-8f9c97c59-bq57h 1/1 Running 0 26m 10.244.2.5 k8s-node2 <none> <none>
cattle-system cattle-cluster-agent-8f9c97c59-hxwfq 1/1 Running 0 38m 10.244.1.4 k8s-node1 <none> <none>
cattle-system dashboard-shell-xkpx6 2/2 Running 0 7s 10.244.2.9 k8s-node2 <none> <none>
关于rancher的UI界面汉化:
rancher-2.6的UI界面是选择语言的,可以方便的切换到中文:
四,
基于rancher创建全新集群