准备集群环境
easzlab-haproxy-keepalive-01 10.0.0.110
easzlab-haproxy-keepalive-02 10.0.0.111
easzlab-haproxy-keepalive-03 10.0.0.112
easzlab-k8s-master-01 10.0.0.120
easzlab-k8s-master-02 10.0.0.121
easzlab-k8s-master-03 10.0.0.122
easzlab-k8s-node-01 10.0.0.130
easzlab-k8s-node-02 10.0.0.131
easzlab-k8s-node-03 10.0.0.132
easzlab-k8s-etcd-01 10.0.0.140
easzlab-k8s-etcd-02 10.0.0.141
easzlab-k8s-etcd-03 10.0.0.142
easzlab-k8s-harbor-01 10.0.0.150
easzlab-k8s-harbor-02 10.0.0.151
easzlab-k8s-harbor-03 10.0.0.152
easzlab-k8s-ceph-01 10.0.0.160
easzlab-k8s-ceph-02 10.0.0.161
easzlab-k8s-ceph-03 10.0.0.162
easzlab-deploy-01 10.0.0.50
[root@wdy ~]#./clone.sh
Id Name State
------------------------------------------------
- rocky8.6-template shut off
- ubuntu20.04-template shut off
1) 克隆集群 3) 启动集群 5) 集群重启 7) 单节点关机 9) 退出
2) 删除集群 4) 关闭集群 6) 单节点启动 8) 单节点重启
请按要求输入操作选项:
[root@wdy ~]#virsh list --all|egrep easzlab
122 easzlab-haproxy-keepalive-01 running
123 easzlab-haproxy-keepalive-02 running
124 easzlab-haproxy-keepalive-03 running
126 easzlab-k8s-master-01 running
127 easzlab-k8s-master-02 running
128 easzlab-k8s-master-03 running
129 easzlab-k8s-node-01 running
130 easzlab-k8s-node-02 running
131 easzlab-k8s-node-03 running
133 easzlab-k8s-etcd-01 running
135 easzlab-k8s-etcd-02 running
137 easzlab-k8s-etcd-03 running
139 easzlab-k8s-harbor-01 running
141 easzlab-k8s-harbor-02 running
143 easzlab-k8s-harbor-03 running
146 easzlab-k8s-ceph-01 running
148 easzlab-k8s-ceph-02 running
150 easzlab-k8s-ceph-03 running
153 easzlab-deploy-01 running
登录部署机器准备环境easzlab-deploy-01
#安装ansible
[root@easzlab-deploy-01 ~]#apt -y install ansible
#修改ansible配置文件
[root@easzlab-deploy-01 ~]#vim /etc/ansible/ansible.cfg
[defaults]
inventory = /etc/ansible/hosts
roles_path = /etc/ansible/roles
host_key_checking = False
remote_user = root
deprecation_warnings = fales
[privilege_escalation]
become=True
become_method=sudo
become_user=root
become_ask_pass=False
#用脚本实现部署机器能免密登录集群内机器
[root@easzlab-deploy-01 ~]#bash ssh.sh
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:OJOfDLoOm58YhxzwXUlc2p5Kq4aj7AyTNlhBQ6+RsAo root@easzlab-deploy-01
The key's randomart image is:
+---[RSA 3072]----+
|..+ .... |
| + + ..+ |
|E + . + . |
|oo = . + . |
|. = . B S |
|.+ o o O . |
|=o=.o o + |
|=.+B.+ |
|o=+=* |
+----[SHA256]-----+
...
#修改ansible的hosts文件
[root@easzlab-deploy-01 ~]#cat /etc/ansible/hosts
[haproxykeepalive]
easzlab-haproxy-keepalive-01
easzlab-haproxy-keepalive-02
easzlab-haproxy-keepalive-03
[master]
easzlab-k8s-master-01
easzlab-k8s-master-02
easzlab-k8s-master-03
[node]
easzlab-k8s-node-01
easzlab-k8s-node-02
easzlab-k8s-node-03
[etcd]
easzlab-k8s-etcd-01
easzlab-k8s-etcd-02
easzlab-k8s-etcd-03
[harbor]
easzlab-k8s-harbor-01
easzlab-k8s-harbor-02
easzlab-k8s-harbor-03
[ceph]
easzlab-k8s-ceph-01
easzlab-k8s-ceph-02
easzlab-k8s-ceph-03
#修改本机服务器
[root@easzlab-deploy-01 ~]#cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 redhat
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
10.0.0.110 easzlab-haproxy-keepalive-01
10.0.0.111 easzlab-haproxy-keepalive-02
10.0.0.112 easzlab-haproxy-keepalive-03
10.0.0.120 easzlab-k8s-master-01
10.0.0.121 easzlab-k8s-master-02
10.0.0.122 easzlab-k8s-master-03
10.0.0.130 easzlab-k8s-node-01
10.0.0.131 easzlab-k8s-node-02
10.0.0.132 easzlab-k8s-node-03
10.0.0.140 easzlab-k8s-etcd-01
10.0.0.141 easzlab-k8s-etcd-02
10.0.0.142 easzlab-k8s-etcd-03
10.0.0.150 easzlab-k8s-harbor-01
10.0.0.151 easzlab-k8s-harbor-02
10.0.0.152 easzlab-k8s-harbor-03
10.0.0.160 easzlab-k8s-ceph-01
10.0.0.161 easzlab-k8s-ceph-02
10.0.0.162 easzlab-k8s-ceph-03
10.0.0.50 easzlab-deploy-01
[root@easzlab-deploy-01 ~]#ansible all -m ping
easzlab-haproxy-keepalive-03 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-master-01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-master-02 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-haproxy-keepalive-02 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-haproxy-keepalive-01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-master-03 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-node-01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-etcd-01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-node-02 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-node-03 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-etcd-02 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-harbor-01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-etcd-03 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-harbor-02 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-ceph-01 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-harbor-03 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-ceph-02 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
easzlab-k8s-ceph-03 | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"ping": "pong"
}
#使用ansible批量修改被控主机的hosts文件
[root@easzlab-deploy-01 ~]#mkdir /data/playbook -p
[root@easzlab-deploy-01 playbook]#vim hosts.yaml
---
- name: hosts
hosts: all
tasks:
- template:
src: hosts
dest: /etc/hosts
[root@easzlab-deploy-01 playbook]#ansible-playbook hosts.yaml
