K8s:离线部署Kubernetes1.26.12及采用外部Harbor
本文详细介绍了在离线环境下使用KubeKey部署KubeSphere集群的完整流程。主要内容包括:1)在联网服务器下载KubeKey工具、获取镜像列表并构建离线安装包;2)在离线服务器创建配置文件,配置私有镜像仓库信息;3)通过KubeKey命令执行离线安装。
一、离线环境
CPU:Hygon C86 7285 32-core Processor
操作系统:麒麟操作系统
containerd:1.7.27
Harbor:2.13.1
二、一台能上互联网的服务器
2.1、下载KubeKey3.1.10
https://kubernetes.pek3b.qingstor.com/kubekey/releases/download/v3.1.10/kubekey-v3.1.10-linux-amd64.tar.gz
解压后,会有 KubeKey 二进制文件 kk。
#tar -zxvf kubekey-v3.1.10-linux-amd64.tar.gz
2.2、获取kubesphere版本信息及镜像列表
https://get-images.kubesphere.io/
镜像列表文件如下:
| 文件名 | 描述 |
| kubesphere-images.txt | 包含 KubeSphere 及扩展组件涉及的所有镜像,以及在华为云的镜像地址,可根据该文件中的列表将镜像同步至离线仓库中。 |
| kk-manifest.yaml | 包含 KubeSphere 及扩展组件涉及的所有镜像,可使用 kk 快速构建离线包。 |
| kk-manifest-mirror.yaml | 包含华为云镜像仓库中 KubeSphere 及扩展组件涉及的所有镜像。访问 DockerHub 受限时可使用该 manifest 文件构建离线包。 |
2.3、创建 manifest 文件
# chmod +x kk
./kk create manifest --with-kubernetes v1.26.12 --with-registry
使用 kk 离线部署镜像仓库,添加 --with-registry 打包镜像仓库的安装文件
该命令将创建一个 manifest-sample.yaml 文件。
2.4、编辑 manifest 文件
#vi manifest-sample.yaml
复制kk-manifest-mirror.yaml(若访问 DockerHub 受限) 中的镜像列表,添加到新创建的 manifest-sample.yaml 文件中。
apiVersion: kubekey.kubesphere.io/v1alpha2
kind: Manifest
metadata:
name: sample
spec:
arches:
- amd64
operatingSystems: []
kubernetesDistributions:
- type: kubernetes
version: v1.26.12
components:
helm:
version: v3.14.3
cni:
version: v1.2.0
etcd:
version: v3.5.13
containerRuntimes:
- type: docker
version: 24.0.9
- type: containerd
version: 1.7.13
calicoctl:
version: v3.27.4
crictl:
version: v1.29.0
docker-registry:
version: "2"
harbor:
version: v2.10.1
docker-compose:
version: v2.26.1
images:
- registry.cn-beijing.aliyuncs.com/kubesphereio/pause:3.9
- registry.cn-beijing.aliyuncs.com/kubesphereio/kube-apiserver:v1.26.12
- registry.cn-beijing.aliyuncs.com/kubesphereio/kube-controller-manager:v1.26.12
- registry.cn-beijing.aliyuncs.com/kubesphereio/kube-scheduler:v1.26.12
- registry.cn-beijing.aliyuncs.com/kubesphereio/kube-proxy:v1.26.12
- registry.cn-beijing.aliyuncs.com/kubesphereio/coredns:1.9.3
- registry.cn-beijing.aliyuncs.com/kubesphereio/k8s-dns-node-cache:1.22.20
- registry.cn-beijing.aliyuncs.com/kubesphereio/kube-controllers:v3.27.4
- registry.cn-beijing.aliyuncs.com/kubesphereio/cni:v3.27.4
- registry.cn-beijing.aliyuncs.com/kubesphereio/node:v3.27.4
- registry.cn-beijing.aliyuncs.com/kubesphereio/pod2daemon-flexvol:v3.27.4
- registry.cn-beijing.aliyuncs.com/kubesphereio/typha:v3.27.4
- registry.cn-beijing.aliyuncs.com/kubesphereio/flannel:v0.21.3
- registry.cn-beijing.aliyuncs.com/kubesphereio/flannel-cni-plugin:v1.1.2
- registry.cn-beijing.aliyuncs.com/kubesphereio/cilium:v1.15.3
- registry.cn-beijing.aliyuncs.com/kubesphereio/operator-generic:v1.15.3
- registry.cn-beijing.aliyuncs.com/kubesphereio/hybridnet:v0.8.6
- registry.cn-beijing.aliyuncs.com/kubesphereio/kube-ovn:v1.10.10
- registry.cn-beijing.aliyuncs.com/kubesphereio/multus-cni:v3.8
- registry.cn-beijing.aliyuncs.com/kubesphereio/provisioner-localpv:3.3.0
- registry.cn-beijing.aliyuncs.com/kubesphereio/linux-utils:3.3.0
- registry.cn-beijing.aliyuncs.com/kubesphereio/haproxy:2.9.6-alpine
- registry.cn-beijing.aliyuncs.com/kubesphereio/kube-vip:v0.7.2
- registry.cn-beijing.aliyuncs.com/kubesphereio/kata-deploy:stable
- registry.cn-beijing.aliyuncs.com/kubesphereio/node-feature-discovery:v0.10.0
## ks-corenew
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/ks-apiserver:v4.1.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/ks-console:v4.1.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/ks-controller-manager:v4.1.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.16
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/redis:7.2.4-alpine
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/haproxy:2.9.6-alpine
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/ks-extensions-museum:v1.1.2
## devops
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/devops-apiserver:v4.1.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/devops-controller:v4.1.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/devops-tools:v4.1.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/devops-jenkins:v4.1.2-2.346.3
