yonyoucloud / install_k8s Goto Github PK

一键安装kubernets(k8s)系统，采用RBAC模式运行（证书安全认证模式），既可以单台安装、也可以集群安装，并且完全是生产环境的安装标准。有疑问大家可以加我微信沟通：bsh888

Shell 6.48% Smarty 14.01% Dockerfile 0.36% JavaScript 1.21% TypeScript 14.16% HTML 7.09% CSS 0.63% Makefile 0.60% Go 39.71% Vue 15.66% SCSS 0.09%

centos fabfile fabric k8s kubernetes

install_k8s's Introduction

安装最新稳定版：

版本说明

service	version
`kubernetes`	v1.26.4
`etcd`	3.5.7
`istio`	1.17.1
`containerd`	v1.6.20
`calico`	v3.25.1
`coredns`	v1.10.1
`dashboard`	v2.7.0
`metrics-server`	v0.6.3
`prometheus`	v2.43.0
`alertmanager`	v0.25.0
`grafana`	9.4.7
`kube-state-metrics`	v2.8.2
`node-exporter`	v1.5.0
`helm`	v3.11.2
`cfssl`	v1.6.3

安装说明

1、下载并解压缩二进制安装文件(installk8s-v1.26.4-20230420.gz):

v1.26.4版本静态安装包下载

v1.23.6版本静态安装包下载

cd /data/ && tar zxvf installk8s-v1.26.4-20230420.gz

cd /data/installk8s/sysbase
/data/installk8s/sysbase
├── bin # 根据系统执行可执行文件，启动安装服务
│   ├── sysbase-v1.0.0-darwin-arm64
│   └── sysbase-v1.0.0-linux-amd64
├── etc
│   ├── config-demo.yaml
│   ├── config.js
│   └── config.yaml # 修改此配置文件，注意数据库配置及二进制安装文件路径（先创建 sysbase 数据库，程序启动会自动创建表）
└── static
    ├── config.js # 需要修改一下 apiHost，写成运行此程序的机器 ip，端口号保持和此服务运行端口一致
    ├── css
    │   ├── chunk-vendors.537be47b.css
    │   └── index.d169f2ef.css
    ├── favicon.ico
    ├── fonts
    │   ├── element-icons.535877f5.woff
    │   └── element-icons.732389de.ttf
    ├── index.html
    └── js
        ├── about.3c68e217.js
        ├── about.3c68e217.js.map
        ├── chunk-vendors.ccefee03.js
        ├── chunk-vendors.ccefee03.js.map
        ├── index.0ab2cb87.js
        └── index.0ab2cb87.js.map

2、运行安装服务：

cd /data/installk8s/sysbase
./bin/sysbase-v1.0.0-linux-amd64 (这里不同平台选择不同可执行文件) 
访问安装服务: http://192.168.58.2:8081/static/ (这里的 192.168.58.2 根据实际情况，是运行安装服务的 IP 地址)

3、添加资源:

资源类型选择 vps，特定描述这些都是必须的，其中 etcd、master、node 可以配置多台机器，其他几个确保唯一， 另外，
支持这些全配置一台机器，即单机也可以运行，建议单台最低配置 8 核 16G，其实 4 核 8G 也可以运行起来。

4、创建 K8sCluster:

一条记录代表一个 k8s 集群，一定要选择前面添加的资源列表

5、执行安装:

点击一键安装前，可以先点击内核升级，因为内核升级会重启机器，一键安装逻辑也会判断内核是否已升级，如果 未升级，也会触发升级、重启。

6、安装后重要目录说明:

/data/installk8s/addons/certs 安装过程中生成的 TLS 证书文件，可以将 k8s.com.crt 导入到系统并信任。
/data/installk8s/addons/gateways Istio 网关及虚拟服务设置，这里是站点入口配置处。

绑定Hosts，访问以下站点：
192.168.58.2 dashboard.k8s.com grafana.k8s.com prometheus.k8s.com kiali.k8s.com test.k8s.com

