使用KubeKey 离线环境部署 KubeSphere v3.0.0
使用KubeKey 離線環境部署 KubeSphere v3.0.0
環境準備
以三臺centos 7.7 64bit 為例:
| node1 | 192.168.6.17 | etcd, master, worker |
| node2 | 192.168.6.18 | worker |
| node3 | 192.168.6.19 | worker |
確保機器已經安裝所需依賴軟件(sudo curl openssl ebtables socat ipset conntrack docker),離線環境下可使用私有源或者rpm包(centos類OS)或deb包(debian類OS)安裝。
具體環境要求參見:https://github.com/kubesphere/kubekey/tree/release-1.0#requirements-and-recommendations
建議:可將安裝了所有依賴軟件的操作系統制作成系統鏡像使用,避免每臺機器都安裝依賴軟件,即可提升交付部署效率,又可避免依賴問題的發生。
如已有k8s集群,可將kubesphere相關鏡像導入倉庫之后使用ks-installer部署: https://github.com/kubesphere/ks-installer/tree/release-3.0
鏡像倉庫
可使用harbor或其他第三方鏡像倉庫。
如需快速部署自簽名鏡像倉庫可參考:https://kubesphere.com.cn/forum/d/2240-docker-registry
安裝包下載:
提示:由于包含所有組件鏡像,該壓縮包較大,如果網絡不佳,可能會導致下載耗時較長。也可根據文檔中的鏡像列表將相關鏡像導入私有鏡像倉庫中后使用kubekey自行安裝。
# md5: 65e9a1158a682412faa1166c0cf06772 curl -Ok https://kubesphere-installer.pek3b.qingstor.com/offline/v3.0.0/kubesphere-all-v3.0.0-offline-linux-amd64.tar.gz安裝步驟:
1. 創建集群配置文件
安裝包解壓后進入kubesphere-all-v3.0.0-offline-linux-amd64
修改生成的配置文件config-sample.yaml,也可使用-f參數自定義配置文件路徑。kk詳細用法可參考:https://github.com/kubesphere/kubekey
注意填寫正確的私有倉庫地址privateRegistry(如已準備好私有倉庫可設置為已有倉庫地址,若計劃使用kubekey創建私有倉庫,則該參數設置為:dockerhub.kubekey.local)
apiVersion: kubekey.kubesphere.io/v1alpha1 kind: Cluster metadata:name: sample spec:hosts:- {name: node1, address: 192.168.6.17, internalAddress: 192.168.6.17, password: Qcloud@123}- {name: node2, address: 192.168.6.18, internalAddress: 192.168.6.18, password: Qcloud@123}- {name: node3, address: 192.168.6.19, internalAddress: 192.168.6.19, password: Qcloud@123}roleGroups:etcd:- node1master:- node1worker:- node1- node2- node3controlPlaneEndpoint:domain: lb.kubesphere.localaddress: ""port: "6443"kubernetes:version: v1.17.9imageRepo: kubesphereclusterName: cluster.localnetwork:plugin: calicokubePodsCIDR: 10.233.64.0/18kubeServiceCIDR: 10.233.0.0/18registry:registryMirrors: []insecureRegistries: []privateRegistry: dockerhub.kubekey.localaddons: []--- apiVersion: installer.kubesphere.io/v1alpha1 kind: ClusterConfiguration metadata:name: ks-installernamespace: kubesphere-systemlabels:version: v3.0.0 spec:local_registry: ""persistence:storageClass: ""authentication:jwtSecret: ""etcd:monitoring: trueendpointIps: localhostport: 2379tlsEnable: truecommon:es:elasticsearchDataVolumeSize: 20GielasticsearchMasterVolumeSize: 4GielkPrefix: logstashlogMaxAge: 7mysqlVolumeSize: 20GiminioVolumeSize: 20GietcdVolumeSize: 20GiopenldapVolumeSize: 2GiredisVolumSize: 2Giconsole:enableMultiLogin: false # enable/disable multi loginport: 30880alerting:enabled: falseauditing:enabled: falsedevops:enabled: falsejenkinsMemoryLim: 2GijenkinsMemoryReq: 1500MijenkinsVolumeSize: 8GijenkinsJavaOpts_Xms: 512mjenkinsJavaOpts_Xmx: 512mjenkinsJavaOpts_MaxRAM: 2gevents:enabled: falseruler:enabled: truereplicas: 2logging:enabled: falselogsidecarReplicas: 2metrics_server:enabled: truemonitoring:prometheusMemoryRequest: 400MiprometheusVolumeSize: 20Gimulticluster:clusterRole: none # host | member | nonenetworkpolicy:enabled: falsenotification:enabled: falseopenpitrix:enabled: falseservicemesh:enabled: false2. 