- swr.cn-southwest-2.myhuaweicloud.com/ks/jenkins/inbound-agent:4.10-2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-base:v3.2.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-nodejs:v3.2.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-maven:v3.2.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-maven:v3.2.1-jdk11
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-python:v3.2.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.2-1.16
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.2-1.17
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.2-1.18
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-base:v3.2.2-podman
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-nodejs:v3.2.0-podman
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-maven:v3.2.0-podman
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-maven:v3.2.1-jdk11-podman
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-python:v3.2.0-podman
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.0-podman
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.2-1.16-podman
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.2-1.17-podman
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/builder-go:v3.2.2-1.18-podman
- swr.cn-southwest-2.myhuaweicloud.com/ks/argoproj/argocd:v2.3.3
- swr.cn-southwest-2.myhuaweicloud.com/ks/argoproj/argocd-applicationset:v0.4.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/dexidp/dex:v2.30.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/library/redis:6.2.6-alpine
## gatekeeper
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/gatekeeper-extension-apiserver:v1.0.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
- swr.cn-southwest-2.myhuaweicloud.com/ks/openpolicyagent/gatekeeper:v3.14.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/openpolicyagent/gatekeeper-crds:v3.14.0
## gateway
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/nginx-ingress-controller:v1.4.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/gateway-apiserver:v1.0.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/gateway-controller-manager:v1.0.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.16
## grafana
- swr.cn-southwest-2.myhuaweicloud.com/ks/curlimages/curl:7.85.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/grafana/grafana:10.4.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/library/busybox:1.31.1
## kubeedge
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubeedge/iptables-manager:v1.13.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubeedge/cloudcore:v1.13.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubeedge/controller-manager:v1.13.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubeedge-proxy:v0.4.1
## kubefed
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubefed-extension:v1.0.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubefed:v0.8.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.4
## loki
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
- swr.cn-southwest-2.myhuaweicloud.com/ks/grafana/loki:3.0.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/grafana/loki-helm-test:ewelch-distributed-helm-chart-17db5ee
- swr.cn-southwest-2.myhuaweicloud.com/ks/grafana/loki-canary:3.0.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/nginxinc/nginx-unprivileged:1.24-alpine
- swr.cn-southwest-2.myhuaweicloud.com/ks/library/memcached:1.6.23-alpine
- swr.cn-southwest-2.myhuaweicloud.com/ks/prom/memcached-exporter:v0.14.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kiwigrid/k8s-sidecar:1.24.3
- swr.cn-southwest-2.myhuaweicloud.com/ks/minio/minio:RELEASE.2022-09-17T00-09-45Z
- swr.cn-southwest-2.myhuaweicloud.com/ks/minio/mc:RELEASE.2022-09-16T09-16-47Z
## metrics-server
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/metrics-server:v0.7.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/addon-resizer:1.8.20
