From 1e624016217615f96c42cebc1438f8401171ce19 Mon Sep 17 00:00:00 2001 From: bingoct <47520890+bingoct@users.noreply.github.com> Date: Mon, 30 Oct 2023 15:16:18 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E9=BB=98=E8=AE=A4helm=20repo=20?= =?UTF-8?q?=E4=BB=93=E5=BA=93=E4=BF=AE=E6=AD=A3=20(#2717)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fix: crictl 指定 runtime-endpoint fix: helm version 输出 fix: 移除kubeadm镜像预拉取 doc: 增加镜像 registry 文档 --- bcs-ops/install_master.sh | 6 ----- bcs-ops/install_node.sh | 4 ---- bcs-ops/k8s/install_helm | 2 +- bcs-ops/k8s/install_k8s | 8 ++++--- bcs-ops/readme.md | 40 ++++++++++++++++++++++++++++---- bcs-ops/system/config_envfile.sh | 2 +- 6 files changed, 43 insertions(+), 19 deletions(-) diff --git a/bcs-ops/install_master.sh b/bcs-ops/install_master.sh index a2d0ea5b7a..c7b4c12eb6 100755 --- a/bcs-ops/install_master.sh +++ b/bcs-ops/install_master.sh @@ -47,18 +47,12 @@ safe_source "${ROOT_DIR}/functions/k8s.sh" "${ROOT_DIR}"/system/config_envfile.sh -c init "${ROOT_DIR}"/system/config_system.sh -c dns sysctl "${ROOT_DIR}"/tools/install_tools.sh jq yq -"${ROOT_DIR}"/system/install_yq "${ROOT_DIR}"/k8s/install_cri.sh "${ROOT_DIR}"/k8s/install_k8s_tools "${ROOT_DIR}"/k8s/render_kubeadm safe_source "${ROOT_DIR}/env/bcs.env" -# pull image -if [[ -z ${BCS_OFFLINE:-} ]]; then - kubeadm --config="${ROOT_DIR}/kubeadm-config" config images pull \ - || utils::log "FATAL" "fail to pull k8s image" -fi # wait to check kubelet start sleep 30 diff --git a/bcs-ops/install_node.sh b/bcs-ops/install_node.sh index 5453604886..77cd5ecbe0 100755 --- a/bcs-ops/install_node.sh +++ b/bcs-ops/install_node.sh @@ -122,10 +122,6 @@ case "${K8S_CSI,,}" in ;; esac -if [[ -z ${BCS_OFFLINE:-} ]]; then - kubeadm --config="${ROOT_DIR}/kubeadm-config" config images pull \ - || utils::log "FATAL" "fail to pull k8s image" -fi # wait kubelet to start sleep 30 diff --git a/bcs-ops/k8s/install_helm b/bcs-ops/k8s/install_helm index 18d6a01b78..8cf8509cf5 100755 --- a/bcs-ops/k8s/install_helm +++ b/bcs-ops/k8s/install_helm @@ -35,7 +35,7 @@ for file in "${source_files[@]}"; do safe_source "$file" done -if ! helm version --short /dev/null | grep -qoE "^v${HELM_VER}"; then +if ! helm version --short 2>/dev/null | grep -qoE "^v${HELM_VER}"; then helm_image=${BK_PUBLIC_REPO:-"docker.io"}/alpine/helm:3.7.2 utils::log "DEBUG" "helm image url: ${helm_image}" diff --git a/bcs-ops/k8s/install_k8s b/bcs-ops/k8s/install_k8s index eb5f43be0a..e1230effb1 100644 --- a/bcs-ops/k8s/install_k8s +++ b/bcs-ops/k8s/install_k8s @@ -138,7 +138,9 @@ for pod in ${pods[@]};do fi ;; "containerd") - if ! crictl ps |grep ${pod}|grep -i running;then + if ! crictl --runtime-endpoint=unix:///run/containerd/containerd.sock ps \ + | grep "${pod}" \ + | grep -i running; then utils::log "ERROR" "${pod} fail to run " fi ;; @@ -155,7 +157,7 @@ if [[ -z ${MASTER_JOIN_CMD:-} ]]; then kubectl get cm -n kube-system kube-proxy -o yaml|yq '.data.["kubeconfig.conf"]' > ${ROOT_DIR}/kubeconfig.conf kubectl get cm -n kube-system kube-proxy -o yaml|yq '.data.