kubernetes for china

kubernetes-for-china

 

安裝 Kubernetes

1. 安裝Docker

$ curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun

1. 安裝 kubeadm, kubelet and kubectl

   • Alibaba Kubernetes mirror

# root（sudo -i)
apt-get update && apt-get install -y apt-transport-https
curl -s https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubelet kubeadm kubectl

1. 預先從阿里的 gcr.io 鏡像服務拉取必要的 images

$ ./load_images.sh

1. 使用 kubeadm 建立 Kubernetes 集羣

# 確保關閉交換空間(running with swap on is not supported. Please disable swap)
$ sudo swapoff -a
# 永久關閉須要編輯 `/etc/fstab` 註釋掉 `swap` 所在行

# 能夠用下面的命令列出 kubeadm 須要的 images
$ kubeadm config images list --kubernetes-version=v1.13.2

# 集羣初始化（init.yml文件中配置了使用阿里的鏡像倉庫）
$ sudo kubeadm init --config init.yml
# 或者執行(忽略Docker版本檢查)
$ sudo kubeadm init --config init.yml --ignore-preflight-errors=SystemVerification

# 使用 `kube-router` 網絡
$ sudo KUBECONFIG=/etc/kubernetes/admin.conf kubectl apply -f https://raw.githubusercontent.com/cloudnativelabs/kube-router/master/daemonset/kubeadm-kuberouter.yaml

# Master Isolation (if single-machine Kubernetes cluster )
$ kubectl taint nodes --all node-role.kubernetes.io/master-

 

Helm

# 安裝
$ curl -s https://storage.googleapis.com/kubernetes-helm/helm-v2.12.1-linux-amd64.tar.gz | tar xzv
$ sudo cp linux-amd64/helm /usr/local/bin
$ rm -rf linux-amd64

# 本地初始化，並將 `Tiller` 安裝到 `Kubernetes` 集羣
$ helm init

# fix https://github.com/kubernetes/helm/issues/3130
$ kubectl create serviceaccount --namespace kube-system tiller
$ kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
$ kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'

# 更新本地 charts repo
$ helm repo update

# 測試安裝 mysql chart
$ helm install --name my-mysql stable/mysql

# 刪除 mysql
$ helm delete my-mysql

# 刪除並釋放該部署名以便重用
$ helm delete --purge my-mysql

 

Rook

$ docker pull rook/ceph:master

# 安裝 Rook Operator: https://rook.io/docs/rook/master/helm-operator.html
$ kubectl create -f https://raw.githubusercontent.com/rook/rook/master/cluster/examples/kubernetes/ceph/operator.yaml

# 建立 Rook cluster
$ kubectl apply -f https://raw.githubusercontent.com/rook/rook/master/cluster/examples/kubernetes/ceph/cluster.yaml

# 列出 rook-ceph 命名空間下的 pods
$ kubectl -n rook-ceph get pod

# 建立 storage pools.
$ kubectl apply -f https://raw.githubusercontent.com/rook/rook/master/cluster/examples/kubernetes/ceph/pool.yaml
# 建立塊存儲(block storage)
$ kubectl apply -f https://raw.githubusercontent.com/rook/rook/master/cluster/examples/kubernetes/ceph/storageclass.yaml

# 將 rook-block 設置爲默認的 storageclass 
$ kubectl patch storageclass rook-ceph-block -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

# Shared File System

# Create the File System
kubectl create -f https://raw.githubusercontent.com/rook/rook/master/cluster/examples/kubernetes/ceph/filesystem.yaml

# 啓動rook-ceph-tools pod
kubectl create -f https://raw.githubusercontent.com/rook/rook/master/cluster/examples/kubernetes/ceph/toolbox.yaml
# 進入 pod
kubectl -n rook-ceph exec -it rook-ceph-tools bash

# 獲取掛載須要的主機掛載入口IP和用戶密鑰
mon_endpoints=$(grep mon_host /etc/ceph/ceph.conf | awk '{print $3}')
my_secret=$(grep key /etc/ceph/keyring | awk '{print $3}')

# 若是在普通的docker 容器中掛載須要這樣啓動容器
docker run -it --rm --privileged -v /lib/modules:/lib/modules ubuntu bash

# 建立掛載目錄
mkdir /cephfs
# 掛載文件系統
mount -t ceph -o mds_namespace=myfs,name=admin,secret=$my_secret $mon_endpoints:/ /cephfs
# 查看掛載的文件系統
df -h

# 卸載文件系統
umount /cephfs

升級 Kubernetes 版本

# 修改 `init.yml` 中 `kubernetesVersion` 版本號， 執行
sudo kubeadm upgrade apply --config init.yml --ignore-preflight-errors=SystemVerification

Ref:

• https://github.com/maguowei/kubernetes-for-china