zoukankan      html  css  js  c++  java
  • kubespray 一键安装k8s集群

    1. clone代码

    git clone https://github.com/kubernetes-incubator/kubespray.git
    

    2. 添加inventory/inventory

    单独添加ansible inventory放到inventory目录下
    添加后确保ansible可以执行

    ansible all -i inventory/inventory -m ping
    
    result:
    
    node2 | SUCCESS => {
        "changed": false, 
        "failed": false, 
        "ping": "pong"
    }
    node1 | SUCCESS => {
        "changed": false, 
        "failed": false, 
        "ping": "pong"
    }
    node3 | SUCCESS => {
        "changed": false, 
        "failed": false, 
        "ping": "pong"
    }
    
    

    ansible inventory

    # ## Configure 'ip' variable to bind kubernetes services on a
    # ## different ip than the default iface
    node1 ansible_ssh_host=192.168.10.2 ansible_user=root ip=192.168.10.2
    node2 ansible_ssh_host=192.168.10.3 ansible_user=root ip=192.168.10.3
    node3 ansible_ssh_host=192.168.10.4 ansible_user=root ip=192.168.10.4
    
    # ## configure a bastion host if your nodes are not directly reachable
    # bastion ansible_ssh_host=x.x.x.x
    
    [kube-master]
    node1    
    node2    
    
    [kube-node]
    node1    
    node2    
    node3    
    
    [etcd]
    node1    
    node2    
    node3    
    
    [k8s-cluster:children]
    kube-node    
    kube-master      
    
    [calico-rr]
    
    [vault]
    node1    
    node2    
    node3
    
    

    3. 替换官方镜像源

    相关镜像被墙替换为阿里云镜像

    官方最新版本v1.9.3,由于在阿里云没找到故使用v1.9.2

    以下是修改后的镜像,也可以把所有镜像下载到本地

    vim roles/download/defaults/main.yml

    kube_version: v1.9.2
    
    # Containers
    etcd_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/etcd"
    etcd_image_tag: "{{ etcd_version }}"
    flannel_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/flannel"
    flannel_image_tag: "{{ flannel_version }}"
    flannel_cni_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/flannel-cni"
    flannel_cni_image_tag: "{{ flannel_cni_version }}"
    calicoctl_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/calico_ctl"
    calicoctl_image_tag: "{{ calico_ctl_version }}"
    calico_node_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/calico_node"
    calico_node_image_tag: "{{ calico_version }}"
    calico_cni_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/calico_cni"
    calico_cni_image_tag: "{{ calico_cni_version }}"
    calico_policy_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/kube-controllers"
    calico_policy_image_tag: "{{ calico_policy_version }}"
    calico_rr_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/routereflector"
    calico_rr_image_tag: "{{ calico_rr_version }}"
    hyperkube_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/hyperkube"
    hyperkube_image_tag: "{{ kubedns_version }}_coreos.0"
    pod_infra_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/pause-amd64"
    pod_infra_image_tag: "{{ pod_infra_version }}"
    install_socat_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/install-socat"
    install_socat_image_tag: "latest"
    netcheck_version: "v1.0"
    netcheck_agent_img_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-netchecker-agent"
    netcheck_agent_tag: "{{ netcheck_version }}"
    netcheck_server_img_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-netchecker-server"
    netcheck_server_tag: "{{ netcheck_version }}"
    weave_kube_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/weave-kube"
    weave_kube_image_tag: "{{ weave_version }}"
    weave_npc_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/weave-npc"
    weave_npc_image_tag: "{{ weave_version }}"
    contiv_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/netplugin"
    contiv_image_tag: "{{ contiv_version }}"
    contiv_auth_proxy_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/auth_proxy"
    contiv_auth_proxy_image_tag: "{{ contiv_version }}"
    cilium_image_repo: "docker.io/cilium/cilium"
    cilium_image_tag: "{{ cilium_version }}"
    
    
    
    nginx_image_repo: nginx
    nginx_image_tag: 1.13
    dnsmasq_version: 2.78
    dnsmasq_image_repo: "andyshinn/dnsmasq"
    dnsmasq_image_tag: "{{ dnsmasq_version }}"
    kubedns_version: 1.14.8
    kubedns_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-dns-kube-dns-amd64"
    kubedns_image_tag: "{{ kubedns_version }}"
    dnsmasq_nanny_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-dns-dnsmasq-nanny-amd64"
    dnsmasq_nanny_image_tag: "{{ kubedns_version }}"
    dnsmasq_sidecar_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-dns-sidecar-amd64"
    dnsmasq_sidecar_image_tag: "{{ kubedns_version }}"
    dnsmasqautoscaler_version: 1.1.2
    dnsmasqautoscaler_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/cluster-proportional-autoscaler-amd64"
    dnsmasqautoscaler_image_tag: "{{ dnsmasqautoscaler_version }}"
    kubednsautoscaler_version: 1.1.2
    kubednsautoscaler_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/cluster-proportional-autoscaler-amd64"
    kubednsautoscaler_image_tag: "{{ kubednsautoscaler_version }}"
    test_image_repo: busybox
    test_image_tag: latest
    elasticsearch_version: "v2.4.1"
    elasticsearch_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/elasticsearch"
    elasticsearch_image_tag: "{{ elasticsearch_version }}"
    fluentd_version: "1.22"
    fluentd_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/fluentd-elasticsearch"
    fluentd_image_tag: "{{ fluentd_version }}"
    kibana_version: "v4.6.1"
    kibana_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/kibana"
    kibana_image_tag: "{{ kibana_version }}"
    
