条件：
3台没有网络的centos7.9服务器

1.系统优化

hostnamectl set-hostname k8s-master &&  bash #只在master节点上执行
hostnamectl set-hostname k8s-node1  &&  bash #只在node1节点上执行
hostnamectl set-hostname k8s-node2  &&  bash #只在node2节点上执行
cat >> /etc/hosts << EOF
192.168.243.180 k8s-master
192.168.243.181 k8s-node1
192.168.243.182 k8s-node2
EOF
#关闭防火墙：
systemctl stop firewalld
systemctl disable firewalld
#关闭selinux：
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 临时
#关闭swap：
swapoff -a # 临时
sed -i 's/.*swap.*/#&/' /etc/fstab # 永久

cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system # 生效

2. 安装docker

请点击：离线安装可以参考博客

3. 安装k8s

安装包下载：
链接：https://pan.baidu.com/s/1RmWylpXekr4Am2yd_42aDQ?pwd=MAQQ
提取码：MAQQ
–来自百度网盘的分享
3.1 所有服务器执行

cd /root #上传到此目录下
mkdir /root/k8sOfflineSetup
tar -zxvf k8sofflineSetup.tar.gz -C /root/k8sOfflineSetup
cd /root/k8sOfflineSetup
chmod +x scripts/*

3.2 master节点上执行

cd /root/k8sOfflineSetup
export HOSTNAME=k8s-master # master节点的主机名
export APISERVER_NAME=apiserver.k8s.com # k8s apiserver的主机地址
export MASTER_IP=192.168.243.180 # 集群中master节点的ip地址
export POD_SUBNET=10.11.10.0/16 # Pod 使用的网段

sh setup_master.sh
kubectl get nodes
kubectl get pods -n kube-system
kubeadm token create --print-join-command #创建加入集群的token和秘钥，记录下来

[root@k8s-master ~]# kubeadm token create --print-join-command
W0415 15:22:22.571978   61871 validation.go:28] Cannot validate kube-proxy config - no validator is available
W0415 15:22:22.572369   61871 validation.go:28] Cannot validate kubelet config - no validator is available
kubeadm join apiserver.k8s.com:6443 --token rry6jz.x0fegbxxojlo59zw     --discovery-token-ca-cert-hash sha256:59d0ff9225b587ea64901496ae1e1a0916da13a0448e07fa8feebcbd36b0171e 
[root@k8s-master ~]# 

3.3 node1上执行

export HOSTNAME=k8s-node1 # node1节点的主机名
export APISERVER_NAME=apiserver.k8s.com #k8s apiserver的主机地址
export MASTER_IP=192.168.243.180 # 集群中master节点的ip地址
# 加入master的token,就是上述步骤记住的token后面的内容
export TOKEN=rry6jz.x0fegbxxojlo59zw
# 加入master的证书,就是上述步骤九标红的discovery-token-ca-cert-hash后面的内容
export CERT=sha256:59d0ff9225b587ea64901496ae1e1a0916da13a0448e07fa8feebcbd36b0171e

cd /root/k8sOfflineSetup
chmod +x scripts/*
sh setup_worker.sh

3.4 node2上执行

export HOSTNAME=k8s-node2 # node1节点的主机名
export APISERVER_NAME=apiserver.k8s.com #k8s apiserver的主机地址
export MASTER_IP=192.168.243.180 # 集群中master节点的ip地址
# 加入master的token,就是上述步骤记住的token后面的内容
export TOKEN=rry6jz.x0fegbxxojlo59zw
# 加入master的证书,就是上述步骤九标红的discovery-token-ca-cert-hash后面的内容
export CERT=sha256:59d0ff9225b587ea64901496ae1e1a0916da13a0448e07fa8feebcbd36b0171e

cd /root/k8sOfflineSetup
chmod +x scripts/*
sh setup_worker.sh

4.验证查看

[root@k8s-master ~]# kubectl get nodes
NAME         STATUS   ROLES    AGE     VERSION
k8s-master   Ready    master   22m     v1.17.1
k8s-node1    Ready    <none>   4m26s   v1.17.1
k8s-node2    Ready    <none>   39s     v1.17.1
[root@k8s-master ~]# 
在浏览器输入:masterIP:32567

[root@k8s-master ~]# kubectl get nodes
NAME         STATUS   ROLES    AGE   VERSION
k8s-master   Ready    master   36m   v1.17.1
k8s-node1    Ready    <none>   32m   v1.17.1
k8s-node2    Ready    <none>   31m   v1.17.1
[root@k8s-master ~]# 

# 在 Master 节点上执行此命令
kubectl -n kube-system get secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}') -o go-template='{{.data.token}}' | base64 -d

5.登录页面

使用方面请自行研究

6.安装仓库

cd /opt #代码上传到这里
docker load -i registry.tar.gz
tar zxvf docker-registry.tar.gz -C /opt
rm -fr registry.tar.gz docker-registry.tar.gz
docker run -d -p 5000:5000 --restart=always --name registry -v /opt/docker-registry:/var/lib/registry registry:2

6.安装rancher2.4

docker run -d --restart=unless-stopped \
  -p 8080:80 -p 8443:443 \
  -e CATTLE_SYSTEM_DEFAULT_REGISTRY=192.168.243.180:5000 \
  -e CATTLE_SYSTEM_CATALOG=bundled \
  -v /opt/rancher:/var/lib/rancher \
  --name rancher2 192.168.243.180:5000/rancher/rancher:v2.4.17

#rancher2.4登录 thhps://ip:8443
用户：admin 密码自己设置

7. 利用rancher添加K8S集群

看到集群是Active就说明正常了！

8. 离线部署服务验证

#由于是离线，需要在所有node节点上上传nginx镜像包并导入
docker load -i nginx.tar.gz

cat > nginx.yaml << EOF
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx
  name: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - image: nginx
        name: nginx
        imagePullPolicy: IfNotPresent
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: nginx
  name: nginx
spec:
  type: NodePort
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx
EOF

[root@k8s-master ~]# kubectl apply -f nginx.yaml 
deployment.apps/nginx created
service/nginx created
[root@k8s-master ~]# kubectl get pods,svc
NAME                         READY   STATUS    RESTARTS   AGE
pod/nginx-5ffb5df89f-g5lrg   1/1     Running   0          14s

NAME                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
service/kubernetes   ClusterIP   10.96.0.1       <none>        443/TCP        15h
service/nginx        NodePort    10.96.182.168   <none>        80:32755/TCP   14s
[root@k8s-master ~]# 

8.1 命令行进行访问验证
任意节点ip:32755
8.2 rancher界面验证

希望能够帮助到您，欢迎一个点赞，给博主一个支持，谢谢！有任何问题欢迎留言！