官网下载安装包
https://www.docker.com/products/docker-desktop
手动下载镜像
https://github.com/AliyunContainerService/k8s-for-docker-desktop
git clone https://github.com/AliyunContainerService/k8s-for-docker-desktop.git
cd k8s-for-docker-desktop
[root@liwm k8s-for-docker-desktop]# cat images.properties
k8s.gcr.io/pause:3.2=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2
k8s.gcr.io/kube-controller-manager:v1.19.7=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.19.7
k8s.gcr.io/kube-scheduler:v1.19.7=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.19.7
k8s.gcr.io/kube-proxy:v1.19.7=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.19.7
k8s.gcr.io/kube-apiserver:v1.19.7=registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.19.7
k8s.gcr.io/etcd:3.4.13-0=registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.13-0
k8s.gcr.io/coredns:1.7.0=registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.7.0
quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1=registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller:0.26.1
[root@liwm k8s-for-docker-desktop]#
导入GitHub上的镜像
以管理员身份运行 PowerShell
Set-ExecutionPolicy RemoteSigned
.\load_images.ps1
使用wsl Linux系统命令行管理
在微软商店里下载或者购买WSL Linux
安装kubectl 管理工具
yum install -y kubectl-1.19.7-0 --disableexcludes=kubernetes
C:\Users\Eren.kube
复制kubernetes集群管理证书
[root@liwm ~]# mkdir -p $HOME/.kube
[root@liwm ~]# ll /mnt/c/Users/Eren/.kube/config
-rwxrwxrwx 1 root root 5560 May 23 19:48 /mnt/c/Users/Eren/.kube/config
[root@liwm ~]# sudo cp -i /mnt/c/Users/Eren/.kube/config $HOME/.kube/config
[root@liwm ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
[root@liwm ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
docker-desktop Ready master 17m v1.19.7
[root@liwm ~]# source <(kubectl completion bash)
[root@liwm ~]#
[root@liwm ~]# echo "source <(kubectl completion bash)" >> ~/.bashrc
[root@liwm ~]#
[root@liwm ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
docker-desktop Ready master 18m v1.19.7
[root@liwm ~]#
[root@liwm ~]# kubectl -n kube-system get all
NAME READY STATUS RESTARTS AGE
pod/coredns-f9fd979d6-8d4ct 1/1 Running 0 19m
pod/coredns-f9fd979d6-fcjrv 1/1 Running 0 19m
pod/etcd-docker-desktop 1/1 Running 0 18m
pod/kube-apiserver-docker-desktop 1/1 Running 0 18m
pod/kube-controller-manager-docker-desktop 1/1 Running 0 18m
pod/kube-proxy-jgq9j 1/1 Running 0 19m
pod/kube-scheduler-docker-desktop 1/1 Running 0 18m
pod/storage-provisioner 1/1 Running 0 18m
pod/vpnkit-controller 1/1 Running 0 18m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 19m
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/kube-proxy 1 1 1 1 1 kubernetes.io/os=linux 19m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/coredns 2/2 2 2 19m
NAME DESIRED CURRENT READY AGE
replicaset.apps/coredns-f9fd979d6 2 2 2 19m
[root@liwm ~]#
helm 安装rancher 图形化管理
helm rancher仓库
https://artifacthub.io/packages/helm/rancher-stable/rancher
部署rancher 证书认证cattle-system cert-manager
[root@liwm home]# kubectl create namespace cattle-system
namespace/cattle-system created
[root@liwm home]# kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.0.4/cert-manager.crds.yaml
customresourcedefinition.apiextensions.k8s.io/certificaterequests.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/certificates.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/challenges.acme.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/clusterissuers.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/issuers.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/orders.acme.cert-manager.io created
[root@liwm home]# kubectl get pods --namespace cert-manager
No resources found in cert-manager namespace.
[root@liwm home]# kubectl create namespace cert-manager
namespace/cert-manager created
[root@liwm home]# helm repo add jetstack https://charts.jetstack.io
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/.kube/config
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /root/.kube/config
"jetstack" has been added to your repositories
[root@liwm home]# helm install \
> cert-manager jetstack/cert-manager \
> --namespace cert-manager \
> --version v1.0.4
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/.kube/config
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /root/.kube/config
NAME: cert-manager
LAST DEPLOYED: Sun May 23 20:42:39 2021
NAMESPACE: cert-manager
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
cert-manager has been deployed successfully!
In order to begin issuing certificates, you will need to set up a ClusterIssuer
or Issuer resource (for example, by creating a 'letsencrypt-staging' issuer).
