本文档风哥主要介绍Rancher自建K8s集群(RKE2/K3s)部署实战,包括Rancher数据库RKE2概念、Rancher数据库K3s概念、Rancher数据库集群架构、Rancher数据库集群准备、Rancher数据库集群要求、Rancher数据库集群网络规划、Rancher数据库部署RKE2集群、Rancher数据库部署K3s集群、Rancher数据库集群配置、Rancher数据库集群管理、Rancher数据库应用部署、Rancher数据库集群监控等内容,风哥教程参考Rancher官方文档RKE2、K3s、集群管理等内容,适合运维人员在学习和测试中使用,如果要应用于生产环境则需要自行确认。
Part01-基础概念与理论知识
1.1 Rancher数据库RKE2概念
RKE2(Rancher Kubernetes Engine 2)是Rancher推出的下一代Kubernetes发行版,完全符合CNCF一致性标准,专注于安全性和合规性。RKE2基于K3s构建,但针对生产环境进行了优化,支持高可用部署、企业级安全特性、完整的Kubernetes功能。RKE2使用containerd作为容器运行时,支持多种操作系统,包括Linux、Windows等。RKE2适合需要企业级功能和合规性的生产环境部署。更多视频教程www.fgedu.net.cn
- 符合CNCF一致性标准
- 企业级安全特性
- 支持高可用部署
- 完整的Kubernetes功能
- 支持多种操作系统
- 使用containerd容器运行时
1.2 Rancher数据库K3s概念
K3s是Rancher推出的轻量级Kubernetes发行版,专为边缘计算和IoT设备设计。K3s将Kubernetes的二进制文件打包成单个可执行文件,资源占用极低,可以在资源受限的环境中运行。K3s支持完整的Kubernetes API,但移除了一些不必要的功能,以减少资源占用。K3s适合边缘计算、IoT设备、开发测试等场景。学习交流加群风哥微信: itpux-com
- 轻量级,资源占用低
- 单个可执行文件
- 支持完整的Kubernetes API
- 适合边缘计算和IoT设备
- 支持SQLite、MySQL、PostgreSQL等数据库
- 支持离线部署
1.3 Rancher数据库集群架构
Rancher数据库集群架构:
┌─────────────────────────────────────────────────────────┐
│ Rancher Server │
│ 192.168.1.100 │
│ │
│ ┌───────────────────────────────────────────────┐ │
│ │ Rancher Management │ │
│ │ – Web UI │ │
│ │ – API Server │ │
│ │ – Cluster Management │ │
│ │ – RBAC │ │
│ │ – Monitoring │ │
│ └───────────────────────────────────────────────┘ │
└────────────────────┬────────────────────────────────────┘
│
│ HTTPS
↓
┌─────────────────────────────────────────────────────────┐
│ RKE2/K3s Clusters │
│ │
│ ┌───────────────────────────────────────────────┐ │
│ │ RKE2 Cluster 1 │ │
│ │ – Server Node 1: 192.168.1.101 │ │
│ │ – Server Node 2: 192.168.1.102 │ │
│ │ – Server Node 3: 192.168.1.103 │ │
│ │ – Worker Node 1: 192.168.1.104 │ │
│ │ – Worker Node 2: 192.168.1.105 │ │
│ │ – ETCD Cluster │ │
│ └───────────────────────────────────────────────┘ │
│ │
│ ┌───────────────────────────────────────────────┐ │
│ │ K3s Cluster 1 │ │
│ │ – Server Node: 192.168.1.106 │ │
│ │ – Worker Node 1: 192.168.1.107 │ │
│ │ – Worker Node 2: 192.168.1.108 │ │
│ │ – SQLite Database │ │
│ └───────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────┘
# 架构说明
1. Rancher Server:提供统一的管理界面和API
2. RKE2 Cluster:企业级Kubernetes集群,支持高可用
3. K3s Cluster:轻量级Kubernetes集群,适合边缘计算
4. ETCD Cluster:RKE2集群的分布式数据存储
5. SQLite Database:K3s集群的轻量级数据存储
Part02-生产环境规划与建议
2.1 Rancher数据库集群准备
Rancher数据库集群准备:
# 1. Rancher Server准备
– Rancher Server已部署
– Rancher Server可访问
– Rancher Server配置正确
# 2. 节点准备
– 操作系统:Oracle Linux 9.3 / RHEL 9.3 / 8.x / 7.x
– CPU:Server节点 >= 2核,Worker节点 >= 1核
– 内存:Server节点 >= 4GB,Worker节点 >= 2GB
– 磁盘:>= 50GB
– 网络:节点之间网络互通
# 3. 网络准备
– 防火墙规则配置
– DNS解析配置
– 时间同步配置
– SELinux配置
# 4. 软件准备
– 安装containerd
– 安装kubectl
– 下载RKE2/K3s安装包
– 准备配置文件
# 5. 资源准备
– ETCD存储:>= 50GB
– 容器镜像存储:>= 200GB
– 日志存储:>= 100GB
2.2 Rancher数据库集群要求
Rancher数据库集群要求:
# RKE2集群要求
– 操作系统:Oracle Linux 9.3 / RHEL 9.3 / 8.x / 7.x
– CPU:Server节点 >= 2核,Worker节点 >= 1核