["config.conf"]'|yq '.ipvs.udpTimeout="10s"' > ${ROOT_DIR}/config.conf - kubectl delete cm kube-proxy -n kube-system + kubectl delete cm kube-proxy -n kube-system kubectl create cm kube-proxy -n kube-system --from-file config.conf --from-file kubeconfig.conf if ! kubectl get ds -n kube-system kube-proxy -o yaml|grep madvdontneed;then @@ -176,4 +178,4 @@ fi #coredns configuration -utils::log "OK" "K8S configuration done!" \ No newline at end of file +utils::log "OK" "K8S configuration done!" diff --git a/bcs-ops/readme.md b/bcs-ops/readme.md index 4f516c7b94..ec52fb748d 100644 --- a/bcs-ops/readme.md +++ b/bcs-ops/readme.md @@ -63,7 +63,7 @@ ip -6 route add fd00::/8 via dev src > 注意:`fe80::/10` link-local 地址不能用于 k8s 的 node-ip。 ## 安装示例 - +目前仅支持 k8s `1.20.15` (默认), `1.23.17` 和 `1.24.15` 版本。 ### 集群创建与节点添加 1. 在第一台主机(后称中控机)上启动集群控制平面:`./bcs-ops --instal master`,集群启动成功后会显示加入集群的指令 @@ -105,6 +105,15 @@ ip -6 route add fd00::/8 via dev src ## 环境变量 通过配置环境变量来设置集群相关的参数。在中控机创建集群前,通过 `set -a` 设置环境变量。 你可以执行 `system/config_envfile.sh -init` 查看默认的环境变量。 +注意,当你要使用多个特性时,相关的环境变量都得申明 + +### 示例:使用 containerd 作为容器运行时 +```bash +set -a +K8S_VER="1.24.15" +CRI_TYPE="containerd" +set +a +``` ### 示例:创建 ipv6 双栈集群 @@ -118,9 +127,20 @@ set +a ./bcs-ops -i master ``` +### 示例: 修改镜像 registry,并信任 +相关环境变量。镜像仓库默认为蓝鲸官方镜像仓库`hub.bktencent.com`,如果采用自己的镜像仓库,并且没有证书信任,需要添加下面两项环境变量 +```bash +# 默认镜像地址 +set -a +BK_PUBLIC_REPO=hub.bktencent.com +# 信任不安全的registry +INSECURE_REGISTRY="" +set +a +``` + ### 示例:离线安装 -离线安装资源清单见 `env/offline-manifest.yaml`。目前仅支持 k8s `1.20.15`, `1.23.17` 和 `1.24.15` 版本。 +离线安装资源清单见 `env/offline-manifest.yaml`。 你需要把对应的离线包解压到 bcs-ops 的工作根目录下 `tar xfvz bcs-ops-offline-${version}.tgz`,并且安装对应的版本 `${VERSION}`。 @@ -128,7 +148,16 @@ set +a set -a BCS_OFFLINE="1" K8S_VER="${VERSION}" -./bcs-ops -i master +set +a +``` + +### 示例:开启 apiserver 高可用 +APISERVER_HA_MODE 支持 [bcs-apiserver-proxy](https://github.com/TencentBlueKing/bk-bcs/blob/master/docs/features/bcs-apiserver-proxy/bcs-apiserver-proxy.md)(默认) 和 kube-vip。 +```bash +set -a +VIP=192.168.1.1 # 按照实际的需求填写,避免冲突 +ENABLE_APISERVER_HA=true +APISERVER_HA_MODE=bcs-apiserver-proxy set +a ``` @@ -138,11 +167,14 @@ bcs-ops 脚本工具集也支持安装 k8s 相关插件。多数的插件需要 ### csi -安装的 k8s 组件由 `K8S_CSI` 环境变量决定,目前默认且只支持 `localpv` +安装的 k8s 组件由 `K8S_CSI` 环境变量决定,默认为空,只支持 `localpv` #### localpv +相关配置项,中控机启动前需要运行 ```bash +# 申明 CSI 组件 为 `localpv` +K8S_CSI=localpv # localpv 挂载点,默认为${BK_HOME}/localpv LOCALPV_DIR=${LOCALPV_DIR:-${BK_HOME}/localpv} # 创建的 localpv 数量,默认为20个 diff --git a/bcs-ops/system/config_envfile.sh b/bcs-ops/system/config_envfile.sh index af19df1ac6..51cfaabd68 100755 --- a/bcs-ops/system/config_envfile.sh +++ b/bcs-ops/system/config_envfile.sh @@ -118,7 +118,7 @@ init_env() { BK_PUBLIC_REPO=${BK_PUBLIC_REPO:-"hub.bktencent.com"} # helm - BKREPO_URL=${BKREPO_URL:-"https://hub.bktencent.com/chartrepo"} + BKREPO_URL=${BKREPO_URL:-"https://hub.bktencent.com/chartrepo/blueking"} # apiserver HA ENABLE_APISERVER_HA=${ENABLE_APISERVER_HA:-"false"}