PLAY [hosts] ********************************************************************************************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************************************************************************************
ok: [easzlab-haproxy-keepalive-03]
ok: [easzlab-k8s-master-02]
ok: [easzlab-k8s-master-01]
ok: [easzlab-haproxy-keepalive-02]
ok: [easzlab-haproxy-keepalive-01]
ok: [easzlab-k8s-node-01]
ok: [easzlab-k8s-node-02]
ok: [easzlab-k8s-etcd-01]
ok: [easzlab-k8s-node-03]
ok: [easzlab-k8s-master-03]
ok: [easzlab-k8s-etcd-02]
ok: [easzlab-k8s-harbor-02]
ok: [easzlab-k8s-harbor-03]
ok: [easzlab-k8s-harbor-01]
ok: [easzlab-k8s-etcd-03]
ok: [easzlab-k8s-ceph-01]
ok: [easzlab-k8s-ceph-03]
ok: [easzlab-k8s-ceph-02]
TASK [template] *****************************************************************************************************************************************************************************
changed: [easzlab-haproxy-keepalive-01]
changed: [easzlab-k8s-master-01]
changed: [easzlab-haproxy-keepalive-02]
changed: [easzlab-k8s-master-02]
changed: [easzlab-haproxy-keepalive-03]
changed: [easzlab-k8s-master-03]
changed: [easzlab-k8s-node-02]
changed: [easzlab-k8s-node-01]
changed: [easzlab-k8s-etcd-01]
changed: [easzlab-k8s-node-03]
changed: [easzlab-k8s-etcd-02]
changed: [easzlab-k8s-ceph-01]
changed: [easzlab-k8s-harbor-01]
changed: [easzlab-k8s-harbor-03]
changed: [easzlab-k8s-harbor-02]
changed: [easzlab-k8s-etcd-03]
changed: [easzlab-k8s-ceph-02]
changed: [easzlab-k8s-ceph-03]
PLAY RECAP **********************************************************************************************************************************************************************************
easzlab-haproxy-keepalive-01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-haproxy-keepalive-02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-haproxy-keepalive-03 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-ceph-01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-ceph-02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-ceph-03 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-etcd-01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-etcd-02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-etcd-03 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-harbor-01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-harbor-02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-harbor-03 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-master-01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-master-02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-master-03 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-node-01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-node-02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-node-03 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
安装haproxy,keepalived
[root@easzlab-deploy-01 playbook]#vim install_haproxy_keepalived.yaml
---
- name: haproxy-keepalived
hosts: haproxykeepalive
tasks:
- apt:
name:
- haproxy
- keepalived
state: present
[root@easzlab-deploy-01 playbook]#ansible-playbook install_haproxy_keepalived.yaml
PLAY [haproxy-keepalived] *******************************************************************************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************************************************************************************
ok: [easzlab-haproxy-keepalive-02]
ok: [easzlab-haproxy-keepalive-01]
ok: [easzlab-haproxy-keepalive-03]
TASK [apt] **********************************************************************************************************************************************************************************
changed: [easzlab-haproxy-keepalive-01]
changed: [easzlab-haproxy-keepalive-03]
changed: [easzlab-haproxy-keepalive-02]
PLAY RECAP **********************************************************************************************************************************************************************************
easzlab-haproxy-keepalive-01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-haproxy-keepalive-02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-haproxy-keepalive-03 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
批量修改keepalive配置文件
[root@easzlab-deploy-01 playbook]#vim keepalived.conf.vrrp
! Configuration File for keepalived
global_defs {
router_id easzlab-lvs
}
vrrp_script check_haproxy {
script "/etc/keepalived/check_haproxy.sh"
interval 1
weight -30
fall 3
rise 2
timeout 2
}
vrrp_instance VI_1 {
state MASTER
interface enp1s0
garp_master_delay 10
smtp_alert
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass easzlab111
}
virtual_ipaddress {
10.0.0.200 label enp1s0:1
}
track_script {
check_haproxy
}
}
[root@easzlab-deploy-01 playbook]#vim config_keepalive.yaml
---
- name: config-keepalive
hosts: haproxykeepalive
tasks:
- name: config
template:
src: keepalived.conf.vrrp
dest: /etc/keepalived/keepalived.confi
- name: re02
block:
- name: replace
replace:
path: /etc/keepalived/keepalived.conf
regexp: "priority 100"
replace: "priority 90"
- name: replace
replace:
path: /etc/keepalived/keepalived.conf
regexp: "state MASTER"
replace: "state BACKUP"
when: "'easzlab-haproxy-keepalive-02' in ansible_fqdn"
- name: re03
block:
- name: replace
replace:
path: /etc/keepalived/keepalived.conf
regexp: "priority 100"
replace: "priority 80"
- name: replace
replace:
path: /etc/keepalived/keepalived.conf
regexp: "state MASTER"
replace: "state BACKUP"
when: "'easzlab-haproxy-keepalive-03' in ansible_fqdn"
[root@easzlab-deploy-01 ansible]#ansible-playbook config_keepalive.yaml
PLAY [config-keepalive] *********************************************************************************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************************************************************************************
ok: [easzlab-haproxy-keepalive-01]
ok: [easzlab-haproxy-keepalive-03]
ok: [easzlab-haproxy-keepalive-02]
TASK [config] *******************************************************************************************************************************************************************************
changed: [easzlab-haproxy-keepalive-02]
changed: [easzlab-haproxy-keepalive-01]
changed: [easzlab-haproxy-keepalive-03]
TASK [replace] ******************************************************************************************************************************************************************************
skipping: [easzlab-haproxy-keepalive-01]
skipping: [easzlab-haproxy-keepalive-03]
ok: [easzlab-haproxy-keepalive-02]
TASK [replace] ******************************************************************************************************************************************************************************
skipping: [easzlab-haproxy-keepalive-01]
skipping: [easzlab-haproxy-keepalive-03]
changed: [easzlab-haproxy-keepalive-02]
TASK [replace] ******************************************************************************************************************************************************************************
skipping: [easzlab-haproxy-keepalive-01]
skipping: [easzlab-haproxy-keepalive-02]
ok: [easzlab-haproxy-keepalive-03]
TASK [replace] ******************************************************************************************************************************************************************************
skipping: [easzlab-haproxy-keepalive-01]
skipping: [easzlab-haproxy-keepalive-02]
changed: [easzlab-haproxy-keepalive-03]
PLAY RECAP **********************************************************************************************************************************************************************************
easzlab-haproxy-keepalive-01 : ok=2 changed=1 unreachable=0 failed=0 skipped=4 rescued=0 ignored=0
easzlab-haproxy-keepalive-02 : ok=4 changed=2 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0
easzlab-haproxy-keepalive-03 : ok=4 changed=2 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0
批量配置haproxy
[root@easzlab-deploy-01 playbook]#vim check_haproxy.sh
#!/bin/bash
#
#********************************************************************
#Author: shuhong
#QQ: 985347841
#Date: 2022-09-27
#FileName: check_haproxy.sh
#URL: hhhhh
#Description: The test script
#Copyright (C): 2022 All rights reserved
#********************************************************************
/usr/bin/killall -0 haproxy || systemctl restart haproxy
#三塔机器启动keepalived服务
systemclt restart keepalived && systemctl enable keepalived
[root@easzlab-deploy-01 playbook]#vim haproxy.cfg
###########全局配置#########
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
daemon
nbproc 1 #进程数量
maxconn 4096 #最大连接数
user haproxy #运行用户
group haproxy #运行组
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
# See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
########默认配置############
defaults
log global
mode http #默认模式{ tcp|http|health }
option httplog #日志类别,采用httplog
option dontlognull #不记录健康检查日志信息
retries 2 #2次连接失败不可用
# option forwardfor #后端服务获得真实ip
option httpclose #请求完毕后主动关闭http通道
option abortonclose #服务器负载很高,自动结束比较久的链接
maxconn 4096 #最大连接数
timeout connect 5m #连接超时
timeout client 1m #客户端超时
timeout server 31m #服务器超时
timeout check 10s #心跳检测超时
balance roundrobin #负载均衡方式,轮询
########统计页面配置########
listen stats
bind 10.0.0.200:1080
mode http
option httplog
log 127.0.0.1 local0 err
maxconn 10 #最大连接数
stats refresh 30s
stats uri /admin #状态页面 http//ip:1080/admin访问
stats realm Haproxy\ Statistics
stats auth admin:admin #用户和密码:admin
stats hide-version #隐藏版本信息
stats admin if TRUE #设置手工启动/禁用
#############K8S###############
listen k8s_api_nodes_6443
bind 10.0.0.200:6443
mode tcp
server easzlab-k8s-master-01 10.0.0.120:6443 check inter 2000 fall 3 rise 5
server easzlab-k8s-master-02 10.0.0.121:6443 check inter 2000 fall 3 rise 5
server easzlab-k8s-master-03 10.0.0.122:6443 check inter 2000 fall 3 rise 5
[root@easzlab-deploy-01 playbook]#vim confhaproxy.yaml
---
- name: confhaproxy
hosts: haproxykeepalive
tasks:
- template:
src: haproxy.cfg
dest: /etc/haproxy/haproxy.cfg
[root@easzlab-deploy-01 playbook]#ansible-playbook confhaproxy.yaml
PLAY [confhaproxy] **************************************************************************************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************************************************************************************
ok: [easzlab-haproxy-keepalive-02]
ok: [easzlab-haproxy-keepalive-01]
ok: [easzlab-haproxy-keepalive-03]