環境初始化 (可選)
若已安裝相關依賴,并且已經準備好鏡像倉庫,可略過該步驟。 (為避免依賴問題的產生,建議提前安裝相關依賴或使用已安裝相關依賴的系統鏡像執行安裝)
注意:如需使用kk創建自簽名鏡像倉庫,則會在當前機器啟動docker registry服務,請確保當前機器存在registry:2,如沒有,可從kubesphere-images-v3.0.0/registry.tar中導入,導入命令:docker load < registry.tar
注意:由kk啟動的鏡像倉庫端口為443,請確保所有機器均可訪問當前機器443端口。鏡像數據存儲到本地/mnt/registry (建議單獨掛盤)。
dependencies目錄中僅提供了ubuntu16.04 (ubuntu-16.04-amd64-debs.tar.gz)、ubuntu18.04 (ubuntu-18.04-amd64-debs.tar.gz)以及centos7 (centos-7-amd64-rpms.tar.gz)的相關依賴包,其它操作系統可自行制作rpm或deb依賴包。打包規則為 releaseID?{releaseID}-releaseID?{versionID}-osArch?{osArch}-osArch?{debs or rpms}.tar.gz
# 執行如下命令會對配置文件中所有節點安裝依賴: ./kk init os -f config-sample.yaml -s ./dependencies/# 如需使用kk創建自簽名鏡像倉庫,可執行如下命令: ./kk init os -f config-sample.yaml -s ./dependencies/ --add-images-repo3. 導入鏡像
進入kubesphere-all-v3.0.0-offline-linux-amd64/kubesphere-images-v3.0.0
使用push-images.sh將鏡像導入之前準備的倉庫中:
# 腳本后鏡像倉庫地址請填寫真實倉庫地址 ./push-images.sh dockerhub.kubekey.local如需自行到入鏡像,可參考如下方法:
以kubesphere/kube-apiserver:v1.17.9為例
docker tag kubesphere/kube-apiserver:v1.17.9 dockerhub.kubesphere.local/kubesphere/kube-apiserver:v1.17.9
注意: retag鏡像時需要保留原始鏡像的namespace
部署
以上準備工作完成且再次檢查配置文件無誤后,執行安裝。
執行安裝
./kk create cluster -f config-sample.yaml附: 鏡像列表
k8s: kubesphere/kube-apiserver:v1.17.9 kubesphere/kube-scheduler:v1.17.9 kubesphere/kube-proxy:v1.17.9 kubesphere/kube-controller-manager:v1.17.9 kubesphere/pause:3.1 kubesphere/pause:3.2 (k8s版本大于v1.18) kubesphere/etcd:v3.3.12 calico/kube-controllers:v3.15.1 calico/node:v3.15.1 calico/cni:v3.15.1 calico/pod2daemon-flexvol:v3.15.1 coredns/coredns:1.6.9 kubesphere/k8s-dns-node-cache:1.15.12localVolume: kubesphere/node-disk-manager:0.5.0 kubesphere/node-disk-operator:0.5.0 kubesphere/provisioner-localpv:1.10.0 kubesphere/linux-utils:1.10.0kubesphere: kubesphere/ks-apiserver:v3.0.0 kubesphere/ks-console:v3.0.0 kubesphere/ks-controller-manager:v3.0.0 kubesphere/ks-installer:v3.0.0 kubesphere/etcd:v3.2.18 kubesphere/kubectl:v1.0.0 kubesphere/ks-upgrade:v3.0.0 kubesphere/ks-devops:flyway-v3.0.0 redis:5.0.5-alpine alpine:3.10.4 haproxy:2.0.4 mysql:8.0.11 nginx:1.14-alpine minio/minio:RELEASE.2019-08-07T01-59-21Z minio/mc:RELEASE.2019-08-07T23-14-43Z mirrorgooglecontainers/defaultbackend-amd64:1.4 kubesphere/nginx-ingress-controller:0.24.1 osixia/openldap:1.3.0 csiplugin/snapshot-controller:v2.0.1 