# Rke集群

|     节点地址    |     系统    |
| :---------: | :-------: |
|  172.19.0.4 | centos7.x |
|  172.19.0.9 | centos7.x |
| 172.19.0.12 | centos7.x |

### 1、初始化所有节点环境

* cat init\_rke\_env.sh🤗

```bash
## 桥接的IPv4流量传递到iptables的链
cat > /etc/sysctl.conf << EFO
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EFO

## 生效
sysctl -p /etc/sysctl.conf


## 关闭防火墙
systemctl stop firewalld
systemctl disable firewalld

## 关闭selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0  # 临时

## 关闭swap
swapoff -a && sed -ri 's/.*swap.*/#&/' /etc/fstab


## 时间同步 
yum install ntpdate -y
ntpdate time.windows.com



## 删除已安装的Docker
yum remove docker \
      docker-client \
      docker-client-latest \
      docker-common \
      docker-latest \
      docker-latest-logrotate \
      docker-logrotate \
      docker-selinux \
      docker-engine-selinux \
      docker-engine

## 配置repo源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum makecache
yum -y install epel-release

## 显示软件包的多个版本
yum list docker --show-duplicates
## 安装依赖包
yum -y install yum-utils device-mapper-persistent-data lvm2
## 添加软件源信息
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

## 更新并安装Docker-CE
yum makecache fast
yum list docker-ce --show-duplicates
yum -y install docker-ce-24.0.7-1.el7

## 更新xfsprogs
yum -y update xfsprogs 

## 启动，设置开机启动
systemctl enable docker
systemctl start docker

## 检查
docker info
docker -v




## 添加 rke 用户， 添加到 docker 组
useradd rke
usermod -aG docker rke
echo "rke" |passwd rke --stdin
#passwd rancher

# 修改ulimit参数
cp /etc/security/limits.conf /etc/security/limits.conf.bak
cat >>/etc/security/limits.conf <<EOF
* soft nproc 65535
* hard nproc 65535
* soft nofile 65535
* hard nofile 65535
EOF
echo "ulimit -SHn 65535" >> /etc/profile
echo "ulimit -SHn 65535" >> /etc/rc.local


reboot
```

### 2、部署集群(主节点执行)

```bash
# 不用切换用户
ssh-keygen

## 将所生成的密钥的公钥分发到各个节点
ssh-copy-id rke@master01
ssh-copy-id rke@woker01
ssh-copy-id rke@woker02
```

```bash

wget https://github.com/rancher/rke/releases/download/v1.4.11/rke_linux-amd64
mv rke_linux-amd64 /usr/local/bin/rke
chmod +x /usr/local/bin/rke
rke -v
```

>

<pre class="language-bash"><code class="lang-bash"># 参考官网: https://docs.rancher.cn/docs/rke/example-yamls/_index#%E6%9C%80%E5%B0%8F%E6%96%87%E4%BB%B6%E7%A4%BA%E4%BE%8B
<strong>''' 只参考
</strong><strong># 运行rke config命令，在当前路径下创建 cluster.yml文件。这条命令会引导您输入创建集群所需的所有参数
</strong># rke config --name cluster.yml  

## 加上 --empty ，可以创建一个空白的集群配置文件
# rke config --empty --name cluster.yml

## --print，将cluster.yml文件的内容显示出来
# rke config --print
'''
</code></pre>

```bash
mkdir /data/rke
cd /data/rke

cat > cluster.yml <<EOF
nodes:
  - address: 172.19.0.4
    internal_address: 172.19.0.4
    port: "22"
    hostname_override: rke-master01
    user: rke
    role: [controlplane,etcd]
  - address: 172.19.0.9
    internal_address: 172.19.0.9
    port: "22"
    hostname_override: rke-work01
    user: rke
    role: [worker,etcd]
  - address: 172.19.0.12
    internal_address: 172.19.0.12
    port: "22"
    hostname_override: rke-work02
    user: rke
    role: [worker,etcd]

services:
  etcd:
    snapshot: true
    creation: 5m0s
    retention: 24h
EOF


# 构建集群
# rke up --config ./cluster.yml
rke up
```

> 返回的最后一行信息应该是 <mark style="color:green;">**Finished building Kubernetes cluster successfully**</mark>，表示成功部署集群，可以开始使用集群。在创建 Kubernetes 集群的过程中，会创建一个kubeconfig 文件，它的文件名称是 <mark style="color:red;">kube\_config\_cluster.yml</mark>，您可以使用它控制 Kubernetes 集群。

