官网下载安装包

https://www.docker.com/products/docker-desktop

手动下载镜像

https://github.com/AliyunContainerService/k8s-for-docker-desktop

image.png

  1. git clone https://github.com/AliyunContainerService/k8s-for-docker-desktop.git
  2. cd k8s-for-docker-desktop

image.png

  1. [root@liwm k8s-for-docker-desktop]# cat images.properties
  2. k8s.gcr.io/pause:3.2=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2
  3. k8s.gcr.io/kube-controller-manager:v1.19.7=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.19.7
  4. k8s.gcr.io/kube-scheduler:v1.19.7=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.19.7
  5. k8s.gcr.io/kube-proxy:v1.19.7=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.19.7
  6. k8s.gcr.io/kube-apiserver:v1.19.7=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.19.7
  7. k8s.gcr.io/etcd:3.4.13-0=registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.13-0
  8. k8s.gcr.io/coredns:1.7.0=registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.7.0
  9. quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1=registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.26.1
  10. [root@liwm k8s-for-docker-desktop]#

导入GitHub上的镜像

以管理员身份运行 PowerShell

  1.  Set-ExecutionPolicy RemoteSigned
  1.  .\load_images.ps1

image.png

image.png

image.png
image.png
image.png

image.png
image.png
image.png
image.png

使用wsl Linux系统命令行管理

在微软商店里下载或者购买WSL Linux

image.png

安装kubectl 管理工具

  1. yum install -y kubectl-1.19.7-0 --disableexcludes=kubernetes

image.png
image.png
image.png
C:\Users\Eren.kube

复制kubernetes集群管理证书

image.png

  1. [root@liwm ~]# mkdir -p $HOME/.kube
  2. [root@liwm ~]# ll  /mnt/c/Users/Eren/.kube/config
  3. -rwxrwxrwx 1 root root 5560 May 23 19:48 /mnt/c/Users/Eren/.kube/config
  4. [root@liwm ~]# sudo cp -i /mnt/c/Users/Eren/.kube/config $HOME/.kube/config
  5. [root@liwm ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
  6. [root@liwm ~]# kubectl get nodes
  7. NAME             STATUS   ROLES    AGE   VERSION
  8. docker-desktop   Ready    master   17m   v1.19.7
  9. [root@liwm ~]# source <(kubectl completion bash)
  10. [root@liwm ~]#
  11. [root@liwm ~]# echo "source <(kubectl completion bash)" >> ~/.bashrc
  12. [root@liwm ~]#
  13. [root@liwm ~]# kubectl get nodes
  14. NAME             STATUS   ROLES    AGE   VERSION
  15. docker-desktop   Ready    master   18m   v1.19.7
  16. [root@liwm ~]#
  1. [root@liwm ~]# kubectl -n kube-system get all
  2. NAME                                         READY   STATUS    RESTARTS   AGE
  3. pod/coredns-f9fd979d6-8d4ct                  1/1     Running   0          19m
  4. pod/coredns-f9fd979d6-fcjrv                  1/1     Running   0          19m
  5. pod/etcd-docker-desktop                      1/1     Running   0          18m
  6. pod/kube-apiserver-docker-desktop            1/1     Running   0          18m
  7. pod/kube-controller-manager-docker-desktop   1/1     Running   0          18m
  8. pod/kube-proxy-jgq9j                         1/1     Running   0          19m
  9. pod/kube-scheduler-docker-desktop            1/1     Running   0          18m
  10. pod/storage-provisioner                      1/1     Running   0          18m
  11. pod/vpnkit-controller                        1/1     Running   0          18m
  13. NAME               TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)                  AGE
  14. service/kube-dns   ClusterIP   10.96.0.10   <none>        53/UDP,53/TCP,9153/TCP   19m
  16. NAME                        DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
  17. daemonset.apps/kube-proxy   1         1         1       1            1           kubernetes.io/os=linux   19m
  19. NAME                      READY   UP-TO-DATE   AVAILABLE   AGE
  20. deployment.apps/coredns   2/2     2            2           19m
  22. NAME                                DESIRED   CURRENT   READY   AGE
  23. replicaset.apps/coredns-f9fd979d6   2         2         2       19m
  24. [root@liwm ~]#

