使用helm在k8s集群部署rancher

木木1年前技术文章596

使用helm在k8s集群部署rancher

由于我们的k8s版本是1.22,所以我们直接安装latest版本的rancher。不同版本的rancher helm仓库可以看下面链接

https://docs.rancher.cn/docs/rancher2.5/installation/resources/choosing-version/_index

添加helm仓库

```Plain Text helm repo add rancher-latest https://releases.rancher.com/server-charts/latest helm repo add rancher-alpha https://releases.rancher.com/server-charts/alpha

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111300908821.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111300908821.png)

# 为rancher创建namespace

Plain Text kubectl create namespace cattle-system

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111251744334.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111251744334.png)

# 安装cert-manager

由于我们选择使用自签名的证书来配置rancher,所以需要安装cert-manager来管理这些证书。

## 静默安装

先从github下载对应的yaml文件

[https://github.com/jetstack/cert-manager/releases](https://github.com/jetstack/cert-manager/releases)

Plain Text wget https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.crds.yaml

运行该yaml文件即可实现静默安装

## helm安装

## 添加jetstack helm存储库

Plain Text helm repo add jetstack https://charts.jetstack.io

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111251757316.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111251757316.png)

## 更新本地helm存储库缓存

Plain Text helm repo update

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111251758350.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111251758350.png)

## 安装cert-manager

Plain Text helm install \  cert-manager jetstack/cert-manager \  --namespace cert-manager \  --create-namespace \  --version v1.6.1 \  --set installCRDs=true  # 这里我们选择将CRD作为helm的一部分进行安装,所以需要加上 --set installCRDs=true

## 查看cert-manmger状态

Plain Text kubectl get pods --namespace cert-manager

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111300858741.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111300858741.png)

# 安装rancher

查看helm仓库啊中的rancher版本

Plain Text helm search repo --versions

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111300910492.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111300910492.png)

可以看到最新版本为2.6.2

Plain Text

这里安装会失败,应为2.6.2的rancher不支持1.22的kubernetes,之后使用了2.6.3版本的rancher安装成功

helm install rancher rancher-latest/rancher \  --namespace cattle-system \  --version 2.6.2 \  --set hostname=rancher.ilomumu.xyz \  --set replicas=1

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211203120004.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211203120004.png)

# ingress-nginx

此时我们的rancher还不能正常访问,这是由于我们还没有安装ingress-nginx(ingress控制器)。先查看下ingress资源

Plain Text kubectl -n cattle-system get ingress

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211203115637.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211203115637.png)

## 安装ingress-nginx

相关文档地址

[https://kubernetes.github.io/ingress-nginx/deploy/](https://kubernetes.github.io/ingress-nginx/deploy/)

helm安装命令

Plain Text helm upgrade --install ingress-nginx ingress-nginx \  --repo https://kubernetes.github.io/ingress-nginx \  --namespace ingress-nginx --create-namespace

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211214135636.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211214135636.png)

安装完成

# 修改rancher的ingress配置

我们要修改rancher的ingress配置将其绑定到我们安装的ingress上

Plain Text kubectl get ingress -n cattle-system

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211214135915.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211214135915.png)

编辑ingress

Plain Text kubectl edit ingress -n cattle-system rancher

原始内容如下

YAML

Please edit the object below. Lines beginning with a '#' will be ignored,

and an empty file will abort the edit. If an error occurs while saving this file will be

reopened with the relevant failures.

# apiVersion: networking.k8s.io/v1 kind: Ingress metadata:  annotations:    cert-manager.io/issuer: rancher    cert-manager.io/issuer-kind: Issuer    meta.helm.sh/release-name: rancher    meta.helm.sh/release-namespace: cattle-system    nginx.ingress.kubernetes.io/proxy-connect-timeout: "30"    nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"    nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"  creationTimestamp: "2021-12-14T03:46:23Z"  generation: 1  labels:    app: rancher    app.kubernetes.io/managed-by: Helm    chart: rancher-2.6.3-rc2    heritage: Helm    release: rancher  name: rancher  namespace: cattle-system  resourceVersion: "8072"  uid: f98350de-579c-4be0-a82e-08bcbf69fff5 spec:  rules:

  • host: rancher.ilomumu.xyz http:  paths:

    • backend:  service:    name: rancher    port:      number: 80 pathType: ImplementationSpecific tls:

  • hosts:

    • rancher.ilomumu.xyz secretName: tls-rancher-ingress status: loadBalancer: {}

编辑后内容如下

YAML

Please edit the object below. Lines beginning with a '#' will be ignored,

and an empty file will abort the edit. If an error occurs while saving this file will be

reopened with the relevant failures.

# apiVersion: networking.k8s.io/v1 kind: Ingress metadata:  annotations:    cert-manager.io/issuer: rancher    cert-manager.io/issuer-kind: Issuer    meta.helm.sh/release-name: rancher    meta.helm.sh/release-namespace: cattle-system    nginx.ingress.kubernetes.io/proxy-connect-timeout: "30"    nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"    nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"    kubernetes.io/ingress.class: "nginx"   # 添加绑定  creationTimestamp: "2021-12-14T03:46:23Z"  generation: 1  labels:    app: rancher    app.kubernetes.io/managed-by: Helm    chart: rancher-2.6.3-rc2    heritage: Helm    release: rancher  name: rancher  namespace: cattle-system  resourceVersion: "8072"  uid: f98350de-579c-4be0-a82e-08bcbf69fff5 spec:  rules:

  • host: rancher.ilomumu.xyz http:  paths:

    • backend:  service:    name: rancher    port:      number: 80 pathType: ImplementationSpecific tls:

  • hosts:

    • rancher.ilomumu.xyz secretName: tls-rancher-ingress status: loadBalancer: {}

# 修改hosts文件

查看ingress-nginx-control所在节点ip

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215163911.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215163911.png)

修改hosts文件

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215164031.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215164031.png)

# 查看访问端口

Plain Text kubectl get svc -n ingress-nginx

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211214141508.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211214141508.png)

# 进行访问测试

访问地址

Plain Text  https://rancher.ilomumu.xyz:30733

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165639.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165639.png)

# 配置rancher

## 获取bootstrapPassword密码

Plain Text kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{.data.bootstrapPassword|base64decode}}{{"\n"}}'

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165505.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165505.png)

## 设置密码并同意协议

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165740.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165740.png)

## 设置中文

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165903.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165903.png)

# 完全卸载rancher

rancher官方提供了卸载k8s集群内rancher的工具

[https://github.com/rancher/system-tools](https://github.com/rancher/system-tools)

直接下载该工具使用即可

Plain Text

使用-c 参数指定kubeconfig文件

system-tools remove -c .kube/config ```


返回列表

上一篇:helm chart包编写

下一篇:Kubernetes节点与令牌管理

相关文章

TEZ常见调优参数

一、设置引擎为Tez参数:参数默认值推荐值参数说明解释hive.execution.enginemr请根据具体的业务场景进行选择执行引擎选择使用tez引擎时,此值设置为tezhive.tez.log....

Spark优化之配置参数

Spark优化之配置参数

一、资源参数优化所谓的Spark资源参数调优,其实主要就是对Spark运行过程中各 个使用资源的地方,通过调节各种参数,来优化资源使用的效率,从而提升Spark作业的执行性能。以下参数就是Spark中...

CDP实操--集群配置Auto-TLS

CDP实操--集群配置Auto-TLS

1.1手动创建CA证书# mkdir -p /tls/ca # ls /tls # cd /tls/ca # openssl genrsa -out ca.key 2048 # cat ca....

PostgreSQL 会话管理

说明当数据库发生持续的 CPU 使用率打高时,数据库中很可能正在跑一些大查询或者较复杂的 SQL,如果不及时处理很可能会影响到业务,此时我们需要通过查询会话找到 “罪魁祸首” 并 kill 掉它,然后...

Prometheus+Consul服务自动发现监控

Prometheus+Consul服务自动发现监控

为什么使用consulprometheus作为新一代的监控利器,有很多优点,部署起来也十分方便。部署prometheus后自然会需要使用prometheus去监控物理机或者虚拟机的资源,这里就需要使用...

MySQL运维实战(2.2)忘记密码如何处理

如果忘记了一个普通用户的密码,可以使用管理员账号登录,修改其他用户的密码。但是如果所有管理员账号的密码都忘记了,应该怎么处理呢?如果忘记root密码,可以使用skip-grant-tables参数启动...

发表评论    

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。

©Copyrights 2016-2022 YUNCHE 浙ICP备2021017017号