kubernetes----自动化安装2

2022-06-24 19:17:59

kubernetes----自动化安装2

linuxkubernetes

kubernetes安装

自动化安装工具

程序包 https://github.com/easzlab/kubeasz
参考文档 https://github.com/easzlab/kubeasz/blob/master/docs/setup/00-planning_and_overall_intro.md

准备环境,三台机器,A-MASTER,B-NODE1,C-NODE2 

在MASTER节点安装依赖包
yum install -y ansible
对3台机器做免密钥登录

下载依赖包
wget https://github.com/easzlab/kubeasz/archive/3.0.0.tar.gz
tar xf 3.0.0.tar.gz && cd kubeasz-3.0.0
使用工具脚本下载,所有文件(kubeasz 代码、二进制、离线镜像)/etc/kubeasz
./ezdown -D	#此过程根据网速来决定

部署安装 

创建集群配置实例
cd /etc/kubeasz
./ezctl new test	
会在cluster目录生成两个文件
/etc/kubeasz/clusters/test/hosts
/etc/kubeasz/clusters/test/config.yml

修改hosts文件 

# ‘etcd‘ cluster should have odd member(s) (1,3,5,...)
[etcd]	#K8S键值数据库
192.168.10.81

# master node(s)
[kube_master]	#主节点,组件由apiserver、controller manager 、scheduler
192.168.10.81

# work node(s)	#容器运行的节点	kube-proxy kubelet
[kube_node]		
192.168.10.82
192.168.10.83

# [optional] harbor server, a private docker registry
# ‘NEW_INSTALL‘: ‘yes‘ to install a harbor server; ‘no‘ to integrate with existed one
# ‘SELF_SIGNED_CERT‘: ‘no‘ you need put files of certificates named harbor.pem and harbor-key.pem in directory ‘down‘
[harbor]
#192.168.1.8 HARBOR_DOMAIN="harbor.yourdomain.com" NEW_INSTALL=no SELF_SIGNED_CERT=yes

# [optional] loadbalance for accessing k8s from outside
[ex_lb]
#192.168.1.6 LB_ROLE=backup EX_APISERVER_VIP=192.168.1.250 EX_APISERVER_PORT=8443
#192.168.1.7 LB_ROLE=master EX_APISERVER_VIP=192.168.1.250 EX_APISERVER_PORT=8443

# [optional] ntp server for the cluster
[chrony]
#192.168.1.1

[all:vars]
# --------- Main Variables ---------------
# Cluster container-runtime supported: docker, containerd
CONTAINER_RUNTIME="docker"

# Network plugins supported: calico, flannel, kube-router, cilium, kube-ovn	#calico性能更优
CLUSTER_NETWORK="calico"

# Service proxy mode of kube-proxy: ‘iptables‘ or ‘ipvs‘	IPVS性能更优
PROXY_MODE="ipvs"

# K8S Service CIDR, not overlap with node(host) networking	#定义SVC网络的IP
SERVICE_CIDR="10.10.0.0/16"

# Cluster CIDR (Pod CIDR), not overlap with node(host) networking	#定义POD容器中使用的IP
CLUSTER_CIDR="10.20.0.0/16"

# NodePort Range	#SVC端口定义
NODE_PORT_RANGE="30000-60000"

# Cluster DNS Domain	集群DNS域名
CLUSTER_DNS_DOMAIN="final.local."

# -------- Additional Variables (don‘t change the default value right now) ---
# Binaries Directory	二进制程序
bin_dir="/opt/kube/bin"

# Deploy Directory (kubeasz workspace)
base_dir="/etc/kubeasz"

# Directory for a specific cluster
cluster_dir="{{ base_dir }}/clusters/test"

# CA and other components cert/key Directory	证书路径
ca_dir="/etc/kubernetes/ssl"

一键安装 

[root@k8s-master kubeasz]# ./ezctl setup test
Usage: ezctl setup <cluster> <step>
available steps:
    01     prepare         to prepare CA/certs & kubeconfig & other system settings 
    02     etcd            to setup the etcd cluster
    03     runtime         to setup the container runtime(docker or containerd)
    04     kube-master     to setup the master nodes
    05     kube-node       to setup the worker nodes
    06     network         to setup the network plugin
    07     cluster-addon   to setup other useful plugins
    all                    to run 01~07 all at once

examples: ./ezctl setup test-k8s 01
          ./ezctl setup test-k8s 02
          ./ezctl setup test-k8s all

一键安装,步骤分为预准备环境、ETCD数据库、docker引擎环境、主节点、node节点、网络插件
./ezctl setup test all

查看node节点是否正常
[root@k8s-master ~]# kubectl get node
NAME            STATUS                     ROLES    AGE     VERSION
192.168.10.81   Ready,SchedulingDisabled   master   5d21h   v1.20.2
192.168.10.82   Ready                      node     5d21h   v1.20.2
192.168.10.83   Ready                      node     5d21h   v1.20.2

小结

ezdown脚本主要做哪些事情

1、先定义K8S组件镜像相关版本
2、download_docker函数下载docker二进制程序包到/etc/kubeasz/down/目录下
docker程序在/opt/kube/bin和/etc/kubease/bin/并软链接到/bin/docker
3、安装docker服务 install_docker
启动服务脚本

cat > /etc/systemd/system/docker.service << EOF
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.io
[Service]
Environment="PATH=/opt/kube/bin:/bin:/sbin:/usr/bin:/usr/sbin"
ExecStart=/opt/kube/bin/dockerd
ExecStartPost=/sbin/iptables -I FORWARD -s 0.0.0.0/0 -j ACCEPT
ExecReload=/bin/kill -s HUP \$MAINPID
Restart=on-failure
RestartSec=5
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
EOF

配置文件

{
  "registry-mirrors": [	#这里指定是外网的镜像仓库
    "https://docker.mirrors.ustc.edu.cn",
    "http://hub-mirror.c.163.com",
    "https://harbor.final.com"
  ],
  "insecure-registries": ["127.0.0.1/8","192.168.10.84"], #这里可以连接多个harbor镜像仓库一般是内网
  "max-concurrent-downloads": 10,
  "log-driver": "json-file",
  "log-level": "warn",
  "log-opts": {
    "max-size": "10m",
    "max-file": "3"
    },
  "data-root": "/var/lib/docker"
}

关闭selinux,删除防火墙规则,重启docker服务
4、get_kubeasz,get_sys_pkg,get_k8s_bin,get_ext_bin
运行容器,将容器中的二进制文件复制出来,简单来说就是更新二进制程序
5、get_offline_image 下载K8S关联镜像
6、download_all 调用所有下载的函数

目录结构 

playbooks	可查看相关任务的剧本
roles	角色定义,由剧本调用

kubernetes----自动化安装2

上一篇:【转】Python资源 转自 dylanninin.com


下一篇:.NetCore基于Jenkins和Gogs的自动化部署方案