Rancher 中文文档 - 27 k3d快速在线部署k3s - 《Rancher》

https://docs.rancher.cn/k3s/

国内安装地址

curl -sfL http://rancher-mirror.cnrancher.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn  sh -s - server

[root@node01 ~]# systemctl status k3s.service
● k3s.service - Lightweight Kubernetes
   Loaded: loaded (/etc/systemd/system/k3s.service; enabled; vendor preset: disabled)
   Active: active (running) since Sat 2021-11-27 16:04:34 CST; 7s ago
     Docs: https://k3s.io
  Process: 2482 ExecStartPre=/sbin/modprobe overlay (code=exited, status=0/SUCCESS)
  Process: 2480 ExecStartPre=/sbin/modprobe br_netfilter (code=exited, status=0/SUCCESS)
 Main PID: 2485 (k3s-server)
    Tasks: 44
   Memory: 467.1M
   CGroup: /system.slice/k3s.service
           ├─2485 /usr/local/bin/k3s server
           └─2524 containerd
Nov 27 16:04:35 node01 k3s[2485]: I1127 16:04:35.320240    2485 iptables.go:172] Deleting iptables rule: -s 10.42.0.0/16 ! -...QUERADE
Nov 27 16:04:35 node01 k3s[2485]: I1127 16:04:35.320344    2485 iptables.go:172] Deleting iptables rule: -d 10.42.0.0/16 -j ACCEPT
Nov 27 16:04:35 node01 k3s[2485]: I1127 16:04:35.321345    2485 iptables.go:172] Deleting iptables rule: ! -s 10.42.0.0/16 -... RETURN
Nov 27 16:04:35 node01 k3s[2485]: I1127 16:04:35.321659    2485 iptables.go:160] Adding iptables rule: -s 10.42.0.0/16 -j ACCEPT
Nov 27 16:04:35 node01 k3s[2485]: I1127 16:04:35.323496    2485 iptables.go:172] Deleting iptables rule: ! -s 10.42.0.0/16 -...QUERADE
Nov 27 16:04:35 node01 k3s[2485]: I1127 16:04:35.324686    2485 iptables.go:160] Adding iptables rule: -d 10.42.0.0/16 -j ACCEPT
Nov 27 16:04:35 node01 k3s[2485]: I1127 16:04:35.326062    2485 iptables.go:160] Adding iptables rule: -s 10.42.0.0/16 -d 10... RETURN
Nov 27 16:04:35 node01 k3s[2485]: I1127 16:04:35.328981    2485 iptables.go:160] Adding iptables rule: -s 10.42.0.0/16 ! -d ...QUERADE
Nov 27 16:04:35 node01 k3s[2485]: I1127 16:04:35.331398    2485 iptables.go:160] Adding iptables rule: ! -s 10.42.0.0/16 -d ... RETURN
Nov 27 16:04:35 node01 k3s[2485]: I1127 16:04:35.333897    2485 iptables.go:160] Adding iptables rule: ! -s 10.42.0.0/16 -d ...QUERADE
Hint: Some lines were ellipsized, use -l to show in full.
[root@node01 ~]#