– 内存:Server节点 >= 4GB,Worker节点 >= 2GB
– 磁盘:>= 50GB
– 网络:节点之间网络互通
– 容器运行时:containerd >= 1.6.0
# K3s集群要求
– 操作系统:Oracle Linux 9.3 / RHEL 9.3 / 8.x / 7.x
– CPU:Server节点 >= 1核,Worker节点 >= 1核
– 内存:Server节点 >= 1GB,Worker节点 >= 512MB
– 磁盘:>= 20GB
– 网络:节点之间网络互通
– 容器运行时:containerd >= 1.6.0
# 网络要求
– 网络延迟:< 100ms
- 网络带宽:> 100Mbps
– 网络稳定性:99.9%以上
– 端口开放:6443、10250、2379、2380等
# 存储要求
– ETCD存储:>= 50GB
– 容器镜像存储:>= 200GB
– 日志存储:>= 100GB
– 备份存储:>= 500GB
2.3 Rancher数据库集群网络规划
Rancher数据库集群网络规划:
# IP地址规划
Rancher Server:192.168.1.100
RKE2 Cluster:
Server Node 1:192.168.1.101
Server Node 2:192.168.1.102
Server Node 3:192.168.1.103
Worker Node 1:192.168.1.104
Worker Node 2:192.168.1.105
K3s Cluster:
Server Node:192.168.1.106
Worker Node 1:192.168.1.107
Worker Node 2:192.168.1.108
# 端口规划
RKE2 Cluster:
6443/tcp:Kubernetes API
10250/tcp:Kubelet API
2379/tcp:ETCD Client
2380/tcp:ETCD Server
10251/tcp:Kube-scheduler
10252/tcp:Kube-controller-manager
K3s Cluster:
6443/tcp:Kubernetes API
10250/tcp:Kubelet API
# 防火墙规则
开放6443/tcp、10250/tcp、2379/tcp、2380/tcp端口
限制访问来源IP
配置端口转发规则
# DNS解析配置
rancher.fgedu.net.cn -> 192.168.1.100
rke2-server1.fgedu.net.cn -> 192.168.1.101
rke2-server2.fgedu.net.cn -> 192.168.1.102
rke2-server3.fgedu.net.cn -> 192.168.1.103
k3s-server.fgedu.net.cn -> 192.168.1.106
Part03-生产环境项目实施方案
3.1 Rancher数据库部署RKE2集群
3.1.1 Rancher数据库安装RKE2
# install_rke2.sh
# from:www.itpux.com.qq113257174.wx:itpux-com
# web: http://www.fgedu.net.cn
# 在所有节点上执行
# 步骤1:配置系统参数
[root@rke2-server1 ~]# cat <
[root@rke2-server1 ~]# source ~/.bashrc
# 步骤8:验证集群状态
[root@rke2-server1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
rke2-server1 Ready control-plane,etcd,master 5m v1.28.5+rke2r1
# 步骤9:查看Pod状态
[root@rke2-server1 ~]# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system helm-install-rke2-canal-1234567890 1/1 Running 0 5m
kube-system helm-install-rke2-coredns-2345678901 1/1 Running 0 5m
kube-system helm-install-rke2-ingress-nginx-3456789 1/1 Running 0 5m
kube-system helm-install-rke2-metrics-server-4567890 1/1 Running 0 5m
kube-system rke2-canal-1234567890-abcde 1/1 Running 0 4m
kube-system rke2-coredns-1234567890-abcde 1/1 Running 0 4m
kube-system rke2-ingress-nginx-controller-1234567890 1/1 Running 0 4m
kube-system rke2-metrics-server-1234567890-abcde 1/1 Running 0 4m
3.1.2 Rancher数据库添加RKE2节点
[root@rke2-server1 ~]# cat /var/lib/rancher/rke2/server/node-token
K10b1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef::server:1234567890abcdef1234567890abcdef
# 步骤2:在第二个Server节点上配置
[root@rke2-server2 ~]# mkdir -p /etc/rancher/rke2
[root@rke2-server2 ~]# cat <
3.2 Rancher数据库部署K3s集群
3.2.1 Rancher数据库安装K3s
# install_k3s.sh
# from:www.itpux.com.qq113257174.wx:itpux-com
# web: http://www.fgedu.net.cn
# 在Server节点上执行
# 步骤1:下载K3s安装脚本
[root@k3s-server ~]# curl -sfL https://get.k3s.io | sh –
# 步骤2:验证K3s安装
[root@k3s-server ~]# systemctl status k3s.service
● k3s.service – Lightweight Kubernetes