TASK [template] *****************************************************************************************************************************************************************************
changed: [easzlab-haproxy-keepalive-02]
changed: [easzlab-haproxy-keepalive-03]
changed: [easzlab-haproxy-keepalive-01]
PLAY RECAP **********************************************************************************************************************************************************************************
easzlab-haproxy-keepalive-01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-haproxy-keepalive-02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-haproxy-keepalive-03 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
#暂时不启动,等master节点部署完成后再启动测试
部署harboe(此次先部署单台)
[root@easzlab-k8s-harbor-01 ~]#mkdir /apps
[root@easzlab-k8s-harbor-01 ~]#wget https://github.com/goharbor/harbor/releases/download/v2.5.3/harbor-offline-installer-v2.5.3.tgz
[root@easzlab-k8s-harbor-01 ~]#tar xf harbor-offline-installer-v2.5.3.tgz -C /apps
[root@easzlab-k8s-harbor-01 ~]#cd /apps/harbor/
[root@easzlab-k8s-harbor-01 harbor]#cp harbor.yml.tmpl harbor.yml
[root@easzlab-k8s-harbor-01 harbor]#mkdir /apps/harbor/certs
[root@easzlab-k8s-harbor-01 harbor]#egrep -v "^$|^#|^[[:space:]]+#" harbor.yml
hostname: www.shuhong.com
http:
port: 80
https:
port: 443
certificate: /apps/harbor/certs/shuhong.com.crt
private_key: /apps/harbor/certs/shuhong.com.key
harbor_admin_password: sh12345
database:
password: root123
max_idle_conns: 100
max_open_conns: 900
data_volume: /data
trivy:
ignore_unfixed: false
skip_update: false
offline_scan: false
insecure: false
jobservice:
max_job_workers: 10
notification:
webhook_job_max_retry: 10
chart:
absolute_url: disabled
log:
level: info
local:
rotate_count: 50
rotate_size: 200M
location: /var/log/harbor
_version: 2.5.0
proxy:
http_proxy:
https_proxy:
no_proxy:
components:
- core
- jobservice
- trivy
upload_purging:
enabled: true
age: 168h
interval: 24h
#生成证书和私钥
[root@easzlab-k8s-harbor-01 certs]#ll
total 4
drwxr-xr-x 2 root root 21 Sep 27 19:41 ./
drwxr-xr-x 3 root root 153 Sep 27 19:41 ../
-rw-r--r-- 1 root root 1244 Sep 27 19:40 crts.sh
[root@easzlab-k8s-harbor-01 certs]#bash crts.sh
请输入(/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=shuhong.com):/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=shuhong.com
请输入申请的域名(shuhong.com):shuhong.com
Generating RSA private key, 4096 bit long modulus (2 primes)
...........................................................................................................................................................................++++
..........................++++
e is 65537 (0x010001)
Generating RSA private key, 4096 bit long modulus (2 primes)
.........................++++
.................................................................................................................++++
e is 65537 (0x010001)
Signature ok
subject=C = CN, ST = Beijing, L = Beijing, O = example, OU = Personal, CN = shuhong.com
Getting CA Private Key
[root@easzlab-k8s-harbor-01 certs]#ll
total 32
drwxr-xr-x 2 root root 146 Sep 27 19:41 ./
drwxr-xr-x 3 root root 153 Sep 27 19:41 ../
-rw-r--r-- 1 root root 2045 Sep 27 19:41 ca.crt
-rw------- 1 root root 3243 Sep 27 19:41 ca.key
-rw-r--r-- 1 root root 41 Sep 27 19:41 ca.srl
-rw-r--r-- 1 root root 1244 Sep 27 19:40 crts.sh
-rw-r--r-- 1 root root 2126 Sep 27 19:41 shuhong.com.crt
-rw-r--r-- 1 root root 1704 Sep 27 19:41 shuhong.com.csr
-rw------- 1 root root 3247 Sep 27 19:41 shuhong.com.key
-rw-r--r-- 1 root root 277 Sep 27 19:41 v3.ext
#安装docker
[root@easzlab-k8s-harbor-01 ~]#mkdir /data/docker -p
[root@easzlab-k8s-harbor-01 ~]#tar xf docker-20.10.17-binary-install.tar.gz -C /data/docker/
[root@easzlab-k8s-harbor-01 ~]#cd /data/docker/
[root@easzlab-k8s-harbor-01 docker]#ll
total 75424
drwxr-xr-x 2 root root 226 Jul 21 15:29 ./
drwxr-xr-x 3 root root 20 Sep 27 19:44 ../
-rw-r--r-- 1 root root 647 Apr 11 2021 containerd.service
-rw-r--r-- 1 root root 356 Jul 18 19:09 daemon.json
-rw-r--r-- 1 root root 64988857 Jun 7 16:42 docker-20.10.17.tgz
-rwxr-xr-x 1 root root 12212176 Dec 7 2021 docker-compose-Linux-x86_64_1.28.6*
-rwxr-xr-x 1 root root 2958 Jul 21 15:29 docker-install.sh*
-rw-r--r-- 1 root root 1683 Apr 11 2021 docker.service
-rw-r--r-- 1 root root 197 Apr 11 2021 docker.socket
-rw-r--r-- 1 root root 454 Apr 11 2021 limits.conf
-rw-r--r-- 1 root root 257 Apr 11 2021 sysctl.conf
[root@easzlab-k8s-harbor-01 docker]#bash docker-install.sh
[root@easzlab-k8s-harbor-01 harbor]#./prepare
prepare base dir is set to /apps/harbor
Unable to find image 'goharbor/prepare:v2.5.3' locally
v2.5.3: Pulling from goharbor/prepare
cdd306291e3f: Pull complete
899708b6cf4a: Pull complete
5348cd9eea69: Pull complete
b26fbd0623df: Pull complete
8ef107bcedaf: Pull complete
45efdc863cd9: Pull complete
d109b36b1200: Pull complete
01920cccc2da: Pull complete
35df10b8b365: Pull complete
77422a9df465: Pull complete
Digest: sha256:1e3aae65de7a88dc0b541140940952657fdd1ab9b7bf64704d6b696b078dd1dc
Status: Downloaded newer image for goharbor/prepare:v2.5.3
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
[root@easzlab-k8s-harbor-01 harbor]#./install.sh --with-trivy --with-chartmuseum
[Step 0]: checking if docker is installed ...