[root@node01 ~]# crictl info
{
  "status": {
    "conditions": [
      {
        "type": "RuntimeReady",
        "status": true,
        "reason": "",
        "message": ""
      },
      {
        "type": "NetworkReady",
        "status": true,
        "reason": "",
        "message": ""
      }
    ]
  },
  "cniconfig": {
    "PluginDirs": [
      "/var/lib/rancher/k3s/data/9d8f9670e1bff08a901bc7bc270202323f7c2c716a89a73d776c363ac1971018/bin"
    ],
    "PluginConfDir": "/var/lib/rancher/k3s/agent/etc/cni/net.d",
    "PluginMaxConfNum": 1,
    "Prefix": "eth",
    "Networks": [
      {
        "Config": {
          "Name": "cni-loopback",
          "CNIVersion": "0.3.1",
          "Plugins": [
            {
              "Network": {
                "type": "loopback",
                "ipam": {},
                "dns": {}
              },
              "Source": "{\"type\":\"loopback\"}"
            }
          ],
          "Source": "{\n\"cniVersion\": \"0.3.1\",\n\"name\": \"cni-loopback\",\n\"plugins\": [{\n  \"type\": \"loopback\"\n}]\n}"
        },
        "IFName": "lo"
      },
      {
        "Config": {
          "Name": "cbr0",
          "CNIVersion": "0.3.1",
          "Plugins": [
            {
              "Network": {
                "type": "flannel",
                "ipam": {},
                "dns": {}
              },
              "Source": "{\"delegate\":{\"forceAddress\":true,\"hairpinMode\":true,\"isDefaultGateway\":true},\"type\":\"flannel\"}"
            },
            {
              "Network": {
                "type": "portmap",
                "capabilities": {
                  "portMappings": true
                },
                "ipam": {},
                "dns": {}
              },
              "Source": "{\"capabilities\":{\"portMappings\":true},\"type\":\"portmap\"}"
            }
          ],
          "Source": "{\n  \"name\":\"cbr0\",\n  \"cniVersion\":\"0.3.1\",\n  \"plugins\":[\n    {\n      \"type\":\"flannel\",\n      \"delegate\":{\n        \"hairpinMode\":true,\n        \"forceAddress\":true,\n        \"isDefaultGateway\":true\n      }\n    },\n    {\n      \"type\":\"portmap\",\n      \"capabilities\":{\n        \"portMappings\":true\n      }\n    }\n  ]\n}\n"
        },
        "IFName": "eth0"
      }
    ]
  },
  "config": {
    "containerd": {
      "snapshotter": "overlayfs",
      "defaultRuntimeName": "runc",
      "defaultRuntime": {
        "runtimeType": "",
        "runtimeEngine": "",
        "PodAnnotations": null,
        "ContainerAnnotations": null,
        "runtimeRoot": "",
        "options": null,
        "privileged_without_host_devices": false,
        "baseRuntimeSpec": ""
      },
      "untrustedWorkloadRuntime": {
        "runtimeType": "",
        "runtimeEngine": "",
        "PodAnnotations": null,
        "ContainerAnnotations": null,
        "runtimeRoot": "",
        "options": null,
        "privileged_without_host_devices": false,
        "baseRuntimeSpec": ""
      },
      "runtimes": {
        "runc": {
          "runtimeType": "io.containerd.runc.v2",
          "runtimeEngine": "",
          "PodAnnotations": null,
          "ContainerAnnotations": null,
          "runtimeRoot": "",
          "options": null,
          "privileged_without_host_devices": false,
          "baseRuntimeSpec": ""
        }
      },
      "noPivot": false,
      "disableSnapshotAnnotations": true,
      "discardUnpackedLayers": false
    },
    "cni": {
      "binDir": "/var/lib/rancher/k3s/data/9d8f9670e1bff08a901bc7bc270202323f7c2c716a89a73d776c363ac1971018/bin",
      "confDir": "/var/lib/rancher/k3s/agent/etc/cni/net.d",
      "maxConfNum": 1,
      "confTemplate": ""
    },
    "registry": {
      "mirrors": {
        "docker.io": {
          "endpoint": [
            "https://registry-1.docker.io"
          ],
          "rewrite": null
        }
      },
      "configs": null,
      "auths": null,
      "headers": null
    },
    "imageDecryption": {
      "keyModel": ""
    },
    "disableTCPService": true,
    "streamServerAddress": "127.0.0.1",
    "streamServerPort": "10010",
    "streamIdleTimeout": "4h0m0s",
    "enableSelinux": false,
    "selinuxCategoryRange": 1024,
    "sandboxImage": "rancher/pause:3.1",
    "statsCollectPeriod": 10,
    "systemdCgroup": false,
    "enableTLSStreaming": false,
    "x509KeyPairStreaming": {
      "tlsCertFile": "",
      "tlsKeyFile": ""
    },
    "maxContainerLogSize": 16384,
    "disableCgroup": false,
    "disableApparmor": false,
    "restrictOOMScoreAdj": false,
    "maxConcurrentDownloads": 3,
    "disableProcMount": false,
    "unsetSeccompProfile": "",
    "tolerateMissingHugetlbController": true,
    "disableHugetlbController": true,
    "ignoreImageDefinedVolumes": false,
    "containerdRootDir": "/var/lib/rancher/k3s/agent/containerd",
    "containerdEndpoint": "/run/k3s/containerd/containerd.sock",
    "rootDir": "/var/lib/rancher/k3s/agent/containerd/io.containerd.grpc.v1.cri",
    "stateDir": "/run/k3s/containerd/io.containerd.grpc.v1.cri"
  },
  "golang": "go1.16.8",
  "lastCNILoadStatus": "OK"
}
[root@node01 ~]#

