zoukankan      html  css  js  c++  java

  • Kubernetes 1.6.1 Kargo

    参考文档

    Stone
    Oo3p
    老吕子

    导入镜像

    因为使用的是容器启动集群方式所以会拉取镜像,这里准备了百度云盘提供镜像下载:百度云

    可以先在一台机器上导入所有镜像,然后克隆即可。
    导入镜像到每台机器后,卸载docker:yum remove -y docker*

    kargo会自动安装docker-1.13.1。否则会出现很多问题。

    主机准备

    IPHOSTNAMENOTE
    10.0.0.3 node1 python3 docker
    10.0.0.4 node2 python3 docker
    10.0.0.5 node3 python3 docker
    10.0.0.6 node4 python3 docker
    10.0.0.7 node5 python3 docker
    10.0.0.8 ansible python3 ansible

    镜像

    REPOSITORYTAGIMAGE IDCREATEDSIZE
    busybox latest c75bebcdd211 5 days ago 1.11 MB
    calico/cni v1.7.0 61bd0f1d1acf 3 weeks ago 67 MB
    calico/node v1.1.3 573ddcad1ff5 3 weeks ago 217 MB
    calico/ctl v1.1.3 4cb99a60e023 3 weeks ago 44 MB
    quay.io/coreos/hyperkube v1.6.1_coreos.0 37378e671bfc 6 weeks ago 665 MB
    quay.io/coreos/etcd v3.0.17 169a91823cad 7 weeks ago 33.6 MB
    gcr.io/google_containers/kubernetes-dashboard-amd64 v1.6.0 416701f962f2 2 months ago 109 MB
    gcr.io/google_containers/nginx-ingress-controller 0.9.0-beta.3 383e5ec1f5f9 2 months ago 121 MB
    gcr.io/google_containers/cluster-proportional-autoscaler-amd64 1.1.1 ff1e9c00bb46 2 months ago 48.2 MB
    gcr.io/google_containers/heapster-grafana-amd64 v4.0.2 a1956d2a1a16 4 months ago 131 MB
    gcr.io/google_containers/heapster-influxdb-amd64 v1.1.1 d3fccbedd180 4 months ago 11.6 MB
    gcr.io/google_containers/heapster-amd64 v1.3.0-beta.1 4ff6ad0ca64c 4 months ago 101 MB
    gcr.io/google_containers/fluentd-elasticsearch 1.22 7896bdf952bf 4 months ago 266 MB
    gcr.io/google_containers/elasticsearch v2.4.1 358e3f7fd81e 5 months ago 412 MB
    gcr.io/google_containers/kubedns-amd64 1.7 26cf1ed9b144 6 months ago 47 MB
    gcr.io/google_containers/kibana v4.6.1 b65f0ed31993 6 months ago 237 MB
    nginx 1.11.4-alpine 00bc1e841a8f 7 months ago 54.2 MB
    gcr.io/google_containers/exechealthz-amd64 1.1 c3a89c92ef5b 9 months ago 8.33 MB
    gcr.io/google_containers/kube-dnsmasq-amd64 1.3 9a15e39d0db8 11 months ago 5.13 MB
    gcr.io/google_containers/pause-amd64 3.0 99e59f495ffa 12 months ago 747 kB
    andyshinn/dnsmasq 2.72 37aabe06468e 18 months ago 6.27 MB
    gcr.io/google_containers/defaultbackend 1.0 137a07dfd084 19 months ago 7.51 MB

    环境准备

    系统版本

    1. [root@node1 ~]# cat /etc/redhat-release
    2. CentOSLinux release 7.3.1611(Core)
    3. [root@node1 ~]# uname -a
    4. Linux node1 3.10.0-514.16.1.el7.x86_64 #1 SMP Wed Apr 12 15:04:24 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
    5. [root@ansible kargo]# cat /etc/resolv.conf // nameserver 不要超过2个,不然会报错!
    6. ; generated by/sbin/dhclient-script
    7. search localdomain
    8. nameserver 114.114.114.114
    9. nameserver 223.5.5.5