Note: docker version: 20.10.17
[Step 1]: checking docker-compose is installed ...
Note: docker-compose version: 1.28.6
[Step 2]: loading Harbor images ...
eb50d8bbd990: Loading layer [==================================================>] 7.668MB/7.668MB
04e75300c772: Loading layer [==================================================>] 7.362MB/7.362MB
e6830bb442bf: Loading layer [==================================================>] 1MB/1MB
Loaded image: goharbor/harbor-portal:v2.5.3
7e761f0c6325: Loading layer [==================================================>] 8.898MB/8.898MB
bea2d99bdd9a: Loading layer [==================================================>] 3.584kB/3.584kB
7635b8507a3f: Loading layer [==================================================>] 2.56kB/2.56kB
5374b1e2b14a: Loading layer [==================================================>] 78.75MB/78.75MB
3c111582434e: Loading layer [==================================================>] 5.632kB/5.632kB
c634a4d49b0c: Loading layer [==================================================>] 102.9kB/102.9kB
4edf106f0e4f: Loading layer [==================================================>] 15.87kB/15.87kB
732b0f7f2241: Loading layer [==================================================>] 79.66MB/79.66MB
8191a56b80ca: Loading layer [==================================================>] 2.56kB/2.56kB
Loaded image: goharbor/harbor-core:v2.5.3
005d5db57e06: Loading layer [==================================================>] 119.7MB/119.7MB
0e3d87aacbc9: Loading layer [==================================================>] 3.072kB/3.072kB
b4e26556ed44: Loading layer [==================================================>] 59.9kB/59.9kB
55f587609a73: Loading layer [==================================================>] 61.95kB/61.95kB
Loaded image: goharbor/redis-photon:v2.5.3
Loaded image: goharbor/prepare:v2.5.3
a86a26c0452a: Loading layer [==================================================>] 1.096MB/1.096MB
1025dfd257d2: Loading layer [==================================================>] 5.889MB/5.889MB
cd51e6d945dd: Loading layer [==================================================>] 168.8MB/168.8MB
c68c45fe177d: Loading layer [==================================================>] 16.58MB/16.58MB
fa18680022f9: Loading layer [==================================================>] 4.096kB/4.096kB
9f470cfcecff: Loading layer [==================================================>] 6.144kB/6.144kB
d9d256f40e6f: Loading layer [==================================================>] 3.072kB/3.072kB
f02862555d46: Loading layer [==================================================>] 2.048kB/2.048kB
8cc2449c3a33: Loading layer [==================================================>] 2.56kB/2.56kB
53e7545b8c1b: Loading layer [==================================================>] 2.56kB/2.56kB
62fbef76d294: Loading layer [==================================================>] 2.56kB/2.56kB
7e2d721c6c91: Loading layer [==================================================>] 8.704kB/8.704kB
Loaded image: goharbor/harbor-db:v2.5.3
7b5e699985f2: Loading layer [==================================================>] 5.755MB/5.755MB
17bb7303d841: Loading layer [==================================================>] 90.86MB/90.86MB
146be4872a18: Loading layer [==================================================>] 3.072kB/3.072kB
7f44df31c7df: Loading layer [==================================================>] 4.096kB/4.096kB
ec5f15201a56: Loading layer [==================================================>] 91.65MB/91.65MB
Loaded image: goharbor/chartmuseum-photon:v2.5.3
25ed0962037c: Loading layer [==================================================>] 8.898MB/8.898MB
96bf61ca4a6d: Loading layer [==================================================>] 3.584kB/3.584kB
faed05a35aaa: Loading layer [==================================================>] 2.56kB/2.56kB
6b2cce967e64: Loading layer [==================================================>] 90.8MB/90.8MB
47d73d2ec8c4: Loading layer [==================================================>] 91.59MB/91.59MB
Loaded image: goharbor/harbor-jobservice:v2.5.3
1b8a5b56dd8f: Loading layer [==================================================>] 5.755MB/5.755MB
ef6a1d16e324: Loading layer [==================================================>] 4.096kB/4.096kB
60cf083bf2b3: Loading layer [==================================================>] 17.34MB/17.34MB
54308a335bf1: Loading layer [==================================================>] 3.072kB/3.072kB
b507f0c5f1e1: Loading layer [==================================================>] 29.17MB/29.17MB
79b24972e581: Loading layer [==================================================>] 47.31MB/47.31MB
Loaded image: goharbor/harbor-registryctl:v2.5.3
35239a1e0d7a: Loading layer [==================================================>] 7.668MB/7.668MB
Loaded image: goharbor/nginx-photon:v2.5.3
e0776ca3d7c2: Loading layer [==================================================>] 5.75MB/5.75MB
