1. Before Install

1.1 虚拟机准备

本例涉及5个节点，使用kubespray-2.12.7搭建2个master节点和2个node节点的kubernetes集群，其中node0作为ansible的控制节点，node1-node4是受控节点。

操作系统选用ubuntu18.04，且以下所有操作都是以root用户进行的

节点名称	角色	ip地址
node0	controller	192.168.0.2
node1	kube-master	192.168.0.3
node2	kube-master	192.168.0.4
node3	kube-node	192.168.0.5
node4	kube-node	192.168.0.6

1.2 镜像准备

在国外租一台服务器，下载谷歌镜像并推送到阿里云镜像仓库，脚本push_img.sh内容如下：

registry_prefix="registry.ap-northeast-1.aliyuncs.com/google-containers-lpz/"

google_images=(
    "gcr.io/google-containers/kube-proxy:v1.16.11"
    "gcr.io/google-containers/kube-controller-manager:v1.16.11"
    "gcr.io/google-containers/kube-scheduler:v1.16.11"
    "gcr.io/google-containers/kube-apiserver:v1.16.11"
    "gcr.io/google-containers/k8s-dns-node-cache:1.15.8"
    "gcr.io/google-containers/cluster-proportional-autoscaler-amd64:1.6.0"
    "gcr.io/google-containers/pause:3.1"
    "gcr.io/google_containers/pause-amd64:3.1"
);

for images in ${google_images[@]}
do
#截取镜像地址的最后一段
container_name=(${images//\// }) 

#拉取镜像并推送到阿里云的镜像仓库
sudo docker pull $images
sudo docker tag $images $registry_prefix${container_name[2]}
sudo docker push $registry_prefix${container_name[2]}

done

以下文件推送到本地FTP服务器：


https://storage.googleapis.com/kubernetes-release/release/v1.16.11/bin/linux/amd64/kubelet

https://storage.googleapis.com/kubernetes-release/release/v1.16.11/bin/linux/amd64/kubectl

https://storage.googleapis.com/kubernetes-release/release/v1.16.11/bin/linux/amd64/kubeadm

https://github.com/coreos/etcd/releases/download/v3.3.12/etcd-v3.3.12-linux-amd64.tar.gz

https://github.com/containernetworking/plugins/releases/download/v0.8.6/cni-plugins-linux-amd64-v0.8.6.tgz

https://github.com/projectcalico/calicoctl/releases/download/v3.7.3/calicoctl-linux-amd64

1.4 镜像修改

修改kubespray-2.12.7/roles/download/defaults/main.yml

由于dashboard-1.10.1和kubernetesv1.16不兼容，需要将dashboard的镜像地址修改为kubernetesui/dashboard:v2.0.0-beta8

#gcr_image_repo: "gcr.io"
-> gcr_image_repo: "registry.ap-northeast-1.aliyuncs.com"
#kube_image_repo: "{{ gcr_image_repo }}/google-containers"
-> kube_image_repo: "{{ gcr_image_repo }}/google-containers-lpz"

#pod_infra_image_repo: "{{ gcr_image_repo }}/google_containers/pause-{{ image_arch }}"
-> pod_infra_image_repo: "{{ kube_image_repo }}/pause-{{ image_arch }}"

#dashboard_image_repo: "{{ gcr_image_repo }}/google_containers/kubernetes-dashboard-{{ image_arch }}"
-> dashboard_image_repo: "kubernetesui/dashboard"
#dashboard_image_tag: "xxx"
-> dashboard_image_tag: "v2.0.0-beta8"

