在"China Azure中部署Kubernetes(K8S)集群"一文中,我们使用的ACS Version及Kubernete Version版本都比较低,ACS Version为0.8.0,Kubernete Version为1.6。随着ACS版本及Kubernete版本的不断跟新,我们会尽可能的采用新的version部署我们的集群服务。本文将使用 ACS Version为0.18.8,Kubernete Version为1.10.4 进行部署,同时Kubernetes.json的配置文件也加入了多个限制条件,详情操作见下:

1.查看Ubuntu 机器Version

root@hlmubu1604n1ma:~# lsb_release -a

No LSB modules are available.

Distributor ID:    Ubuntu

Description:    Ubuntu 16.04. LTS

Release:    16.04

Codename:    xenial

2.在该Ubuntu机器上安装CLI 2.0

root@hlmubu1604n1ma:~# az

     /\

    /  \    _____   _ _  ___ _

   / /\ \  |_  / | | | \'__/ _\

  / ____ \  / /| |_| | | |  __/

 /_/    \_\/___|\__,_|_|  \___|

Welcome to the cool new Azure CLI!

Use `az --version` to display the current version.

Here are the base commands:

3.下载并安装 Azure 容器服务引擎(acs-engine)

wget https://github.com/Azure/acs-engine/releases/download/v0.18.8/acs-engine-v0.18.8-linux-amd64.tar.gz

tar zxvf acs-engine-v0.18.8-linux-amd64.tar.gz

cd acs-engine-v0.18.8-linux-amd64/

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64# ./acs-engine version

Version: v0.18.8

GitCommit: 71d88da

GitTreeState: clean

4.创建资源组并获取服务主体身份(service principal)

root@hlmubu1604n1ma:~# az cloud set -n AzureChinaCloud

root@hlmubu1604n1ma:~# az login -u "***@***.onmschina.cn"

Password:

[

  {

    "cloudName": "AzureChinaCloud",

    "id": "***",

    "isDefault": true,

    "name": "He Liming (anitay)",

    "state": "Enabled",

    "tenantId": "***",

    "user": {

      "name": "***",

      "type": "user"

    }

  }

]

root@hlmubu1604n1ma:~# az account set --subscription  "***"

root@hlmubu1604n1ma:~# az group create -n hlmk8srgt1 -l chinanorth

{

  "id": "/subscriptions/***/resourceGroups/hlmk8srgt1",

  "location": "chinanorth",

  "managedBy": null,

  "name": "hlmk8srgt1",

  "properties": {

    "provisioningState": "Succeeded"

  },

  "tags": null

}


root@hlmubu1604n1ma:~# az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/***/resourceGroups/hlmk8srgt1"
Retrying role assignment creation: / 
Retrying role assignment creation: / 
Retrying role assignment creation: / 
Retrying role assignment creation: / 
Retrying role assignment creation: / 
Retrying role assignment creation: / 
{ 
"appId": "***", 
"displayName": "azure-cli-2018-09-18-07-49-05", 
"name": "http://azure-cli-2018-09-18-07-49-05", 
"password": "***", "tenant": "***" 
} 

备注:记录appId及password的值以备后续使用

5.创建一个kubernets.json模板文件

{

   "apiVersion": "vlabs",

   "location": "chinanorth",

   "properties" :   {

      "orchestratorProfile" : {

         "orchestratorType" : "Kubernetes",

         "kubernetesConfig" : {

            "schedulerConfig" : {

               "--profiling" : "false"

            },

            "enableRbac":false,

            "apiServerConfig" : {

               "--audit-log-path" : "/var/log/audit.log",

               "--audit-log-maxage": "",

               "--audit-log-maxsize": "",

               "--audit-log-maxbackup": "",

               "--anonymous-auth":"false",

               "--profiling":"false"

            },

           "addons": [

               {

                 "name":"tiller",

                 "enabled":false

               },

               {

                "name":"kubernetes-dashboard",

                  "enabled":false

               },

               {

                  "name":"cluster-autoscaler",

                  "config":                  {

                     "maxNodes":"",

                     "minNodes":""