c90a80564f89: Loading layer [==================================================>] 8.543MB/8.543MB
86c0504b8fcb: Loading layer [==================================================>] 14.47MB/14.47MB
abde74115d1a: Loading layer [==================================================>] 29.29MB/29.29MB
3ad37faaa958: Loading layer [==================================================>] 22.02kB/22.02kB
1d3c37158629: Loading layer [==================================================>] 14.47MB/14.47MB
Loaded image: goharbor/notary-signer-photon:v2.5.3
fa27c9d81dc3: Loading layer [==================================================>] 127MB/127MB
9ca66cb9252f: Loading layer [==================================================>] 3.584kB/3.584kB
09ce0e15f5ba: Loading layer [==================================================>] 3.072kB/3.072kB
d0ba49c5841f: Loading layer [==================================================>] 2.56kB/2.56kB
04623512f2e5: Loading layer [==================================================>] 3.072kB/3.072kB
083acf89058c: Loading layer [==================================================>] 3.584kB/3.584kB
5f2000f524c8: Loading layer [==================================================>] 20.99kB/20.99kB
Loaded image: goharbor/harbor-log:v2.5.3
425045210126: Loading layer [==================================================>] 8.898MB/8.898MB
a0ef3ff89e82: Loading layer [==================================================>] 21.05MB/21.05MB
7facb153a2bf: Loading layer [==================================================>] 4.608kB/4.608kB
ca36c2356dc0: Loading layer [==================================================>] 21.84MB/21.84MB
Loaded image: goharbor/harbor-exporter:v2.5.3
abd4886cf446: Loading layer [==================================================>] 5.755MB/5.755MB
a662294ced4c: Loading layer [==================================================>] 4.096kB/4.096kB
e1e02d95f798: Loading layer [==================================================>] 3.072kB/3.072kB
54535cb3135b: Loading layer [==================================================>] 17.34MB/17.34MB
a8556cd12eb5: Loading layer [==================================================>] 18.13MB/18.13MB
Loaded image: goharbor/registry-photon:v2.5.3
01427a3d3d67: Loading layer [==================================================>] 5.75MB/5.75MB
5cd7cb12cabb: Loading layer [==================================================>] 8.543MB/8.543MB
564dcad1be91: Loading layer [==================================================>] 15.88MB/15.88MB
b3020f432a85: Loading layer [==================================================>] 29.29MB/29.29MB
05bbf70fd214: Loading layer [==================================================>] 22.02kB/22.02kB
7cb2819f6977: Loading layer [==================================================>] 15.88MB/15.88MB
Loaded image: goharbor/notary-server-photon:v2.5.3
8cc02d219629: Loading layer [==================================================>] 6.283MB/6.283MB
09856854b73c: Loading layer [==================================================>] 4.096kB/4.096kB
c53bbce8e1c4: Loading layer [==================================================>] 3.072kB/3.072kB
ca0011850458: Loading layer [==================================================>] 91.21MB/91.21MB
0e7337dca995: Loading layer [==================================================>] 12.65MB/12.65MB
c1e6b3a22dfd: Loading layer [==================================================>] 104.6MB/104.6MB
Loaded image: goharbor/trivy-adapter-photon:v2.5.3
[Step 3]: preparing environment ...
[Step 4]: preparing harbor configs ...
prepare base dir is set to /apps/harbor
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/db/env
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /config/trivy-adapter/env
Generated configuration file: /config/chartserver/env
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
[Step 5]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating network "harbor_harbor-chartmuseum" with the default driver
Creating harbor-log ... done
Creating harbor-portal ... done
Creating redis ... done
Creating registry ... done
Creating chartmuseum ... done
Creating harbor-db ... done
Creating registryctl ... done
Creating harbor-core ... done
Creating trivy-adapter ... done
Creating harbor-jobservice ... done
Creating nginx ... done
✔ ----Harbor has been installed and started successfully.----
#使用docker测试
[root@easzlab-k8s-harbor-01 harbor]#docker-compose ps
Name Command State Ports
------------------------------------------------------------------------------------------------------------------------------------------------
chartmuseum ./docker-entrypoint.sh Up (healthy)
harbor-core /harbor/entrypoint.sh Up (healthy)
harbor-db /docker-entrypoint.sh 96 13 Up (healthy)
harbor-jobservice /harbor/entrypoint.sh Up (healthy)
harbor-log /bin/sh -c /usr/local/bin/ ... Up (healthy) 127.0.0.1:1514->10514/tcp
harbor-portal nginx -g daemon off; Up (healthy)