    helm_version: "v2.8.1"
    helm_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-helm"
    helm_image_tag: "{{ helm_version }}"
    tiller_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/tiller"
    tiller_image_tag: "{{ helm_version }}"
    vault_image_repo: "vault"
    vault_image_tag: "{{ vault_version }}"
    
    
    

    修改dashboard dns

    vim roles/kubernetes-apps/ansible/defaults/main.yml

    # Images
    kubedns_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-dns-kube-dns-amd64"
    kubedns_image_tag: "{{ kubedns_version }}"
    dnsmasq_nanny_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-dns-dnsmasq-nanny-amd64"
    dnsmasq_nanny_image_tag: "{{ kubedns_version }}"
    dnsmasq_sidecar_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-dns-sidecar-amd64"
    dnsmasq_sidecar_image_tag: "{{ kubedns_version }}"
    kubednsautoscaler_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/cluster-proportional-autoscaler-amd64"
    kubednsautoscaler_image_tag: "{{ kubednsautoscaler_version }}"
    
    
    # Dashboard
    dashboard_enabled: true
    dashboard_image_repo: registry.cn-hangzhou.aliyuncs.com/kubespray24/kubernetes-dashboard-amd64
    dashboard_image_tag: v1.8.1
    
    

    4. 修改配置

    #
    [root@slave1 kubespray]# vim inventory/local/group_vars/k8s-cluster.yml
    kube_network_plugin: flannel
    kube_version: v1.9.2
    #
    [root@slave1 kubespray]# vim inventory/local/group_vars/all.yml 
    #根据系统修改
    bootstrap_os: centos
    
    [root@slave1 kubespray]# vim roles/network_plugin/flannel/defaults/main.yml
    flannel_backend_type: "host-gw"
    #修改管理密码
    [root@slave1 kubespray]# vim roles/kubespray-defaults/defaults/main.yaml
    bootstrap_os: centos
    kube_version: v1.9.2
    #密码
    kube_api_pwd: 'yourpassowrd'
    
    #修改kube api地址
    [root@slave1 kubespray]# vim roles/kubernetes/master/defaults/main.yml
    # change to 0.0.0.0 to enable insecure access from anywhere (not recommended)
    kube_apiserver_insecure_bind_address: 0.0.0.0
    
    # By default the external API listens on all interfaces, this can be changed to
    # listen on a specific address/interface.
    kube_apiserver_bind_address: 0.0.0.0
    
    
    

    5.安装

    执行剧本,开启一键安装k8s

    [root@slave1 kubespray]# ansible-playbook -i inventory/inventory cluster.yml -b -v --private-key=~/.ssh/id_rsa
    
    

    issues

    FAILED - RETRYING: HANDLER: kubernetes/master : Master | wait for the apiserver to be running (1 retries left).
    fatal: [node1]: FAILED! => {"attempts": 10, "changed": false, "content": "", "failed": true, "msg": "Status code was not [200]: Request failed: <urlopen error [Errno 111] Connection refused>", "redirected": false, "status": -1, "url": "http://localhost:8080/healthz"}
    

    关闭所有节点swap

    swapoff -a

    ansible all -i inventory/inventory -m command -a 'swapoff -a'
    
    fatal: [node2]: FAILED! => {
        "assertion": "ansible_swaptotal_mb == 0", 
        "changed": false, 
        "evaluated_to": false, 
        "failed": true
    }
    fatal: [node1]: FAILED! => {
        "assertion": "ansible_swaptotal_mb == 0", 
        "changed": false, 
        "evaluated_to": false, 
        "failed": true
    }
    fatal: [node3]: FAILED! => {
        "assertion": "ansible_swaptotal_mb == 0", 
        "changed": false, 
        "evaluated_to": false, 
        "failed": true
    }
    
    

    关闭管理机swap

    swapoff -a




  • 相关阅读:
    173. Binary Search Tree Iterator
    199. Binary Tree Right Side View
    230. Kth Smallest Element in a BST
    236. Lowest Common Ancestor of a Binary Tree
    337. House Robber III
    449. Serialize and Deserialize BST
    508. Most Frequent Subtree Sum
    513. Find Bottom Left Tree Value
    129. Sum Root to Leaf Numbers
    652. Find Duplicate Subtrees
  • 原文地址:https://www.cnblogs.com/cheyunhua/p/9915605.html
Copyright © 2011-2022 走看看