014.Kubernetes二进制部署docker
程序员文章站
2022-05-29 09:14:06
一 部署docker1.1 部署docker组件docker 运行和管理容器,kubelet 通过 Container Runtime Interface (CRI) 与它进行交互。1.2 下载docker 1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [ro ......
一 部署docker
1.1 部署docker组件
docker 运行和管理容器,kubelet 通过 container runtime interface (cri) 与它进行交互。
1.2 下载docker
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# wget https://download.docker.com/linux/static/stable/x86_64/docker-18.09.6.tgz 3 [root@k8smaster01 work]# tar -xvf docker-18.09.6.tgz
提示:更多docker版本下载参考https://download.docker.com/linux/static/stable/x86_64/。
1.3 安装和部署docker
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# for all_ip in ${all_ips[@]} 4 do 5 echo ">>> ${all_ip}" 6 scp docker/* root@${all_ip}:/opt/k8s/bin/ 7 ssh root@${all_ip} "chmod +x /opt/k8s/bin/*" 8 done
1.4 配置docker system
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# cat > docker.service <<"eof" 3 [unit] 4 description=docker application container engine 5 documentation=http://docs.docker.io 6 7 [service] 8 workingdirectory=##docker_dir## 9 environment="path=/opt/k8s/bin:/bin:/sbin:/usr/bin:/usr/sbin" 10 environmentfile=-/run/flannel/docker 11 execstart=/opt/k8s/bin/dockerd $docker_network_options 12 execreload=/bin/kill -s hup $mainpid 13 restart=on-failure 14 restartsec=5 15 limitnofile=infinity 16 limitnproc=infinity 17 limitcore=infinity 18 delegate=yes 19 killmode=process 20 21 [install] 22 wantedby=multi-user.target 23 eof
解释:
- eof 前后有双引号,这样 bash 不会替换文档中的变量,如 $docker_network_options (这些环境变量是 systemd 负责替换的。);
- dockerd 运行时会调用其它 docker 命令,如 docker-proxy,所以需要将 docker 命令所在的目录加到 path 环境变量中;
- flanneld 启动时将网络配置写入 /run/flannel/docker 文件中,dockerd 启动前读取该文件中的环境变量 docker_network_options ,然后设置 docker0 网桥网段;
- 如果指定了多个 environmentfile 选项,则必须将 /run/flannel/docker 放在最后(确保 docker0 使用 flanneld 生成的 bip 参数);
- docker 需要以 root 用于运行;
- docker 从 1.13 版本开始,可能将 iptables forward chain的默认策略设置为drop,从而导致 ping 其它 node 上的 pod ip 失败,遇到这种情况时,需要手动设置策略为 accept:
1 [root@k8smaster01 ~]# echo '/sbin/iptables -p forward accept' >> /etc/rc.local
并且把以下命令写入 /etc/rc.local 文件中,防止节点重启iptables forward chain的默认策略又还原为drop
1.5 分发docker systemd
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# sed -i -e "s|##docker_dir##|${docker_dir}|" docker.service 4 [root@k8smaster01 work]# for all_ip in ${all_ips[@]} 5 do 6 echo ">>> ${all_ip}" 7 scp docker.service root@${all_ip}:/etc/systemd/system/ 8 done
1.6 配置docker配置文件
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# cat > docker-daemon.json <<eof 4 { 5 "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn","https://hub-mirror.c.163.com"], 6 "insecure-registries": ["docker02:35000"], 7 "max-concurrent-downloads": 20, 8 "live-restore": true, 9 "max-concurrent-uploads": 10, 10 "debug": true, 11 "data-root": "${docker_dir}/data", 12 "exec-root": "${docker_dir}/exec", 13 "log-opts": { 14 "max-size": "100m", 15 "max-file": "5" 16 } 17 } 18 eof
1.7 分发docker配置文件
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# for all_ip in ${all_ips[@]} 4 do 5 echo ">>> ${all_ip}" 6 ssh root@${all_ip} "mkdir -p /etc/docker/ ${docker_dir}/{data,exec}" 7 scp docker-daemon.json root@${all_ip}:/etc/docker/daemon.json 8 done
二 启动并验证
2.1 启动docker
1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh 2 [root@k8smaster01 ~]# for all_ip in ${all_ips[@]} 3 do 4 echo ">>> ${all_ip}" 5 ssh root@${all_ip} "systemctl daemon-reload && systemctl enable docker && systemctl restart docker" 6 done
2.2 检查docker服务
1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh 2 [root@k8smaster01 ~]# for all_ip in ${all_ips[@]} 3 do 4 echo ">>> ${all_ip}" 5 ssh root@${all_ip} "systemctl status docker|grep active" 6 done
2.3 检查docker 0网桥
1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh 2 [root@k8smaster01 ~]# for all_ip in ${all_ips[@]} 3 do 4 echo ">>> ${all_ip}" 5 ssh root@${all_ip} "/usr/sbin/ip addr show flannel.1 && /usr/sbin/ip addr show docker0" 6 done
提示:确认各 worker 节点的 docker0 网桥和 flannel.1 接口的 ip 处于同对应的相同网段中。
2.4 查看docker信息
1 [root@k8smaster01 ~]# ps -elfh|grep docker | grep -v grep 2 [root@k8smaster01 ~]# docker info
上一篇: 还在用if else?策略模式了解一下!