How to install k8s cluster using rancher (k8s cluster graphical management tool)

Preface

The graphical management tools for kubernetes clusters mainly include the following types:
1. Kubernetes Dashborad: a graphical tool officially provided by Kubernetes
2. Rancher: a mainstream enterprise-level kubernetes visual management tool at present
3. Kubernetes integrated managers for various cloud vendors
4 , Kuboard: Domestic open source Kubernetes visual management tool
In this article, we will learn about the mainstream enterprise-level Kubernetes visual management tool-rancher tool.

rancher official website

Official website: https://www.rancher.cn/
github: https://github.com/rancher/rancher
The mirror is hosted hub.docker.comon .
There is a certain relationship between the rancher version and the k8s version, which https://www.suse.com/suse-rancher/support-matrix/all-supported-versions/rancher-v2-7-5/can be viewed in .

Host preparation

Prepare 4 servers, one for rancher software and the other three for building a k8s high-availability cluster:

rancher	: 安装rancher
master01 : k8s master节点，也分配node、etcd角色；
node01 : k8s node节点，也分配node、etcd角色；
node2 : k8s node节点，也分配node、etcd角色；

Environment initialization

The four hosts are configured in the following 6 steps according to the actual situation:

# 1、关闭防火墙
systemctl stop firewalld && systemctl disable firewalld

# 2、禁用selinux
setenforce 0					#临时关闭selinux
vim /etc/selinux/config			#永久关闭selinux
SELINUX=disabled

# 3、关闭swap分区（必须，因为k8s官网要求）
swapoff -a							#禁用所有swap交换分区
vim /etc/fstab						#永久禁用swap,删除或注释掉/etc/fstab里的swap设备的挂载命令即可
#/dev/mapper/centos-swap swap         swap    defaults        0 0

# 4、设置主机名并写入配置文件
hostnamectl set-hostname rancher
hostnamectl set-hostname master01
hostnamectl set-hostname node1
hostnamectl set-hostname node2
cat >> /etc/hosts <<EOF
192.168.244.150 rancher
192.168.244.151 master01
192.168.244.152 node1
192.168.244.153 node2
EOF

# 5、时间同步
yum -y install ntp
systemctl start ntpd && systemctl enable ntpd

# 6、将桥接的IPv4流量传递到iptables的链（有一些ipv4的流量不能走iptables链，因为linux内核的一个过滤器，每个流量都会经过他，然后再匹配
# 是否可进入当前应用进程去处理，所以会导致流量丢失），配置k8s.conf文件（k8s.conf文件原来不存在，需要自己创建的）
cat >> /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables=1
net.bridge.bridge-nf-call-iptables=1
net.ipv4.ip_forward=1
vm.swappiness=0
EOF
sysctl -p 

Rancher installation

Rancher itself is also installed using docker, so docker must be installed first. For the installation of docker, please refer to Linux下如何安装docker详细介绍（联网、离线安装）``https://blog.csdn.net/MssGuo/article/details/122694156
rancher, which essentially encapsulates RKE and K3S to install k8s.

Rancher is an open source project, the open source code is above https://github.com/rancher/rancher:

you can see that the latest rancher version is 2.7.5

The rancher image is located https://hub.docker.com/on. Enter the hub.docker official website to search for rancher as shown below:

[root@rancher ~]# docker pull rancher/rancher:v2.7.5				#拉取rancher镜像
v2.6.7-linux-amd64: Pulling from rancher/rancher
9047ed9df36f: Pull complete 
Digest: sha256:2c63e264eacc633d9d98ad30ac30bade271b66454a63446f0156191cee77aa9e
Status: Downloaded newer image for rancher/rancher:v2.6.7-linux-amd64
docker.io/rancher/rancher:v2.6.7-linux-amd64
[root@rancher ~]# docker images										#查看rancher镜像
REPOSITORY                      TAG                  IMAGE ID       CREATED                  SIZE
rancher/rancher                 v2.6.7-linux-amd64   23fa8b4529d2   Less than a second ago   1.55GB
[root@rancher ~]# 

