Just 5分钟!使用k3s部署轻量Kubernetes集群快速教程

Kubernetes已经改变了如何大规模部署和管理容器化工作负载。现在开发人员面临的挑战主要在于设置过程的复杂性和资源需求量巨大。如果你深受内存不足的困扰,想要部署轻量级Kubernetes集群来减少内存占用,那么你一定要考虑由Rancher Labs发布的 轻量级Kubernetes发行版——k3s 。它把安装Kubernetes所需的一切文件都打包进一个40MB大小的二进制文件中,仅需512MB的RAM即可运行。非常适用于资源有限的环境,如边缘计算场景、IoT等。

在实际场景中,为了获得开发和测试的动力,节省开销,用户希望能够以最少的资源利用率和较低的硬件规格来部署Kubernetes。而k3s正好满足了这一需求,它能够在任何512MB RAM以上的设备上运行集群,如IoT设备或ARM驱动的设备。

既然k3s仅需少量资源即可运行,那么这意味着一些Kubernetes的特性被移除了:

  • 旧的、非默认的、alpha功能

  • 大部分in-tree插件(云提供商和存储插件),将其用附加组件进行替换

  • 用sqlite来代替etcd作为默认存储机制

5分钟之内使用k3s部署轻量K8s集群

在本文中,我将使用运行在Debian 10上的3个server,每个server有1GB的RAM和1vcpu。其中一个server作为master,其他两个作为worker节点。

$ openstack server list

+--------------------------------------+-------------------+---------+-----------------------------------+-----------+-----------+

| ID | Name | Status | Networks | Image | Flavor |

+--------------------------------------+-------------------+---------+-----------------------------------+-----------+-----------+

| 4df6a6dc-26e8-4ae0-8b6e-2f97daec0ef3 | k3s-master | ACTIVE | private=10.10.1.159 | Debian-10 | m1.tiny |

| 5ca13239-b745-4f62-ab11-0a27949c9b35 | k3s-node02 | ACTIVE | private=10.10.1.142 | Debian-10 | m1.tiny |

| a54997f2-4d94-4718-86ab-73609b328761 | k3s-node01 | ACTIVE | private=10.10.1.126 | Debian-10 | m1.tiny |

+--------------------------------------+-------------------+---------+-----------------------------------+-----------+-----------+

我将在每个服务器的 / etc / hosts 文件中为服务器添加A record。

sudo tee -a /etc/hosts<<EOF

10.10.1.159 k3s-master

10.10.1.126 k3s-node01

10.10.1.142 k3s-node02

EOF

在Master节点上安装k3s

运行k3s的方式有很多,最快的方式是通过提供的bash脚本进行安装,同时该脚本提供了一个便捷的方式来安装到systemd或openrc。

curl -sfL https://get.k3s.io | sh -

安装输出:

[INFO] Finding latest release

[INFO] Using v0.8.1 as release

[INFO] Downloading hash https://github.com/rancher/k3s/releases/download/v0.8.1/sha256sum-amd64.txt

[INFO] Downloading binary https://github.com/rancher/k3s/releases/download/v0.8.1/k3s

[INFO] Verifying binary download

[INFO] Installing k3s to /usr/local/bin/k3s

[INFO] Creating /usr/local/bin/kubectl symlink to k3s

[INFO] Creating /usr/local/bin/crictl symlink to k3s

[INFO] Creating /usr/local/bin/ctr symlink to k3s

[INFO] Creating killall script /usr/local/bin/k3s-killall.sh

[INFO] Creating uninstall script /usr/local/bin/k3s-uninstall.sh

[INFO] env: Creating environment file /etc/systemd/system/k3s.service.env

[INFO] systemd: Creating service file /etc/systemd/system/k3s.service

[INFO] systemd: Enabling k3s unit

Created symlink /etc/systemd/system/multi-user.target.wants/k3s.service → /etc/systemd/system/k3s.service.