kubesphere/ks-upgrade:v3.0.0 kubesphere/ks-devops:flyway-v3.0.0monitoring: kubesphere/prometheus-config-reloader:v0.38.3 kubesphere/prometheus-operator:v0.38.3 prom/alertmanager:v0.21.0 prom/prometheus:v2.20.1 kubesphere/node-exporter:ks-v0.18.1 jimmidyson/configmap-reload:v0.3.0 kubesphere/notification-manager-operator:v0.1.0 kubesphere/notification-manager:v0.1.0 kubesphere/metrics-server:v0.3.7 kubesphere/kube-rbac-proxy:v0.4.1 kubesphere/kube-state-metrics:v1.9.6logging: kubesphere/elasticsearch-oss:6.7.0-1 kubesphere/elasticsearch-curator:v5.7.6 kubesphere/fluentbit-operator:v0.2.0 kubesphere/fluentbit-operator:migrator kubesphere/fluent-bit:v1.4.6 kubesphere/kube-auditing-operator:v0.1.0 kubesphere/kube-auditing-webhook:v0.1.0 kubesphere/kube-events-exporter:v0.1.0 kubesphere/kube-events-operator:v0.1.0 kubesphere/kube-events-ruler:v0.1.0 kubesphere/log-sidecar-injector:1.1 docker:19.03 service-mesh: istio/citadel:1.4.8 istio/galley:1.4.8 istio/kubectl:1.4.8 istio/mixer:1.4.8 istio/pilot:1.4.8 istio/proxyv2:1.4.8 istio/sidecar_injector:1.4.8 jaegertracing/jaeger-agent:1.17 jaegertracing/jaeger-collector:1.17 jaegertracing/jaeger-operator:1.17.1 jaegertracing/jaeger-query:1.17 jaegertracing/jaeger-es-index-cleaner:1.17.1devops: jenkins/jenkins:2.176.2 jenkins/jnlp-slave:3.27-1 kubesphere/jenkins-uc:v3.0.0 kubesphere/s2ioperator:v2.1.1 kubesphere/s2irun:v2.1.1 kubesphere/builder-base:v2.1.0 kubesphere/builder-nodejs:v2.1.0 kubesphere/builder-maven:v2.1.0 kubesphere/builder-go:v2.1.0 kubesphere/s2i-binary:v2.1.0 kubesphere/tomcat85-java11-centos7:v2.1.0 kubesphere/tomcat85-java11-runtime:v2.1.0 kubesphere/tomcat85-java8-centos7:v2.1.0 kubesphere/tomcat85-java8-runtime:v2.1.0 kubesphere/java-11-centos7:v2.1.0 kubesphere/java-8-centos7:v2.1.0 kubesphere/java-8-runtime:v2.1.0 kubesphere/java-11-runtime:v2.1.0 kubesphere/nodejs-8-centos7:v2.1.0 kubesphere/nodejs-6-centos7:v2.1.0 kubesphere/nodejs-4-centos7:v2.1.0 kubesphere/python-36-centos7:v2.1.0 kubesphere/python-35-centos7:v2.1.0 kubesphere/python-34-centos7:v2.1.0 kubesphere/python-27-centos7:v2.1.0notification&&alerting: kubesphere/notification:flyway_v2.1.2 kubesphere/notification:v2.1.2 kubesphere/alert-adapter:v3.0.0 kubesphere/alerting-dbinit:v3.0.0 kubesphere/alerting:v2.1.2multicluster: kubesphere/kubefed:v0.3.0 kubesphere/tower:v0.1.0openpitrix(app store): openpitrix/generate-kubeconfig:v0.5.0 openpitrix/openpitrix:flyway-v0.5.0 openpitrix/openpitrix:v0.5.0 openpitrix/release-app:v0.5.0參考鏈接:
https://kubesphere.com.cn/forum/d/2034-kubekey-kubesphere-v300
總結
以上是生活随笔為你收集整理的使用KubeKey 离线环境部署 KubeSphere v3.0.0的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: k8s kubesphere进入ks-i
- 下一篇: 解决kubesphere node-ex