1. clone代码
git clone https://github.com/kubernetes-incubator/kubespray.git
2. 添加inventory/inventory
单独添加ansible inventory放到inventory目录下
添加后确保ansible可以执行
ansible all -i inventory/inventory -m ping
result:
node2 | SUCCESS => {
"changed": false,
"failed": false,
"ping": "pong"
}
node1 | SUCCESS => {
"changed": false,
"failed": false,
"ping": "pong"
}
node3 | SUCCESS => {
"changed": false,
"failed": false,
"ping": "pong"
}
ansible inventory
# ## Configure 'ip' variable to bind kubernetes services on a
# ## different ip than the default iface
node1 ansible_ssh_host=192.168.10.2 ansible_user=root ip=192.168.10.2
node2 ansible_ssh_host=192.168.10.3 ansible_user=root ip=192.168.10.3
node3 ansible_ssh_host=192.168.10.4 ansible_user=root ip=192.168.10.4
# ## configure a bastion host if your nodes are not directly reachable
# bastion ansible_ssh_host=x.x.x.x
[kube-master]
node1
node2
[kube-node]
node1
node2
node3
[etcd]
node1
node2
node3
[k8s-cluster:children]
kube-node
kube-master
[calico-rr]
[vault]
node1
node2
node3
3. 替换官方镜像源
相关镜像被墙替换为阿里云镜像
官方最新版本v1.9.3,由于在阿里云没找到故使用v1.9.2
以下是修改后的镜像,也可以把所有镜像下载到本地
vim roles/download/defaults/main.yml
kube_version: v1.9.2
# Containers
etcd_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/etcd"
etcd_image_tag: "{{ etcd_version }}"
flannel_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/flannel"
flannel_image_tag: "{{ flannel_version }}"
flannel_cni_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/flannel-cni"
flannel_cni_image_tag: "{{ flannel_cni_version }}"
calicoctl_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/calico_ctl"
calicoctl_image_tag: "{{ calico_ctl_version }}"
calico_node_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/calico_node"
calico_node_image_tag: "{{ calico_version }}"
calico_cni_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/calico_cni"
calico_cni_image_tag: "{{ calico_cni_version }}"
calico_policy_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/kube-controllers"
calico_policy_image_tag: "{{ calico_policy_version }}"
calico_rr_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/routereflector"
calico_rr_image_tag: "{{ calico_rr_version }}"
hyperkube_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/hyperkube"
hyperkube_image_tag: "{{ kubedns_version }}_coreos.0"
pod_infra_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/pause-amd64"
pod_infra_image_tag: "{{ pod_infra_version }}"
install_socat_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/install-socat"
install_socat_image_tag: "latest"
netcheck_version: "v1.0"
netcheck_agent_img_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-netchecker-agent"
netcheck_agent_tag: "{{ netcheck_version }}"
netcheck_server_img_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-netchecker-server"
netcheck_server_tag: "{{ netcheck_version }}"
weave_kube_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/weave-kube"
weave_kube_image_tag: "{{ weave_version }}"
weave_npc_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/weave-npc"
weave_npc_image_tag: "{{ weave_version }}"
contiv_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/netplugin"
contiv_image_tag: "{{ contiv_version }}"
contiv_auth_proxy_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/auth_proxy"
contiv_auth_proxy_image_tag: "{{ contiv_version }}"
cilium_image_repo: "docker.io/cilium/cilium"
cilium_image_tag: "{{ cilium_version }}"
nginx_image_repo: nginx
nginx_image_tag: 1.13
dnsmasq_version: 2.78
dnsmasq_image_repo: "andyshinn/dnsmasq"
dnsmasq_image_tag: "{{ dnsmasq_version }}"
kubedns_version: 1.14.8
kubedns_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-dns-kube-dns-amd64"
kubedns_image_tag: "{{ kubedns_version }}"
dnsmasq_nanny_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-dns-dnsmasq-nanny-amd64"
dnsmasq_nanny_image_tag: "{{ kubedns_version }}"
dnsmasq_sidecar_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-dns-sidecar-amd64"
