由于k8s计划在v1.20后弃用docker(指容器运行时,而非docker容器),故计划采用containerd作为容器运行时。
一、安装containerd和crictl
1.1 名词解释
runc:根据OCI规范来生成和运行容器的命令行工具。
containerd:容器运行时
crictl:k8s的命令行工具
1.2 安装步骤
# 1. 安装 runc
curl -OL https://github.com/opencontainers/runc/releases/download/v1.0.0-rc92/runc.amd64
mv runc.amd64 /usr/local/bin/runc && chmod +x /usr/local/bin/runc
# 2. 安装 containerd
curl -OL https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz
tar -zxvf containerd-1.4.3-linux-amd64.tar.gz -C /usr/local
curl -o /etc/systemd/system/containerd.service https://raw.githubusercontent.com/containerd/cri/master/contrib/systemd-units/containerd.service
# 3. 配置 containerd
mkdir -p /etc/containerd
cat > /etc/containerd/config.toml << EOF
[plugins]
[plugins."io.containerd.grpc.v1.cri"]
sandbox_image = "kubesphere/pause:3.2"
[plugins."io.containerd.grpc.v1.cri".registry]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://registry-1.docker.io"] ## 这里可替换成dockerhub的镜像加速器
EOF
systemctl enable containerd && systemctl restart containerd
# 4. 安装 crictl
VERSION="v1.19.0"
curl -OL https://github.com/kubernetes-sigs/cri-tools/releases/download/$VERSION/crictl-$VERSION-linux-amd64.tar.gz
sudo tar zxvf crictl-$VERSION-linux-amd64.tar.gz -C /usr/local/bin
rm -f crictl-$VERSION-linux-amd64.tar.gz
# 5. 配置crictl
cat > /etc/crictl.yaml << EOF
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 2
debug: false
pull-image-on-create: false
EOF
二、部署k8s和kubesphere
# 1. 下载kubekey
## 这里暂时使用kubekey v1.1.0-alpha.1部署kubernetes集群,该版本为预览版,支持多container-runtime也会包含在后续的正式版本中。
curl -OL https://github.com/kubesphere/kubekey/releases/download/v1.1.0-alpha.1/kubekey-v1.1.0-alpha.1-linux-amd64.tar.gz
tar -zxvf kubekey-v1.1.0-alpha.1-linux-amd64.tar.gz
# 2. 创建配置文件
./kk create config # 默认在同级目录下生成 config-sample.yaml
# 3. 根据真实环境信息修改配置文件
vi config-sample.yaml
apiVersion: kubekey.kubesphere.io/v1alpha1
kind: Cluster
metadata:
name: sample
spec:
hosts:
- {name: node1, address: 192.168.6.3, internalAddress: 192.168.6.3, password: xxx}
- {name: node2, address: 192.168.6.4, internalAddress: 192.168.6.4, password: xxx}
roleGroups:
etcd:
- node1
master:
- node1
worker:
- node1
- node2
controlPlaneEndpoint:
domain: lb.kubesphere.local
address: ""
port: 6443
kubernetes:
version: v1.17.9
imageRepo: kubesphere
clusterName: cluster.local
containerManager: containerd ## 这里填入之前部署的container-runtime:containerd / crio / isula
network:
plugin: calico
kubePodsCIDR: 10.233.64.0/18
kubeServiceCIDR: 10.233.0.0/18
registry:
registryMirrors: []
insecureRegistries: []
addons: []
# 4. 部署集群
./kk create cluster -f config-sample.yaml --with-kubesphere
# 5. 等待集群部署完成
注:kubesphere默认账号密码是admin/P@88w0rd
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用
。你还可以使用@
来通知其他用户。