欧拉OpenEuler基于Kubeasz部署k8s.v2.250120

四台机器：
xxx.xxx.xxx.100 PRD-MS-K8Sops 部署机 作为宿主机通过kubeasz容器运行ansible/ezctl命令

xxx.xxx.xxx.101 PRD-MS-K8S01 master主节点 注意etcd集群需要1,3,5,...奇数个节点
xxx.xxx.xxx.102 PRD-MS-K8S02 node节点
xxx.xxx.xxx.103 PRD-MS-K8S03 node节点

一、以下操作均在100部署机完成

1. 配置SSH免密登录

# 生成证书，回车三下
ssh-keygen -t rsa
# 免密到Kubernetes01，yes，然后输入密码
ssh-copy-id xxx.xxx.xxx.101
# 免密到Kubernetes02，yes，然后输入密码
ssh-copy-id xxx.xxx.xxx.102
# 免密到Kubernetes03，yes，然后输入密码
ssh-copy-id xxx.xxx.xxx.103

2. 安装ansible

yum -y install vconfig 
yum install -y ansible

3. 下载kubeasz3.6.5

wget https://github.com/easzlab/kubeasz/releases/download/3.6.5/ezdown
chmod +x ./ezdown
#./ezdown -D命令多执行几遍，直至再执行的时候不再downloading为止。这样就在/etc/kubeasz目录下下载了在线安装所有需要的脚本、二进制文件和镜像文件。
./ezdown -D
docker images | wc -l

4.配置kubeasz

cd /etc/kubeasz/
./ezctl new k8s-cluster
cd /etc/kubeasz/clusters/k8s-cluster/

vim hosts修改正确ip，网段设置真实网段xxx.xxx.60.0/24

[etcd]
xxx.xxx.xxx.101
xxx.xxx.xxx.102
xxx.xxx.xxx.103

[kube_master]
xxx.xxx.xxx.101 k8s_nodename='k8s-master'

[kube_node]
xxx.xxx.xxx.101 k8s_nodename='k8s-master'
xxx.xxx.xxx.102 k8s_nodename='k8s-node1'
xxx.xxx.xxx.103 k8s_nodename='k8s-node2'

# Cluster CIDR (Pod CIDR), not overlap with node(host) networking
CLUSTER_CIDR="xxx.xxx.60.0/24"

二、master和node服务器分别进行系统优化

101，102，103分别关闭防火墙和selinux

systemctl stop firewalld
systemctl disable firewalld
sed -ri 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0

三、在100部署机，安装K8S

cd /etc/kubeasz
./ezctl setup  k8s1.27.1-cluster all

番外：kubeasz分步执行详解

./ezctl setup --help (可以看到每步具体安装什么）
./ezctl setup k8s1.27.1-cluster 01 ---》 系统环境 初始化
./ezctl setup k8s1.27.1-cluster 02 ---》安装etcd 集群

etcd 集群验证

export NODE_IPS="xxx.xxx.xxx.101 xxx.xxx.xxx.102 xxx.xxx.xxx.103"

for ip in ${NODE_IPS}; do ETCDCTL_API=3 etcdctl --endpoints=https://${ip}:2379 --cacert=/etc/kubernetes/ssl/ca.pem --cert=/etc/kubernetes/ssl/etcd.pem --key=/etc/kubernetes/ssl/etcd-key.pem endpoint health; done

结果
https://172.62.17.101:2379 is healthy: successfully committed proposal: took = 31.443754ms
https://172.62.17.102:2379 is healthy: successfully committed proposal: took = 37.993094ms
https://172.62.17.103:2379 is healthy: successfully committed proposal: took = 42.216398ms

./ezctl setup k8s1.27.1-cluster 03 ---》 安装 容器运行时runtime
ps -ef |grep container

./ezctl setup k8s1.27.1-cluster 04 ---》 安装master
ps -ef |grep kube

./ezctl setup k8s1.27.1-cluster 05 ---》 安装node
kubectl get node

./ezctl setup k8s1.27.1-cluster 06 ---》 安装网络插件
kubectl get pod -n kube-system

./ezctl setup k8s1.27.1-cluster 07 ---》 安装系统的其它应用插件
kubectl get pod -n kube-system

kubectl get svc -kube-system

kubectl set env daemonset/calico-node -n kube-system IP_AUTODETECTION_METHOD=interface=ens18
daemonset.apps/calico-node env updated