    软件版本

    SERVICEVERSION
    jinja2 2.9.6
    docker 1.13.1
    ansible 2.3.0.0
    python 2.7.5

    关闭防火墙

    1. systemctl stop firewalld
    2. systemctl disable firewalld
    3. systemctl stop NetworkManager
    4. systemctl disable NetworkManager
    5. sed -i 's#^SELINUX=enforcing#SELINUX=disabled#g'/etc/selinux/config
    6. setenforce 0

    安装python3

    1. yum install -y epel-release
    2. yum install -y python-pip python34 python-netaddr python34-pip python-devel git wget zip lrzsz net-tools cracklib-dicts-2.9.0-11.el7 libselinux-python device-mapper-libs python-httplib2 openssl rsync bash-completion socat unzip
    3. pip3 install netaddr jinja2
    4. pip3 install --upgrade Jinja2

    安装ansible

    1. yum install -y python3-pip python-devel pcre pcre-devel gcc gcc-c++ openssl openssl-devel
    2. pip install ansible==2.3.0

    配置ssl

    1. ssh-keygen -t rsa -N ""
    2. ssh-copy-id -i <IP>

    kargo配置

    1. git clone https://github.com/wtli/kargo.git

    准备playbooks配置

    1. [root@ansible kargo]# cat inventory/group_vars/all.yml
    2. # Valid bootstrap options (required): ubuntu, coreos, centos, none
    3. bootstrap_os: centos
    5. #Directory where etcd data stored
    6. etcd_data_dir:/var/lib/etcd
    8. # Directory where the binaries will be installed
    9. bin_dir:/usr/local/bin

    inventory.cfg 节点信息

    1. [root@ansible kargo]# cat inventory/inventory.cfg
    2. [all]
    3. node1 ansible_user=root ansible_host=10.0.0.3 ip=10.0.0.3
    4. node2 ansible_user=root ansible_host=10.0.0.4 ip=10.0.0.4
    5. node3 ansible_user=root ansible_host=10.0.0.5 ip=10.0.0.5
    6. node4 ansible_user=root ansible_host=10.0.0.6 ip=10.0.0.6
    7. node5 ansible_user=root ansible_host=10.0.0.7 ip=10.0.0.7
    9. [kube-master]
    10. node1
    11. node2
    13. [kube-node]
    14. node1
    15. node2
    16. node3
    17. node4
    18. node5
    20. [etcd]
    21. node1
    22. node2
    23. node3
    25. [k8s-cluster:children]
    26. kube-node
    27. kube-master
    29. [calico-rr]

    执行安装

    1. cd kargo
    2. CONFIG_FILE=inventory/inventory.cfg python3 contrib/inventory_builder/inventory.py 10.0.0.310.0.0.410.0.0.510.0.0.610.0.0.7
    3. ansible-playbook -i inventory/inventory.cfg cluster.yml -b -v --private-key=~/.ssh/id_rsa

    添加代理访问kibana

    1. kubectl proxy --address='10.0.0.3'--port=8086--accept-hosts='^*$'
    2. 浏览器输入:
    3. http://10.0.0.3:8086/api/v1/proxy/namespaces/kube-system/services/kibana-logging
    选择了奋斗,以后可以随时还有选择安逸的权力。 但选择了安逸,可能以后就不那么轻易还能有选择奋斗的权力。
  • 相关阅读:
    [BUUCTF 2018]Online Tool
    [ZJCTF 2019]NiZhuanSiWei 1
    [极客大挑战 2019]PHP
    [De1CTF 2019]SSRF Me
    2018网鼎杯 Fakebook
    [CISCN2019 华北赛区 Day2 Web1]Hack World
    SUCTF checkin
    强网杯 高明的黑客
    GYCTF Ezsqli
    GYCTF 盲注【regexp注入+时间盲注】
  • 原文地址:https://www.cnblogs.com/wtli/p/6906399.html
Copyright © 2011-2022 走看看