[INFO] systemd: Starting k3s

安装完成之后,服务会自动启动。

$ systemctl status k3s

k3s.service - Lightweight Kubernetes

Loaded: loaded (/etc/systemd/system/k3s.service; enabled; vendor preset: enabled)

Active: active (running) since Tue 2019-09-17 19:20:00 UTC; 2min 24s ago

Docs: https://k3s.io

Process: 833 ExecStartPre=/sbin/modprobe br_netfilter (code=exited, status=0/SUCCESS)

Process: 836 ExecStartPre=/sbin/modprobe overlay (code=exited, status=0/SUCCESS)

Main PID: 837 (k3s-server)

Tasks: 98

Memory: 571.1M

CGroup: /system.slice/k3s.service

├─ 837 /usr/local/bin/k3s server KillMode=process

├─ 851 containerd -c /var/lib/rancher/k3s/agent/etc/containerd/config.toml -a /run/k3s/containerd/containerd.sock --state /run/k3s/conta

├─1110 containerd-shim -namespace k8s.io -workdir /var/lib/rancher/k3s/agent/containerd/io.containerd.runtime.v1.linux/k8s.io/f6eeb59978

├─1127 /pause

├─1207 containerd-shim -namespace k8s.io -workdir /var/lib/rancher/k3s/agent/containerd/io.containerd.runtime.v1.linux/k8s.io/0baf0ca181

├─1225 /coredns -conf /etc/coredns/Corefile

├─1576 containerd-shim -namespace k8s.io -workdir /var/lib/rancher/k3s/agent/containerd/io.containerd.runtime.v1.linux/k8s.io/dcce4b7e17

├─1594 /pause

├─1599 containerd-shim -namespace k8s.io -workdir /var/lib/rancher/k3s/agent/containerd/io.containerd.runtime.v1.linux/k8s.io/50816ffba8

├─1617 /pause

├─1824 containerd-shim -namespace k8s.io -workdir /var/lib/rancher/k3s/agent/containerd/io.containerd.runtime.v1.linux/k8s.io/d0ff393609

├─1842 /bin/sh /usr/bin/entry

├─1882 containerd-shim -namespace k8s.io -workdir /var/lib/rancher/k3s/agent/containerd/io.containerd.runtime.v1.linux/k8s.io/046779175f

├─1899 /bin/sh /usr/bin/entry

├─1904 containerd-shim -namespace k8s.io -workdir /var/lib/rancher/k3s/agent/containerd/io.containerd.runtime.v1.linux/k8s.io/93f0fe2361

└─1921 /traefik --configfile=/config/traefik.toml


Sep 17 19:20:34 deb10 k3s[837]: E0917 19:20:34.714229 837 daemon_controller.go:302] kube-system/svclb-traefik failed with : error storing statu

Sep 17 19:20:34 deb10 k3s[837]: E0917 19:20:34.719452 837 daemon_controller.go:302] kube-system/svclb-traefik failed with : error storing statu

Sep 17 19:20:34 deb10 k3s[837]: I0917 19:20:34.726816 837 reconciler.go:207] operationExecutor.VerifyControllerAttachedVolume started for volum

Sep 17 19:20:34 deb10 k3s[837]: I0917 19:20:34.726836 837 reconciler.go:207] operationExecutor.VerifyControllerAttachedVolume started for volum

Sep 17 19:20:34 deb10 k3s[837]: I0917 19:20:34.726857 837 reconciler.go:207] operationExecutor.VerifyControllerAttachedVolume started for volum

Sep 17 19:20:34 deb10 k3s[837]: I0917 19:20:34.726869 837 reconciler.go:207] operationExecutor.VerifyControllerAttachedVolume started for volum

Sep 17 19:20:35 deb10 k3s[837]: I0917 19:20:35.529102 837 reconciler.go:181] operationExecutor.UnmountVolume started for volume "helm-traefik-t

Sep 17 19:20:35 deb10 k3s[837]: I0917 19:20:35.542858 837 operation_generator.go:799] UnmountVolume.TearDown succeeded for volume "kubernetes.i

Sep 17 19:20:35 deb10 k3s[837]: I0917 19:20:35.629277 837 reconciler.go:285] Volume detached for volume "helm-traefik-token-kjwrl" (UniqueName:

Sep 17 19:20:36 deb10 k3s[837]: W0917 19:20:36.355273 837 pod_container_deletor.go:75] Container "2f0c4a787b13c029d65aa865c1b473f5a7497cb6f9b92