More information on the different types of issuers and how to configure them
can be found in our documentation:
https://cert-manager.io/docs/configuration/
For information on how to configure cert-manager to automatically provision
Certificates for Ingress resources, take a look at the `ingress-shim`
documentation:
https://cert-manager.io/docs/usage/ingress/
[root@liwm home]# kubectl get pods --namespace cert-manager
NAME READY STATUS RESTARTS AGE
cert-manager-6d87886d5c-s6zq4 0/1 ContainerCreating 0 9s
cert-manager-cainjector-55db655cd8-h6qmt 0/1 ContainerCreating 0 9s
cert-manager-webhook-6846f844ff-lwwnr 0/1 ContainerCreating 0 9s
[root@liwm home]#
使用 helm部署rancher
cert-manager-webhook-6846f844ff-lwwnr 1/1 Running 0 56s
[root@liwm home]# helm install rancher rancher-latest/rancher \
> --namespace cattle-system \
> --set hostname=rancher.my.org
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/.kube/config
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /root/.kube/config
NAME: rancher
LAST DEPLOYED: Sun May 23 20:45:33 2021
NAMESPACE: cattle-system
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Rancher Server has been installed.
NOTE: Rancher may take several minutes to fully initialize. Please standby while Certificates are being issued and Ingress comes up.
Check out our docs at https://rancher.com/docs/rancher/v2.x/en/
Browse to https://rancher.my.org
Happy Containering!
[root@liwm home]#
查看helm安装状态
[root@liwm Eren]# helm ls --all-namespaces
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/.kube/config
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /root/.kube/config
NAME NAMESPACE REVISION UPDATED STATUS CHART
APP VERSION
cert-manager cert-manager 1 2021-05-23 20:42:39.3257997 +0800 CST deployed cert-manager-v1.0.4 v1.0.4
fleet fleet-system 2 2021-05-23 12:48:46.4524648 +0000 UTC deployed fleet-0.3.500
0.3.5
rancher cattle-system 1 2021-05-23 20:45:33.0318282 +0800 CST deployed rancher-2.5.8
v2.5.8
rancher-operator rancher-operator-system 1 2021-05-23 12:47:30.1734295 +0000 UTC deployed rancher-operator-0.1.400 0.1.4
rancher-webhook cattle-system 1 2021-05-23 12:47:46.7790814 +0000 UTC deployed rancher-webhook-0.1.000 0.1.0
[root@liwm Eren]# kubectl -n cattle-system rollout status deploy/rancher
deployment "rancher" successfully rolled out
[root@liwm Eren]# kubectl -n cattle-system get deploy rancher
NAME READY UP-TO-DATE AVAILABLE AGE
rancher 3/3 3 3 139m
[root@liwm Eren]#
[root@liwm ~]# kubectl -n cattle-system get pod
NAME READY STATUS RESTARTS AGE
helm-operation-4j29b 1/2 Error 0 27m
helm-operation-9rsb4 1/2 Error 0 27m
helm-operation-dl24c 0/2 Completed 0 40m
helm-operation-ffxjv 1/2 Error 0 12m
helm-operation-nbnqm 1/2 Error 0 12m
helm-operation-rm68h 0/2 Completed 0 40m
helm-operation-sfqqs 1/2 Error 0 40m
helm-operation-wwp76 0/2 Completed 0 41m
helm-operation-wxrsr 1/2 Error 0 40m
helm-operation-xkpnz 0/2 Completed 0 41m
rancher-7cbb45db4-57nmm 1/1 Running 0 43m
rancher-7cbb45db4-dsd8g 1/1 Running 0 43m
rancher-7cbb45db4-xgp4d 1/1 Running 0 43m
rancher-webhook-65f558c486-fxbxj 1/1 Running 0 41m
[root@liwm ~]# kubectl -n cattle-system get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
rancher ClusterIP 10.101.123.206 <none> 80/TCP,443/TCP 43m
rancher-webhook ClusterIP 10.102.182.200 <none> 443/TCP 41m
[root@liwm ~]# kubectl -n cattle-system get ingress
Warning: extensions/v1beta1 Ingress is deprecated in v1.14+, unavailable in v1.22+; use networking.k8s.io/v1 Ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
rancher <none> rancher.my.org 80, 443 43m
[root@liwm ~]#
添加本地域名解析
127.0.0.1 rancher.my.org
修改 server的ClusterIP类型为:NodePort
[root@liwm Eren]# kubectl -n cattle-system get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
rancher NodePort 10.101.123.206 <none> 80:30053/TCP,443:30155/TCP 150m
rancher-webhook ClusterIP 10.102.182.200 <none> 443/TCP 148m
[root@liwm Eren]#
本地浏览器访问
rancher-server管理
参考文档
https://docs.docker.com/docker-for-windows/wsl
https://blog.csdn.net/simongame/article/details/106727108