dnsmasq_sidecar_image_tag: "{{ kubedns_version }}"
dnsmasqautoscaler_version: 1.1.2
dnsmasqautoscaler_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/cluster-proportional-autoscaler-amd64"
dnsmasqautoscaler_image_tag: "{{ dnsmasqautoscaler_version }}"
kubednsautoscaler_version: 1.1.2
kubednsautoscaler_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/cluster-proportional-autoscaler-amd64"
kubednsautoscaler_image_tag: "{{ kubednsautoscaler_version }}"
test_image_repo: busybox
test_image_tag: latest
elasticsearch_version: "v2.4.1"
elasticsearch_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/elasticsearch"
elasticsearch_image_tag: "{{ elasticsearch_version }}"
fluentd_version: "1.22"
fluentd_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/fluentd-elasticsearch"
fluentd_image_tag: "{{ fluentd_version }}"
kibana_version: "v4.6.1"
kibana_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/kibana"
kibana_image_tag: "{{ kibana_version }}"
helm_version: "v2.8.1"
helm_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-helm"
helm_image_tag: "{{ helm_version }}"
tiller_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/tiller"
tiller_image_tag: "{{ helm_version }}"
vault_image_repo: "vault"
vault_image_tag: "{{ vault_version }}"
修改dashboard dns
vim roles/kubernetes-apps/ansible/defaults/main.yml
# Images
kubedns_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-dns-kube-dns-amd64"
kubedns_image_tag: "{{ kubedns_version }}"
dnsmasq_nanny_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-dns-dnsmasq-nanny-amd64"
dnsmasq_nanny_image_tag: "{{ kubedns_version }}"
dnsmasq_sidecar_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/k8s-dns-sidecar-amd64"
dnsmasq_sidecar_image_tag: "{{ kubedns_version }}"
kubednsautoscaler_image_repo: "registry.cn-hangzhou.aliyuncs.com/kubespray24/cluster-proportional-autoscaler-amd64"
kubednsautoscaler_image_tag: "{{ kubednsautoscaler_version }}"
# Dashboard
dashboard_enabled: true
dashboard_image_repo: registry.cn-hangzhou.aliyuncs.com/kubespray24/kubernetes-dashboard-amd64
dashboard_image_tag: v1.8.1
4. 修改配置
#
[root@slave1 kubespray]# vim inventory/local/group_vars/k8s-cluster.yml
kube_network_plugin: flannel
kube_version: v1.9.2
#
[root@slave1 kubespray]# vim inventory/local/group_vars/all.yml
#根据系统修改
bootstrap_os: centos
[root@slave1 kubespray]# vim roles/network_plugin/flannel/defaults/main.yml
flannel_backend_type: "host-gw"
#修改管理密码
[root@slave1 kubespray]# vim roles/kubespray-defaults/defaults/main.yaml
bootstrap_os: centos
kube_version: v1.9.2
#密码
kube_api_pwd: 'yourpassowrd'
#修改kube api地址
[root@slave1 kubespray]# vim roles/kubernetes/master/defaults/main.yml
# change to 0.0.0.0 to enable insecure access from anywhere (not recommended)
kube_apiserver_insecure_bind_address: 0.0.0.0
# By default the external API listens on all interfaces, this can be changed to
# listen on a specific address/interface.
kube_apiserver_bind_address: 0.0.0.0
5.安装
执行剧本,开启一键安装k8s
[root@slave1 kubespray]# ansible-playbook -i inventory/inventory cluster.yml -b -v --private-key=~/.ssh/id_rsa
issues
FAILED - RETRYING: HANDLER: kubernetes/master : Master | wait for the apiserver to be running (1 retries left).
fatal: [node1]: FAILED! => {"attempts": 10, "changed": false, "content": "", "failed": true, "msg": "Status code was not [200]: Request failed: <urlopen error [Errno 111] Connection refused>", "redirected": false, "status": -1, "url": "http://localhost:8080/healthz"}
关闭所有节点swap
swapoff -a
ansible all -i inventory/inventory -m command -a 'swapoff -a'
fatal: [node2]: FAILED! => {
"assertion": "ansible_swaptotal_mb == 0",
"changed": false,
"evaluated_to": false,
"failed": true
}
fatal: [node1]: FAILED! => {
"assertion": "ansible_swaptotal_mb == 0",
"changed": false,
"evaluated_to": false,
"failed": true
}
fatal: [node3]: FAILED! => {
"assertion": "ansible_swaptotal_mb == 0",
"changed": false,
"evaluated_to": false,
"failed": true
}
关闭管理机swap
swapoff -a