K3s 基础开发环境搭建

前情提要

将之前关于 K3s 的安装部署能力进行整理。

安装 K3s

curl -sfL https://get.k3s.io | sh -

开启 helm & treafik

a. 安装 helm

wget https://get.helm.sh/helm-v3.5.0-linux-amd64.tar.gz
tar -zxvf helm-v3.5.0-linux-amd64.tar.gz
chmod 755 linux-amd64/helm
cp linux-amd64/helm /usr/bin/
cp linux-amd64/helm /usr/local/bin/

# 开启配置
$vi /etc/bashrc
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
$source /etc/bashrc

b. 更新 helm 源

# 导入国外源
helm repo add stable https://charts.helm.sh/stable
helm repo update

# 导入阿里源
helm repo remove stable
helm repo add stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
helm repo update
helm list

c. 开启 treafik 能力

编辑/var/lib/rancher/k3s/server/manifests/traefik.yaml文件,
helm文件中新增dashboard的value。全部内容如下:

$ vi /var/lib/rancher/k3s/server/manifests/traefik.yaml
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
  name: traefik-crd
  namespace: kube-system
spec:
  chart: https://%{KUBERNETES_API}%/static/charts/traefik-crd-9.18.201.tgz
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
  name: traefik
  namespace: kube-system
spec:
  chart: https://%{KUBERNETES_API}%/static/charts/traefik-9.18.201.tgz
  set:
    global.systemDefaultRegistry: ""
  valuesContent: |-
    rbac:
      enabled: true
    ssl:
      enabled: true
    dashboard:
      enabled: true
      domain: "traefik.me.k3s"
    metrics:
      prometheus:
        enabled: true
    ports:
      websecure:
        tls:
          enabled: true
    podAnnotations:
      prometheus.io/port: "8082"
      prometheus.io/scrape: "true"
    providers:
      kubernetesIngress:
        publishedService:
          enabled: true
    priorityClassName: "system-cluster-critical"
    image:
      name: "rancher/library-traefik"
    tolerations:
    - key: "CriticalAddonsOnly"
      operator: "Exists"
    - key: "node-role.kubernetes.io/control-plane"
      operator: "Exists"
      effect: "NoSchedule"
    - key: "node-role.kubernetes.io/master"
      operator: "Exists"
      effect: "NoSchedule"

d. cert-manager 安装

$ kubectl create namespace cert-manager
$ helm repo add jetstack https://charts.jetstack.io
$ helm repo update
$ helm install cert-manager jetstack/cert-manager --namespace cert-manager --version v0.16.1 --set installCRDs=true

# 建议一键安装
kubectl apply --validate=false -f https://raw.githubusercontent.com/TencentCloudContainerTeam/manifest/master/cert-manager/cert-manager.yaml

配置参考:
d.1 https://www.lishuai.fun/2021/08/01/k8s-create-cert-manager/
d.2 https://cloud.tencent.com/document/product/457/49368

更换域名解析

# Godaddy DNS 地址
ns49.domaincontrol.com
ns50.domaincontrol.com

# Cloudflare 名称服务器
opal.ns.cloudflare.com
salvador.ns.cloudflare.com

令牌环:
https://dash.cloudflare.com/profile/api-tokens

posted @ 2023-01-29 15:53  流雨声  阅读(193)  评论(0编辑  收藏  举报