添加镜像加速配置
https://docs.rancher.cn/docs/k3s/advanced/_index#%E9%85%8D%E7%BD%AE-containerd

[root@node01 ~]# crictl info |grep registry
    "registry": {
            "https://registry-1.docker.io"
[root@node01 ~]# ll /var/lib/rancher/k3s/agent/etc/containerd/config.toml
-rw-r--r-- 1 root root 576 Nov 27 16:04 /var/lib/rancher/k3s/agent/etc/containerd/config.toml
[root@node01 ~]# touch /var/lib/rancher/k3s/agent/etc/containerd/config.toml.tmpl
[root@node01 ~]# ll /var/lib/rancher/k3s/agent/etc/containerd
total 4
-rw-r--r-- 1 root root 576 Nov 27 16:04 config.toml
-rw-r----- 1 root root   0 Nov 27 16:12 config.toml.tmpl
[root@node01 ~]# vim  /var/lib/rancher/k3s/agent/etc/containerd/config.toml.tmpl
[root@node01 ~]#
[root@node01 ~]# ll /var/lib/rancher/k3s/agent/etc/containerd
total 8
-rw-r--r-- 1 root root 576 Nov 27 16:04 config.toml
-rw-r----- 1 root root 169 Nov 27 16:13 config.toml.tmpl
[root@node01 ~]# cat  /var/lib/rancher/k3s/agent/etc/containerd/config.toml.tmpl
# 在 config.toml.tmpl 文件中添加
[plugins.cri.registry.mirrors]
  [plugins.cri.registry.mirrors."docker.io"]
    endpoint = ["https://docker.mirrors.ustc.edu.cn"]
[root@node01 ~]#

[root@node01 ~]# crictl info |grep mirror
      "mirrors": {
            "https://docker.mirrors.ustc.edu.cn"
[root@node01 ~]#

systemctl restart k3s.service

—docker 指定 Docker 为运行时

curl -sfL http://rancher-mirror.cnrancher.com/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn  sh -s - server --docker

k3s kubectl get node

安装kubectl
curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.17.4/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
安装k3d
curl -s https://raw.githubusercontent.com/rancher/k3d/master/install.sh | bash
# 单master
k3d create
export KUBECONFIG=$(k3d get-kubeconfig)
# 集群1master +2 worker
k3d create  rancher/k3s:v1.0.0  --workers 2
export KUBECONFIG=$(k3d get-kubeconfig)
如果重复部署，注意删除$(k3d get-kubeconfig)所指向的config秘钥配置

k3d 常用命令

[root@riyimei ~]# curl -s https://raw.githubusercontent.com/rancher/k3d/main/install.sh | bash
Preparing to install k3d into /usr/local/bin
k3d installed into /usr/local/bin/k3d
Run 'k3d --help' to see what you can do with it.