Loaded: loaded (/etc/systemd/system/k3s.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2026-04-10 10:00:00 CST; 1min ago
Docs: https://k3s.io
Main PID: 12345 (k3s server)
Tasks: 42
Memory: 256.0M
CGroup: /system.slice/k3s.service
├─12345 /usr/local/bin/k3s server
└─12346 /var/lib/rancher/k3s/data/v1.28.5-k3s1/1234567890/bin/containerd
# 步骤3:配置kubectl
[root@k3s-server ~]# export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
[root@k3s-server ~]# echo ‘export KUBECONFIG=/etc/rancher/k3s/k3s.yaml’ >> ~/.bashrc
[root@k3s-server ~]# source ~/.bashrc
# 步骤4:验证集群状态
[root@k3s-server ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k3s-server Ready control-plane,master,etcd 5m v1.28.5+k3s1
# 步骤5:查看Pod状态
[root@k3s-server ~]# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system local-path-provisioner-1234567890-abcde 1/1 Running 0 5m
kube-system helm-install-traefik-1234567890 1/1 Running 0 5m
kube-system svclb-traefik-1234567890-abcde 2/2 Running 0 4m
kube-system coredns-1234567890-abcde 1/1 Running 0 4m
kube-system traefik-1234567890-abcde 1/1 Running 0 4m
kube-system metrics-server-1234567890-abcde 1/1 Running 0 4m
3.2.2 Rancher数据库添加K3s节点
[root@k3s-server ~]# cat /var/lib/rancher/k3s/server/node-token
K10b1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef::server:1234567890abcdef1234567890abcdef
# 步骤2:在Worker节点上安装K3s
[root@k3s-worker1 ~]# curl -sfL https://get.k3s.io | K3S_URL=https://192.168.1.106:6443 K3S_TOKEN=K10b1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef::server:1234567890abcdef1234567890abcdef sh –
# 步骤3:验证集群节点
[root@k3s-server ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k3s-server Ready control-plane,master,etcd 10m v1.28.5+k3s1
k3s-worker1 Ready
3.3 Rancher数据库集群配置
3.3.1 Rancher数据库导入集群到Rancher
# 步骤1:登录Rancher管理界面
# 步骤2:点击”集群” – “创建” – “RKE2”
# 步骤3:填写集群信息:
# 集群名称:fgedu-rke2-cluster
# 集群描述:Rancher数据库RKE2测试集群
# Kubernetes版本:v1.28.5-rke2r1
# 步骤4:配置节点:
# 节点1:192.168.1.101
# 节点2:192.168.1.102
# 节点3:192.168.1.103
# 步骤5:点击”创建”按钮
# 通过kubectl导入RKE2集群
[root@rke2-server1 ~]# kubectl create namespace cattle-system
namespace/cattle-system created
[root@rke2-server1 ~]# kubectl apply -f https://192.168.1.100/v3/import/1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef.yaml
clusterrole.rbac.authorization.k8s.io/proxy-clusterrole-kubeapiserver created
clusterrolebinding.rbac.authorization.k8s.io/proxy-role-binding-kubernetes-master created
namespace/cattle-system unchanged
serviceaccount/cattle created
clusterrolebinding.rbac.authorization.k8s.io/cattle-admin-binding created
secret/cattle-credentials-1234567890 created
deployment.apps/cattle-cluster-agent created
daemonset.apps/cattle-node-agent created
# 查看Agent状态
[root@rke2-server1 ~]# kubectl get pods -n cattle-system
NAME READY STATUS RESTARTS AGE
cattle-cluster-agent-1234567890-abcde 1/1 Running 0 1m
cattle-node-agent-12345678 1/1 Running 0 1m
cattle-node-agent-23456789 1/1 Running 0 1m