                  },

                  "enabled":true

               }

            ],

            "dnsServiceIP" : "10.2.0.240",

            "networkPolicy": "calico",

            "kubeletConfig" :  {

              "--make-iptables-util-chains":"true",

               "--allow-privileged":"false",

               "--keep-terminated-pod-volumes":"false",

               "--read-only-port": "",

               "--event-qps": "",

               "--cadvisor-port": ""

            },

            "serviceCidr": "10.2.0.0/24",

            "controllerManagerConfig": {

               "--terminated-pod-gc-threshold": "",

               "--profiling":"false"

            }

          },

         "orchestratorVersion": "1.10.4"

      },

      "agentPoolProfiles": [

         {

            "storageProfile": "ManagedDisks",

            "name": "macsetupdeve",

            "count": ,

            "osType": "Linux",

            "vnetSubnetId": "/subscriptions/***/resourceGroups/hlmk8st1/providers/Microsoft.Network/virtualNetworks/hlmk8svnet/subnets/default",

            "vmSize": "Standard_A2_v2",

            "availabilityProfile": "VirtualMachineScaleSets"

         }

      ],

      "servicePrincipalProfile": {

         "clientId": "***",

         "secret": "***"

      },

      "linuxProfile": {

         "adminUsername": "stone",

         "ssh": {

            "publicKeys": [

               {

                  "keyData": "ssh-rsa *** root@hlmubu1604n1ma"

               }

            ]

         }

      },

      "masterProfile": {

         "firstConsecutiveStaticIP": "10.2.0.100",

         "storageProfile": "ManagedDisks",

         "count": ,

         "dnsPrefix": "hlmk8s-mstr000",

         "vnetSubnetId": "/subscriptions/***/resourceGroups/hlmk8st1/providers/Microsoft.Network/virtualNetworks/hlmk8svnet/subnets/default",

         "vmSize": "Standard_A2_v2"

      }

   }

}

备注:

clientId为之前记录的appId; secret为之前记录的password; keyData为登陆机器所需的公钥(需要使用ssh-keygen命令生成)

6.生成Azure模板文件

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64# ./acs-engine generate kubernetes.json

INFO[] Generating assets into _output/hlmk8s-mstr001...

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64# ls

acs-engine  kubernetes.json  kubernetes.json.bak  kubernetes.json.bak1  kubernetes.json.bak2  LICENSE  _output  README.md  translations

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64# cd _output/

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64/_output# ls

hlmk8s-mstr000  hlmk8s-mstr001

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64/_output# cd hlmk8s-mstr001/

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64/_output/hlmk8s-mstr001# ls

apimodel.json  apiserver.key     azuredeploy.parameters.json  ca.key      client.key      etcdclient.key  etcdpeer0.key   etcdserver.key  kubectlClient.crt

apiserver.crt  azuredeploy.json  ca.crt                       client.crt  etcdclient.crt  etcdpeer0.crt   etcdserver.crt  kubeconfig      kubectlClient.key

7.部署Kubernetes集群,该过程大约需要20分钟左右

备注:使用较新的ACS生成的"azuredeploy.parameters.json"文件,不需要修改URL,直接就可以运行

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64/_output/hlmk8s-mstr001# az group deployment create --resource-group hlmk8srgt1 --template-file azuredeploy.json --parameters azuredeploy.parameters.json

8.使用Kubectl工具,并查看集群节点状态

备注:Azure Portal界面显示如下

Azure 部署K8S(二)的更多相关文章

  1. ansible一键部署k8s单机环境

    一.虚拟机准备 干净的Centsot7.4.4G内存.2个CPU 最小化安装,最好带虚拟化 二.执行初始化脚本 注意:脚本中配置静态网卡根据实际网卡名称配置,我用的是ens33 可以用 sed -i ...

  2. 使用saltstack自动部署K8S

    使用saltstack自动部署K8S 一.环境准备 1.1 规划 1. 操作系统 CentOS-7.x-x86_64. 2. 关闭 iptables 和 SELinux. 3. 所有节点的主机名和 I ...

