sunqi/typora
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0272dd2d6c
typora/note/K8S/实战笔记/pve的lxc容器部署k3s.md
sunqi19 0272dd2d6c first commit
2024-12-12 10:48:55 +08:00

114 lines
2.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## 1. 准备工作
在 pve 使用 lxc安装k3s需要修改一些宿主机配置
### 1.1 节点内核参数开启 `bridge-nf-call-iptables`
```bash
sysctl -w net.bridge.bridge-nf-call-iptables=1
```
这个主要是为了解决Service 同节点通信问题(启用 `bridge-nf-call-iptables` 这个内核参数 (置为 1),表示 bridge 设备在二层转发时也去调用 iptables 配置的三层规则)
### 1.2 关闭swap
```bash
sysctl vm.swappiness=0
swapoff -a
```
### 1.3 启用 IP 转发
```bash
echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf
sysctl --system
```
## 2 创建lxc容器
- k3s-master-01
- k3s-slave-01
- k3s-slave-02
- 不要勾选无特权容器
### 2.1 修改pve的lxc容器配置
```bash
vim /etc/pve/lxc/300.conf
添加如下内容
cat >> /etc/pve/lxc/302.conf << EOF
lxc.apparmor.profile: unconfined
lxc.cgroup.devices.allow: a
lxc.cap.drop:
lxc.mount.auto: "proc:rw sys:rw"
EOF
```
### 2.2 lxc容器修改
- touch /etc/rc.local
- 填入以下内容
```bash
#!/bin/sh -e
# Kubeadm 1.15 needs /dev/kmsg to be there, but it's not in lxc, but we can just use /dev/console instead
# see: https://github.com/kubernetes-sigs/kind/issues/662
if [ ! -e /dev/kmsg ]; then
ln -s /dev/console /dev/kmsg
fi
# https://medium.com/@kvaps/run-kubernetes-in-lxc-container-f04aa94b6c9c
mount --make-rshared /
```
- chmod +x /etc/rc.local
```bash
cat >> /etc/rc.local << EOF
#!/bin/sh -e
# Kubeadm 1.15 needs /dev/kmsg to be there, but it's not in lxc, but we can just use /dev/console instead
# see: https://github.com/kubernetes-sigs/kind/issues/662
if [ ! -e /dev/kmsg ]; then
ln -s /dev/console /dev/kmsg
fi
# https://medium.com/@kvaps/run-kubernetes-in-lxc-container-f04aa94b6c9c
mount --make-rshared /
EOF
```
### 2.3 lxc换软件源安装curl可选
```bash
sed -i 's@//.*archive.ubuntu.com@//mirrors.ustc.edu.cn@g' /etc/apt/sources.list
apt update -y
apt install curl -y
```
## 3安装k3s
### 3.1主节点执行
```bash
curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION=v1.27.13+k3s1 sh -
```
### 3.2 查看集群令牌
```bash
cat /var/lib/rancher/k3s/server/node-token
```
### 3.3 worker节点执行
```bash
curl -fsL https://get.k3s.io | INSTALL_K3S_VERSION=v1.28.12+k3s1 K3S_URL=https://192.168.0.20:6443 K3S_TOKEN="xxxxx" sh -s - --node-name k3s-slave-01
```
Reference in New Issue View Git Blame Copy Permalink