安装程序开源目录地址：
./sysbase
采用golang+vue编写

7、安装后效果图:

install_k8s's People

Contributors

Stargazers

Watchers

Forkers

optimuse khmfighter zbaolong scwanglijun junneyang rootsecurity ljb-2000 marswon znavy mushroomlb airob tomdev2008 javacspring rucky2013 chenchao610610 jacklaoz yjb007 liqingw001 scriptsboy zhangalbert hsiangbinhua wujcheng heiden-deng huangll99 lovexiapu sjkcdpc skymoon08 zll001 liuxx532 springmicroservices vipsql henfee yangwenmai fuquanjun zhucc daodaoliang duke-lv solarisyan waydeng bsdgo ligzy ps120 ethan-2017 whantt reckful88 zxser bingli-borland yrfswn helpit xlogin liyndon wang371758198 ppabc jingruhou lzy-hn zerolugithub jiazemin msnetc yangcan0918 lichardlovez yushanjin songxiaojin smajun willame sujunbo wrhb123 duanwucui c3porobot konmoron tzningzhuo jiangming1 carson507 zhang1772281555 ndplatform gwokfun jions7ihj mystuart yallonking morganwang010 nonamexz xzeu xiaokang69 taozywu heloda xreztento jsjilei1986 qimatech peng456 li-xunhuan gaecom gotliuyan dahuzi998 gminfo yuzhijia88 bradbann samsunli lisy0817 hwting libin2722 lui1798

install_k8s's Issues

等待所有节点calico容器正常运行(66s)(3 = 1)

kubectl get pods -o wide -n kube-system | grep calico | grep Running | wc -l
等待所有节点calico容器正常运行(66s)(3 = 1)

calico-kube-controllers-5975bbd797-f6nx8 1/1 Running 0 2m7s 10.0.0.5 10.0.0.5
calico-node-5tm79 1/2 CrashLoopBackOff 4 2m7s 10.0.0.5 10.0.0.5

这个节点一直失败，而且为什么是三个判断而不是两个啊

etcd remote error: tls: bad certificate

镜像推送失败

[开始]初始化镜像
The push refers to repository [192.168.199.53:5000/google-containers/pause-amd64]
Get https://192.168.199.53:5000/v2/: x509: certificate has expired or is not yet valid，是不是证书安装有问题

kube-apiserver external host was not specified

Nov 07 19:57:17 k8s1 systemd[1]: Starting Kubernetes API Server...
Nov 07 19:57:17 k8s1 kube-apiserver[5202]: I1107 19:57:17.182892 5202 server.go:557] external host was not specified, using 192.168.1.81
Nov 07 19:57:17 k8s1 kube-apiserver[5202]: I1107 19:57:17.183249 5202 server.go:146] Version: v1.13.3-1+e85e6a94bac0e4

总共有4个节点，但./calicoctl node status 只能看到一个

必须使用root安装吗？

out: You need to be root to perform this command.

Fatal error: run() received nonzero return code 1 while executing!

Requested: yum install -y telnet
Executed: /bin/bash -l -c "yum install -y telnet"

Aborting.

单机版安装不成功

单机环境，本机虚拟机：centos7.4
配置文件如下：
env.user = 'root'
env.password = '123'
#env.key_filename = "~/.ssh/id_rsa"
env.port = 22
env.abort_on_prompts = True
env.colors = True

env.use_lvs = False

env.roledefs = {
# 发布机，后面通过在此机器上执行kubectl命令控制k8s集群及部署应用
'publish': {
'hosts': [
'192.168.1.138',
],
},
# etcd节点安装主机(支持集群)
'etcd': {
'hosts': [
'192.168.1.138',
],
# 负载均衡etcd入口ip(虚ip)
'vip': 'etcd'
},
# master节点安装主机(支持集群)
'master': {
'hosts': [
'192.168.1.138',
],
# 负载均衡master入口ip(虚ip)
'vip': 'master'
},
# node节点安装主机(支持集群)
'node': {
'hosts': [
'192.168.1.138',
]

2.安装过程出错地方：
{2019年 06月 22日星期六 23:49:15 CST}[结束]安装dns.............................

