使用 --image-repository 解决kubeadm 安装k8s 集群 谷歌镜像墙的问题

从网上我们看到的好多kubeadm 安装k8s 的时候都说需要下拉取镜像，然后修改，实际上
我们可以使用配置参数，快速的跳过墙的问题
说明：
基础镜像，我们仍然存在，拉取的问题，但是dockerhub 上已经包含了好多拉取好的，我们只需要拉取，统一命名
下就可以了,简单测试我使用了别人以及配置好的 index.docker.io/mirrorgooglecontainers

简单demo

• 准备coredns 镜像

 

默认上边的仓库没有处理coredns 的镜像，我拉取，本地处理了

docker pull coredns/coredns:1.2.6

docker tag coredns/coredns:1.2.6 mirrorgooglecontainers/coredns:1.2.6

 

• init

kubeadm init --image-repository index.docker.io/mirrorgooglecontainers

• 效果

kubeadm init --image-repository index.docker.io/mirrorgooglecontainers

I1227 14:33:45.044189 5340 version.go:94] could not fetch a Kubernetes version from the internet: unable to get URL "https://dl.k8s.io/release/stable-1.txt": Get https://storage.googleapis.com/kubernetes-release/release/stable-1.txt: net/http: request canceled (Client.Timeout exceeded while awaiting headers)

I1227 14:33:45.044262 5340 version.go:95] falling back to the local client version: v1.13.1

[init] Using Kubernetes version: v1.13.1

[preflight] Running pre-flight checks

 [WARNING SystemVerification]: this Docker version is not on the list of validated versions: 18.09.0. Latest validated version: 18.06

 [WARNING Service-Kubelet]: kubelet service is not enabled, please run 'systemctl enable kubelet.service'

[preflight] Pulling images required for setting up a Kubernetes cluster

[preflight] This might take a minute or two, depending on the speed of your internet connection

[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'

[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"

[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"

[kubelet-start] Activating the kubelet service

[certs] Using certificateDir folder "/etc/kubernetes/pki"

[certs] Generating "ca" certificate and key

[certs] Generating "apiserver" certificate and key

[certs] apiserver serving cert is signed for DNS names [iz2zeg7uro1snhd9wqmp2oz kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 47.93.161.2]

[certs] Generating "apiserver-kubelet-client" certificate and key

[certs] Generating "front-proxy-ca" certificate and key

[certs] Generating "front-proxy-client" certificate and key

[certs] Generating "etcd/ca" certificate and key

[certs] Generating "etcd/server" certificate and key

[certs] etcd/server serving cert is signed for DNS names [iz2zeg7uro1snhd9wqmp2oz localhost] and IPs [47.93.161.2 127.0.0.1 ::1]

[certs] Generating "etcd/healthcheck-client" certificate and key

[certs] Generating "etcd/peer" certificate and key

[certs] etcd/peer serving cert is signed for DNS names [iz2zeg7uro1snhd9wqmp2oz localhost] and IPs [47.93.161.2 127.0.0.1 ::1]

[certs] Generating "apiserver-etcd-client" certificate and key

[certs] Generating "sa" key and public key

[kubeconfig] Using kubeconfig folder "/etc/kubernetes"

[kubeconfig] Writing "admin.conf" kubeconfig file

[kubeconfig] Writing "kubelet.conf" kubeconfig file

[kubeconfig] Writing "controller-manager.conf" kubeconfig file

[kubeconfig] Writing "scheduler.conf" kubeconfig file

[control-plane] Using manifest folder "/etc/kubernetes/manifests"

[control-plane] Creating static Pod manifest for "kube-apiserver"

[control-plane] Creating static Pod manifest for "kube-controller-manager"

[control-plane] Creating static Pod manifest for "kube-scheduler"

[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"

[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s

[apiclient] All control plane components are healthy after 20.001573 seconds

[uploadconfig] storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace

[kubelet] Creating a ConfigMap "kubelet-config-1.13" in namespace kube-system with the configuration for the kubelets in the cluster

[patchnode] Uploading the CRI Socket information "/var/run/dockershim.sock" to the Node API object "iz2zeg7uro1snhd9wqmp2oz" as an annotation

[mark-control-plane] Marking the node iz2zeg7uro1snhd9wqmp2oz as control-plane by adding the label "node-role.kubernetes.io/master=''"

[mark-control-plane] Marking the node iz2zeg7uro1snhd9wqmp2oz as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]

[bootstrap-token] Using token: eopu1d.aygr2do3dfz0zndh

[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles

[bootstraptoken] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials

[bootstraptoken] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token

[bootstraptoken] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster

[bootstraptoken] creating the "cluster-info" ConfigMap in the "kube-public" namespace

[addons] Applied essential addon: CoreDNS

[addons] Applied essential addon: kube-proxy

​

Your Kubernetes master has initialized successfully!

​

To start using your cluster, you need to run the following as a regular user:

​

  mkdir -p $HOME/.kube

  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

  sudo chown $(id -u):$(id -g) $HOME/.kube/config

​

You should now deploy a pod network to the cluster.

Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:

  https://kubernetes.io/docs/concepts/cluster-administration/addons/

​

You can now join any number of machines by running the following on each node

as root:

​

  kubeadm join <youserverip>:6443 --token eopu1d.aygr2do3dfz0zndh --discovery-token-ca-cert-hash sha256:c74094ffde73bf834a13a994f6715d2a6fcc165913a54812255d62c90460153b

 

 

• 集群组件结果

kubectl get cs

NAME STATUS MESSAGE ERROR

scheduler Healthy ok

controller-manager Healthy ok

etcd-0 Healthy {"health": "true"}

 

• 部署的pod 组件
  因为我没有部署网络组件，所以有几个是有问题的

 

kubectl get all --all-namespaces

NAMESPACE NAME READY STATUS RESTARTS AGE

kube-system pod/coredns-754c658c4f-kr29k 0/1 Pending 0 6m32s

kube-system pod/coredns-754c658c4f-lthgk 0/1 Pending 0 6m32s

kube-system pod/etcd-iz2zeg7uro1snhd9wqmp2oz 1/1 Running 0 5m40s

kube-system pod/kube-apiserver-iz2zeg7uro1snhd9wqmp2oz 1/1 Running 0 5m27s

kube-system pod/kube-controller-manager-iz2zeg7uro1snhd9wqmp2oz 1/1 Running 0 5m35s

kube-system pod/kube-proxy-kkfrl 1/1 Running 0 6m32s

kube-system pod/kube-scheduler-iz2zeg7uro1snhd9wqmp2oz 1/1 Running 0 5m46s

​

NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE

default service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6m41s

kube-system service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 6m37s

​

NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE

kube-system daemonset.apps/kube-proxy 1 1 1 1 1 <none> 6m37s

​

NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE

kube-system deployment.apps/coredns 0/2 2 0 6m37s

​

NAMESPACE NAME DESIRED CURRENT READY AGE

kube-system replicaset.apps/coredns-754c658c4f 2 2 0 6m32s

 

 

说明

后边具体的操作可以参考官方文档，我的演示只是部分，主要是说明我们可以使用配置参数解决好多镜像墙的问题
同时还支持其他方便的参数，我们可以使用kubeadm --help 或者官方文档了解更多的信息

新版的配置参数

可以参考

 

root 5471 1 1 14:33 ? 00:00:07 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --cgroup-driver=cgroupfs --network-plugin=cni --pod-infra-container-image=index.docker.io/mirrorgooglecontainers/pause:3.1

root 6016 5982 3 14:33 ? 00:00:17 kube-apiserver --authorization-mode=Node,RBAC --advertise-address=<ip> --allow-privileged=true --client-ca-file=/etc/kubernetes/pki/ca.crt --enable-admission-plugins=NodeRestriction --enable-bootstrap-token-auth=true --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key --etcd-servers=https://127.0.0.1:2379 --insecure-port=0 --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt --kubelet-client-key=/etc/kubernetes/pki/apiserver-kubelet-client.key --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname --proxy-client-cert-file=/etc/kubernetes/pki/front-proxy-client.crt --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key --requestheader-allowed-names=front-proxy-client --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt --requestheader-extra-headers-prefix=X-Remote-Extra- --requestheader-group-headers=X-Remote-Group --requestheader-username-headers=X-Remote-User --secure-port=6443 --service-account-key-file=/etc/kubernetes/pki/sa.pub --service-cluster-ip-range=10.96.0.0/12 --tls-cert-file=/etc/kubernetes/pki/apiserver.crt --tls-private-key-file=/etc/kubernetes/pki/apiserver.key

root 6128 5996 1 14:33 ? 00:00:05 etcd --advertise-client-urls=https://<ip>:2379 --cert-file=/etc/kubernetes/pki/etcd/server.crt --client-cert-auth=true --data-dir=/var/lib/etcd --initial-advertise-peer-urls=https://<ip>:2380 --initial-cluster=iz2zeg7uro1snhd9wqmp2oz=https://<ip>:2380 --key-file=/etc/kubernetes/pki/etcd/server.key --listen-client-urls=https://127.0.0.1:2379,https://<ip>:2379 --listen-peer-urls=https://<ip>2:2380 --name=iz2zeg7uro1snhd9wqmp2oz --peer-cert-file=/etc/kubernetes/pki/etcd/peer.crt --peer-client-cert-auth=true --peer-key-file=/etc/kubernetes/pki/etcd/peer.key --peer-trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt --snapshot-count=10000 --trusted-ca-file=/etc/kubernetes/pki/etcd/ca.crt

root 6216 6000 0 14:33 ? 00:00:03 kube-scheduler --address=127.0.0.1 --kubeconfig=/etc/kubernetes/scheduler.conf --leader-elect=true

root 6226 6011 1 14:33 ? 00:00:08 kube-controller-manager --address=127.0.0.1 --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf --client-ca-file=/etc/kubernetes/pki/ca.crt --cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt --cluster-signing-key-file=/etc/kubernetes/pki/ca.key --controllers=*,bootstrapsigner,tokencleaner --kubeconfig=/etc/kubernetes/controller-manager.conf --leader-elect=true --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt --root-ca-file=/etc/kubernetes/pki/ca.crt --service-account-private-key-file=/etc/kubernetes/pki/sa.key --use-service-account-credentials=true

root 6727 6707 0 14:34 ? 00:00:00 /usr/local/bin/kube-proxy --config=/var/lib/kube-proxy/config.conf --hostname-override=iz2zeg7uro1snhd9wqmp2oz

 

参考资料

https://kubernetes.io/docs/setup/independent/install-kubeadm/