helm 安装rancher 图形化管理

image.png

image.png

helm rancher仓库

https://artifacthub.io/packages/helm/rancher-stable/rancher

部署rancher 证书认证cattle-system cert-manager

  1. [root@liwm home]# kubectl create namespace cattle-system
  2. namespace/cattle-system created
  3. [root@liwm home]# kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.0.4/cert-manager.crds.yaml
  4. customresourcedefinition.apiextensions.k8s.io/certificaterequests.cert-manager.io created
  5. customresourcedefinition.apiextensions.k8s.io/certificates.cert-manager.io created
  6. customresourcedefinition.apiextensions.k8s.io/challenges.acme.cert-manager.io created
  7. customresourcedefinition.apiextensions.k8s.io/clusterissuers.cert-manager.io created
  8. customresourcedefinition.apiextensions.k8s.io/issuers.cert-manager.io created
  9. customresourcedefinition.apiextensions.k8s.io/orders.acme.cert-manager.io created
  10. [root@liwm home]# kubectl get pods --namespace cert-manager
  11. No resources found in cert-manager namespace.
  12. [root@liwm home]# kubectl create namespace cert-manager
  13. namespace/cert-manager created
  14. [root@liwm home]# helm repo add jetstack https://charts.jetstack.io
  15. WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/.kube/config
  16. WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /root/.kube/config
  17. "jetstack" has been added to your repositories
  18. [root@liwm home]# helm install \
  19. >   cert-manager jetstack/cert-manager \
  20. >   --namespace cert-manager \
  21. >   --version v1.0.4
  22. WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/.kube/config
  23. WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /root/.kube/config
  24. NAME: cert-manager
  25. LAST DEPLOYED: Sun May 23 20:42:39 2021
  26. NAMESPACE: cert-manager
  27. STATUS: deployed
  28. REVISION: 1
  29. TEST SUITE: None
  30. NOTES:
  31. cert-manager has been deployed successfully!
  33. In order to begin issuing certificates, you will need to set up a ClusterIssuer
  34. or Issuer resource (for example, by creating a 'letsencrypt-staging' issuer).
  36. More information on the different types of issuers and how to configure them
  37. can be found in our documentation:
  39. https://cert-manager.io/docs/configuration/
  41. For information on how to configure cert-manager to automatically provision
  42. Certificates for Ingress resources, take a look at the `ingress-shim`
  43. documentation:
  45. https://cert-manager.io/docs/usage/ingress/
  46. [root@liwm home]# kubectl get pods --namespace cert-manager
  47. NAME                                       READY   STATUS              RESTARTS   AGE
  48. cert-manager-6d87886d5c-s6zq4              0/1     ContainerCreating   0          9s
  49. cert-manager-cainjector-55db655cd8-h6qmt   0/1     ContainerCreating   0          9s
  50. cert-manager-webhook-6846f844ff-lwwnr      0/1     ContainerCreating   0          9s
  51. [root@liwm home]#

使用 helm部署rancher

  1. cert-manager-webhook-6846f844ff-lwwnr      1/1     Running   0          56s
  2. [root@liwm home]# helm install rancher rancher-latest/rancher \
  3. >   --namespace cattle-system \
  4. >   --set hostname=rancher.my.org
  5. WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/.kube/config
  6. WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /root/.kube/config
  7. NAME: rancher
  8. LAST DEPLOYED: Sun May 23 20:45:33 2021
  9. NAMESPACE: cattle-system
  10. STATUS: deployed
  11. REVISION: 1
  12. TEST SUITE: None
  13. NOTES:
  14. Rancher Server has been installed.
  16. NOTE: Rancher may take several minutes to fully initialize. Please standby while Certificates are being issued and Ingress comes up.
  18. Check out our docs at https://rancher.com/docs/rancher/v2.x/en/
  20. Browse to https://rancher.my.org
  22. Happy Containering!
  23. [root@liwm home]#

