使用helm在k8s集群部署rancher
使用helm在k8s集群部署rancher
由于我们的k8s版本是1.22,所以我们直接安装latest版本的rancher。不同版本的rancher helm仓库可以看下面链接
https://docs.rancher.cn/docs/rancher2.5/installation/resources/choosing-version/_index
添加helm仓库
```Plain Text helm repo add rancher-latest https://releases.rancher.com/server-charts/latest helm repo add rancher-alpha https://releases.rancher.com/server-charts/alpha
 # 为rancher创建namespace
Plain Text kubectl create namespace cattle-system
 # 安装cert-manager 由于我们选择使用自签名的证书来配置rancher,所以需要安装cert-manager来管理这些证书。 ## 静默安装 先从github下载对应的yaml文件 [https://github.com/jetstack/cert-manager/releases](https://github.com/jetstack/cert-manager/releases)
Plain Text wget https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.crds.yaml
运行该yaml文件即可实现静默安装 ## helm安装 ## 添加jetstack helm存储库
Plain Text helm repo add jetstack https://charts.jetstack.io
 ## 更新本地helm存储库缓存
Plain Text helm repo update
 ## 安装cert-manager
Plain Text helm install \ cert-manager jetstack/cert-manager \ --namespace cert-manager \ --create-namespace \ --version v1.6.1 \ --set installCRDs=true # 这里我们选择将CRD作为helm的一部分进行安装,所以需要加上 --set installCRDs=true
## 查看cert-manmger状态
Plain Text kubectl get pods --namespace cert-manager
 # 安装rancher 查看helm仓库啊中的rancher版本
Plain Text helm search repo --versions
 可以看到最新版本为2.6.2
Plain Text
这里安装会失败,应为2.6.2的rancher不支持1.22的kubernetes,之后使用了2.6.3版本的rancher安装成功
helm install rancher rancher-latest/rancher \ --namespace cattle-system \ --version 2.6.2 \ --set hostname=rancher.ilomumu.xyz \ --set replicas=1
 # ingress-nginx 此时我们的rancher还不能正常访问,这是由于我们还没有安装ingress-nginx(ingress控制器)。先查看下ingress资源
Plain Text kubectl -n cattle-system get ingress
 ## 安装ingress-nginx 相关文档地址 [https://kubernetes.github.io/ingress-nginx/deploy/](https://kubernetes.github.io/ingress-nginx/deploy/) helm安装命令
Plain Text helm upgrade --install ingress-nginx ingress-nginx \ --repo https://kubernetes.github.io/ingress-nginx \ --namespace ingress-nginx --create-namespace
 安装完成 # 修改rancher的ingress配置 我们要修改rancher的ingress配置将其绑定到我们安装的ingress上
Plain Text kubectl get ingress -n cattle-system
 编辑ingress
Plain Text kubectl edit ingress -n cattle-system rancher
原始内容如下
YAML
Please edit the object below. Lines beginning with a '#' will be ignored,
and an empty file will abort the edit. If an error occurs while saving this file will be
reopened with the relevant failures.
# apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/issuer: rancher cert-manager.io/issuer-kind: Issuer meta.helm.sh/release-name: rancher meta.helm.sh/release-namespace: cattle-system nginx.ingress.kubernetes.io/proxy-connect-timeout: "30" nginx.ingress.kubernetes.io/proxy-read-timeout: "1800" nginx.ingress.kubernetes.io/proxy-send-timeout: "1800" creationTimestamp: "2021-12-14T03:46:23Z" generation: 1 labels: app: rancher app.kubernetes.io/managed-by: Helm chart: rancher-2.6.3-rc2 heritage: Helm release: rancher name: rancher namespace: cattle-system resourceVersion: "8072" uid: f98350de-579c-4be0-a82e-08bcbf69fff5 spec: rules:
host: rancher.ilomumu.xyz http: paths:
backend: service: name: rancher port: number: 80 pathType: ImplementationSpecific tls:
hosts:
rancher.ilomumu.xyz secretName: tls-rancher-ingress status: loadBalancer: {}
编辑后内容如下
YAML
Please edit the object below. Lines beginning with a '#' will be ignored,
and an empty file will abort the edit. If an error occurs while saving this file will be
reopened with the relevant failures.
# apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/issuer: rancher cert-manager.io/issuer-kind: Issuer meta.helm.sh/release-name: rancher meta.helm.sh/release-namespace: cattle-system nginx.ingress.kubernetes.io/proxy-connect-timeout: "30" nginx.ingress.kubernetes.io/proxy-read-timeout: "1800" nginx.ingress.kubernetes.io/proxy-send-timeout: "1800" kubernetes.io/ingress.class: "nginx" # 添加绑定 creationTimestamp: "2021-12-14T03:46:23Z" generation: 1 labels: app: rancher app.kubernetes.io/managed-by: Helm chart: rancher-2.6.3-rc2 heritage: Helm release: rancher name: rancher namespace: cattle-system resourceVersion: "8072" uid: f98350de-579c-4be0-a82e-08bcbf69fff5 spec: rules:
host: rancher.ilomumu.xyz http: paths:
backend: service: name: rancher port: number: 80 pathType: ImplementationSpecific tls:
hosts:
rancher.ilomumu.xyz secretName: tls-rancher-ingress status: loadBalancer: {}
# 修改hosts文件 查看ingress-nginx-control所在节点ip  修改hosts文件  # 查看访问端口
Plain Text kubectl get svc -n ingress-nginx
 # 进行访问测试 访问地址
Plain Text https://rancher.ilomumu.xyz:30733
 # 配置rancher ## 获取bootstrapPassword密码
Plain Text kubectl get secret --namespace cattle-system bootstrap-secret -o go-template='{{.data.bootstrapPassword|base64decode}}{{"\n"}}'
 ## 设置密码并同意协议  ## 设置中文  # 完全卸载rancher rancher官方提供了卸载k8s集群内rancher的工具 [https://github.com/rancher/system-tools](https://github.com/rancher/system-tools) 直接下载该工具使用即可
Plain Text
使用-c 参数指定kubeconfig文件
system-tools remove -c .kube/config ```
