欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  科技

014.Kubernetes二进制部署docker

程序员文章站 2022-05-29 09:14:06
一 部署docker1.1 部署docker组件docker 运行和管理容器,kubelet 通过 Container Runtime Interface (CRI) 与它进行交互。1.2 下载docker 1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [ro ......

一 部署docker

1.1 部署docker组件

docker 运行和管理容器,kubelet 通过 container runtime interface (cri) 与它进行交互。

1.2 下载docker

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# wget https://download.docker.com/linux/static/stable/x86_64/docker-18.09.6.tgz
  3 [root@k8smaster01 work]# tar -xvf docker-18.09.6.tgz

提示:更多docker版本下载参考https://download.docker.com/linux/static/stable/x86_64/。

1.3 安装和部署docker

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh
  3 [root@k8smaster01 work]# for all_ip in ${all_ips[@]}
  4   do
  5     echo ">>> ${all_ip}"
  6     scp docker/*  root@${all_ip}:/opt/k8s/bin/
  7     ssh root@${all_ip} "chmod +x /opt/k8s/bin/*"
  8   done

1.4 配置docker system

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# cat > docker.service <<"eof"
  3 [unit]
  4 description=docker application container engine
  5 documentation=http://docs.docker.io
  6 
  7 [service]
  8 workingdirectory=##docker_dir##
  9 environment="path=/opt/k8s/bin:/bin:/sbin:/usr/bin:/usr/sbin"
 10 environmentfile=-/run/flannel/docker
 11 execstart=/opt/k8s/bin/dockerd $docker_network_options
 12 execreload=/bin/kill -s hup $mainpid
 13 restart=on-failure
 14 restartsec=5
 15 limitnofile=infinity
 16 limitnproc=infinity
 17 limitcore=infinity
 18 delegate=yes
 19 killmode=process
 20 
 21 [install]
 22 wantedby=multi-user.target
 23 eof

解释:

  • eof 前后有双引号,这样 bash 不会替换文档中的变量,如 $docker_network_options (这些环境变量是 systemd 负责替换的。);
  • dockerd 运行时会调用其它 docker 命令,如 docker-proxy,所以需要将 docker 命令所在的目录加到 path 环境变量中;
  • flanneld 启动时将网络配置写入 /run/flannel/docker 文件中,dockerd 启动前读取该文件中的环境变量 docker_network_options ,然后设置 docker0 网桥网段;
  • 如果指定了多个 environmentfile 选项,则必须将 /run/flannel/docker 放在最后(确保 docker0 使用 flanneld 生成的 bip 参数);
  • docker 需要以 root 用于运行;
  • docker 从 1.13 版本开始,可能将 iptables forward chain的默认策略设置为drop,从而导致 ping 其它 node 上的 pod ip 失败,遇到这种情况时,需要手动设置策略为 accept:
  1 [root@k8smaster01 ~]# echo '/sbin/iptables -p forward accept' >> /etc/rc.local

并且把以下命令写入 /etc/rc.local 文件中,防止节点重启iptables forward chain的默认策略又还原为drop

1.5 分发docker systemd

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh
  3 [root@k8smaster01 work]# sed -i -e "s|##docker_dir##|${docker_dir}|" docker.service
  4 [root@k8smaster01 work]# for all_ip in ${all_ips[@]}
  5   do
  6     echo ">>> ${all_ip}"
  7     scp docker.service root@${all_ip}:/etc/systemd/system/
  8   done

1.6 配置docker配置文件

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh
  3 [root@k8smaster01 work]# cat > docker-daemon.json <<eof
  4 {
  5     "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn","https://hub-mirror.c.163.com"],
  6     "insecure-registries": ["docker02:35000"],
  7     "max-concurrent-downloads": 20,
  8     "live-restore": true,
  9     "max-concurrent-uploads": 10,
 10     "debug": true,
 11     "data-root": "${docker_dir}/data",
 12     "exec-root": "${docker_dir}/exec",
 13     "log-opts": {
 14       "max-size": "100m",
 15       "max-file": "5"
 16     }
 17 }
 18 eof

1.7 分发docker配置文件

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh
  3 [root@k8smaster01 work]# for all_ip in ${all_ips[@]}
  4   do
  5     echo ">>> ${all_ip}"
  6     ssh root@${all_ip} "mkdir -p /etc/docker/ ${docker_dir}/{data,exec}"
  7     scp docker-daemon.json root@${all_ip}:/etc/docker/daemon.json
  8   done

二 启动并验证

2.1 启动docker

  1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh
  2 [root@k8smaster01 ~]# for all_ip in ${all_ips[@]}
  3   do
  4     echo ">>> ${all_ip}"
  5     ssh root@${all_ip} "systemctl daemon-reload && systemctl enable docker && systemctl restart docker"
  6   done

2.2 检查docker服务

  1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh
  2 [root@k8smaster01 ~]# for all_ip in ${all_ips[@]}
  3   do
  4     echo ">>> ${all_ip}"
  5     ssh root@${all_ip} "systemctl status docker|grep active"
  6   done

2.3 检查docker 0网桥

  1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh
  2 [root@k8smaster01 ~]# for all_ip in ${all_ips[@]}
  3   do
  4     echo ">>> ${all_ip}"
  5     ssh root@${all_ip} "/usr/sbin/ip addr show flannel.1 && /usr/sbin/ip addr show docker0"
  6   done

提示:确认各 worker 节点的 docker0 网桥和 flannel.1 接口的 ip 处于同对应的相同网段中。

2.4 查看docker信息

  1 [root@k8smaster01 ~]# ps -elfh|grep docker | grep -v grep
  2 [root@k8smaster01 ~]# docker info