查看helm安装状态

  1. [root@liwm Eren]# helm ls --all-namespaces
  2. WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/.kube/config
  3. WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /root/.kube/config
  4. NAME                    NAMESPACE               REVISION        UPDATED                                 STATUS          CHART
  5.                 APP VERSION
  6. cert-manager            cert-manager            1               2021-05-23 20:42:39.3257997 +0800 CST   deployed        cert-manager-v1.0.4           v1.0.4
  7. fleet                   fleet-system            2               2021-05-23 12:48:46.4524648 +0000 UTC   deployed        fleet-0.3.500
  8.                 0.3.5
  9. rancher                 cattle-system           1               2021-05-23 20:45:33.0318282 +0800 CST   deployed        rancher-2.5.8
  10.                 v2.5.8
  11. rancher-operator        rancher-operator-system 1               2021-05-23 12:47:30.1734295 +0000 UTC   deployed        rancher-operator-0.1.400      0.1.4
  12. rancher-webhook         cattle-system           1               2021-05-23 12:47:46.7790814 +0000 UTC   deployed        rancher-webhook-0.1.000       0.1.0
  13. [root@liwm Eren]# kubectl -n cattle-system rollout status deploy/rancher
  14. deployment "rancher" successfully rolled out
  15. [root@liwm Eren]# kubectl -n cattle-system get deploy rancher
  16. NAME      READY   UP-TO-DATE   AVAILABLE   AGE
  17. rancher   3/3     3            3           139m
  18. [root@liwm Eren]#
  1. [root@liwm ~]# kubectl -n cattle-system get pod
  2. NAME                               READY   STATUS      RESTARTS   AGE
  3. helm-operation-4j29b               1/2     Error       0          27m
  4. helm-operation-9rsb4               1/2     Error       0          27m
  5. helm-operation-dl24c               0/2     Completed   0          40m
  6. helm-operation-ffxjv               1/2     Error       0          12m
  7. helm-operation-nbnqm               1/2     Error       0          12m
  8. helm-operation-rm68h               0/2     Completed   0          40m
  9. helm-operation-sfqqs               1/2     Error       0          40m
  10. helm-operation-wwp76               0/2     Completed   0          41m
  11. helm-operation-wxrsr               1/2     Error       0          40m
  12. helm-operation-xkpnz               0/2     Completed   0          41m
  13. rancher-7cbb45db4-57nmm            1/1     Running     0          43m
  14. rancher-7cbb45db4-dsd8g            1/1     Running     0          43m
  15. rancher-7cbb45db4-xgp4d            1/1     Running     0          43m
  16. rancher-webhook-65f558c486-fxbxj   1/1     Running     0          41m
  17. [root@liwm ~]# kubectl -n cattle-system get service
  18. NAME              TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE
  19. rancher           ClusterIP   10.101.123.206   <none>        80/TCP,443/TCP   43m
  20. rancher-webhook   ClusterIP   10.102.182.200   <none>        443/TCP          41m
  21. [root@liwm ~]# kubectl -n cattle-system get ingress
  22. Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
  23. NAME      CLASS    HOSTS            ADDRESS   PORTS     AGE
  24. rancher   <none>   rancher.my.org             80, 443   43m
  25. [root@liwm ~]#

添加本地域名解析

  1. 127.0.0.1 rancher.my.org

image.png

修改 server的ClusterIP类型为:NodePort

  1. [root@liwm Eren]# kubectl -n cattle-system get service
  2. NAME              TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                      AGE
  3. rancher           NodePort    10.101.123.206   <none>        80:30053/TCP,443:30155/TCP   150m
  4. rancher-webhook   ClusterIP   10.102.182.200   <none>        443/TCP                      148m
  5. [root@liwm Eren]#

本地浏览器访问

https://rancher.my.org:30155
image.png

rancher-server管理

image.png

image.png
image.png

参考文档
https://docs.docker.com/docker-for-windows/wsl
https://blog.csdn.net/simongame/article/details/106727108