nginx nginx -g daemon off; Up (healthy) 0.0.0.0:80->8080/tcp,:::80->8080/tcp, 0.0.0.0:443->8443/tcp,:::443->8443/tcp
redis redis-server /etc/redis.conf Up (healthy)
registry /home/harbor/entrypoint.sh Up (healthy)
registryctl /home/harbor/start.sh Up (healthy)
trivy-adapter /home/scanner/entrypoint.sh Up (healthy)
[root@easzlab-k8s-harbor-01 harbor]#docker-compose up -d
harbor-log is up-to-date
registryctl is up-to-date
chartmuseum is up-to-date
registry is up-to-date
harbor-portal is up-to-date
harbor-db is up-to-date
redis is up-to-date
harbor-core is up-to-date
trivy-adapter is up-to-date
harbor-jobservice is up-to-date
nginx is up-to-date
[root@wdy data]#export DISPLAY=172.20.0.24:0.0
[root@wdy data]#firefox
[root@easzlab-deploy-01 ~]#apt -y install docker.io
[root@easzlab-deploy-01 ~]#mkdir /etc/docker/certs.d/www.shuhong.com -p
[root@easzlab-deploy-01 ~]#vim /etc/hosts
10.0.0.150 easzlab-k8s-harbor-01 www.shuhong.com
[root@easzlab-k8s-harbor-01 certs]#scp shuhong.com.crt 10.0.0.50:/etc/docker/certs.d/www.shuhong.com
shuhong.com.crt 100% 2126 915.8KB/s 00:00
[root@easzlab-deploy-01 ~]#docker login www.shuhong.com
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
安装easzlab
[root@easzlab-deploy-01 data]#export release=3.4.1
[root@easzlab-deploy-01 data]#wget https://github.com/easzlab/kubeasz/releases/download/${release}/ezdown
[root@easzlab-deploy-01 data]#chmod +x ./ezdown
# 国内环境
./ezdown -D
# 海外环境
#./ezdown -D -m standard
上述脚本运行成功后,所有文件(kubeasz代码、二进制、离线镜像)均已整理好放入目录/etc/kubeasz
[root@easzlab-deploy-01 data]#./ezdown -D
2022-09-28 20:05:31 INFO Action begin: download_all
2022-09-28 20:05:31 WARN docker binaries already existed
Unit docker.service could not be found.
2022-09-28 20:05:34 DEBUG generate docker service file
2022-09-28 20:05:34 DEBUG generate docker config: /etc/docker/daemon.json
2022-09-28 20:05:34 DEBUG prepare register mirror for CN
2022-09-28 20:05:34 DEBUG enable and start docker
Removed /etc/systemd/system/multi-user.target.wants/docker.service.
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /etc/systemd/system/docker.service.
2022-09-28 20:05:41 INFO downloading kubeasz: 3.4.0
2022-09-28 20:05:41 DEBUG run a temporary container
Unable to find image 'easzlab/kubeasz:3.4.0' locally
3.4.0: Pulling from easzlab/kubeasz
540db60ca938: Downloading
d037ddac5dde: Download complete
05d0edf52df4: Download complete
54d94e388fb8: Downloading
b25964b87dc1: Download complete
aedfadb13329: Download complete
4e7ed9ef3953: Download complete
3.4.0: Pulling from easzlab/kubeasz
540db60ca938: Pull complete
d037ddac5dde: Pull complete
05d0edf52df4: Pull complete
54d94e388fb8: Pull complete
b25964b87dc1: Pull complete
aedfadb13329: Pull complete
4e7ed9ef3953: Pull complete
Digest: sha256:7068bd0cb9a52a23b127b9fb8d0a7225a71c1258ffad6a46ad6096992f452444
Status: Downloaded newer image for easzlab/kubeasz:3.4.0
041e121a9e0e14dfac30a7f1167649f5d7a78ead63a6e2603cab9f241a895acb
2022-09-28 20:06:23 DEBUG cp kubeasz code from the temporary container
2022-09-28 20:06:24 DEBUG stop&remove temporary container
temp_easz
2022-09-28 20:06:24 INFO downloading kubernetes: v1.25.1 binaries
v1.25.1: Pulling from easzlab/kubeasz-k8s-bin
1b7ca6aea1dd: Downloading
06e9669149ee: Download complete
v1.25.1: Pulling from easzlab/kubeasz-k8s-bin
1b7ca6aea1dd: Pull complete
06e9669149ee: Pull complete
Digest: sha256:aed6d97d6c2b66f39211acc4b20b889394775a8ed60876e479f101009c973f4a
Status: Downloaded newer image for easzlab/kubeasz-k8s-bin:v1.25.1
docker.io/easzlab/kubeasz-k8s-bin:v1.25.1
2022-09-28 20:07:32 DEBUG run a temporary container
4f62b27fc20873c39e1ebe313b229f03eea10f977049c80b74d0abfb07b5742f
2022-09-28 20:07:35 DEBUG cp k8s binaries
2022-09-28 20:07:39 DEBUG stop&remove temporary container
temp_k8s_bin
2022-09-28 20:07:43 INFO downloading extral binaries kubeasz-ext-bin:1.3.0
1.3.0: Pulling from easzlab/kubeasz-ext-bin
1b7ca6aea1dd: Already exists
6e455361df28: Pull complete
7b338ca89d80: Pull complete
2f2efad20c20: Pull complete
f0c3f6a18072: Pull complete
Digest: sha256:056d2dfdf885eacd428fd569c264face8cde4b3ab8da8232b537f9764c28c429
Status: Downloaded newer image for easzlab/kubeasz-ext-bin:1.3.0
docker.io/easzlab/kubeasz-ext-bin:1.3.0
2022-09-28 20:08:58 DEBUG run a temporary container
1e503d348a9657f07348d282ab668966c06aa33f0e813c9d162650d960547a6d
2022-09-28 20:09:00 DEBUG cp extral binaries
2022-09-28 20:09:05 DEBUG stop&remove temporary container
temp_ext_bin
2: Pulling from library/registry
213ec9aee27d: Pull complete
5299e6f78605: Downloading
4c2fb79b7ce6: Download complete
74a97d2d84d9: Download complete
44c4c74a95e4: Download complete
2: Pulling from library/registry
213ec9aee27d: Pull complete
5299e6f78605: Pull complete
4c2fb79b7ce6: Pull complete
74a97d2d84d9: Pull complete
44c4c74a95e4: Pull complete
Digest: sha256:83bb78d7b28f1ac99c68133af32c93e9a1c149bcd3cb6e683a3ee56e312f1c96
Status: Downloaded newer image for registry:2
docker.io/library/registry:2
2022-09-28 20:09:20 INFO start local registry ...