* 记得保存好你的集群文件

```bash
[root@VM-0-4-centos rke]# ll
total 140
-rw------- 1 root root 122780 Nov 26 20:52 cluster.rkestate      # Kubernetes 集群状态文件，包含了获取该集群所有权限的认证凭据，使用 RKE v0.2.0 时才会创建这个文件。
-rw-r----- 1 root root   6588 Nov 26 20:51 cluster.yml           # RKE 集群的配置文件。
-rw------- 1 root root   5497 Nov 26 20:51 kube_config_cluster.yml # 该集群的Kubeconfig 文件包含了获取该集群所有权限的认证凭据。
```

### 3、安装 kubectl(主节点执行)

```bash
wget https://storage.googleapis.com/kubernetes-release/release/v1.26.9/bin/linux/amd64/kubectl
chmod +x kubectl
mv kubectl /usr/local/bin/
kubectl version --client
```

* 加载k8s环境

```bash
mkdir ~/.kube
cat kube_config_cluster.yml > ~/.kube/config
```

* 查看节点

```bash
[root@VM-0-4-centos rke]# kubectl get node
NAME           STATUS   ROLES               AGE     VERSION
rke-master01   Ready    controlplane,etcd   9m18s   v1.26.9
rke-work01     Ready    etcd,worker         9m15s   v1.26.9
rke-work02     Ready    etcd,worker         9m15s   v1.26.9
```

### 4、发布应用测试

```yaml
cat >> nginx.yaml <<EOF
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx-service
  name: nginx-service
  namespace: default
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx
  sessionAffinity: None
  type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  selector:
    matchLabels:
      app: nginx
  replicas: 6
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.16.0
        ports:
        - containerPort: 80
EOF
```

```bash
kubectl apply -f nginx.yaml
kubectl get pod -o wide
kubectl get svc

kubectl delete -f nginx.yaml
```

### 5、存储相关

* OpenEBS: <https://weiliang-ms.github.io/wl-awesome/2.%E5%AE%B9%E5%99%A8/k8s/storage/OpenEBS.html>
* Rook-Ceph: <https://weiliang-ms.github.io/wl-awesome/2.%E5%AE%B9%E5%99%A8/k8s/storage/rook.html>

### 6、集群更新(增加节点、删除节点)

1、初始化新节点、设置免密(不能是root)&#x20;

2、修改cluster.yml文件的内容，添加(删除)额外的节点，并指定它们在 Kubernetes 集群中的角色&#x20;

3、rke up --update-only (可能会触发插件或其他组件的重新部署或更新)

### 6、备份和恢复

> <mark style="color:red;">**注:**</mark> 上面我们设置了备份策略，每5分钟备份一次，保存时长 24 小时，默认是保存到： <mark style="color:green;">/opt/rke/etcd-snapshots</mark>&#x20;
>
> 官网详细内容: <https://docs.rancher.cn/docs/rke/etcd-snapshots/one-time-snapshots/\\_index/>

* 手动备份到本地

```bash
$ rke etcd snapshot-save --config cluster.yml --name snapshot-`date +'%Y-%m-%d_%H%M%S'`
$ ls /opt/rke/etcd-snapshots/
snapshot-2023-11-26_220411.zip    ---> 刚刚备份的 etcd 数据
```

* 手动备份到 S3 (minio)

```bash
rke etcd snapshot-save \
--config cluster.yml \
--name snapshot-name \
--s3 \
--access-key S3_ACCESS_KEY \
--secret-key S3_SECRET_KEY \
--bucket-name s3-bucket-name \
--folder s3-folder-name \
--s3-endpoint s3.amazonaws.com
```

* 从本地快照恢复集群

```bash
rke etcd snapshot-restore --config cluster.yml --name snapshot-2023-11-26_220411
```

* 从S3 (minio)快照恢复集群

```bash
rke etcd snapshot-restore \
--config cluster.yml \
--name snapshot-name \
--s3 \
--access-key S3_ACCESS_KEY \
--secret-key S3_SECRET_KEY \
--bucket-name s3-bucket-name \
--folder s3-folder-name \ # Optional - Available as of v0.3.0
--s3-endpoint s3.amazonaws.com
```

### 7、千万注意

> 千万不要执行: <mark style="color:red;">rke remove😲</mark> , 会删除所有数据和备份数据 (除非你做了二次备份)

### 8、Rancher控制面板😁

> 尽量不在master 和 worker运行： 耗费资源， 最好单独搞台集群去弄

```bash
docker run -d --restart=unless-stopped --privileged --name rancher -p 80:80 -p 443:443 rancher/rancher:v2.5.9
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://close.gitbook.io/yun-wei-bi-ji/kubernetes/rancher/rke-ji-qun.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.