#新增ftp服务器地址
-> ftp_url: ftp://192.168.0.2
#kubelet_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kube_version }}/bin/linux/{{ image_arch }}/kubelet"
-> kubelet_download_url: "{{ ftp_url }}/kubelet"
#kubectl_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kube_version }}/bin/linux/{{ image_arch }}/kubectl"
-> kubectl_download_url: "{{ ftp_url }}/kubectl"
#kubeadm_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kubeadm_version }}/bin/linux/{{ image_arch }}/kubeadm"
-> kubeadm_download_url: "{{ ftp_url }}/kubeadm"
etc#d_download_url: "https://github.com/coreos/etcd/releases/download/{{ etcd_version }}/etcd-{{ etcd_version }}-linux-{{ image_arch }}.tar.gz"
-> etcd_download_url: "{{ ftp_url }}/etcd-v3.3.12-linux-amd64.tar.gz"
#cni_download_url: "https://github.com/containernetworking/plugins/releases/download/{{ cni_version }}/cni-plugins-linux-{{ image_arch }}-{{ cni_version }}.tgz"
-> cni_download_url: "{{ ftp_url }}/cni-plugins-linux-amd64-v0.8.6.tgz"
#calicoctl_download_url: "https://github.com/projectcalico/calicoctl/releases/download/{{ calico_ctl_version }}/calicoctl-linux-{{ image_arch }}"
-> calicoctl_download_url: "{{ ftp_url }}/calicoctl-linux-amd64"

修改kubespray-2.12.7/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml

1 2	#kube_image_repo: "{{ gcr_image_repo }}/google-containers" -> kube_image_repo: "{{ gcr_image_repo }}/google-containers-lpz"

2. Installation

2.1 docker的安装和配置

2.1.1 安装指定版本的docker

提前下载docker，配置阿里云镜像加速器，以从阿里云镜像仓库拉取镜像。

kubespray-2.12.7对应的docker版本为 docker-ce=5:18.09.7~~3-0~~ubuntu-bionic

添加Docker官方的GPG密钥

1	$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg \| sudo apt-key add -

设置statble存储库

1	$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

安装docker-ce=5:18.09.7~~3-0~~ubuntu-bionic

1 2	$ sudo apt update $ sudo apt install -y docker-ce=5:18.09.7~3-0~ubuntu-bionic

2.1.2 配置docker镜像加速器

$ tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://htdsx47m.mirror.aliyuncs.com"]
}
EOF
$ systemctl daemon-reload
$ systemctl restart docker

2.2 使用Kubespray部署Kubernetes集群

2.2.1 配置控制节点对其他节点的SSH免密登录

在controller节点生成密钥对(位于~/.ssh/)

1	$ ssh-keygen -t rsa

将公钥上传到其他节点

在上传之前要确保节点的ssh允许root用户登录和密码登录（PermitRootLogin和PasswordAuthentication字段为yes）

$ ssh-copy-id -i .ssh/id_rsa.pub root@192.168.0.3
$ ssh-copy-id -i .ssh/id_rsa.pub root@192.168.0.4
$ ssh-copy-id -i .ssh/id_rsa.pub root@192.168.0.5
$ ssh-copy-id -i .ssh/id_rsa.pub root@192.168.0.6

验证是否成功,如果可以直接登录则成功
1
$ ssh ubuntu@192.168.0.3

2.2.2在控制节点上下载、安装kubepray

安装pip3
1
$ sudo apt install -y python3-pip

配置pip3加速

$ mkdir ~/.pip
$ cat > ~/.pip/pip.conf << EOF
[global]
trusted-host=mirrors.aliyun.com
index-url=http://mirrors.aliyun.com/pypi/simple/
EOF

下载kubespray并解压

1
2
3

$ cd ~
$ wget https://github.com/kubernetes-sigs/kubespray/archive/v2.12.7.zip
$ unzip v2.12.7.zip

安装kubespray，部署kubernetes

$ cd kubespray-2.12.7/
$ sudo pip3 install -r requirements.txt
$ cp -rfp inventory/sample inventory/mycluster
$ declare -a IPS=(192.168.0.3 192.168.0.4 192.168.0.5 192.168.0.6)
$ CONFIG_FILE=inventory/mycluster/hosts.yaml python3 contrib/inventory_builder/inventory.py ${IPS[@]}

修改hosts.ini的内容

1 2	$ vi inventory/mycluster/hosts.yaml

最后，执行安装过程。ansible用到的python为python2

1	$ ansible-playbook -i inventory/mycluster/hosts.yaml --become --become-user=root cluster.yml

Reference ：

← 搭建Hexo博客 OpenStack Swift中间件的原理及编写方式 →

在国内使用Kubespray搭建Kubernetes集群