将kubeconfig文件写入 /etc/rancher/k3s/k3s.yaml

$ cat /etc/rancher/k3s/k3s.yaml

cat: /etc/rancher/k3s/k3s.yaml: Permission denied

debian@deb10:~$ sudo cat /etc/rancher/k3s/k3s.yaml

apiVersion: v1

clusters:

- cluster:

certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJWakNCL3FBREFnRUNBZ0VBTUFvR0NDcUdTTTQ5QkFNQ01DTXhJVEFmQmdOVkJBTU1HR3N6Y3kxelpYSjIKWlhJdFkyRkFNVFUyT0RjME56azVOakFlRncweE9UQTVNVGN4T1RFNU5UWmFGdzB5T1RBNU1UUXhPVEU1TlRaYQpNQ014SVRBZkJnTlZCQU1NR0dzemN5MXpaWEoyWlhJdFkyRkFNVFUyT0RjME56azVOakJaTUJNR0J5cUdTTTQ5CkFnRUdDQ3FHU000OUF3RUhBMElBQkM5aTMyUTdkVnhJaTFCVFNEOTRqYzJaZy9ESHFGc051b0Q4eWhSbjZsUlIKQWp5Q0p3UEZYQ3Y4QUdSMmFaK1lSempTYUJvM2M1LzMwQnZwKzY3OFNYeWpJekFoTUE0R0ExVWREd0VCL3dRRQpBd0lDcERBUEJnTlZIUk1CQWY4RUJUQURBUUgvTUFvR0NDcUdTTTQ5QkFNQ0EwY0FNRVFDSUJwTXdOejAyZzUwCkExdEloU0Y1MFJqSVprVVVuNk8rODdLV25obWRUYkh5QWlBQnJqcDFxWU1HcWE0RmJ2Ym9rTm1kM3VOelVvQm8KeGxqTGlnWnZCN3ZEVGc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==

server: https://localhost:6443

name: default

contexts:

- context:

cluster: default

user: default

name: default

current-context: default

kind: Config

preferences: {}

users:

- name: default

user:

password: 2d99cae31c075743be704bb717ceaae8

username: admin

其他已经安装的有:

  • kubectl

  • crictl

  • k3s-killall.sh

  • k3s-uninstall.sh

在Worker节点上安装k3s

要在Woker节点上安装k3s,我们应该将 K3S_URL 以及 K3S_TOKENK3S_CLUSTER_SECRET 环境变量一起传递。

K3S_TOKEN在第一个节点上的 / var / lib / rancher / k3s / server / node-token 中创建。

$ sudo cat /var/lib/rancher/k3s/server/node-token

K1042e2f8e353b9409472c1e0cca8457abe184dc7be3f0805109e92c50c193ceb42::node:c83acbf89a7de7026d6f6928dc270028

所以为了在worker节点上安装Kubernetes,我将运行:

k3s_url="https://k3s-master:6443"

k3s_token="K1042e2f8e353b9409472c1e0cca8457abe184dc7be3f0805109e92c50c193ceb42::node:c83acbf89a7de7026d6f6928dc270028"

curl -sfL https://get.k3s.io | K3S_URL=${k3s_url} K3S_TOKEN=${k3s_token} sh -

安装输出:

[INFO] Finding latest release

[INFO] Using v0.8.1 as release

[INFO] Downloading hash https://github.com/rancher/k3s/releases/download/v0.8.1/sha256sum-amd64.txt

[INFO] Downloading binary https://github.com/rancher/k3s/releases/download/v0.8.1/k3s

[INFO] Verifying binary download

[INFO] Installing k3s to /usr/local/bin/k3s

[INFO] Creating /usr/local/bin/kubectl symlink to k3s

[INFO] Creating /usr/local/bin/crictl symlink to k3s

[INFO] Creating /usr/local/bin/ctr symlink to k3s

[INFO] Creating killall script /usr/local/bin/k3s-killall.sh

[INFO] Creating uninstall script /usr/local/bin/k3s-agent-uninstall.sh

[INFO] env: Creating environment file /etc/systemd/system/k3s-agent.service.env

[INFO] systemd: Creating service file /etc/systemd/system/k3s-agent.service

[INFO] systemd: Enabling k3s-agent unit

Created symlink /etc/systemd/system/multi-user.target.wants/k3s-agent.service → /etc/systemd/system/k3s-agent.service.

