大家好,又见面了,我是你们的朋友全栈君。
kubeedge 安装部署(适用于Ubuntu)
-
基础环境:安装了Ubuntu 18.04操作系统的两台虚拟机 (查看操作系统版本命令:
cat /etc/os-release) -
部署
kubeedge1.1.0版本 -
根据
keadm源码安装部署步骤整理(无法直接使用keadm工具完成部署)
一、配置源,写入以下内容到 /etc/apt/sources.list
root@ubuntu:~# cat /etc/apt/sources.list
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
root@ubuntu:~# apt-get update
二、安装 docker
root@ubuntu:~# apt-get update
root@ubuntu:~#
root@ubuntu:~# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add
OK
root@intellif-edge:~# cat /etc/apt/sources.list.d/docker.list
deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
root@ubuntu:~#
root@intellif-edge:~# apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common
root@ubuntu:~# apt-cache madison 'docker-ce' | grep 19.03.4 | head -1 | awk '{$1=$1};1' | cut -d' ' -f 3
5:19.03.4~3-0~ubuntu-bionic
root@ubuntu:~#
root@ubuntu:~# apt-get install -y --allow-change-held-packages --allow-downgrades docker-ce=5:19.03.4~3-0~ubuntu-bionic
root@ubuntu:~#
root@ubuntu:~# systemctl enable docker
三、安装 kubeadm kubelet kubectl
root@ubuntu:~# cat /etc/apt/sources.list.d/kubernetes.list
deb https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main
root@ubuntu:~#
root@ubuntu:~# curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
root@ubuntu:~# apt-get update
root@ubuntu:~# apt-cache madison 'kubeadm' | grep 1.16.2 | head -1 | awk '{$1=$1};1' | cut -d' ' -f 3
1.16.2-00
root@ubuntu:~# apt-get install -y --allow-change-held-packages --allow-downgrades kubeadm=1.16.2-00 kubelet=1.16.2-00 kubectl=1.16.2-00
四、kubeedge证书生成
- 准备生成证书脚本,将如下生成证书的脚本写入到
/etc/kubeedge/certgen.sh
#!/bin/sh
readonly caPath=${CA_PATH:-/etc/kubeedge/ca}
readonly caSubject=${CA_SUBJECT:-/C=CN/ST=Zhejiang/L=Hangzhou/O=KubeEdge/CN=kubeedge.io}
readonly certPath=${CERT_PATH:-/etc/kubeedge/certs}
readonly subject=${SUBJECT:-/C=CN/ST=Zhejiang/L=Hangzhou/O=KubeEdge/CN=kubeedge.io}
genCA() {
openssl genrsa -des3 -out ${caPath}/rootCA.key -passout pass:kubeedge.io 4096
openssl req -x509 -new -nodes -key ${caPath}/rootCA.key -sha256 -days 3650 \
-subj ${subject} -passin pass:kubeedge.io -out ${caPath}/rootCA.crt
}
ensureCA() {
if [ ! -e ${caPath}/rootCA.key ] || [ ! -e ${caPath}/rootCA.crt ]; then
genCA
fi
}
ensureFolder() {
if [ ! -d ${caPath} ]; then
mkdir -p ${caPath}
fi
if [ ! -d ${certPath} ]; then
mkdir -p ${certPath}
fi
}
genCertAndKey() {
ensureFolder
ensureCA
local name=$1
openssl genrsa -out ${certPath}/${name}.key 2048
openssl req -new -key ${certPath}/${name}.key -subj ${subject} -out ${certPath}/${name}.csr
openssl x509 -req -in ${certPath}/${name}.csr -CA ${caPath}/rootCA.crt -CAkey ${caPath}/rootCA.key \
-CAcreateserial -passin pass:kubeedge.io -out ${certPath}/${name}.crt -days 365 -sha256
}
buildSecret() {
local name="edge"
genCertAndKey ${name} > /dev/null 2>&1
cat <<EOF apiVersion: v1 kind: Secret metadata: name: cloudcore namespace: kubeedge labels: k8s-app: kubeedge kubeedge: cloudcore stringData: rootCA.crt: | $(pr -T -o 4 ${
caPath}/rootCA.crt) edge.crt: | $(pr -T -o 4 ${
certPath}/${
name}.crt) edge.key: | $(pr -T -o 4 ${
certPath}/${
name}.key) EOF
}
$1 $2
- 生成证书、压缩证书
root@ubuntu:/etc/kubeedge# chmod +x certgen.sh
root@ubuntu:/etc/kubeedge# bash certgen.sh genCertAndKey edge
root@ubuntu:/etc/kubeedge# tar -cvzf certs.tgz certs/
五、启动 Kubernetes
1、使用kubeadm部署k8s
root@ubuntu:/etc/kubeedge# swapoff -a && kubeadm init --image-repository "registry.cn-hangzhou.aliyuncs.com/google_containers" --pod-network-cidr=100.64.0.0/10
root@ubuntu:/etc/kubeedge#
root@ubuntu:/etc/kubeedge# kubectl get pod --all-namespaces -o wide
The connection to the server localhost:8080 was refused - did you specify the right host or port?