cattle-node-agent-34567890 1/1 Running 0 1m
Part04-生产案例与实战讲解
4.1 Rancher数据库集群管理
4.1.1 Rancher数据库查看集群信息
# 步骤1:登录Rancher管理界面
# 步骤2:点击”集群”
# 步骤3:选择集群
# 步骤4:查看集群概览、节点、工作负载、存储等信息
# 通过kubectl查看集群信息
[root@rke2-server1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
rke2-server1 Ready control-plane,etcd,master 1d v1.28.5+rke2r1
rke2-server2 Ready control-plane,etcd,master 1d v1.28.5+rke2r1
rke2-server3 Ready control-plane,etcd,master 1d v1.28.5+rke2r1
rke2-worker1 Ready
# 查看节点详细信息
[root@rke2-server1 ~]# kubectl describe node rke2-server1
Name: rke2-server1
Roles: control-plane,etcd,master
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
kubernetes.io/arch=amd64
kubernetes.io/hostname=rke2-server1
kubernetes.io/os=linux
node-role.kubernetes.io/control-plane=
node-role.kubernetes.io/etcd=
node-role.kubernetes.io/master=
Annotations: rke2.cattle.io/node-addresses=192.168.1.101
rke2.cattle.io/node-internal-ip=192.168.1.101
CreationTimestamp: Thu, 09 Apr 2026 10:00:00 +0000
Taints: node-role.kubernetes.io/master:NoSchedule
node-role.kubernetes.io/control-plane:NoSchedule
Unschedulable: false
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
—- —— —————– —————— —— ——-
MemoryPressure False Fri, 10 Apr 2026 10:00:00 +0000 Thu, 09 Apr 2026 10:00:00 +0000 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Fri, 10 Apr 2026 10:00:00 +0000 Thu, 09 Apr 2026 10:00:00 +0000 KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Fri, 10 Apr 2026 10:00:00 +0000 Thu, 09 Apr 2026 10:00:00 +0000 KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Fri, 10 Apr 2026 10:00:00 +0000 Thu, 09 Apr 2026 10:00:00 +0000 KubeletReady kubelet is posting ready status
Addresses:
InternalIP: 192.168.1.101
Hostname: rke2-server1
Capacity:
cpu: 4
ephemeral-storage: 104857600Ki
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 16384000Ki
pods: 110
Allocatable:
cpu: 4
ephemeral-storage: 104857600Ki
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 16279580Ki
pods: 110
System Info:
Machine ID: 1234567890abcdef1234567890abcdef
System UUID: 12345678-90AB-CDEF-1234-567890ABCDEF
Boot ID: abcdef12-3456-7890-abcd-ef1234567890
Kernel Version: 5.14.0-284.11.1.el9_2.x86_64
OS Image: Oracle Linux Server 9.3
Operating System: linux
Architecture: amd64
Container Runtime Version: containerd://1.6.22
Kubelet Version: v1.28.5+rke2r1
Kube-Proxy Version: v1.28.5+rke2r1
PodCIDR: 10.42.0.0/24
PodCIDRs: 10.42.0.0/24
Non-terminated Pods: (12 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits
——— —- ———— ———- ————— ————-
cattle-system cattle-cluster-agent-1234567890-abcde 100m (2%) 0 (0%) 256Mi (1%) 0 (0%)
cattle-system cattle-node-agent-12345678 100m (2%) 0 (0%) 256Mi (1%) 0 (0%)
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
——– ——– ——
cpu 400m (10%) 0 (0%)
memory 768Mi (4%) 0 (0%)
Events:
Type Reason Age From Message
—- —— —- —- ——-
Normal Starting 1d kubelet Starting kubelet.