[root@riyimei ~]# which k3d
/usr/local/bin/k3d
[root@riyimei ~]# k3d version
k3d version v3.0.1
k3s version v1.18.6-k3s1 (default)
[root@riyimei ~]# k3d help
https://k3d.io/
k3d is a wrapper CLI that helps you to easily create k3s clusters inside docker.
Nodes of a k3d cluster are docker containers running a k3s image.
All Nodes of a k3d cluster are part of the same docker network.
Usage:
  k3d [flags]
  k3d [command]
Available Commands:
  cluster     Manage cluster(s)
  completion  Generate completion scripts for [bash, zsh, powershell | psh]
  help        Help about any command
  image       Handle container images.
  kubeconfig  Manage kubeconfig(s)
  node        Manage node(s)
  version     Show k3d and default k3s version
Flags:
  -h, --help      help for k3d
      --verbose   Enable verbose output (debug logging)
      --version   Show k3d and default k3s version
Use "k3d [command] --help" for more information about a command.
[root@riyimei ~]#

部署

[root@riyimei ~]# k3d cluster create mycluster
INFO[0000] Created network 'k3d-mycluster'              
INFO[0000] Created volume 'k3d-mycluster-images'        
INFO[0001] Creating node 'k3d-mycluster-server-0'       
INFO[0004] Pulling image 'docker.io/rancher/k3s:v1.18.6-k3s1' 
INFO[0011] Creating LoadBalancer 'k3d-mycluster-serverlb' 
INFO[0014] Pulling image 'docker.io/rancher/k3d-proxy:v3.0.1' 
INFO[0029] Cluster 'mycluster' created successfully!    
INFO[0029] You can now use it like this:                
kubectl cluster-info
[root@riyimei ~]# kubectl cluster-info
Kubernetes master is running at https://0.0.0.0:24588
CoreDNS is running at https://0.0.0.0:24588/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Metrics-server is running at https://0.0.0.0:24588/api/v1/namespaces/kube-system/services/https:metrics-server:/proxy
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
[root@riyimei ~]#
[root@riyimei ~]# k3d kubeconfig merge mycluster --switch-context
/root/.k3d/kubeconfig-mycluster.yaml
[root@riyimei ~]#
[root@riyimei ~]# kubectl get nodes
NAME                     STATUS   ROLES    AGE     VERSION
k3d-mycluster-server-0   Ready    master   6m47s   v1.18.6+k3s1
[root@riyimei ~]# 
[root@riyimei ~]# kubectl version --short
Client Version: v1.17.4
Server Version: v1.18.6+k3s1
[root@riyimei ~]#

[root@riyimei ~]# docker ps 
CONTAINER ID        IMAGE                              COMMAND                  CREATED             STATUS              PORTS                             NAMES
50881422e646        rancher/k3d-proxy:v3.0.1           "/bin/sh -c nginx-pr…"   4 minutes ago       Up 4 minutes        80/tcp, 0.0.0.0:24588->6443/tcp   k3d-mycluster-serverlb
218c19e52163        rancher/k3s:v1.18.6-k3s1           "/bin/k3s server --t…"   4 minutes ago       Up 4 minutes                                          k3d-mycluster-server-0

[root@riyimei ~]# k3d cluster
Manage cluster(s)
Usage:
  k3d cluster [flags]
  k3d cluster [command]
Available Commands:
  create      Create a new cluster
  delete      Delete cluster(s).
  list        List cluster(s)
  start       Start existing k3d cluster(s)
  stop        Stop existing k3d cluster(s)
Flags:
  -h, --help   help for cluster
Global Flags:
      --verbose   Enable verbose output (debug logging)
Use "k3d cluster [command] --help" for more information about a command.
[root@riyimei ~]#

[root@riyimei ~]# k3d cluster list 
NAME         SERVERS   AGENTS   LOADBALANCER
mycluster    1/1       0/0      true
mycluster2   1/1       0/0      true
[root@riyimei ~]#

[root@riyimei ~]# k3d cluster list
NAME         SERVERS   AGENTS   LOADBALANCER
mycluster    1/1       0/0      true
mycluster2   1/1       0/0      true
[root@riyimei ~]# k3d cluster stop mycluster2
INFO[0000] Stopping cluster 'mycluster2'                
[root@riyimei ~]# k3d cluster list
NAME         SERVERS   AGENTS   LOADBALANCER
mycluster    1/1       0/0      true
mycluster2   0/1       0/0      true
[root@riyimei ~]#