K8s 安装 Kubespere

配置 Kubernetes 集群中的默认存储类

环境 centos 7

安装 nfs

服务端运行

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
# centos
yum install -y nfs-utils rpcbind
#
# ubuntu
sudo apt-get install -y nfs-kernel-server

# 创建共享存储文件夹
mkdir /nfs

# 配置nfs
vi /etc/exports
/nfs *(rw,async,no_root_squash)

# 启动服务
# centos
systemctl start rpcbind
systemctl enable rpcbind
systemctl enable nfs && systemctl restart nfs
#
# ubuntu
sudo /etc/init.d/rpcbind restart
sudo /etc/init.d/nfs-kernel-server restart

# 查看服务状态
# centos
systemctl status rpcbind
systemctl status nfs

# 查看可用的 nfs 地址
showmount -e localhost

node 上执行

1
2
3
4
5
6
7
8
9
10
11
12
# 安装nfs-utils和rpcbind
# centos
yum install -y nfs-utils rpcbind

# ubuntu 
sudo apt-get install -y nfs-common

# 创建挂载的文件夹
mkdir -p /nfs/data

# 挂载nfs
mount -t nfs 192.168.2.80:/nfs /nfs/data

编写 Deployment

vim nfs-client.yaml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
kind: Deployment
apiVersion: apps/v1
metadata:
  name: nfs-client-provisioner
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nfs-client-provisioner
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: nfs-client-provisioner
    spec:
      serviceAccountName: nfs-client-provisioner
      containers:
        - name: nfs-client-provisioner
          image: quay.io/external_storage/nfs-client-provisioner:latest
          volumeMounts:
            - name: nfs-client-root
              mountPath: /persistentvolumes
          env:
            - name: PROVISIONER_NAME
              value: fuseim.pri/ifs
            - name: NFS_SERVER
              value: 192.168.2.80
            - name: NFS_PATH
              value: /nfs
      volumes:
        - name: nfs-client-root
          nfs:
            server: 192.168.2.80
            path: /nfs

编写 SA

nfs-client-sa.yaml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
apiVersion: v1
kind: ServiceAccount
metadata:
  name: nfs-client-provisioner
 
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: nfs-client-provisioner-runner
rules:
  - apiGroups: [""]
    resources: ["persistentvolumes"]
    verbs: ["get", "list", "watch", "create", "delete"]
  - apiGroups: [""]
    resources: ["persistentvolumeclaims"]
    verbs: ["get", "list", "watch", "update"]
  - apiGroups: ["storage.k8s.io"]
    resources: ["storageclasses"]
    verbs: ["get", "list", "watch"]
  - apiGroups: [""]
    resources: ["events"]
    verbs: ["list", "watch", "create", "update", "patch"]
  - apiGroups: [""]
    resources: ["endpoints"]
    verbs: ["create", "delete", "get", "list", "watch", "patch", "update"]
 
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: run-nfs-client-provisioner
subjects:
  - kind: ServiceAccount
    name: nfs-client-provisioner
    namespace: default
roleRef:
  kind: ClusterRole
  name: nfs-client-provisioner-runner
  apiGroup: rbac.authorization.k8s.io

创建 StorageClass 对象

nfs-client-class.yaml

1
2
3
4
5
6
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: course-nfs-storage
provisioner: fuseim.pri/ifs # or choose another name, must match deployment's env PROVISIONER_NAME'
allowVolumeExpansion: true

创建资源对象

1
2
3
4
5
6
kubectl create -f nfs-client.yaml
kubectl create -f nfs-client-sa.yaml
kubectl create -f nfs-client-class.yaml

# 设置这个 course-nfs-storage 的 StorageClass 为 Kubernetes 的默认存储后端
kubectl patch storageclass course-nfs-storage -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

安装 kubespere

部署 KubeSphere

v3.3.0 版本

1
2
3
4
5
6
7
8
9
10
11
# 安装
kubectl apply -f https://github.com/kubesphere/ks-installer/releases/download/v3.3.0/kubesphere-installer.yaml
   
kubectl apply -f https://github.com/kubesphere/ks-installer/releases/download/v3.3.0/cluster-configuration.yaml

# 查看安装日志
kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l 'app in (ks-install, ks-installer)' -o jsonpath='{.items[0].metadata.name}') -f

# 验证
kubectl get po -A
# 以及浏览器访问 IP:30880 默认帐户和密码 (admin/P@88w0rd)

node-exporter 起不来

1
之前节点装了 node-exporter ,端口冲突了

prometheus PVC一直处于Pending状态

1
2
3
4
5
6
7
8
9
10
11
# 修改apiserver的yaml文件
$ vim /etc/kubernetes/manifests/kube-apiserver.yaml
spec:
  containers:
  - command:
    - kube-apiserver
    - --feature-gates=RemoveSelfLink=false
    
# 执行apiserver文件(twice)
$ kubectl apply -f /etc/kubernetes/manifests/kube-apiserver.yaml