k3s

安装

k3s

主节点初始化

# [快速入门指南 | K3s](https://docs.k3s.io/zh/quick-start)
# 20250728尝试安装的时候 stable版本 404了,所以需要指定版本
# INSTALL_K3S_VERSION=v1.33.2+k3s1 curl -sfL https://get.k3s.io | sh -
curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn sh -

# 默认存储路径,可以用bind的方式挪到别的地方
/var/lib/rancher/k3s

# 修改/etc/fstab

# /etc/rancher/k3s/k3s.yaml存储了集群访问kubeconfig

# 首先配置nvidia-container-toolkit,然后安装插件
kubectl create -f https://raw.githubusercontent.com/NVIDIA/k8s-device-plugin/v0.17.1/deployments/static/nvidia-device-plugin.yml

# 为公网访问重新设置证书
sudo systemctl stop k3s
# 修改daemon启动参数,添加
sudo vim /etc/systemd/system/k3s.service
...
ExecStart=/usr/local/bin/k3s \
    server '--tls-san' '<你要的公网IP>' --write-kubeconfig-group k --write-kubeconfig-mode 640 --disable=traefik \
# 然后删除原始的证书
sudo rm -rf /var/lib/rancher/k3s/server/tls/
# 重启服务
sudo systemctl daemon-reload
sudo systemctl start k3s

# 获取kubeconfig
cp /etc/rancher/k3s/k3s.yaml ~/Downloads/
# 随后将k3s.yaml配置中的server修改为公网IP

从节点初始化

MASTER_NODE_IP=xxx
# token get from k3s main server's /var/lib/rancher/k3s/server/node-token
K3S_TOKEN="xxx"

curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_MIRROR=cn K3S_URL=https://${MASTER_NODE_IP}:6443 K3S_TOKEN="${K3S_TOKEN}" sh -

删除从节点

在control-pannel操作:

# 查看节点
kubectl get nodes

# 首先排空节点
kubectl drain <node-name> --ignore-daemonsets --delete-emptydir-data

# 删除节点
kubectl delete node <node-name>

子节点上卸载:

# 卸载
/usr/local/bin/k3s-agent-uninstall.sh

# 删除缓存
rm -rf /var/lib/rancher/k3s
rm -rf /etc/rancher/k3s

argocd

# 安装argocd
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

# 随后需要参照[Ingress Configuration - Argo CD - Declarative GitOps CD for Kubernetes](https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#traefik-v30)来修改配置,从而添加argocd的ingress。
kb edit cm argocd-cmd-params-cm -n argocd
# 然后在最高层级添加
data:
  server.insecure: "true"
# 随后删掉argocd-server的pod,重启

配置

挂代理

不挂代理的话,很多镜像拉不下来

# /etc/systemd/system/k3s.service.env
# /etc/systemd/system/k3s-agent.service.env

# 全局代理
HTTP_PROXY=http://your-proxy.example.com:8888  
HTTPS_PROXY=http://your-proxy.example.com:8888  
NO_PROXY=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16

# containerd代理
CONTAINERD_HTTP_PROXY=http://your-proxy.example.com:8888  
CONTAINERD_HTTPS_PROXY=http://your-proxy.example.com:8888  
CONTAINERD_NO_PROXY=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16

相关资料