K8s install helm, MiniO, NFS, MetalLB, Ingress-Nginx, Cert-Manager, K8S-Dashboard, Met

The installation process here has seen a lot of blog tutorials and documentation, some of which refer to some things written on the blog. If the author needs me to clarify, please contact [email protected], here to say sorry

Install the helm

Find the installation version github.com/helm/helm/r… Wget downloads the corresponding distribution

The extracted helm

The tar - XZF helm - v3.0.2 - Linux - and64. Tar. GzCopy the code

Move to the bin directory

mv linux-amd64/helm /usr/local/bin/helm
Copy the code

Check the version

helm version
Copy the code

Installing official Charts

helm repo add stable http://mirror.azure.cn/kubernetes/charts
Copy the code

This basic is installed, because installation is version 3.0, so you don’t have to install tiller, specific issues that can see the helm at https://github.com/helm/helm/issues/7052

Install helm Private Warehouse (MiniO)

https://blog.51cto.com/14625168/2454842
Copy the code

NFS Installation

yum -y install nfs-utils rpcbind
vi /etc/exports
/data/k8s  *(rw,sync,no_root_squash)

systemctl start rpcbind.service
systemctl enable rpcbind
systemctl status rpcbind

systemctl start nfs.service
systemctl enable nfs
systemctl status nfs
Copy the code

Refer to www.qikqiak.com/post/kubern…

Install StorageClass

Refer to www.qikqiak.com/post/kubern…

Install MetalLB (loadbalance)

https://hub.helm.sh/charts/stable/metallb

helm install metallb stable/metallb -n kube-system

Copy the code

Metallb with nginx-ingress for some reason the ingress load cannot be carried with the master IP

The IP address range is configured

apiVersion: v1
kind: ConfigMap
metadata:
 namespace: kube-system
 name: metallb-config
data:
 config: |
   address-pools:
   - name: my-ip-space
     protocol: layer2
     addresses:
     - 172.16.24.221-172.16.24.222 ## The private address range of Ali Cloud is used here, only address range can be used here
Copy the code

Install the TLS

If cert-Manager is installed, TLS will be created automatically

Generate the key and CRT

openssl req -newkey rsa:2048 -nodes -keyout tls.key -x509 -days 36500 -out tls.crt
Copy the code

Generate the corresponding secret

kubectl create secret -n kube-system tls kakj-dashboard-com-tls --key ./tls.key --cert ./tls.crt
Copy the code

To view

kubectl get secret -n kube-system |grep kakj-
Copy the code

Install the ingress – nginx

Refer to www.qikqiak.com/post/instal…

Check loadbalance IP and test access curl -i http://120.26.49.1/healthz

helm install nginx-ingress nginx-stable/nginx-ingress

Metallb with nginx-ingress for some reason the ingress load cannot be carried with the master IP

Install the cert – manager

kubectl apply --validate=false     -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.13/deploy/manifests/00-crds.yaml


helm repo add jetstack https://charts.jetstack.io

helm install --name-template cert-manager --namespace kube-system --set ingressShim.defaultIssuerName=letsencrypt-prod --set ingressShim.defaultIssuerKind=ClusterIssuer jetstack/cert-manager --version v0.13.0
Copy the code

Install k8s – dashboard

Create the configured YAML. Note that the repository is not k8s.gcr. IO /kubernetes-dashboard-amd64

Image: the repository: registry.aliyuncs.com/google_containers/kubernetes-dashboard-amd64 tag: v1.10.1 replicaCount: 1 ingress: enabled:true
  annotations:
    kubernetes.io/ingress.class: nginx
    kubernetes.io/tls-acme: 'true'
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
  paths:
    - /
  hosts:
    - kakj.dashboard.com
  tls:
    - secretName: kakj-dashboard-com-tls
      hosts:
        - kakj.dashboard.com
rbac:
  clusterAdminRole: true
serviceAccount:
  name: dashboard-admin
Copy the code

The installation

helm install kubernetes-dashboard stable/kubernetes-dashboard -f  kubernetes-dashboard.yaml --namespace kube-system
Copy the code

Install images that are not available

Docker pull mirrorgooglecontainers/defaultbackend - amd64:1.5 docker tag mirrorgooglecontainers/defaultbackend - amd64:1.5 K8s. GCR. IO/defaultbackend - amd64:1.5Copy the code

Note: do not use the org domain name in Aliyun, because it cannot be resolved using HTTP or HTTPS, which will cause access failure