Normal NodeAllocatableEnforced 1d kubelet Updated Node Allocatable limit across pods
Normal NodeReady 1d kubelet Node rke2-server1 status is now: NodeReady
4.2 Rancher数据库应用部署
4.2.1 Rancher数据库部署应用
# 步骤1:登录Rancher管理界面
# 步骤2:选择集群 – 点击”工作负载” – “部署”
# 步骤3:填写应用信息:
# 名称:fgedu-nginx
# 命名空间:default
# 镜像:nginx:latest
# 端口映射:80:80
# 副本数:3
# 步骤4:点击”部署”按钮
# 通过kubectl部署应用
[root@rke2-server1 ~]# kubectl create deployment fgedu-nginx –image=nginx:latest –replicas=3
deployment.apps/fgedu-nginx created
# 查看部署状态
[root@rke2-server1 ~]# kubectl get deployments fgedu-nginx
NAME READY UP-TO-DATE AVAILABLE AGE
fgedu-nginx 3/3 3 3 1m
# 查看Pod状态
[root@rke2-server1 ~]# kubectl get pods -l app=fgedu-nginx
NAME READY STATUS RESTARTS AGE
fgedu-nginx-1234567890-abcde 1/1 Running 0 1m
fgedu-nginx-1234567890-fghij 1/1 Running 0 1m
fgedu-nginx-1234567890-klmno 1/1 Running 0 1m
# 创建Service
[root@rke2-server1 ~]# kubectl expose deployment fgedu-nginx –port=80 –type=LoadBalancer
service/fgedu-nginx exposed
# 查看Service状态
[root@rke2-server1 ~]# kubectl get svc fgedu-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
fgedu-nginx LoadBalancer 10.43.123.45 192.168.1.200 80:31234/TCP 1m
# 测试应用访问
[root@rke2-server1 ~]# curl http://192.168.1.200
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.
For online documentation and support please refer to
nginx.org.
Commercial support is available at
nginx.com.
Thank you for using nginx.