[INFO] systemd: Starting k3s-agent

登录到其中一个master节点并检查集群状态:

$ sudo kubectl config get-clusters

NAME

default


$ sudo kubectl cluster-info

Kubernetes master is running at https://localhost:6443

CoreDNS is running at https://localhost:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy


$ sudo kubectl get nodes

NAME STATUS ROLES AGE VERSION

k3s-master Ready master 14m v1.14.6-k3s.1

k3s-node01 Ready worker 3m11s v1.14.6-k3s.1

k3s-node02 Ready worker 3m58s v1.14.6-k3s.1


$ sudo kubectl get namespaces

NAME STATUS AGE

default Active 16m

kube-node-lease Active 16m

kube-public Active 16m

kube-system Active 16m


$ sudo kubectl get endpoints -n kube-system

NAME ENDPOINTS AGE

kube-dns 10.42.0.2:53,10.42.0.2:53,10.42.0.2:9153 14m

traefik 10.42.0.5:80,10.42.0.5:443 14m


$ sudo kubectl get pods -n kube-system

NAME READY STATUS RESTARTS AGE

coredns-b7464766c-q9frk 1/1 Running 0 15m

helm-install-traefik-8dhpk 0/1 Completed 0 15m

svclb-traefik-9c2j8 2/2 Running 0 4m49s

svclb-traefik-bf9zd 2/2 Running 0 4m2s

svclb-traefik-v2fpx 2/2 Running 0 14m

traefik-5c79b789c5-k589d 1/1 Running 0 14m

使用 crictl 命令来查看正在运行的容器

# Master

$ sudo crictl ps

CONTAINER ID IMAGE CREATED STATE NAME ATTEMPT POD ID

acfafb50852d3 18471c10e6e4b 16 minutes ago Running traefik 0 bf8534452389f

fee5ac7e88f2e 4a065d8dfa588 16 minutes ago Running lb-port-443 0 e7068ff7ab2f2

bbab5b07e5efb 4a065d8dfa588 16 minutes ago Running lb-port-80 0 e7068ff7ab2f2

65c5d1333ea04 2ee68ed074c6e 16 minutes ago Running coredns 0 435c51f4716fc


# Workers

$ sudo crictl ps

CONTAINER ID IMAGE CREATED STATE NAME ATTEMPT POD ID

7ad5c83d6466f 4a065d8dfa588 6 minutes ago Running lb-port-443 0 bf8d9fe57c3f3

c1380eabc0b33 4a065d8dfa588 6 minutes ago Running lb-port-80 0 bf8d9fe57c3f3

大功告成啦!如果你需要更高级的配置,请参阅k3s文档:

https://rancher.com/docs/k3s/latest/en/

推荐阅读

保姆级实操教程,如何在树莓派上玩转k3s!

不到1分钟,从零完成k3s Kubeconfig配置!

著名FinTech公司如何使用k3s+树莓派在生产中构建轻量K8S裸机集群

About Rancher Labs

Rancher Labs由CloudStack之父梁胜创建。旗舰产品Rancher是一个开源的企业级Kubernetes管理平台,实现了Kubernetes集群在混合云+本地数据中心的集中部署与管理。Rancher一向因操作体验的直观、极简备受用户青睐,被Forrester评为2018年全球容器管理平台领导厂商,被Gartner评为2017年全球最酷的云基础设施供应商。

目前Rancher在全球拥有超过一亿的下载量,并拥有包括中国人寿、华为、中国平安、兴业银行、民生银行、平安证券、海航科技、厦门航空、上汽集团、海尔、米其林、丰田、本田、中船重工、中联重科、迪斯尼、IBM、Cisco、Nvidia、辉瑞制药、西门子、CCTV、中国联通等全球著名企业在内的共25000家企业客户。

我来评几句
登录后评论

已发表评论数()

相关站点

+订阅
热门文章