## network
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/network-extension-apiserver:v1.1.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/network-extension-controller:v1.1.0
## openpitrix
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/apps-manage:v2.0.1
## opensearch
- swr.cn-southwest-2.myhuaweicloud.com/ks/opensearchproject/opensearch:2.8.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/library/busybox:1.35.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/opensearch-curator:v0.0.5
- swr.cn-southwest-2.myhuaweicloud.com/ks/opensearchproject/opensearch-dashboards:2.8.0
## servicemesh
- swr.cn-southwest-2.myhuaweicloud.com/ks/istio/pilot:1.16.5
- swr.cn-southwest-2.myhuaweicloud.com/ks/istio/proxyv2:1.16.5
- swr.cn-southwest-2.myhuaweicloud.com/ks/istio/istioctl:1.16.5
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.4
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kiali-operator:v1.59.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kiali:v1.59
- swr.cn-southwest-2.myhuaweicloud.com/ks/jaegertracing/jaeger-operator:1.35.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/jaegertracing/jaeger-agent:1.35
- swr.cn-southwest-2.myhuaweicloud.com/ks/jaegertracing/jaeger-collector:1.35
- swr.cn-southwest-2.myhuaweicloud.com/ks/jaegertracing/jaeger-query:1.35
- swr.cn-southwest-2.myhuaweicloud.com/ks/jaegertracing/jaeger-es-index-cleaner:1.35
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/servicemesh-apiserver:v0.1.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/servicemesh-controller-manager:v0.1.0
## storage-utils
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/storageclass-accessor:v0.2.5
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/snapshot-controller:v4.2.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/snapshotclass-controller:v0.0.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/pvc-autoresizer:v0.3.1
## tower
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/tower:v0.2.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/tower-extension:v1.0.0
## vector
- swr.cn-southwest-2.myhuaweicloud.com/ks/timberio/vector:0.39.0-debian
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/vector-config:v0.2.1
## whizard-alerting
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/whizard-alerting-apiserver:v1.0.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/whizard-alerting-controller-manager:v1.0.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/thanosio/thanos:v0.36.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/cortex-tenant:v1.12.5
- swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus-operator/prometheus-config-reloader:v0.75.1
## whizard-events
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kube-events-exporter:v0.8.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/jimmidyson/configmap-reload:v0.9.0
## whizard-logging
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/log-sidecar-injector:v1.3.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/jimmidyson/configmap-reload:v0.9.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/elastic/filebeat:6.7.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/timberio/vector:0.39.0-debian
- swr.cn-southwest-2.myhuaweicloud.com/ks/library/alpine:3.14
## whizard-monitoring
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kube-state-metrics:v2.12.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubespheredev/kube-webhook-certgen:v20221220-controller-v1.5.1-58-g787ea74b6
- swr.cn-southwest-2.myhuaweicloud.com/ks/thanosio/thanos:v0.36.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/brancz/kube-rbac-proxy:v0.18.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus-operator/prometheus-config-reloader:v0.75.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus-operator/prometheus-operator:v0.75.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus/node-exporter:v1.8.1
- swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus/prometheus:v2.51.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/dcgm-exporter:3.3.5-3.4.0-ubuntu22.04
