114 lines
2.3 KiB
Markdown
114 lines
2.3 KiB
Markdown
|
## 1. 准备工作
|
|||
|
|
|
|||
|
|
在 pve 使用 lxc安装k3s需要修改一些宿主机配置
|
|||
|
|
|
|||
|
|
### 1.1 节点内核参数开启 `bridge-nf-call-iptables`
|
|||
|
|
|
|||
|
|
```bash
|
|||
|
|
sysctl -w net.bridge.bridge-nf-call-iptables=1
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
这个主要是为了解决Service 同节点通信问题(启用 `bridge-nf-call-iptables` 这个内核参数 (置为 1),表示 bridge 设备在二层转发时也去调用 iptables 配置的三层规则))
|
|||
|
|
|
|||
|
|
### 1.2 关闭swap
|
|||
|
|
|
|||
|
|
```bash
|
|||
|
|
sysctl vm.swappiness=0
|
|||
|
|
swapoff -a
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
### 1.3 启用 IP 转发
|
|||
|
|
|
|||
|
|
```bash
|
|||
|
|
echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf
|
|||
|
|
sysctl --system
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
## 2 创建lxc容器
|
|||
|
|
|
|||
|
|
- k3s-master-01
|
|||
|
|
- k3s-slave-01
|
|||
|
|
- k3s-slave-02
|
|||
|
|
- 不要勾选无特权容器
|
|||
|
|
|
|||
|
|
### 2.1 修改pve的lxc容器配置
|
|||
|
|
|
|||
|
|
```bash
|
|||
|
|
vim /etc/pve/lxc/300.conf
|
|||
|
|
|
|||
|
|
添加如下内容
|
|||
|
|
cat >> /etc/pve/lxc/302.conf << EOF
|
|||
|
|
lxc.apparmor.profile: unconfined
|
|||
|
|
lxc.cgroup.devices.allow: a
|
|||
|
|
lxc.cap.drop:
|
|||
|
|
lxc.mount.auto: "proc:rw sys:rw"
|
|||
|
|
EOF
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
### 2.2 lxc容器修改
|
|||
|
|
|
|||
|
|
- touch /etc/rc.local
|
|||
|
|
- 填入以下内容
|
|||
|
|
|
|||
|
|
```bash
|
|||
|
|
|
|||
|
|
#!/bin/sh -e
|
|||
|
|
|
|||
|
|
# Kubeadm 1.15 needs /dev/kmsg to be there, but it's not in lxc, but we can just use /dev/console instead
|
|||
|
|
# see: https://github.com/kubernetes-sigs/kind/issues/662
|
|||
|
|
if [ ! -e /dev/kmsg ]; then
|
|||
|
|
ln -s /dev/console /dev/kmsg
|
|||
|
|
fi
|
|||
|
|
|
|||
|
|
# https://medium.com/@kvaps/run-kubernetes-in-lxc-container-f04aa94b6c9c
|
|||
|
|
mount --make-rshared /
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
- chmod +x /etc/rc.local
|
|||
|
|
|
|||
|
|
```bash
|
|||
|
|
cat >> /etc/rc.local << EOF
|
|||
|
|
#!/bin/sh -e
|
|||
|
|
|
|||
|
|
# Kubeadm 1.15 needs /dev/kmsg to be there, but it's not in lxc, but we can just use /dev/console instead
|
|||
|
|
# see: https://github.com/kubernetes-sigs/kind/issues/662
|
|||
|
|
if [ ! -e /dev/kmsg ]; then
|
|||
|
|
ln -s /dev/console /dev/kmsg
|
|||
|
|
fi
|
|||
|
|
|
|||
|
|
# https://medium.com/@kvaps/run-kubernetes-in-lxc-container-f04aa94b6c9c
|
|||
|
|
mount --make-rshared /
|
|||
|
|
EOF
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
### 2.3 lxc换软件源安装curl(可选)
|
|||
|
|
|
|||
|
|
```bash
|
|||
|
|
sed -i 's@//.*archive.ubuntu.com@//mirrors.ustc.edu.cn@g' /etc/apt/sources.list
|
|||
|
|
apt update -y
|
|||
|
|
apt install curl -y
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
## 3安装k3s
|
|||
|
|
|
|||
|
|
### 3.1主节点执行
|
|||
|
|
|
|||
|
|
```bash
|
|||
|
|
curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION=v1.27.13+k3s1 sh -
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
### 3.2 查看集群令牌
|
|||
|
|
|
|||
|
|
```bash
|
|||
|
|
cat /var/lib/rancher/k3s/server/node-token
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
### 3.3 worker节点执行
|
|||
|
|
|
|||
|
|
```bash
|
|||
|
|
curl -fsL https://get.k3s.io | INSTALL_K3S_VERSION=v1.28.12+k3s1 K3S_URL=https://192.168.0.20:6443 K3S_TOKEN="xxxxx" sh -s - --node-name k3s-slave-01
|
|||
|
|
```
|
|||
|
|
|