zoukankan      html  css  js  c++  java

  • 使用 --image-repository 解决kubeadm 安装k8s 集群 谷歌镜像墙的问题

    从网上我们看到的好多kubeadm 安装k8s 的时候都说需要下拉取镜像,然后修改,实际上
    我们可以使用配置参数,快速的跳过墙的问题
    说明:
    基础镜像,我们仍然存在,拉取的问题,但是dockerhub 上已经包含了好多拉取好的,我们只需要拉取,统一命名
    下就可以了,简单测试我使用了别人以及配置好的 index.docker.io/mirrorgooglecontainers

    简单demo

    • 准备coredns 镜像
     
    默认上边的仓库没有处理coredns 的镜像,我拉取,本地处理了
    docker pull coredns/coredns:1.2.6
    docker tag coredns/coredns:1.2.6 mirrorgooglecontainers/coredns:1.2.6
     
    • init
    kubeadm init --image-repository index.docker.io/mirrorgooglecontainers
    • 效果
    kubeadm init --image-repository index.docker.io/mirrorgooglecontainers
    I1227 14:33:45.044189 5340 version.go:94] could not fetch a Kubernetes version from the internet: unable to get URL "https://dl.k8s.io/release/stable-1.txt": Get https://storage.googleapis.com/kubernetes-release/release/stable-1.txt: net/http: request canceled (Client.Timeout exceeded while awaiting headers)
    I1227 14:33:45.044262 5340 version.go:95] falling back to the local client version: v1.13.1
    [init] Using Kubernetes version: v1.13.1
    [preflight] Running pre-flight checks
     [WARNING SystemVerification]: this Docker version is not on the list of validated versions: 18.09.0. Latest validated version: 18.06
     [WARNING Service-Kubelet]: kubelet service is not enabled, please run 'systemctl enable kubelet.service'
    [preflight] Pulling images required for setting up a Kubernetes cluster
    [preflight] This might take a minute or two, depending on the speed of your internet connection
    [preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
    [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
    [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
    [kubelet-start] Activating the kubelet service
    [certs] Using certificateDir folder "/etc/kubernetes/pki"
    [certs] Generating "ca" certificate and key
    [certs] Generating "apiserver" certificate and key
    [certs] apiserver serving cert is signed for DNS names [iz2zeg7uro1snhd9wqmp2oz kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 47.93.161.2]
    [certs] Generating "apiserver-kubelet-client" certificate and key
    [certs] Generating "front-proxy-ca" certificate and key
    [certs] Generating "front-proxy-client" certificate and key
    [certs] Generating "etcd/ca" certificate and key
    [certs] Generating "etcd/server" certificate and key
    [certs] etcd/server serving cert is signed for DNS names [iz2zeg7uro1snhd9wqmp2oz localhost] and IPs [47.93.161.2 127.0.0.1 ::1]
    [certs] Generating "etcd/healthcheck-client" certificate and key
    [certs] Generating "etcd/peer" certificate and key
    [certs] etcd/peer serving cert is signed for DNS names [iz2zeg7uro1snhd9wqmp2oz localhost] and IPs [47.93.161.2 127.0.0.1 ::1]
    [certs] Generating "apiserver-etcd-client" certificate and key
    [certs] Generating "sa" key and public key
    [kubeconfig] Using kubeconfig folder "/etc/kubernetes"
    [kubeconfig] Writing "admin.conf" kubeconfig file
    [kubeconfig] Writing "kubelet.conf" kubeconfig file
    [kubeconfig] Writing "controller-manager.conf" kubeconfig file
    [kubeconfig] Writing "scheduler.conf" kubeconfig file
    [control-plane] Using manifest folder "/etc/kubernetes/manifests"
    [control-plane] Creating static Pod manifest for "kube-apiserver"
    [control-plane] Creating static Pod manifest for "kube-controller-manager"
    [control-plane] Creating static Pod manifest for "kube-scheduler"
    [etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
    [wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
    [apiclient] All control plane components are healthy after 20.001573 seconds
    [uploadconfig] storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
    [kubelet] Creating a ConfigMap "kubelet-config-1.13" in namespace kube-system with the configuration for the kubelets in the cluster
    [patchnode] Uploading the CRI Socket information "/var/run/dockershim.sock" to the Node API object "iz2zeg7uro1snhd9wqmp2oz" as an annotation
    [mark-control-plane] Marking the node iz2zeg7uro1snhd9wqmp2oz as control-plane by adding the label "node-role.kubernetes.io/master=''"
    [mark-control-plane] Marking the node iz2zeg7uro1snhd9wqmp2oz as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
    [bootstrap-token] Using token: eopu1d.aygr2do3dfz0zndh
    [bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
    [bootstraptoken] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
    [bootstraptoken] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
    [bootstraptoken] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
    [bootstraptoken] creating the "cluster-info" ConfigMap in the "kube-public" namespace
    [addons] Applied essential addon: CoreDNS
    [addons] Applied essential addon: kube-proxy
    Your Kubernetes master has initialized successfully!
    To start using your cluster, you need to run the following as a regular user:
      mkdir -p $HOME/.kube
      sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
      sudo chown $(id -u):$(id -g) $HOME/.kube/config
    You should now deploy a pod network to the cluster.
    Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
      https://kubernetes.io/docs/concepts/cluster-administration/addons/
    You can now join any number of machines by running the following on each node
    as root:
      kubeadm join <youserverip>:6443 --token eopu1d.aygr2do3dfz0zndh --discovery-token-ca-cert-hash sha256:c74094ffde73bf834a13a994f6715d2a6fcc165913a54812255d62c90460153b
     
