【Baetyl】k8s环境下安装
Baetyl 国内环境安装
Docker
/etc/docker/daemon.json中添加/修改:
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn/"],
}
重启Docker
安装 k8s
也可手动安装k3s或rancher安装k3s
# 安装 kubeadm kubectl kubelet
gpg --keyserver keyserver.ubuntu.com --recv-keys BA07F4FB
gpg --export --armor BA07F4FB | sudo apt-key add -
echo "deb https://mirrors.tuna.tsinghua.edu.cn/kubernetes/apt kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list
apt update
apt install kubeadm kubectl kubelet
# 查看指定k8s版本需要哪些镜像
kubeadm config images list --kubernetes-version v1.18.3
终端输出:
k8s.gcr.io/kube-apiserver:1.18.3
k8s.gcr.io/kube-controller-manager:v1.18.3
k8s.gcr.io/kube-scheduler:v1.18.3
k8s.gcr.io/kube-proxy:v1.18.3
k8s.gcr.io/pause:3.2
k8s.gcr.io/etcd:3.4.3-0
k8s.gcr.io/coredns:1.6.7
新建脚本get-k8s-images.sh 并替换版本号:
#!/bin/bash
images=(
kube-apiserver:v1.18.3
kube-controller-manager:v1.18.3
kube-scheduler:v1.18.3
kube-proxy:v1.18.3
pause:3.2
etcd:3.4.3-0
coredns:1.6.7
)
for imageName in ${images[@]} ; do
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
done
执行get-k8s-images.sh 以便从国内hub获取镜像。修改kubelet配置中的默认cgroup driver:
cat > /var/lib/kubelet/config.yaml <<EOF
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
cgroupDriver: systemd
EOF
systemctl restart kubelet
启动k8s:
kubeadm init --pod-network-cidr=10.244.0.0/16 --kubernetes-version=v1.18.3
启动完毕后有后续步骤的相关提示,具体操作为配置$HOME/.kube/config:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
添加网络组件(Flannel):
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
添加本地存储支持:
wget https://raw.githubusercontent.com/rancher/local-path-provisioner/master/deploy/local-path-storage.yaml
kubectl create -f local-path-storage.yaml
设置该存储为默认存储:
kubectl patch storageclass local-path -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
安装Baetyl
在安装边缘节点时报错:
curl -d "{\"name\":\"demo-node\"}" -H "Content-Type: application/json" -X POST http://0.0.0.0:30004/v1/nodes
{"code":"UnknownError","message":"nodes.cloud.baetyl.io \"demo-node\" is forbidden: User \"system:serviceaccount:default:baetyl-cloud\" cannot get resource \"nodes\" in API group \"cloud.baetyl.io\" in the namespace \"baetyl-cloud\"","requestId":""}
临时的解决办法:为账户baetyl-cloud添加所有相关权限:
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: my-baetyl-cr
labels:
custom: role-patch
rules:
- apiGroups:
- cloud.baetyl.io
resources:
- nodes
- applications
- configurations
- nodedesires
- nodereports
- secrets
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: my-baetyl-crb
labels:
custom: role-patch
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: my-baetyl-cr
subjects:
- kind: ServiceAccount
name: baetyl-cloud
namespace: default
浙公网安备 33010602011771号