View the login token vi token.sh

#! /bin/sh
TOKENS=$(kubectl describe serviceaccount dashboard-admin -n kube-system | grep "Tokens:" | awk '{ print $2}')
kubectl describe secret $TOKENS -n kube-system | grep "token:" | awk '{ print $2}'
Copy the code

perform

sh token.sh
Copy the code

The metrics – server installation

Helm installation

args:
- --logtostderr
- --kubelet-insecure-tls
- --kubelet-preferred-address-types=InternalIP
Copy the code

helm install --name-template metric --namespace kube-system -f metrics-value.yaml stable/metrics-server
Copy the code

Yaml installation

www.cnblogs.com/binghe001/p…

Install heapster

## Default values for heapster.
# #ReplicaCount: 1 image: repository: registry.aliyuncs.com/google_containers/heapster-amd64 tag: v1.5.4 pullPolicy: IfNotPresent## Here labels can be added to the heapster deployment
# labels:
# kubernetes.io/cluster-service: "true"
# kubernetes.io/name: "Heapster"
labels: {}

## Here labels can be added to the heapster deployment
# annotations:
# scheduler.alpha.kubernetes.io/critical-pod: ''
annotations: {}

## Here annotations can be added for the heapster Pod
# podAnnotations:
# prometheus.io/scrape: "true"
podAnnotations: {}

## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
# #
nodeSelector: {}

## Tolerations for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
# #
tolerations: []

## Affinity for pod assignment
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
affinity: {}

service:
  type: ClusterIP
  externalPort: 8082
  internalPort: 8082
  ## This allows an override of the heapster service name
  ## Default: {{ .Chart.Name }}
  # nameOverride:

  ## Here labels can be added to the heapster service
  # labels:
  # kubernetes.io/cluster-service: "true"
  # kubernetes.io/name: "Heapster"
  labels:

  ## Here annotations can be added to the heapster service
  # annotations:
  # prometheus.io/path: /metrics
  # prometheus.io/port: "8082"
  # prometheus.io/scrape: "true"
  annotations: {}
resources:
  limits:
    cpu: 100m
    memory: 128Mi
  requests:
    cpu: 100m
    memory: 128Mi

## Heapster command and arguments
## Default source=kubernetes.summary_api:''
## ref: https://github.com/kubernetes/heapster/blob/master/docs/source-configuration.md
# #
## By default sink not set
## ref: https://github.com/kubernetes/heapster/blob/master/docs/sink-configuration.md
# #
command:
- "/heapster"
- "--source=kubernetes:https://kubernetes.default:443?useServiceAccount=true&kubeletHttps=true&kubeletPort=10250&insecure= true"

## heapster env variables
env: []

## Resizer scales resources linearly with the number of nodes in the cluster
## Resizer is enabled by default
# #
resizer:
  enabled: trueImage: the repository: registry.aliyuncs.com/google_containers/addon-resizer tag: 1.7 pullPolicy: IfNotPresent resources: limits: cpu: 50m memory: 90Mi requests: cpu: 50m memory: 90Mi## Flags used for /pod_nanny command
  ## container and deployment flags already determined chart name
  ## ref: https://github.com/kubernetes/contrib/blob/master/addon-resizer/README.md
  # #
  flags:
  - "--cpu=150m"
  - "--extra-cpu=10m"
  - "--memory=200Mi"
  - "--extra-memory=6Mi"
  - "--threshold=5"
  - "--poll-period=300000"

## For RBAC support:
rbac:
  create: false

  ## Ignored if rbac.create is true
  # #
  serviceAccountName: dashboard-admin

## eventer can send the kubernetes event logs to a remote destination
## it uses the same image as heapster but has its own resizer nanny pod
## eventer is disabled by default
## see https://github.com/kubernetes/heapster/blob/master/docs/overview.md for the flags you can use
## you will probably want to change the --sink parameter
eventer:
  enabled: false
  flags:
  - "--source=kubernetes:https://kubernetes.default"
  - "--sink=log"
  resources: {}
# limits:
# cpu: 100m
# memory: 250Mi
# requests:
# cpu: 100m
# memory: 250Mi
  resizer:
    enabled: true
    resources: {}
# limits:
# cpu: 50m
# memory: 90Mi
# requests:
# cpu: 50m
# memory: 90Mi
    flags:
    - "--cpu=150m"
    - "--extra-cpu=10m"
    - "--memory=200Mi"
    - "--extra-memory=6Mi"
    - "--threshold=5"
    - "--poll-period=300000"

Copy the code

create

helm install  heapster stable/heapster -f heapster.yaml --namespace kube-system
Copy the code

Execute the prompted command

export POD_NAME=$(kubectl get pods --namespace kube-system -l "app=heapster" -o jsonpath="{.items[0].metadata.name}")

kubectl --namespace kube-system port-forward $POD_NAME 8082
Copy the code

Install the harbor

Refer to www.qikqiak.com/post/harbor…