{2019年 06月 22日星期六 23:49:15 CST}[开始]启动所有服务.............................
[192.168.1.138] Executing task 'service_publish'
[192.168.1.138] run: systemctl start docker

Done.
[192.168.1.138] Executing task 'service_etcd'
[192.168.1.138] run: systemctl start etcd
[192.168.1.138] run: iptables -P FORWARD ACCEPT ; echo "" > /dev/null

Done.
[192.168.1.138] Executing task 'service_etcd'
[192.168.1.138] run: systemctl restart etcd
[192.168.1.138] run: iptables -P FORWARD ACCEPT ; echo "" > /dev/null

Done.
[192.168.1.138] Executing task 'service_master'
[192.168.1.138] run: systemctl start kube-apiserver
[192.168.1.138] out: Job for kube-apiserver.service failed because the control process exited with error code. See "systemctl status kube-apiserver.service" and "journalctl -xe" for details.
[192.168.1.138] out:

Fatal error: run() received nonzero return code 1 while executing!

Requested: systemctl start kube-apiserver
Executed: /bin/bash -l -c "systemctl start kube-apiserver"

Aborting.

Fatal error: One or more hosts failed while executing task 'service_master'

Aborting.
[root@localhost install_k8s]# systemctl status kube-apiserver.service" and "journalctl -xe
systemctl：无效选项 -- x'

查看api服务状态：
[root@localhost install_k8s]# systemctl status kube-apiserver.service
● kube-apiserver.service - Kubernetes API Server
Loaded: loaded (/usr/lib/systemd/system/kube-apiserver.service; enabled; vendor preset: disabled)
Active: activating (start) since 六 2019-06-22 23:50:18 CST; 10s ago
Docs: https://github.com/kubernetes
Main PID: 4279 (kube-apiserver)
Memory: 15.1M
CGroup: /system.slice/kube-apiserver.service
└─4279 /usr/bin/kube-apiserver --logtostderr=true --v=0 --etcd-servers=https://etcd:2379 --bind-address=0.0.0.0 --allow-privileged=true --service-cluster-ip-range=192.168.0.0/16 --enable-admissio...

6月 22 23:50:18 localhost.localdomain systemd[1]: kube-apiserver.service holdoff time over, scheduling restart.
6月 22 23:50:18 localhost.localdomain systemd[1]: Starting Kubernetes API Server...
6月 22 23:50:18 localhost.localdomain kube-apiserver[4279]: I0622 23:50:18.926130 4279 server.go:557] external host was not specified, using 192.168.1.138
6月 22 23:50:18 localhost.localdomain kube-apiserver[4279]: I0622 23:50:18.926900 4279 server.go:146] Version: v1.13.3-1+e85e6a94bac0e4
6月 22 23:50:21 localhost.localdomain kube-apiserver[4279]: W0622 23:50:21.465086 4279 admission.go:76] PersistentVolumeLabel admission controller is deprecated. Please remove this controlle...and scripts.
6月 22 23:50:21 localhost.localdomain kube-apiserver[4279]: I0622 23:50:21.465572 4279 plugins.go:158] Loaded 9 mutating admission controller(s) successfully in the following order: Namespac...sionWebhook.
6月 22 23:50:21 localhost.localdomain kube-apiserver[4279]: I0622 23:50:21.465590 4279 plugins.go:161] Loaded 7 validating admission controller(s) successfully in the following order: Namesp...sourceQuota.
6月 22 23:50:21 localhost.localdomain kube-apiserver[4279]: W0622 23:50:21.466731 4279 admission.go:76] PersistentVolumeLabel admission controller is deprecated. Please remove this controlle...and scripts.
6月 22 23:50:21 localhost.localdomain kube-apiserver[4279]: I0622 23:50:21.467379 4279 plugins.go:158] Loaded 9 mutating admission controller(s) successfully in the following order: Namespac...sionWebhook.
6月 22 23:50:21 localhost.localdomain kube-apiserver[4279]: I0622 23:50:21.467393 4279 plugins.go:161] Loaded 7 validating admission controller(s) successfully in the following order: Namesp...sourceQuota.
Hint: Some lines were ellipsized, use -l to show in full.