     
    • 集群组件结果
    kubectl get cs
    NAME STATUS MESSAGE ERROR
    scheduler Healthy ok
    controller-manager Healthy ok
    etcd-0 Healthy {"health": "true"}
     
    • 部署的pod 组件
      因为我没有部署网络组件,所以有几个是有问题的
     
    kubectl get all --all-namespaces
    NAMESPACE NAME READY STATUS RESTARTS AGE
    kube-system pod/coredns-754c658c4f-kr29k 0/1 Pending 0 6m32s
    kube-system pod/coredns-754c658c4f-lthgk 0/1 Pending 0 6m32s
    kube-system pod/etcd-iz2zeg7uro1snhd9wqmp2oz 1/1 Running 0 5m40s
    kube-system pod/kube-apiserver-iz2zeg7uro1snhd9wqmp2oz 1/1 Running 0 5m27s
    kube-system pod/kube-controller-manager-iz2zeg7uro1snhd9wqmp2oz 1/1 Running 0 5m35s
    kube-system pod/kube-proxy-kkfrl 1/1 Running 0 6m32s
    kube-system pod/kube-scheduler-iz2zeg7uro1snhd9wqmp2oz 1/1 Running 0 5m46s
    NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
    default service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6m41s
    kube-system service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 6m37s
    NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
    kube-system daemonset.apps/kube-proxy 1 1 1 1 1 <none> 6m37s
    NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE
    kube-system deployment.apps/coredns 0/2 2 0 6m37s
    NAMESPACE NAME DESIRED CURRENT READY AGE
    kube-system replicaset.apps/coredns-754c658c4f 2 2 0 6m32s
     
     

    说明

    后边具体的操作可以参考官方文档,我的演示只是部分,主要是说明我们可以使用配置参数解决好多镜像墙的问题
    同时还支持其他方便的参数,我们可以使用kubeadm --help 或者官方文档了解更多的信息

    新版的配置参数

    可以参考

     
    root 5471 1 1 14:33 ? 00:00:07 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --cgroup-driver=cgroupfs --network-plugin=cni --pod-infra-container-image=index.docker.io/mirrorgooglecontainers/pause:3.1
    root 6016 5982 3 14:33 ? 00:00:17 kube-apiserver --authorization-mode=Node,RBAC --advertise-address=<ip> --allow-privileged=true --client-ca-file=/etc/kubernetes/pki/ca.crt --enable-admission-plugins=NodeRestriction --enable-bootstrap-token-auth=true --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key --etcd-servers=https://127.0.0.1:2379 --insecure-port=0 --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt --kubelet-client-key=/etc/kubernetes/pki/apiserver-kubelet-client.key --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname --proxy-client-cert-file=/etc/kubernetes/pki/front-proxy-client.crt --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key --requestheader-allowed-names=front-proxy-client --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt --requestheader-extra-headers-prefix=X-Remote-Extra- --requestheader-group-headers=X-Remote-Group --requestheader-username-headers=X-Remote-User --secure-port=6443 --service-account-key-file=/etc/kubernetes/pki/sa.pub --service-cluster-ip-range=10.96.0.0/12 --tls-cert-file=/etc/kubernetes/pki/apiserver.crt --tls-private-key-file=/etc/kubernetes/pki/apiserver.key
    root 6128 5996 1 14:33 ? 00:00:05 etcd --advertise-client-urls=https://<ip>:2379 --cert-file=/etc/kubernetes/pki/etcd/server.crt --client-cert-auth=true --data-dir=/var/lib/etcd --initial-advertise-peer-urls=https://<ip>:2380 --initial-cluster=iz2zeg7uro1snhd9wqmp2oz=https://<ip>:2380 --key-file=/etc/kubernetes/pki/etcd/server.key --listen-client-urls=https://127.0.0.1:2379,https://<ip>:2379 --listen-peer-urls=https://<ip>2:2380 --name=iz2zeg7uro1snhd9wqmp2oz --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt --peer-client-cert-auth=true --peer-key-file=/etc/kubernetes/pki/etcd/peer.key --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt --snapshot-count=10000 --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt
    root 6216 6000 0 14:33 ? 00:00:03 kube-scheduler --address=127.0.0.1 --kubeconfig=/etc/kubernetes/scheduler.conf --leader-elect=true
    root 6226 6011 1 14:33 ? 00:00:08 kube-controller-manager --address=127.0.0.1 --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf --client-ca-file=/etc/kubernetes/pki/ca.crt --cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt --cluster-signing-key-file=/etc/kubernetes/pki/ca.key --controllers=*,bootstrapsigner,tokencleaner --kubeconfig=/etc/kubernetes/controller-manager.conf --leader-elect=true --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt --root-ca-file=/etc/kubernetes/pki/ca.crt --service-account-private-key-file=/etc/kubernetes/pki/sa.key --use-service-account-credentials=true
    root 6727 6707 0 14:34 ? 00:00:00 /usr/local/bin/kube-proxy --config=/var/lib/kube-proxy/config.conf --hostname-override=iz2zeg7uro1snhd9wqmp2oz
     

    参考资料

    https://kubernetes.io/docs/setup/independent/install-kubeadm/
  • 相关阅读:
    __name__使用方法,模块查找顺序和模块的绝对导入
    模块
    ATM程序结构
    迭代器
    常用内置方法
    生成式,匿名函数及内置函数部分使用方法
    算法之二分法和三元表达式
    redis配置文件
    PythonStudy——shutil 模块
    PythonStudy——pickle 模块 (泡菜)
  • 原文地址:https://www.cnblogs.com/rongfengliang/p/10184952.html
Copyright © 2011-2022 走看看