安装k3s 网络插件
安装k3s 同时禁用默认的traefik
curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | \
INSTALL_K3S_MIRROR=cn \
K3S_KUBECONFIG_MODE="644" \
INSTALL_K3S_EXEC="server --disable=traefik " \
sh -
编辑服务文件
vim /etc/systemd/system/k3s.service
查看
journalctl -u k3s.service -f
安装有问题
https://chat.xiongxiao.me/s/10b9aefa-5ba5-45d6-ba2c-b80c638468f3
获取token
sudo cat /var/lib/rancher/k3s/server/node-token
换源
sudo vim /etc/rancher/k3s/registries.yaml
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v3.0/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
let
将访问宿主机 80 端口的流量转发到 30080
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 30080
sudo iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 30443
# 别忘了保存规则(Ubuntu 下)
sudo apt install iptables-persistent
sudo netfilter-persistent save
let 2
#回路
iptables -t nat -L PREROUTING -vn --line-numbers
### 删除
sudo iptables -t nat -D PREROUTING 1 2>/dev/null
sudo iptables -t nat -I PREROUTING 1 -p tcp --dport 443 -j DNAT --to-destination 118.196.32.29:30443
#去路(根据数据包判断顺序)
sudo iptables -t nat -L POSTROUTING -vn --line-numbers
## 删除
sudo iptables -t nat -D POSTROUTING 1
sudo iptables -t nat -A POSTROUTING -d 118.196.32.29 -p tcp --dport 30443 -j MASQUERADE
#强制刷新权限
sudo iptables -I FORWARD 1 -j ACCEPT
sudo netfilter-persistent save
CLUSTER_IP=$(kubectl get svc traefik -n traefik -o jsonpath='{.spec.clusterIP}')
echo "Traefik 的固定 ClusterIP 是: $CLUSTER_IP"
Traefik 的固定 ClusterIP 是: 10.43.131.173