vip设置不成功

虚拟ip需要提前设置吗？ etcd集群安装失败,出现transport: remote error: tls: bad certificate" for certificates

Suggestion

Hi~ Nice work!

Can u make the default installer more simple, like k8s-deploy? Such as auto recognize network card name, auto config ip, etc?

docker的私有仓库如何配置的？

docker的私有仓库如何配置的？我看daemon.json没有设置，是如何使用Registrie的，谢谢

/bin/sh: line 0: cd: source/needbin: No such file or directory

[localhost] local: cd source/needbin && tar zcvf needbin.gz usr
/bin/sh: line 0: cd: source/needbin: No such file or directory

Fatal error: local() encountered an error (return code 1) while executing 'cd source/needbin && tar zcvf needbin.gz usr'

Aborting.
[root@localhost install_k8s]# cd source/needbin

代码clone后就自动删除了，显示无法checkout. 文件路径名有问题。

git clone https://github.com/yonyoucloud/install_k8s.git
Cloning into 'install_k8s'...
remote: Enumerating objects: 1269, done.
remote: Counting objects: 100% (345/345), done.
remote: Compressing objects: 100% (190/190), done.
remote: Total 1269 (delta 161), reused 316 (delta 141), pack-reused 924
Receiving objects: 100% (1269/1269), 25.69 MiB | 672.00 KiB/s, done.
Resolving deltas: 100% (546/546), done.
error: invalid path 'source/docker/etc/docker/certs.d/HOST:PORT/ca.crt'
fatal: unable to checkout working tree
warning: Clone succeeded, but checkout failed.
You can inspect what was checked out with 'git status'
and retry with 'git restore --source=HEAD :/'

各节点组件如何重启？

各节点组件如何重启？
服务器重启了，如何重新启动？

web界面没有一键安装和内核升级了

Readiness probe failed: calico/node is not ready: felix is not ready: Get http://localhost:9099/readiness: dial tcp 127.0.0.1:9099: connect: connection refused

添加新节点，calico起不来

请问第二步的二进制包的格式是怎样的？能否支持官方的包？

例如：我的vps是海外的，可以直接在github下载就好了，好像直接下载下来的格式跟百度云盘格式不一样（没有云盘会员，表示下载很慢）

不能pull下来

提示：
batch response: This repository is over its data quota. Purchase more data packs to restore access.
能把二进制包放到其他的地方么？比如百度云盘等。

some troubleshooting methods at the beginning, FYI

stop and disable firewalld while creating new virtual machines.

[root@localhost data]# sudo systemctl stop firewalld
[root@localhost data]# sudo systemctl disable firewalld

create mysql users and databases as required.
CREATE DATABASE 'sysbase';
CREATE USER 'sysbase'@localhost IDENTIFIED BY 'SttA35BBx5dbl1xB7NS7';
GRANT ALL PRIVILEGES ON . TO 'sysbase'@localhost IDENTIFIED BY 'SttA35BBx5dbl1xB7NS7';
FLUSH PRIVILEGES;
change host as required.
window.CONFIG = {
apiHost: 'http://localhost:8081/',
perPage: 20,
}

