k8s:kubesphere部署
k8s:安装kubesphere
官方安装地址:https://kubesphere.io/zh/docs/v3.4/quick-start/minimal-kubesphere-on-k8s/
1、首先需要镜像
注意:下载所有节点所需的镜像
kubesphere/ks-installer:v3.3.2
mirrorgooglecontainers/defaultbackend-amd64:1.4
kubesphere/kube-rbac-proxy:v0.11.0
kubesphere/prometheus-operator:v0.55.1
kubesphere/kube-state-metrics:v2.6.0
prom/node-exporter:v1.3.1
kubesphere/notification-manager-operator:v2.3.0
kubesphere/kubectl:v1.22.0
kubesphere/ks-console:v3.4.1
kubesphere/ks-apiserver:v3.4.1
kubesphere/ks-controller-manager:v3.4.1
kubesphere/notification-tenant-sidecar:v3.2.0
prom/alertmanager:v0.23.0
kubesphere/prometheus-config-reloader:v0.55.1
prom/prometheus:v2.39.1
IfNotPresent
#后续编辑deployment、镜像默认拉取策略修改为IfNotPresent
2、创建一个nfs存储类
2.1:先在一个节点创建NFS服务、整一个挂载目录
(浏览器————> kubesphere————>存储类——>NFS)
NFS地址:10.0.0.80
#apt isntall nfs-server
#mkdir /data/volumes -p
#vim /etc/exports
/data/volumes *(rw,no_root_squash)
#exportfs -av ###重新加载NFS
2.2:创建存储类
服务账户的yaml文件
####################################################################
### 1、创建一个role认证
### 2、创建存储类
### 2.1、存储类中定义删除PV的权限规则(1、删除PV时删除NFS中的数据。2、保留NFS中的数据)
### 2.2、创建NFS驱动(指定后端存储NFS(指定驱动、对应驱动的文件))
### 3、创建一个PV(PV创建时候、存储类驱动会自动创建PV、也就是挂载(外部底层存储)NFS。无需手动创建PV)
### 4、删除时候顺序(pod、PVC、PV、再删除存储类)
### 5
####################################################################
### /data/ServiceAccount/
####################################################################
apiVersion: v1
kind: Namespace
metadata:
name: jigaobo-ns
####################################################################
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: jigaobo
# replace with namespace where provisioner is deployed
namespace: jigaobo-ns
####################################################################
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jigaobo-ClusterRole
rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "update", "patch"]
- apiGroups: [""]
resources: ["pods", "services"]
verbs: ["get", "list", "watch","create","delete"]
####################################################################
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jigaobo-ClusterRole-Binding
subjects:
- kind: ServiceAccount
name: jigaobo
# replace with namespace where provisioner is deployed
namespace: jigaobo-ns
roleRef:
kind: ClusterRole
name: jigaobo-ClusterRole
apiGroup: rbac.authorization.k8s.io
####################################################################
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jigaobo-role
# replace with namespace where provisioner is deployed
namespace: jigaobo-ns
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
---
####################################################################
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jigaobo-role
# replace with namespace where provisioner is deployed
namespace: jigaobo-ns
subjects:
- kind: ServiceAccount
name: jigaobo
# replace with namespace where provisioner is deployed
namespace: jigaobo-ns
roleRef:
kind: Role
name: jigaobo-role
apiGroup: rbac.authorization.k8s.io
####################################################################
---
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