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/process-exporter:0.5.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/nginxinc/nginx-unprivileged:1.24
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/calico-exporter:v0.3.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/whizard-monitoring-helm-init:v0.1.0
## whizard-notification
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kubectl:v1.27.12
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/kube-rbac-proxy:v0.11.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/alertmanager-proxy:v0.2.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/notification-manager-operator:v2.5.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/notification-manager:v2.5.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/notification-tenant-sidecar:v4.0.2
- swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus/alertmanager:v0.27.0
- swr.cn-southwest-2.myhuaweicloud.com/ks/prometheus-operator/prometheus-config-reloader:v0.75.1
## whizard-telemetry
- swr.cn-southwest-2.myhuaweicloud.com/ks/kubesphere/whizard-telemetry-apiserver:v1.2.2
registry:
auths: {}
2.5、构建离线包
./kk artifact export -m manifest-sample.yaml -o kubesphere.tar.gz
三、一台离线服务器
3.1、依赖项要求
| 依赖项 | Kubernetes 版本 ≥ 1.18 | Kubernetes 版本 < 1.18 |
| socat | 必须 | 可选,但建议安装 |
| conntrack | 必须 | 可选,但建议安装 |
| ebtables | 可选,但建议安装 | 可选,但建议安装 |
| ipset | 可选,但建议安装 | 可选,但建议安装 |
如何安装socat、conntrack,详见我另外一篇博客《k8s:离线添加集群节点的相关组件安装与升级》
将联网主机 上的二个文件同步至离线环境的 master 节点。
kk(KubeKey3.1.10的解压文件)
kubesphere.tar.gz
3.2、创建配置文件config-sample.yaml(私有仓库)
# chmod +x kk
./kk create config --with-kubernetes v1.26.12
命令执行完毕后将生成安装配置文件 config-sample.yaml。
3.3、编辑config-sample.yaml配置
注:资源有限,仅部署在一台服务器中。
vi config-sample.yaml
apiVersion: kubekey.kubesphere.io/v1alpha2
kind: Cluster
metadata:
name: sample
spec:
hosts:
- {name: master, address: 172.23.123.117, internalAddress: 172.23.123.117, user: root, password: "@datatom66"}
roleGroups:
etcd:
- master
control-plane:
- master
worker:
- master
controlPlaneEndpoint:
domain: “”
address: "172.23.123.117"
port: 6443
kubernetes:
version: v1.26.12
clusterName: cluster.local
autoRenewCerts: true
containerManager: containerd
etcd:
type: kubekey
network:
plugin: calico
kubePodsCIDR: 10.233.64.0/18
kubeServiceCIDR: 10.233.0.0/18
multusCNI:
enabled: false
registry:
auths:
"172.23.123.117:8443":
username: "admin"
password: "Harbor12345"
privateRegistry: "172.23.123.117:8443"
namespaceOverride: "kubesphereio"
registryMirrors: []
insecureRegistries:
- "172.23.123.117:8443"
addons: []
-
-
-
- spec:hosts 参数下设置各服务器的信息
-
-
| 参数 | 描述 |
| name | 用户自定义的服务器名称。 |
| address | 服务器的 SSH 登录 IP 地址。 |
| internalAddress | 服务器在子网内部的 IP 地址。 |
| port | 服务器的 SSH 端口号。如果使用默认端口 22 可不设置此参数。 |
| user | 服务器的 SSH 登录用户名,该用户必须为 root 用户或其他具有 sudo 命令执行权限的用户。如果使用 root 用户可不设置此参数。 |
| password | 服务器的 SSH 登录密码。如果已经设置 privateKeyPath 可不设置此参数。 |
| privateKeyPath | 服务器的 SSH 登录密钥的路径。如果已经设置 password 可不设置此参数。 |
| arch | 服务器的硬件架构。如果服务器的硬件架构为 Arm64,请将此参数设置为 arm64,否则请勿设置此参数。安装包默认仅支持所有集群节点都为 x86_64 或 arm64 架构的场景。如果各集群节点的硬件架构不完全相同,请联系 KubeSphere 技术支持团队。 |
-
-
-
- spec:roleGroups 参数下设置服务器的角色:
-
-
| 参数 | 描述 |
| etcd | 安装 etcd 数据库的节点。请在此参数下设置集群控制平面节点。 |
| control-plane | 集群控制平面节点。如果您已经为集群配置了高可用性,您可以设置多个控制平面节点。 |
| worker | 集群工作节点。 |
| registry | 用于创建私有镜像服务的服务器。该服务器不会用作集群节点。 安装、升级 KubeSphere 时,如果集群节点无法连接互联网,需要在此参数下设置用于创建私有镜像服务的服务器。其他情况下请将此参数注释掉。 |
3.4、将kubesphere.tar.gz的jar推送到harbor
下次再写如何推送jar到harbor库。
3.5、安装 Kubernetes1.26.12
./kk create cluster -f config-sample.yaml -a /app/KubeSphere/setup/kubesphere.tar.gz --with-local-storage
如果显示如下信息,则表明 Kubernetes 集群创建成功。
| 类型 | 命令示例 | 说明 |
| 在线安装 | ./kk create cluster -f config.yaml | 自动从互联网下载 Kubernetes、Docker、KubeSphere 等镜像和二进制文件 |
| 离线安装 | ./kk create cluster -f config-sample.yaml -a /path/to/offline.tar.gz --with-local-storage | 使用本地打包好的离线包(包含所有镜像和组件)进行部署,适用于无公网环境 |
- KubeKey 会做以下几件事:
解析 kubesphere.tar.gz 中的内容
包含:Kubernetes 各组件镜像、CNI 插件、KubeSphere 组件等
提供部署所需的二进制文件、YAML 模板、Docker 镜像元数据
生成 /etc/kubernetes/manifests/ 下的静态 Pod 文件
如:kube-apiserver.yaml, kube-controller-manager.yaml 等
这些文件依赖于 kubesphere.tar.gz 中的信息
生成集群证书、配置文件、节点配置脚本等
启动 kubelet 并触发控制平面 Pod 被创建