root@ubuntu:/etc/kubeedge#
root@ubuntu:/etc/kubeedge# mkdir -p $HOME/.kube && cp -r /etc/kubernetes/admin.conf $HOME/.kube/config && sudo chown $(id -u):$(id -g) $HOME/.kube/config
root@ubuntu:/etc/kubeedge# kubectl get pod --all-namespaces -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-system coredns-67c766df46-7wrjq 0/1 Pending 0 11m <none> <none> <none> <none>
kube-system coredns-67c766df46-kjffq 0/1 Pending 0 11m <none> <none> <none> <none>
kube-system etcd-ubuntu 1/1 Running 0 10m 192.168.11.56 ubuntu <none> <none>
kube-system kube-apiserver-ubuntu 1/1 Running 0 10m 192.168.11.56 ubuntu <none> <none>
kube-system kube-controller-manager-ubuntu 1/1 Running 0 9m55s 192.168.11.56 ubuntu <none> <none>
kube-system kube-proxy-dcvz6 1/1 Running 0 11m 192.168.11.56 ubuntu <none> <none>
kube-system kube-scheduler-ubuntu 1/1 Running 0 10m 192.168.11.56 ubuntu <none> <none>
root@ubuntu:/etc/kubeedge#
2、修改kubelet启动参数,不适用cni插件
root@ubuntu:/var/lib/kubelet# cat /var/lib/kubelet/kubeadm-flags.env
KUBELET_KUBEADM_ARGS="--cgroup-driver=cgroupfs --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 --resolv-conf=/run/systemd/resolve/resolv.conf"
#KUBELET_KUBEADM_ARGS="--cgroup-driver=cgroupfs --network-plugin=cni --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1 --resolv-conf=/run/systemd/resolve/resolv.conf"
root@ubuntu:/var/lib/kubelet# systemctl restart kubelet
六、启动 kubeedge 云端部分 cloudcore
- 下载
kubeedge 1.1.0版本安装包
root@ubuntu:~# mkdir -p /etc/kubeedge/
root@ubuntu:~# cd /etc/kubeedge
root@ubuntu:/etc/kubeedge# wget -k --no-check-certificate https://github.com/kubeedge/kubeedge/releases/download/v1.1.0/kubeedge-v1.1.0-linux-amd64.tar.gz
root@ubuntu:/etc/kubeedge# tar -C /etc/kubeedge/ -xzvf kubeedge-v1.1.0-linux-amd64.tar.gz
root@ubuntu:/etc/kubeedge# mv kubeedge-v1.1.0-linux-amd64 kubeedge
root@ubuntu:/etc/kubeedge# cp kubeedge/cloud/cloudcore /usr/local/bin/.
- 修改配置
cloudcore的 文件/etc/kubeedge/kubeedge/cloud/cloudcore/conf/controller.yaml
controller:
kube:
master: https://192.168.11.56:6443 # 修改为对应IP
namespace: ""
content_type: "application/vnd.kubernetes.protobuf"
qps: 5
burst: 10
node_update_frequency: 10
kubeconfig: "/root/.kube/config"
cloudhub:
protocol_websocket: true # enable websocket protocol
port: 10000 # open port for websocket server
protocol_quic: true # enable quic protocol
quic_port: 10001 # open prot for quic server
max_incomingstreams: 10000 # the max incoming stream for quic server
enable_uds: true # enable unix domain socket protocol
uds_address: unix:///var/lib/kubeedge/kubeedge.sock # unix domain socket address
address: 0.0.0.0
ca: /etc/kubeedge/ca/rootCA.crt
cert: /etc/kubeedge/certs/edge.crt
key: /etc/kubeedge/certs/edge.key
keepalive-interval: 30
write-timeout: 30
node-limit: 10
devicecontroller:
kube:
master: https://192.168.11.56:6443 # 修改为对应IP
namespace: ""
content_type: "application/vnd.kubernetes.protobuf"
qps: 5
burst: 10
kubeconfig: "/root/.kube/config"
- 启动
cloudcore进程
root@ubuntu:/etc/kubeedge/kubeedge/cloud/cloudcore# cp /etc/kubeedge/kubeedge/cloud/cloudcore/cloudcore /usr/local/bin/.