name: jigaobo-user-token
namespace: jigaobo-ns
annotations:
kubernetes.io/service-account.name: "jigaobo"
创建存储类的yaml文件
####################################################################
### 1、创建一个role认证
### 2、创建存储类
### 2.1、存储类中定义删除PV的权限规则(1、删除PV时删除NFS中的数据。2、保留NFS中的数据)
### 2.2、创建NFS驱动(指定后端存储NFS(指定驱动、对应驱动的文件))
### 3、创建一个PV(PV创建时候、存储类驱动会自动创建PV、也就是挂载(外部底层存储)NFS。无需手动创建PV)
### 4、删除时候顺序(pod、PVC、PV、再删除存储类)
####################################################################
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: managed-nfs-storage
provisioner: k8s-sigs.io/nfs-subdir-external-provisioner # or choose another name, must match deployment's env PROVISIONER_NAME'
reclaimPolicy: Retain #PV的删除策略,默认为delete,删除PV后立即删除NFS server的数据
mountOptions:
#- vers=4.1 #containerd有部分参数异常
#- noresvport #告知NFS客户端在重新建立网络连接时,使用新的传输控制协议源端口
- noatime #访问文件时不更新文件inode中的时间戳,高并发环境可提高性能
parameters:
#mountOptions: "vers=4.1,noresvport,noatime"
archiveOnDelete: "true" #删除pod时保留pod数据,默认为false时为不保留数据
外部驱动、调用外部NFS的yanl文件
apiVersion: apps/v1
kind: Deployment
metadata:
name: nfs-client-provisioner
labels:
app: nfs-client-provisioner
# replace with namespace where provisioner is deployed
namespace: nfs
spec:
replicas: 1
strategy: #部署策略
type: Recreate
selector:
matchLabels:
app: nfs-client-provisioner
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
serviceAccountName: nfs-client-provisioner
containers:
- name: nfs-client-provisioner
#image: k8s.gcr.io/sig-storage/nfs-subdir-external-provisioner:v4.0.2
image: registry.cn-qingdao.aliyuncs.com/zhangshijie/nfs-subdir-external-provisioner:v4.0.2
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: k8s-sigs.io/nfs-subdir-external-provisioner
- name: NFS_SERVER
value: 10.0.0.80
- name: NFS_PATH
value: /data/volumes
volumes:
- name: nfs-client-root
nfs:
server: 10.0.0.80
path: /data/volumes
3、启动
下载yaml文件
1、先apply这个文件(可以修改镜像为registry.cn-hangzhou.aliyuncs.com/docker-jigaobo/ks-installer:v3.4.1)
kubectl apply -f https://github.com/kubesphere/ks-installer/releases/download/v3.4.1/kubesphere-installer.yaml
2、再apply这个文件(可能要稍等一会儿、初始化有点慢、这个需要大量的镜像、等资源启动后修改镜像拉取策略为IfNotPresent)
kubectl apply -f https://github.com/kubesphere/ks-installer/releases/download/v3.4.1/cluster-configuration.yaml
3、修改镜像的拉取策略、拉取镜像异常的pod
kubectl edit deployment ks-apiserver -n kubesphere-system
kubectl edit deployment ks-console -n kubesphere-system
kubectl edit deployment ks-controller-manager -n kubesphere-system
4、验证及web页面登录
1、查看日志
kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l 'app in (ks-install, ks-installer)' -o jsonpath='{.items[0].metadata.name}') -f
2、查看svc端口
kubectl get svc/ks-console -n kubesphere-system
3、登录 Web 控制台
确保在安全组中打开了端口30880,并通过 NodePort (IP:30880) 使用默认帐户和密码 (admin/P@88w0rd) 访问 Web 控制台。
删除kubesphere
删除kubesphere、官方推荐方式
#执行脚本删除
/root/dashboard/kubesphere/2.kubernetes-day2-20230416/20230416-cases/4.KubeSphere/delete.sh
#然后删除pvc和pv
kubectl get pv | awk '{print $1}'
kubectl delete pv PV-NAME
#一条命令搞定
kubectl delete pv $(kubectl get pv | awk '{print $1}')
如果上面脚本执行卡顿、配合命令直接强制删除
#慎用!!!!( 强制删除一个名称空间下的所有资源 )
kubectl delete all --all -n kubesphere-monitoring-system --force --grace-period=0
浙公网安备 33010602011771号