当前位置: 移动技术网 > 科技>操作系统>Linux > 014.Kubernetes二进制部署docker

014.Kubernetes二进制部署docker

2019年11月18日  | 移动技术网科技  | 我要评论

一 部署docker

1.1 部署docker组件

docker 运行和管理容器,kubelet 通过 container runtime interface (cri) 与它进行交互。

1.2 下载docker

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# wget https://download.docker.com/linux/static/stable/x86_64/docker-18.09.6.tgz
  3 [root@k8smaster01 work]# tar -xvf docker-18.09.6.tgz

提示:更多docker版本下载参考https://download.docker.com/linux/static/stable/x86_64/。

1.3 安装和部署docker

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh
  3 [root@k8smaster01 work]# for all_ip in ${all_ips[@]}
  4   do
  5     echo ">>> ${all_ip}"
  6     scp docker/*  root@${all_ip}:/opt/k8s/bin/
  7     ssh root@${all_ip} "chmod +x /opt/k8s/bin/*"
  8   done

1.4 配置docker system

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# cat > docker.service <<"eof"
  3 [unit]
  4 description=docker application container engine
  5 documentation=http://docs.docker.io
  6 
  7 [service]
  8 workingdirectory=##docker_dir##
  9 environment="path=/opt/k8s/bin:/bin:/sbin:/usr/bin:/usr/sbin"
 10 environmentfile=-/run/flannel/docker
 11 execstart=/opt/k8s/bin/dockerd $docker_network_options
 12 execreload=/bin/kill -s hup $mainpid
 13 restart=on-failure
 14 restartsec=5
 15 limitnofile=infinity
 16 limitnproc=infinity
 17 limitcore=infinity
 18 delegate=yes
 19 killmode=process
 20 
 21 [install]
 22 wantedby=multi-user.target
 23 eof

解释:

  • eof 前后有双引号,这样 bash 不会替换文档中的变量,如 $docker_network_options (这些环境变量是 systemd 负责替换的。);
  • dockerd 运行时会调用其它 docker 命令,如 docker-proxy,所以需要将 docker 命令所在的目录加到 path 环境变量中;
  • flanneld 启动时将网络配置写入 /run/flannel/docker 文件中,dockerd 启动前读取该文件中的环境变量 docker_network_options ,然后设置 docker0 网桥网段;
  • 如果指定了多个 environmentfile 选项,则必须将 /run/flannel/docker 放在最后(确保 docker0 使用 flanneld 生成的 bip 参数);
  • docker 需要以 root 用于运行;
  • docker 从 1.13 版本开始,可能将 iptables forward chain的默认策略设置为drop,从而导致 ping 其它 node 上的 pod ip 失败,遇到这种情况时,需要手动设置策略为 accept:
  1 [root@k8smaster01 ~]# echo '/sbin/iptables -p forward accept' >> /etc/rc.local

并且把以下命令写入 /etc/rc.local 文件中,防止节点重启iptables forward chain的默认策略又还原为drop

1.5 分发docker systemd

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh
  3 [root@k8smaster01 work]# sed -i -e "s|##docker_dir##|${docker_dir}|" docker.service
  4 [root@k8smaster01 work]# for all_ip in ${all_ips[@]}
  5   do
  6     echo ">>> ${all_ip}"
  7     scp docker.service root@${all_ip}:/etc/systemd/system/
  8   done

1.6 配置docker配置文件

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh
  3 [root@k8smaster01 work]# cat > docker-daemon.json <<eof
  4 {
  5     "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn","https://hub-mirror.c.163.com"],
  6     "insecure-registries": ["docker02:35000"],
  7     "max-concurrent-downloads": 20,
  8     "live-restore": true,
  9     "max-concurrent-uploads": 10,
 10     "debug": true,
 11     "data-root": "${docker_dir}/data",
 12     "exec-root": "${docker_dir}/exec",
 13     "log-opts": {
 14       "max-size": "100m",
 15       "max-file": "5"
 16     }
 17 }
 18 eof

1.7 分发docker配置文件

  1 [root@k8smaster01 ~]# cd /opt/k8s/work
  2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh
  3 [root@k8smaster01 work]# for all_ip in ${all_ips[@]}
  4   do
  5     echo ">>> ${all_ip}"
  6     ssh root@${all_ip} "mkdir -p /etc/docker/ ${docker_dir}/{data,exec}"
  7     scp docker-daemon.json root@${all_ip}:/etc/docker/daemon.json
  8   done

二 启动并验证

2.1 启动docker

  1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh
  2 [root@k8smaster01 ~]# for all_ip in ${all_ips[@]}
  3   do
  4     echo ">>> ${all_ip}"
  5     ssh root@${all_ip} "systemctl daemon-reload && systemctl enable docker && systemctl restart docker"
  6   done

2.2 检查docker服务

  1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh
  2 [root@k8smaster01 ~]# for all_ip in ${all_ips[@]}
  3   do
  4     echo ">>> ${all_ip}"
  5     ssh root@${all_ip} "systemctl status docker|grep active"
  6   done

2.3 检查docker 0网桥

  1 [root@k8smaster01 ~]# source /opt/k8s/bin/environment.sh
  2 [root@k8smaster01 ~]# for all_ip in ${all_ips[@]}
  3   do
  4     echo ">>> ${all_ip}"
  5     ssh root@${all_ip} "/usr/sbin/ip addr show flannel.1 && /usr/sbin/ip addr show docker0"
  6   done

提示:确认各 worker 节点的 docker0 网桥和 flannel.1 接口的 ip 处于同对应的相同网段中。

2.4 查看docker信息

  1 [root@k8smaster01 ~]# ps -elfh|grep docker | grep -v grep
  2 [root@k8smaster01 ~]# docker info

您可能感兴趣的文章:

如对本文有疑问, 点击进行留言回复!!

相关文章:

验证码:
最近更新的文章
大家感兴趣的文章
移动技术网