Start the rancher container

#创建一个目录用于存放rancher的持久化数据
[root@rancher ~]# mkdir /rancher_data									
#--privileged运行特权模式，-p表示映射本机的80端口到容器的80端口，443端口到容器的443端口，-v挂载持久卷，
[root@rancher ~]# docker run -d --privileged -p 80:80 -p 443:443  -v /rancher_data:/var/lib/rancher/ --restart=unless-stopped --name rancher-v2.7.5 rancher/rancher:v2.7.5

[root@elk-client ~]# docker ps	#确认容器的CREATED时间STATUS时间基本相同就表示容器没有重启，rancher正常
CONTAINER ID   IMAGE                    COMMAND           CREATED         STATUS         PORTS                                                                      NAMES
768949c78d09   rancher/rancher:v2.7.5   "entrypoint.sh"   8 minutes ago   Up 8 minutes   0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp   rancher-v2.7.5

Web login rancher

Enter the server ip address http://192.168.244.150, and it will jump to the 443 port of https by default. There is a Chinese setting in the lower left corner of the login page, and Chinese can be set, as shown below:

Follow the prompts on the page to find the rancher login password in the container:

[root@rancher ~]# docker logs  7cf867e736fd01  2>&1 | grep "Bootstrap Password:"
2023/08/19 16:37:41 [INFO]  Bootstrap Password: q5hgkh5lgtncbm2q2tts8w6cdz45xfvpx7v5s8dk9f4c8dpbzrcr6s
[root@rancher ~]# 

Copy the password to log in, jump to the following page, it shows that we need to set a login password for the default account admin, then we set a login password, the password needs to have a certain complexity, here I set it to admin12345678:

Create a k8s cluster using rancher

You can add the existing k8s cluster to rancher and let rancher manage it, or use rancher to create a new k8s cluster. Here we use rancher to create a new k8s cluster.

Click to turn on the RKE2/K3S switch. We choose to use RKE2 to create a k8s cluster. Click the Custom button, as follows: As follows,

fill in the cluster name and cluster description information. You can see that there are 4 k8s versions supported by rancher2.7.5. We choose the RKE method. After installation v1.25.12+rke2r2, other options can be kept as default:

Network configuration:

other configurations can be kept as default. Finally, click the create button in the lower right corner, and the page will automatically jump to the cluster page. Click on the k8s cluster we created: the page

will jump here. As shown below, after selecting the corresponding role for the node role, the corresponding registration command will be generated. Just copy and paste this string of registration commands to the k8s server for execution. Since I only have 3 hosts here, the role planning is that all 3 servers will serve as masters. , etcd, node role:

master01 ：k8s master节点，也分配node、etcd角色；
node01：k8s node节点，也分配master、etcd角色；
node02：k8s node节点，也分配master、etcd角色；

Copy and paste the registration command to the k8s server for execution, and then wait for the installation to complete. You can view it in the "Host" column on the left:

After all the nodes are installed, return to the home page and click the cluster name to enter the cluster.

Create deployment and svc

Enter the cluster:

create a deployment:

fill in the information on the page:

After the creation is completed, just wait for the deployment to be ready:

create svc and select the corresponding label selector:

Just wait for the svc creation to be completed:

the browser page is successfully accessed:

kubectl command line tool settings

Using the k8s cluster installed by rancher, the kubectl tool in the server cannot be used normally. If you need to execute the kubectl command on the server, you need to configure the context:

#kubectl 配置命令自动补全
yum install -y bash-completion
echo 'source /usr/share/bash-completion/bash_completion' >> ~/.bashrc
echo 'source  <(kubectl completion bash)' >> ~/.bashrc
source ~/.bashrc

find / -name kubectl
ln -s   /var/lib/rancher/rke2/data/v1.25.12-rke2r1-15557ace5a8f/bin/kubectl /usr/bin/kubectl

Return to the home page, click Management:

Download the kubeConfig file:

mkdir ${
    
    HOME}/.kube/
#把下载的kubeConfig上传到服务器，重命名
mv datacenter.yaml  /root/.kube/config
#验证正常使用 
[root@master01 ~]# kubectl  get pod 
NAME                    READY   STATUS    RESTARTS   AGE
nginx-dc9ff6bdf-xc22t   1/1     Running   0          66m 

The above completes the installation and use of rancher.