  3. 使用kubeadm部署k8s

    k8s组件 master,node master中包括apiserver,scheduler,controller.etcd apiserver:负责接收用户请求,并且保存至etcd中. schedu ...

  4. 二进制部署k8s

    一.二进制部署 k8s集群 1)参考文章 博客: https://blog.qikqiak.com 文章: https://www.qikqiak.com/post/manual-install-hi ...

  5. 解决阿里云ECS下kubeadm部署k8s无法指定公网IP

    背景 一般情况下,"kubeadm"部署集群时指定"--apiserver-advertise-address=<public_ip>"参数,即可在 ...

  6. lvs+keepalived部署k8s v1.16.4高可用集群

    一.部署环境 1.1 主机列表 主机名 Centos版本 ip docker version flannel version Keepalived version 主机配置 备注 lvs-keepal ...

  7. Centos7.6部署k8s v1.16.4高可用集群(主备模式)

    一.部署环境 主机列表: 主机名 Centos版本 ip docker version flannel version Keepalived version 主机配置 备注 master01 7.6. ...

  8. 使用RKE快速部署k8s集群

    一.环境准备 1.1环境信息 IP地址 角色 部署软件 10.10.100.5 K8s Master Etcd.Control 10.10.100.17 K8s Worker1 Worker 10.1 ...

  9. 使用kubeadm部署k8s集群[v1.18.0]

    使用kubeadm部署k8s集群 环境 IP地址 主机名 节点 10.0.0.63 k8s-master1 master1 10.0.0.63 k8s-master2 master2 10.0.0.6 ...

随机推荐

  1. ios Https问题

    HTTPS认证过程:   ① 浏览器发送一个连接请求给安全服务器.   ② 服务器将自己的证书,以及同证书相关的信息发送给客户浏览器.   ③ 客户浏览器检查服务器送过来的证书是否是由自己信赖的 CA ...

  2. Visual Studio 2010 常用快捷方式

    调试快捷键 F6:           生成解决方案 Ctrl+F6:   生成当前项目 F7:           查看代码 Shift+F7:  查看窗体设计器 F5:           启动调 ...

  3. [模板]tarjan缩点+拓扑排序

    题目:给定一个n个点m条边有向图,每个点有一个权值,求一条路径,使路径经过的点权值之和最大.你只需要求出这个权值和. 允许多次经过一条边或者一个点,但是,重复经过的点,权值只计算一次. 题目简述:先t ...

  4. [SoapUI]获取Project,Test Suite,Test Case各个级别参数的值

    String testResultPath = testRunner.testCase.testSuite.project.getPropertyValue( "testResultPath ...

  5. python 多线程简介

    Thread类定义了以下常用方法与属性: Thread.getName() \Thread.setName():老方式用于获取和设置线程的名称,官方建议用Thread.name替代 Thread.id ...

  6. 解决win7和2008连接windows 2003远程桌面很卡的问题

    解决win7和2008连接windows 2003远程桌面很卡的问题 来源:http://www.hack1990.com/ 作者:佚名 时间:2013-04-12 TAG: 我要投稿 原因在于从vi ...

  7. centos7安装kubernetes 1.1

    原文地址:http://foxhound.blog.51cto.com/1167932/1717105 前提:centos7 已经update yum update -y 一.创建yum源 maste ...

  8. 23 DesignPatterns学习笔记:C++语言实现 --- 1.3 Singletion

    23 DesignPatterns学习笔记:C++语言实现 --- 1.3 Singletion 2016-07-21 (www.cnblogs.com/icmzn) 模式理解  

  9. EBS R12 Vision Profile default value - IRC: Geocode Host

    Profile Option Name Site Application Responsibility Server Server Org User IRC: Geocode Host http:// ...

  10. shell备份文件时加上时间戳

    1.在root目录下新建backup_date文件,写入echo _back_`date '+%Y%m%d%H%M%S'` [root@iZbp10er5cziaoscpe3x0hZ ~]# vi b ...