Docker配置手册-Rancher

2.1 前期准备

1) 所有节点均安装Docker [root@rancher ~]# yum install docker -y [root@docker2 ~]# yum install docker -y [root@docker3 ~]# yum install docker -y 2) 禁止docker调用iptables [root@rancher ~]# vim /usr/lib/systemd/system/docker.service ...... ...... ExecStart=/usr/bin/dockerd --iptables=false ...... ...... [root@rancher ~]# systemctl daemon-reload [root@docker2 ~]# vim /usr/lib/systemd/system/docker.service ...... ...... ExecStart=/usr/bin/dockerd --iptables=false ...... ...... [root@docker2 ~]# systemctl daemon-reload [root@docker3 ~]# vim /usr/lib/systemd/system/docker.service ...... ...... ExecStart=/usr/bin/dockerd --iptables=false ...... ...... [root@docker3 ~]# systemctl daemon-reload # 1. 如果不想改变默认的docker的iptables规则，可以手工增加iptables端口的暴露 # 2. 如果不想改变默认的docker的iptables规则，也不打算手工添加，可使用iptables -P FORWARD ACCEPT来临时完成让端口的暴露。暴露之后永久有效。无需重启设备后再次执行 3) 为所有节点配置加速器 [root@rancher ~]# vim /etc/docker/daemon.json { "registry-mirrors": ["https://3laho3y3.mirror.aliyuncs.com"] } [root@docker1 ~]# vim /etc/docker/daemon.json { "registry-mirrors": ["https://3laho3y3.mirror.aliyuncs.com"] } [root@docker2 ~]# vim /etc/docker/daemon.json { "registry-mirrors": ["https://3laho3y3.mirror.aliyuncs.com"] } 4) 启动Docker [root@rancher ~]# systemctl enable --now docker [root@docker2 ~]# systemctl enable --now docker [root@docker3 ~]# systemctl enable --now docker 5) 确认各节点解析正常

2.2 安装Rancher

1) 下载rancher镜像并启动 [root@rancher ~]# docker pull rancher/rancher:stable [root@rancher ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/rancher/rancher latest 83fe4871cf67 2 weeks ago 670 MB [root@rancher ~]# docker run -d --restart=unless-stopped --privileged \ -p 80:80 -p 443:443 rancher/rancher:stable 2) 访问rancher [浏览器] ==> http://$srv_ip

2.3 配置Rancher

2.4 配置Cluster

# 注意，此处需要对应国内的镜像或请提前准备镜像 # docker2节点的操作 [root@docker2 ~]# sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent:v2.3.5 --server https://rancher.1000cc.net --token j4s9rjtn7md9fs5g5t9dnfw4n528wqscmwpxg4l72r7sqwglllswhj --ca-checksum 6bdb7fa622d7ef33fc6a92d9ef813b5f13a0ff09dc4a31ed48d526f94cb57e4f --etcd --controlplane --worker # docker3节点的操作 [root@docker3 ~]# sudo docker run -d --privileged --restart=unless-stopped --net=host -v /etc/kubernetes:/etc/kubernetes -v /var/run:/var/run rancher/rancher-agent:v2.3.5 --server https://rancher.1000cc.net --token dzvhhsjs66tjtnlzqz6gd66cdlkcl6llt4j54vfnzx27qc6472tftg --ca-checksum 753373a1719f92fce3d15c97fc757e6cd7fbdbcbf8388a7ed1661c4293b58539 --worker # 集群创建完成

2.5 配置Worker Node

1) 配置k8s源 [root@docker2 ~]# vim /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg [root@docker3 ~]# vim /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg 2) 安装kubelet(匹配安装的版本) [root@docker2 ~]# yum list kubectl --showduplicates | grep 1.17.4 [root@docker2 ~]# yum install kubectl-1.17.4-0.x86_64 -y [root@docker3 ~]# yum list kubectl --showduplicates | grep 1.17.4 [root@docker3 ~]# yum install kubectl-1.17.4-0.x86_64 -y 3) 在所有Work Noder上创建~/.kube/config文件 [root@docker2 ~]# mkdir ~/.kube && touch ~/.kube/config [root@docker3 ~]# mkdir ~/.kube && touch ~/.kube/config 4) 将集群的相关信息复制到Woker Node上的~/.kube/config文件中 [root@docker2 ~]# vim ~/.kube/config # 复制内容 [root@docker3 ~]# vim ~/.kube/config # 复制内容

2.6 创建服务测试