k3s-简单集群搭建（v1.21.5+k3s2）

摘要：本文主要介绍介绍k3s的环境搭建和简单使用，使用的是最新版本,下面将以基于docker作为容器来介绍安装步骤

一、基本环境准备

#禁用**iptables**和**firewalld**服务

#关闭firewalld服务
systemctl stop firewalld
systemctl disable firewalld
#关闭iptables服务
systemctl stop iptables
systemctl disable iptables

# 关闭 swap 
swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

#禁用**selinux**
sed -i 's/enforcing/disabled/' /etc/selinux/config

# 生效命令
sysctl --system 

二、docker环境准备

wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
yum list docker-ce --showduplicates | sort -r 
#安装指定版本 
yum install docker-ce-20.10.7

# 添加阿里云 yum 源, 可从阿里云容器镜像管理中复制镜像加速地址
cat <<EOF > /etc/docker/daemon.json
{
  "registry-mirrors": [
    "https://registry.docker-cn.com",
    "http://hub-mirror.c.163.com",
    "https://docker.mirrors.ustc.edu.cn"
  ]
}
EOF

#启动docker
systemctl enable docker && systemctl start docker

三、k3s环境搭建（单机）

使用k3s默认容器安装命令如下curl -sfL https://get.k3s.io | sh -

使用docker容器安装命令如下curl -sfL https://get.k3s.io | sh -s - server --docker

安装完成后会显示如下的说明

如果想像使用k8s那样使用kubectl命令，则需要创建软连接或者更新配置

# 第一种方式
echo "alias kubectl='k3s kubectl'" >> /etc/profile
source /etc/profile

#第二种方式
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
source /etc/profile

四、集群环境搭建 work节点加入

查看master节点的token(K3S_TOKEN) cat /var/lib/rancher/k3s/server/node-token

curl -sfL https://get.k3s.io | K3S_URL=https://myserver:6443 K3S_TOKEN=XXX INSTALL_K3S_EXEC="--docker" sh -

到此环境就安装结束了，部署一个应用看看

五、部署demo

vim k8s-springboot.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: k8s-springboot
---
apiVersion: v1
kind: Service
metadata:
  name: springboot-demo-nodeport
  namespace: k8s-springboot
spec:
  type: NodePort
  ports:
    - port: 8080
      targetPort: 8080
      nodePort: 30001
  selector:
    app: springboot-demo
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: springboot-demo
  namespace: k8s-springboot
spec:
  selector:
    matchLabels:
      app: springboot-demo
  replicas: 1
  template:
    metadata:
      labels:
        app: springboot-demo
    spec:
      containers:
        - name: springboot-demo
          image: huzhihui/springboot:1.0.0
          ports:
            - containerPort: 8080
            
# 部署
kubectl apply -f k8s-springboot.yaml

#查看部署pod状态
kubectl get pods --all-namespaces

页面访问

traefik使用

Traefik is an open-source Edge Router that makes publishing your services a fun and easy experience. It receives requests on behalf of your system and finds out which components are responsible for handling them.（我人为这个和Ingress提供了相同的功能，作为外部服务访问的入口）

trace-dashboard监控面板使用

• 删除原来的trace-dashboard

运行kubectl delete IngressRoute traefik-dashboard -n kube-system删除后，我们需要创建一个新的traefik-dashboard

路径为：/var/lib/rancher/k3s/server/manifests 文件名称: traefik-dashboard.yaml 不用执行，k3s会自动扫描该文件下的文件进行自动更新

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: traefik-dashboard
  namespace: kube-system
spec:
  entryPoints:
    - web
  routes:
    - match: Host(`traefik.local.huzhihui.com`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
      kind: Rule
      services:
        - name: api@internal
          kind: TraefikService

创建好后如下显示 kubectl get IngressRoute -A 页面访问 http://traefik.local.huzhihui.com/dashboard/#/

我们之前创建了springboot.yaml的实例，现在先把该实例删除，运行kubectl delete -f springboot.yaml

创建新的k8s-springboot.yaml 运行 kubectl apply -f k8s-springboot.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: k8s-springboot
---
apiVersion: v1
kind: Service
metadata:
  name: k8s-springboot-demo-service
  namespace: k8s-springboot
spec:
  type: ClusterIP
  ports:
    - port: 8080
      targetPort: 8080
      protocol: TCP
  selector:
    app: k8s-springboot-demo
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: k8s-springboot-demo
  namespace: k8s-springboot
spec:
  selector:
    matchLabels:
      app: k8s-springboot-demo
  replicas: 1
  template:
    metadata:
      labels:
        app: k8s-springboot-demo
    spec:
      containers:
        - name: k8s-springboot-demo
          image: huzhihui/springboot:1.0.0
          ports:
            - containerPort: 8080
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: k8s-springboot-demo-ingress-route
  namespace: k8s-springboot
spec:
  entryPoints:
    - web
  routes:
    - match: Host(`springboot-demo.local.huzhihui.com`) && PathPrefix(`/`)
      kind: Rule
      services:
        - name: k8s-springboot-demo-service
          port: 8080

浏览器访问http://springboot-demo.local.huzhihui.com/

如果想通过默认的traefik通过路径前缀进行转发则需要按照如下配置

---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: k8s-springboot-demo-ingress
  namespace: k8s-springboot
spec:
  entryPoints:
    - web
  routes:
    - match: PathPrefix(`/a`)
      kind: Rule
      services:
        - name: k8s-springboot-demo-service
          port: 80
      middlewares:
        - name: a-stripprefix
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: a-stripprefix
  namespace: k8s-springboot
spec:
  stripPrefix:
    prefixes:
      - /a

上面的配置你访问则和nginx配置的反向代理一样会截取/a的路径，直接定位到实际的服务

Ingress使用

如果觉得IngressRoute使用不太明了，也可以继续在traefik中使用Ingress

新建文件k3s-springboot-ingress.yaml

kind: Ingress
apiVersion: networking.k8s.io/v1
metadata:
  name: k8s-springboot-demo-ingress
  namespace: k8s-springboot
spec:
  rules:
    - host: springboot-demo-ingress.local.huzhihui.com
      http:
        paths:
          - path: /
            pathType: Exact
            backend:
              service:
                name: k8s-springboot-demo-service
                port:
                  number: 8080