root@ubuntu:/etc/kubeedge/kubeedge/cloud/cloudcore# export GOARCHAIUS_CONFIG_PATH=/etc/kubeedge/kubeedge/cloud/cloudcore
root@ubuntu:/etc/kubeedge/kubeedge/cloud/cloudcore# chmod +x /usr/local/bin/cloudcore && cloudcore > /etc/kubeedge/kubeedge/cloud/cloudcore/cloudcore.log 2>&1 &
七、启动 kubeedge 边缘部分 edgecore
- 修改配置
edgecore的配置文件/etc/kubeedge/kubeedge/edge/conf/edge.yaml
可以统一替换: fb4ebb70-2783-42b8-b3ef-63e2fd6d242e (节点名称)
mqtt:
server: tcp://127.0.0.1:1883 # external mqtt broker url.
internal-server: tcp://127.0.0.1:1884 # internal mqtt broker url.
mode: 0 # 0: internal mqtt broker enable only. 1: internal and external mqtt broker enable. 2: external mqtt broker enable only.
qos: 0 # 0: QOSAtMostOnce, 1: QOSAtLeastOnce, 2: QOSExactlyOnce.
retain: false # if the flag set true, server will store the message and can be delivered to future subscribers.
session-queue-size: 100 # A size of how many sessions will be handled. default to 100.
edgehub:
websocket:
url: wss://0.0.0.0:10000/e632aba927ea4ac2b575ec1603d56f10/fb4ebb70-2783-42b8-b3ef-63e2fd6d242e/events
certfile: /etc/kubeedge/certs/edge.crt
keyfile: /etc/kubeedge/certs/edge.key
handshake-timeout: 30 #second
write-deadline: 15 # second
read-deadline: 15 # second
quic:
url: 127.0.0.1:10001
cafile: /etc/kubeedge/ca/rootCA.crt
certfile: /etc/kubeedge/certs/edge.crt
keyfile: /etc/kubeedge/certs/edge.key
handshake-timeout: 30 #second
write-deadline: 15 # second
read-deadline: 15 # second
controller:
protocol: websocket # websocket, quic
heartbeat: 15 # second
project-id: e632aba927ea4ac2b575ec1603d56f10
node-id: fb4ebb70-2783-42b8-b3ef-63e2fd6d242e
edged:
register-node-namespace: default
hostname-override: fb4ebb70-2783-42b8-b3ef-63e2fd6d242e
interface-name: eth0
edged-memory-capacity-bytes: 7852396000
node-status-update-frequency: 10 # second
device-plugin-enabled: false
gpu-plugin-enabled: false
image-gc-high-threshold: 80 # percent
image-gc-low-threshold: 40 # percent
maximum-dead-containers-per-container: 1
docker-address: unix:///var/run/docker.sock
runtime-type: docker
remote-runtime-endpoint: unix:///var/run/dockershim.sock
remote-image-endpoint: unix:///var/run/dockershim.sock
runtime-request-timeout: 2
podsandbox-image: kubeedge/pause:3.1 # kubeedge/pause:3.1 for x86 arch , kubeedge/pause-arm:3.1 for arm arch, kubeedge/pause-arm64 for arm64 arch
image-pull-progress-deadline: 60 # second
cgroup-driver: cgroupfs
node-ip: ""
cluster-dns: ""
cluster-domain: ""
mesh:
loadbalance:
strategy-name: RoundRobin
2、创建node,启动edgecore进程
root@ubuntu:# kubectl apply -f node.json
node.json内容(注意 metadata.name 需要和 edge.yaml 中一致)
{
"kind": "Node",
"apiVersion": "v1",
"metadata": {
"name": "fb4ebb70-2783-42b8-b3ef-63e2fd6d242e",
"labels": {
"name": "edge-node",
"node-role.kubernetes.io/edge": ""
}
}
}
root@ubuntu:/etc/kubeedge/kubeedge/edge/conf# export GOARCHAIUS_CONFIG_PATH=/etc/kubeedge/kubeedge/edge && edgecore > /etc/kubeedge/kubeedge/edge/edgecore.log 2>&1 &
版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请联系我们举报,一经查实,本站将立刻删除。
发布者:全栈程序员-站长,转载请注明出处:https://javaforall.net/162714.html原文链接:https://javaforall.net
