使用helm在k8s集群部署rancher

木木10个月前技术文章322

使用helm在k8s集群部署rancher

由于我们的k8s版本是1.22,所以我们直接安装latest版本的rancher。不同版本的rancher helm仓库可以看下面链接

https://docs.rancher.cn/docs/rancher2.5/installation/resources/choosing-version/_index

添加helm仓库

```Plain Text helm repo add rancher-latest https://releases.rancher.com/server-charts/latest helm repo add rancher-alpha https://releases.rancher.com/server-charts/alpha

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111300908821.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111300908821.png)

# 为rancher创建namespace

Plain Text kubectl create namespace cattle-system

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111251744334.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111251744334.png)

# 安装cert-manager

由于我们选择使用自签名的证书来配置rancher,所以需要安装cert-manager来管理这些证书。

## 静默安装

先从github下载对应的yaml文件

[https://github.com/jetstack/cert-manager/releases](https://github.com/jetstack/cert-manager/releases)

Plain Text wget https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.crds.yaml

运行该yaml文件即可实现静默安装

## helm安装

## 添加jetstack helm存储库

Plain Text helm repo add jetstack https://charts.jetstack.io

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111251757316.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111251757316.png)

## 更新本地helm存储库缓存

Plain Text helm repo update

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111251758350.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111251758350.png)

## 安装cert-manager

Plain Text helm install \  cert-manager jetstack/cert-manager \  --namespace cert-manager \  --create-namespace \  --version v1.6.1 \  --set installCRDs=true  # 这里我们选择将CRD作为helm的一部分进行安装,所以需要加上 --set installCRDs=true

## 查看cert-manmger状态

Plain Text kubectl get pods --namespace cert-manager

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111300858741.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111300858741.png)

# 安装rancher

查看helm仓库啊中的rancher版本

Plain Text helm search repo --versions

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111300910492.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/202111300910492.png)

可以看到最新版本为2.6.2

Plain Text

这里安装会失败,应为2.6.2的rancher不支持1.22的kubernetes,之后使用了2.6.3版本的rancher安装成功

helm install rancher rancher-latest/rancher \  --namespace cattle-system \  --version 2.6.2 \  --set hostname=rancher.ilomumu.xyz \  --set replicas=1

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211203120004.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211203120004.png)

# ingress-nginx

此时我们的rancher还不能正常访问,这是由于我们还没有安装ingress-nginx(ingress控制器)。先查看下ingress资源

Plain Text kubectl -n cattle-system get ingress

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211203115637.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211203115637.png)

## 安装ingress-nginx

相关文档地址

[https://kubernetes.github.io/ingress-nginx/deploy/](https://kubernetes.github.io/ingress-nginx/deploy/)

helm安装命令

Plain Text helm upgrade --install ingress-nginx ingress-nginx \  --repo https://kubernetes.github.io/ingress-nginx \  --namespace ingress-nginx --create-namespace

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211214135636.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211214135636.png)

安装完成

# 修改rancher的ingress配置

我们要修改rancher的ingress配置将其绑定到我们安装的ingress上

Plain Text kubectl get ingress -n cattle-system

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211214135915.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211214135915.png)

编辑ingress

Plain Text kubectl edit ingress -n cattle-system rancher

原始内容如下

YAML

Please edit the object below. Lines beginning with a '#' will be ignored,

and an empty file will abort the edit. If an error occurs while saving this file will be

reopened with the relevant failures.

# apiVersion: networking.k8s.io/v1 kind: Ingress metadata:  annotations:    cert-manager.io/issuer: rancher    cert-manager.io/issuer-kind: Issuer    meta.helm.sh/release-name: rancher    meta.helm.sh/release-namespace: cattle-system    nginx.ingress.kubernetes.io/proxy-connect-timeout: "30"    nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"    nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"  creationTimestamp: "2021-12-14T03:46:23Z"  generation: 1  labels:    app: rancher    app.kubernetes.io/managed-by: Helm    chart: rancher-2.6.3-rc2    heritage: Helm    release: rancher  name: rancher  namespace: cattle-system  resourceVersion: "8072"  uid: f98350de-579c-4be0-a82e-08bcbf69fff5 spec:  rules:

  • host: rancher.ilomumu.xyz http:  paths:

    • backend:  service:    name: rancher    port:      number: 80 pathType: ImplementationSpecific tls:

  • hosts:

    • rancher.ilomumu.xyz secretName: tls-rancher-ingress status: loadBalancer: {}

编辑后内容如下

YAML

Please edit the object below. Lines beginning with a '#' will be ignored,

and an empty file will abort the edit. If an error occurs while saving this file will be

reopened with the relevant failures.

# apiVersion: networking.k8s.io/v1 kind: Ingress metadata:  annotations:    cert-manager.io/issuer: rancher    cert-manager.io/issuer-kind: Issuer    meta.helm.sh/release-name: rancher    meta.helm.sh/release-namespace: cattle-system    nginx.ingress.kubernetes.io/proxy-connect-timeout: "30"    nginx.ingress.kubernetes.io/proxy-read-timeout: "1800"    nginx.ingress.kubernetes.io/proxy-send-timeout: "1800"    kubernetes.io/ingress.class: "nginx"   # 添加绑定  creationTimestamp: "2021-12-14T03:46:23Z"  generation: 1  labels:    app: rancher    app.kubernetes.io/managed-by: Helm    chart: rancher-2.6.3-rc2    heritage: Helm    release: rancher  name: rancher  namespace: cattle-system  resourceVersion: "8072"  uid: f98350de-579c-4be0-a82e-08bcbf69fff5 spec:  rules:

  • host: rancher.ilomumu.xyz http:  paths:

    • backend:  service:    name: rancher    port:      number: 80 pathType: ImplementationSpecific tls:

  • hosts:

    • rancher.ilomumu.xyz secretName: tls-rancher-ingress status: loadBalancer: {}

# 修改hosts文件

查看ingress-nginx-control所在节点ip

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215163911.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215163911.png)

修改hosts文件

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215164031.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215164031.png)

# 查看访问端口

Plain Text kubectl get svc -n ingress-nginx

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211214141508.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211214141508.png)

# 进行访问测试

访问地址

Plain Text  https://rancher.ilomumu.xyz:30733

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165639.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165639.png)

# 配置rancher

## 获取bootstrapPassword密码

Plain Text kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{.data.bootstrapPassword|base64decode}}{{"\n"}}'

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165505.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165505.png)

## 设置密码并同意协议

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165740.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165740.png)

## 设置中文

![https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165903.png](https://teamo-md.oss-cn-shanghai.aliyuncs.com/img/20211215165903.png)

# 完全卸载rancher

rancher官方提供了卸载k8s集群内rancher的工具

[https://github.com/rancher/system-tools](https://github.com/rancher/system-tools)

直接下载该工具使用即可

Plain Text

使用-c 参数指定kubeconfig文件

system-tools remove -c .kube/config ```


返回列表

上一篇:helm chart包编写

下一篇:Kubernetes节点与令牌管理

相关文章

Hive优化之监控(四)

Hive优化之监控(四)

    Hive是大数据领域常用的组件之一,主要是大数据离线数仓的运算,关于Hive的性能调优在日常工作和面试中是经常涉及的一个点,因此掌握一些Hive调优是必...

python-日志分析

1、概述生产中会生成大量的系统日志、应用程序日志、安全日志等等日志,通过对日志的分析可以了解服务器的负载、健康状况,可以分析客户的分布情况、客户的行为,甚至基于这些分析可以做出预测。一般采集流程:日志...

MySQL运维实战之ProxySQL(9.7)改写SQL

使用查询修改功能,可以在不改变应用程序的情况下,修改SQL语句。比如,我们可以使用SQL改写的功能,给SQL添加hint,以此来优化性能。delete from mysql_que...

Redis 大 key

1、bigkeysRedis提供了 bigkeys 参数能够使 redis-cli 以遍历的方式分析 Redis 实例中的所有 Key ,并返回 Key 的整体统计信息与每个数据类型中 Top1 的大...

dolphinscheduler部署-FAQ

dolphinscheduler部署-FAQ

如果是cdh集群会遇到一个问题5678端口被占用这是因为cdh的agent用了5678那我们改下配置文件文件:/opt/apache-dolphinscheduler-3.1.8-bin/st...

数据湖Iceberg

数据湖Iceberg

1、概述         Iceberg 是一个面向海量数据分析场景的开放表格式(Table Format)。表格式(Table  Format)可以理解为元数据以及数据文件的一种组织方式,处于计算框...

发表评论    

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。

©Copyrights 2016-2022 YUNCHE 浙ICP备2021017017号