014.Kubernetes二进制部署docker

2019-11-18 09:18:40来源:博客园 阅读 ()

新老客户大回馈,云服务器低至5折

014.Kubernetes二进制部署docker

一 部署docker

1.1 部署docker组件

docker 运行和管理容器,kubelet 通过 Container Runtime Interface (CRI) 与它进行交互。

1.2 下载docker

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# wget https://download.docker.com/linux/static/stable/x86_64/docker-18.09.6.tgz
  3 [root@k8smaster01 work]# tar -xvf docker-18.09.6.tgz

提示:更多docker版本下载参考https://download.docker.com/linux/static/stable/x86_64/。

1.3 安装和部署docker

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh
  3 [root@k8smaster01 work]# for all_ip in ${ALL_IPS[@]}
  4   do
  5     echo ">>> ${all_ip}"
  6     scp docker/*  root@${all_ip}:/opt/k8s/bin/
  7     ssh root@${all_ip} "chmod +x /opt/k8s/bin/*"
  8   done

1.4 配置docker system

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# cat > docker.service <<"EOF"
  3 [Unit]
  4 Description=Docker Application Container Engine
  5 Documentation=http://docs.docker.io
  6 
  7 [Service]
  8 WorkingDirectory=##DOCKER_DIR##
  9 Environment="PATH=/opt/k8s/bin:/bin:/sbin:/usr/bin:/usr/sbin"
 10 EnvironmentFile=-/run/flannel/docker
 11 ExecStart=/opt/k8s/bin/dockerd $DOCKER_NETWORK_OPTIONS
 12 ExecReload=/bin/kill -s HUP $MAINPID
 13 Restart=on-failure
 14 RestartSec=5
 15 LimitNOFILE=infinity
 16 LimitNPROC=infinity
 17 LimitCORE=infinity
 18 Delegate=yes
 19 KillMode=process
 20 
 21 [Install]
 22 WantedBy=multi-user.target
 23 EOF

解释:

  • EOF 前后有双引号,这样 bash 不会替换文档中的变量,如 $DOCKER_NETWORK_OPTIONS (这些环境变量是 systemd 负责替换的。);
  • dockerd 运行时会调用其它 docker 命令,如 docker-proxy,所以需要将 docker 命令所在的目录加到 PATH 环境变量中;
  • flanneld 启动时将网络配置写入 /run/flannel/docker 文件中,dockerd 启动前读取该文件中的环境变量 DOCKER_NETWORK_OPTIONS ,然后设置 docker0 网桥网段;
  • 如果指定了多个 EnvironmentFile 选项,则必须将 /run/flannel/docker 放在最后(确保 docker0 使用 flanneld 生成的 bip 参数);
  • docker 需要以 root 用于运行;
  • docker 从 1.13 版本开始,可能将 iptables FORWARD chain的默认策略设置为DROP,从而导致 ping 其它 Node 上的 Pod IP 失败,遇到这种情况时,需要手动设置策略为 ACCEPT:
  1 [root@k8smaster01 ~]# echo '/sbin/iptables -P FORWARD ACCEPT' >> /etc/rc.local

并且把以下命令写入 /etc/rc.local 文件中,防止节点重启iptables FORWARD chain的默认策略又还原为DROP

1.5 分发docker systemd

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh
  3 [root@k8smaster01 work]# sed -i -e "s|##DOCKER_DIR##|${DOCKER_DIR}|" docker.service
  4 [root@k8smaster01 work]# for all_ip in ${ALL_IPS[@]}
  5   do
  6     echo ">>> ${all_ip}"
  7     scp docker.service root@${all_ip}:/etc/systemd/system/
  8   done

1.6 配置docker配置文件

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh
  3 [root@k8smaster01 work]# cat > docker-daemon.json <<EOF
  4 {
  5     "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn","https://hub-mirror.c.163.com"],
  6     "insecure-registries": ["docker02:35000"],
  7     "max-concurrent-downloads": 20,
  8     "live-restore": true,
  9     "max-concurrent-uploads": 10,
 10     "debug": true,
 11     "data-root": "${DOCKER_DIR}/data",
 12     "exec-root": "${DOCKER_DIR}/exec",
 13     "log-opts": {
 14       "max-size": "100m",
 15       "max-file": "5"
 16     }
 17 }
 18 EOF

1.7 分发docker配置文件

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh
  3 [root@k8smaster01 work]# for all_ip in ${ALL_IPS[@]}
  4   do
  5     echo ">>> ${all_ip}"
  6     ssh root@${all_ip} "mkdir -p /etc/docker/ ${DOCKER_DIR}/{data,exec}"
  7     scp docker-daemon.json root@${all_ip}:/etc/docker/daemon.json
  8   done

二 启动并验证

2.1 启动docker

  1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh
  2 [root@k8smaster01 ~]# for all_ip in ${ALL_IPS[@]}
  3   do
  4     echo ">>> ${all_ip}"
  5     ssh root@${all_ip} "systemctl daemon-reload && systemctl enable docker && systemctl restart docker"
  6   done

2.2 检查docker服务

  1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh
  2 [root@k8smaster01 ~]# for all_ip in ${ALL_IPS[@]}
  3   do
  4     echo ">>> ${all_ip}"
  5     ssh root@${all_ip} "systemctl status docker|grep Active"
  6   done

clipboard

2.3 检查docker 0网桥

  1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh
  2 [root@k8smaster01 ~]# for all_ip in ${ALL_IPS[@]}
  3   do
  4     echo ">>> ${all_ip}"
  5     ssh root@${all_ip} "/usr/sbin/ip addr show flannel.1 && /usr/sbin/ip addr show docker0"
  6   done

clipboard

提示:确认各 worker 节点的 docker0 网桥和 flannel.1 接口的 IP 处于同对应的相同网段中。

2.4 查看docker信息

  1 [root@k8smaster01 ~]# ps -elfH|grep docker | grep -v grep
  2 [root@k8smaster01 ~]# docker info


原文链接:https://www.cnblogs.com/itzgr/p/11880792.html
如有疑问请与原作者联系

标签:

版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com
特别注意:本站所有转载文章言论不代表本站观点,本站所提供的摄影照片,插画,设计作品,如需使用,请与原作者联系,版权归原作者所有

上一篇:013.Kubernetes二进制部署worker节点Nginx实现高可用

下一篇:Shell—输入输出重定向