哎呀

文档写的有点糟糕

[开始]安装docker私有仓库-启动docker 报错

单机安装，执行到 “[开始]安装docker私有仓库”时，启动docker出错：

Aug 19 13:46:01 node1 dockerd: Error starting daemon: error initializing graphdriver: overlay2: the backing xfs filesystem is formatted without d_type support, which leads to incorrect behavior. Reformat the filesystem with ftype=1 to enable d_type support. Backing filesystems without d_type support are not supported.
Aug 19 13:46:01 node1 systemd: docker.service: main process exited, code=exited, status=1/FAILURE
Aug 19 13:46:01 node1 systemd: Failed to start Docker Application Container Engine.
Aug 19 13:46:01 node1 systemd: Unit docker.service entered failed state.
Aug 19 13:46:01 node1 systemd: docker.service failed.
Aug 19 13:46:01 node1 systemd: Starting Cleanup of Temporary Directories...
Aug 19 13:46:01 node1 systemd: Started Cleanup of Temporary Directories.
Aug 19 13:46:01 node1 systemd: docker.service holdoff time over, scheduling restart.
Aug 19 13:46:01 node1 systemd: start request repeated too quickly for docker.service
Aug 19 13:46:01 node1 systemd: Failed to start Docker Application Container Engine.
Aug 19 13:46:01 node1 systemd: Unit docker.service entered failed state.
Aug 19 13:46:01 node1 systemd: docker.service failed.

静态安装包报错

centos7 在安装的时候报错：-bash: ./installk8s-20220509: cannot execute binary file

估计是在编译的时候没有添加如下参数
GOOS=linux GOARCH=amd64 go build sayHello.go

网路不通

新增了一个节点，网络不通，master访问不到node的pods

安装依赖报错，install_docker报错

我安装时报错，所有IP设置的是同一台centos7主机，vip设置的两个同一网段的不同IP，网络名称也改了。请问还有哪些地方要改的吗

cd /data/installk8s/sysbase && ./bin/sysbase-amd64 执行失败

参考安装说明文档中的方法，下载下来了离线包，然后解压后执行到cd /data/installk8s/sysbase && ./bin/sysbase-amd64时就失败了：

root@flyflypeng-desktop-k8s-worker:/data# cd /data/installk8s/sysbase && ./bin/sysbase-amd64
2021/07/07 23:01:39 
sysbase

2021/07/07 23:01:39 /ext-go/1/src/esn/sysbase/backend/model/model.go:31
[error] failed to initialize database, got error dial tcp 127.0.0.1:5001: connect: connection refused

2021/07/07 23:01:39 /go/pkg/mod/gorm.io/plugin/[email protected]/dbresolver.go:131
[error] failed to initialize database, got error dial tcp 127.0.0.1:5001: connect: connection refused
2021/07/07 23:01:39 dial tcp 127.0.0.1:5001: connect: connection refused
panic: dial tcp 127.0.0.1:5001: connect: connection refused


goroutine 1 [running]:
log.Panicln(0xc0002c1d30, 0x1, 0x1)
        /usr/local/go/src/log/log.go:352 +0xac
git.yonyou.com/sysbase/backend/model.InitDB(0xc00006e070, 0x67, 0xc000020420, 0x1, 0x1, 0xc00000ed60, 0x2, 0x2, 0x0, 0x0, ...)
        /ext-go/1/src/esn/sysbase/backend/model/model.go:59 +0x5e2
git.yonyou.com/sysbase/backend/server.(*Server).Run(0xc0002c1f38, 0xc34d14, 0xf)
        /ext-go/1/src/esn/sysbase/backend/server/unix.go:33 +0x98
main.main()
        /ext-go/1/src/esn/sysbase/backend/main.go:64 +0x143

[开始]启动所有服务报错

{2018年 01月 30日星期二 11:17:24 CST}[开始]启动所有服务.............................
[10.103.70.120:22] Executing task 'service_etcd'
[10.103.70.121:22] Executing task 'service_etcd'
[10.103.70.121:22] run: systemctl start etcd ; echo "" > /dev/null
[10.103.70.120:22] run: systemctl start etcd ; echo "" > /dev/null
[10.103.70.120:22] out: Job for etcd.service failed because the control process exited with error code. See "systemctl status etcd.service" and "journalctl -xe" for details.
[10.103.70.120:22] out:

[10.103.70.120:22] run: iptables -P FORWARD ACCEPT
[localhost] local: etcdctl --ca-file=source/etcd/etc/etcd/ssl/ca.pem --cert-file=source/etcd/etc/etcd/ssl/etcd.pem --key-file=source/etcd/etc/etcd/ssl/etcd-key.pem --endpoints=https://10.103.70.122:2379 set /esn.com/network/config '{"Network":"172.30.0.0/16","SubnetLen":25,"Backend":{"Type":"vxlan"}}'
Error: dial tcp 10.103.70.122:2379: getsockopt: connection refused

Fatal error: local() encountered an error (return code 2) while executing 'etcdctl --ca-file=source/etcd/etc/etcd/ssl/ca.pem --cert-file=source/etcd/etc/etcd/ssl/etcd.pem --key-file=source/etcd/etc/etcd/ssl/etcd-key.pem --endpoints=https://10.103.70.122:2379 set /esn.com/network/config '{"Network":"172.30.0.0/16","SubnetLen":25,"Backend":{"Type":"vxlan"}}''

Aborting.

大佬：如果需要支持k8s 1.19版本，需要更改什么文件

希望能支持ubuntu

因为系统ubuntu用的比较多，不知道这个安装能否再ubuntu进行，以后有添加支持的计划吗？

新版本clone报错

Cloning into 'install_k8s'...

remote: Counting objects: 331, done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 331 (delta 0), reused 2 (delta 0), pack-reused 327
Receiving objects: 100% (331/331), 4.51 MiB | 102.00 KiB/s, done.
Resolving deltas: 100% (68/68), done.
Downloading source/docker/conf.gz (1.3 KB)
Error downloading object: source/docker/conf.gz (5fcc646): Smudge error: Error downloading source/docker/conf.gz (5fcc6461dac6f22fea88ca71ac4474244eff856a21db1587b4942ce36617bcda): batch response: This repository is over its data quota. Purchase more data packs to restore access.

Errors logged to /home/install_k8s/.git/lfs/logs/20180629T110548.387710993.log
Use git lfs logs last to view the log.
error: external filter git-lfs smudge -- %f failed 2
error: external filter git-lfs smudge -- %f failed
fatal: source/docker/conf.gz: smudge filter lfs failed
warning: Clone succeeded, but checkout failed.
You can inspect what was checked out with 'git status'
and retry the checkout with 'git checkout -f HEAD'

git@ pull问题

非git用户clone不下来

[root@localhost ~]# git clone https://github.com/yonyoucloud/install_k8s.git
Cloning into 'install_k8s'...
remote: Counting objects: 331, done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 331 (delta 0), reused 2 (delta 0), pack-reused 327
Receiving objects: 100% (331/331), 4.51 MiB | 27.00 KiB/s, done.
Resolving deltas: 100% (68/68), done.
Downloading source/docker/conf.gz (1.3 KB)
Error downloading object: source/docker/conf.gz (5fcc646): Smudge error: Error downloading source/docker/conf.gz (5fcc6461dac6f22fea88ca71ac4474244eff856a21db1587b4942ce36617bcda): batch response: This repository is over its data quota. Purchase more data packs to restore access.

Errors logged to /root/install_k8s/.git/lfs/logs/20180629T153257.318551973.log
Use `git lfs logs last` to view the log.
error: external filter git-lfs smudge -- %f failed 2
error: external filter git-lfs smudge -- %f failed
fatal: source/docker/conf.gz: smudge filter lfs failed
warning: Clone succeeded, but checkout failed.
You can inspect what was checked out with 'git status'
and retry the checkout with 'git checkout -f HEAD'

[root@localhost install_k8s]# git lfs pull
batch response: This repository is over its data quota. Purchase more data packs to restore access.
error: failed to fetch some objects from 'https://github.com/yonyoucloud/install_k8s.git/info/lfs'