4.3 Rancher数据库集群监控
4.3.1 Rancher数据库查看监控数据
# 步骤1:登录Rancher管理界面
# 步骤2:选择集群 – 点击”监控”
# 步骤3:查看Grafana仪表板
# 步骤4:查看Prometheus数据
# 步骤5:查看告警规则
# 通过kubectl查看监控数据
[root@rke2-server1 ~]# kubectl get pods -n cattle-monitoring-system
NAME READY STATUS RESTARTS AGE
rancher-monitoring-operator-1234567890-abcde 1/1 Running 0 10m
rancher-monitoring-prometheus-0 2/2 Running 0 10m
rancher-monitoring-grafana-1234567890-abcde 1/1 Running 0 10m
rancher-monitoring-alertmanager-0 1/1 Running 0 10m
# 端口转发访问Grafana
[root@rke2-server1 ~]# kubectl -n cattle-monitoring-system port-forward svc/rancher-monitoring-grafana 3000:80 &
Forwarding from 127.0.0.1:3000 -> 3000
Forwarding from [::1]:3000 -> 3000
# 访问Grafana
# URL: http://localhost:3000
# 用户名:admin
# 密码:prom-operator
# 端口转发访问Prometheus
[root@rke2-server1 ~]# kubectl -n cattle-monitoring-system port-forward svc/rancher-monitoring-prometheus 9090:9090 &
Forwarding from 127.0.0.1:9090 -> 9090
Forwarding from [::1]:9090 -> 9090
# 访问Prometheus
# URL: http://localhost:9090
# 查看Prometheus指标
[root@rke2-server1 ~]# curl http://localhost:9090/api/v1/label/__name__/values | jq -r ‘.data[]’ | head -20
up
process_start_time_seconds
promhttp_metric_handler_requests_total
promhttp_metric_handler_requests_in_flight
go_gc_duration_seconds
go_gc_duration_seconds_count
go_gc_duration_seconds_sum
go_goroutines
go_info
go_memstats_alloc_bytes
go_memstats_alloc_bytes_total
go_memstats_buck_hash_sys_bytes
go_memstats_gc_sys_bytes
go_memstats_heap_alloc_bytes
go_memstats_heap_idle_bytes
go_memstats_heap_inuse_bytes
go_memstats_heap_objects
go_memstats_heap_released_bytes
go_memstats_heap_sys_bytes
Part05-风哥经验总结与分享
5.1 Rancher数据库集群最佳实践
Rancher数据库集群最佳实践:
- 集群规划:根据业务需求选择RKE2或K3s
- 高可用部署:生产环境使用高可用部署
- 网络规划:确保节点之间网络互通
- 监控告警:配置监控和告警系统
- 备份恢复:定期备份集群配置和数据
- 文档记录:记录部署过程和配置
- 定期检查:定期检查集群状态
5.2 Rancher数据库集群问题排查
Rancher数据库集群问题排查:
# 问题1:节点无法加入集群
# 现象:节点状态显示为NotReady
# 原因:网络不通、配置错误、Token无效
# 解决:
[root@rke2-server1 ~]# kubectl get nodes
[root@rke2-server1 ~]# kubectl describe node
[root@rke2-server1 ~]# ping
[root@rke2-server1 ~]# journalctl -u rke2-server -f
# 问题2:Pod无法启动
# 现象:Pod状态显示为Pending或CrashLoopBackOff
# 原因:资源不足、镜像拉取失败、配置错误
# 解决:
[root@rke2-server1 ~]# kubectl get pods
[root@rke2-server1 ~]# kubectl describe pod
# 问题3:ETCD集群异常
# 现象:ETCD集群状态显示为异常
# 原因:网络不通、配置错误、数据损坏
# 解决:
[root@rke2-server1 ~]# kubectl get pods -n kube-system | grep etcd
[root@rke2-server1 ~]# kubectl logs -n kube-system
[root@rke2-server1 ~]# kubectl exec -n kube-system
[root@rke2-server1 ~]# kubectl exec -n kube-system
# 问题4:网络插件异常
# 现象:Pod之间无法通信
# 原因:网络插件配置错误、网络策略冲突
# 解决:
[root@rke2-server1 ~]# kubectl get pods -n kube-system | grep canal
[root@rke2-server1 ~]# kubectl logs -n kube-system
[root@rke2-server1 ~]# kubectl get networkpolicies
5.3 Rancher数据库集群维护
Rancher数据库集群维护:
# 1. 定期检查
– 检查集群状态
– 检查节点状态
– 检查Pod状态
– 检查ETCD状态
# 2. 监控告警
– 配置监控指标
– 配置告警规则
– 配置通知方式
– 定期检查告警
# 3. 备份恢复
– 备份ETCD数据
– 备份应用数据
– 测试备份恢复
– 配置异地备份
# 4. 更新升级
– 更新RKE2/K3s版本
– 更新Kubernetes版本
– 更新应用版本
– 测试升级流程
# 5. 安全加固
– 更新SSL证书
– 配置访问控制
– 定期审计日志
– 更新安全策略
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
联系我们
在线咨询:
微信号:itpux-com
工作日:9:30-18:30,节假日休息
