ubuntu18+k8s单机版+kuboard+harbor安装笔记

准备环境

所有操作切换到 root

sudo -s

禁用 ipv6

  sed -i 's/^GRUB_CMDLINE_LINUX=.*/GRUB_CMDLINE_LINUX="ipv6.disable=1"/' /etc/default/grub
  update-grub

重启 reboot
执行 ifconfig 检查是否包含 inet6 ，如果没有则没有启用 ipv6

/etc/hosts

127.0.0.1 harbor1

关闭 swap

  swapoff -akubeadm token create --ttl 0

  sed -i "s/(^[^#].* swap .*$)/#1/" /etc/fstab   

修改 /etc/fstab 并不能禁用 swap , 每次重启，还要运行 swapoff -a ，然后手动重启服务: systemctl restart kubelet。想要重启禁用swap: 打开工具，磁盘，找到Swap分区，编辑挂载选项，取消选中 用户启动挂载，保存，重启即可。

执行 free -h 查看内存是否使用交换空间。

安装 docker , docker-compose

  curl -fsSL http://dev8.cn:8000/static/ops/ubuntu-docker.sh | bash

添加k8s源

cat <<EOF >/etc/apt/sources.list.d/docker-k8s.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF

docker 源,设置 cgroup

cat <<EOF > /etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"insecure-registries": [
    "localhost:808"
  ],
"registry-mirrors":[
    "https://hub-mirror.c.163.com",
    "https://registry.aliyuncs.com",
    "http://7e61f7f9.m.daocloud.io",
    "https://docker.mirrors.ustc.edu.cn",
    "https://registry.docker-cn.com",
    "https://reg-mirror.qiniu.com"
],
"graph":"/var/lib/docker"
}
EOF

modprobe br_netfilter
lsmod | grep br_netfilter

安装

定义变量

版本参考 https://hub.docker.com/r/mirrorgooglecontainers/kube-apiserver/tags

export version=1.13.10

curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
apt-get update && apt-get install -y apt-transport-https
apt-get install -y kubeadm=$version* kubectl=$version* kubelet=$version*
systemctl start kubelet
systemctl enable kubelet

拉镜像

docker pull mirrorgooglecontainers/kube-apiserver:v$version
docker pull mirrorgooglecontainers/kube-controller-manager:v$version
docker pull mirrorgooglecontainers/kube-scheduler:v$version
docker pull mirrorgooglecontainers/kube-proxy:v$version
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.2.24
docker pull coredns/coredns:1.2.6

docker tag mirrorgooglecontainers/kube-apiserver:v$version k8s.gcr.io/kube-apiserver:v$version
docker tag mirrorgooglecontainers/kube-controller-manager:v$version k8s.gcr.io/kube-controller-manager:v$version
docker tag mirrorgooglecontainers/kube-scheduler:v$version k8s.gcr.io/kube-scheduler:v$version
docker tag mirrorgooglecontainers/kube-proxy:v$version k8s.gcr.io/kube-proxy:v$version
docker tag mirrorgooglecontainers/pause:3.1 k8s.gcr.io/pause:3.1
docker tag mirrorgooglecontainers/etcd:3.2.24 k8s.gcr.io/etcd:3.2.24
docker tag coredns/coredns:1.2.6 k8s.gcr.io/coredns:1.2.6

启动

kubeadm init --kubernetes-version=v$version --service-cidr=10.1.0.0/16 --pod-network-cidr=10.244.0.0/16

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

初始化

kubectl apply -f https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '
')
kubectl taint nodes --all node-role.kubernetes.io/master-

kuboard

  kubectl apply -f https://kuboard.cn/install-script/kuboard.yaml

harbor

wget https://github.com/goharbor/harbor/releases/download/v1.10.4/harbor-online-installer-v1.10.4.tgz  -P /opt/docker -N
tar zxvf /opt/docker/harbor-online-installer-v1.10.4.tgz -C /opt/docker
wget $host/ops/harbor.yml -O /opt/docker/harbor/harbor.yml      #配置文件里配置的密码没起作用
/opt/docker/harbor/install.sh

使用

获取 kuboard token

  kubectl -n kube-system get secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}') -o go-template='{{.data.token}}' | base64 -d

登录kuboard

http://localhost:32567/login

登录 harbor

http://localhost:808

  admin
  Harbor12345

1. docker login -u admin -p Harbor12345 harbor1:808
2. docker tag 本地镜像：版本   harborIP:harborPort/harbor项目/名称:版本    (格式是必须这样的。)
3. docker push harborIP:harborPort/harbor项目/名称:版本
4. docker pull harborIP:harborPort/harbor项目/名称:版本

完成。

卸载k8s

  kubeadm reset -f
  rm -rf ~/.kube/
  rm -rf /etc/kubernetes/

k8s查看token,discovery-token-ca-cert-hash

https://blog.csdn.net/weixin_43968936/article/details/103688562

openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
kubeadm token list
如果没有，生成一条：
kubeadm token create --ttl 0

kubeadm join 192.168.29.137:6443 --token 5w6qwh.8n0ektfrjdct3ib4 --discovery-token-ca-cert-hash sha256:af9e070ea723dd2281c2ae2414c932832a012d40bc55dc9c747bb00e68602388