2f88273aa4d1b5b4f6604f94a8971f90a3749f5590637f5454bd305f8cd9a565
2022-09-28 20:09:21 INFO download default images, then upload to the local registry
v3.23.3: Pulling from calico/cni
7b61b129a78d: Pull complete
e7223d8e74c1: Pull complete
b12bfc39ae70: Pull complete
ae16ec7268d6: Pull complete
4f4ec971b369: Pull complete
b2d5ac4e738d: Pull complete
eb4b2c7e563e: Pull complete
4f4fb700ef54: Pull complete
Digest: sha256:83db083069fc8612798feda6d9c3413f075ec44e29d302f3af0a11df1cef5823
Status: Downloaded newer image for calico/cni:v3.23.3
docker.io/calico/cni:v3.23.3
v3.23.3: Pulling from calico/kube-controllers
6b6b1a0d9e6f: Pull complete
8bd00cfb155e: Pull complete
2ba89018295f: Pull complete
b9d7bef7961d: Pull complete
f78cd44a9e30: Pull complete
243daf219d15: Pull complete
a390d3d2f72b: Pull complete
15b85f29d016: Pull complete
fdf3aec81b76: Pull complete
13c954328a26: Pull complete
Digest: sha256:a1773f60d4bb15cbb6d73d2da9e6ab28c36fb863263f87160bf02de3bed43991
Status: Downloaded newer image for calico/kube-controllers:v3.23.3
docker.io/calico/kube-controllers:v3.23.3
v3.23.3: Pulling from calico/node
9bf5eb736b3c: Pull complete
e7590a44ed0d: Pull complete
Digest: sha256:b356c2334729810de4781819ac7cf7cb05e49b8be9387e6bba2755df95d1cd84
Status: Downloaded newer image for calico/node:v3.23.3
docker.io/calico/node:v3.23.3
The push refers to repository [easzlab.io.local:5000/calico/cni]
5f70bf18a086: Pushed
88f90edbc0bb: Pushed
80ee3c32467c: Pushed
38610c0adcf8: Pushed
621f9024aeca: Pushed
e5575c58b400: Pushed
35b14efb228d: Pushed
a0719cccea1f: Pushed
v3.23.3: digest: sha256:99abac29089437d14aae682490a7e8e61f9dda08c22d20088a22f5eb17850293 size: 1990
The push refers to repository [easzlab.io.local:5000/calico/kube-controllers]
f709314531c8: Pushed
5e42e56721a3: Pushed
575e079334a2: Pushed
d50cd32651c1: Pushed
bb2b72258b16: Pushed
5a4e2ee2decb: Pushed
051394cefa76: Pushed
0b885e6792c9: Pushed
cb35a80ebb80: Pushed
fca5be4c445f: Pushed
v3.23.3: digest: sha256:593d878ff86c60e9b039ffa2ae83a1b5dadd88f63d2e1a33ea59f7dc322d6e8d size: 2407
The push refers to repository [easzlab.io.local:5000/calico/node]
d343a328069f: Pushed
87d23e04f6cc: Pushed
v3.23.3: digest: sha256:4ceac15651be3e8ed411266d2941f8ff04f0efbef9b43149f8b231664725a1e8 size: 737
1.9.3: Pulling from coredns/coredns
d92bdee79785: Pull complete
f2401d57212f: Pull complete
Digest: sha256:8e352a029d304ca7431c6507b56800636c321cb52289686a581ab70aaa8a2e2a
Status: Downloaded newer image for coredns/coredns:1.9.3
docker.io/coredns/coredns:1.9.3
The push refers to repository [easzlab.io.local:5000/coredns/coredns]
df1818f16337: Pushed
256bc5c338a6: Pushed
1.9.3: digest: sha256:bdb36ee882c13135669cfc2bb91c808a33926ad1a411fee07bd2dc344bb8f782 size: 739
1.22.8: Pulling from easzlab/k8s-dns-node-cache
01b10be092f3: Pull complete
1a942d0495d3: Pull complete
Digest: sha256:50959b61a78965749c461aa6fe6d8e9cd301a31831696d0c0d6148537169f026
Status: Downloaded newer image for easzlab/k8s-dns-node-cache:1.22.8
docker.io/easzlab/k8s-dns-node-cache:1.22.8
The push refers to repository [easzlab.io.local:5000/easzlab/k8s-dns-node-cache]
2d60760f30de: Pushed
e4d19dd12df2: Pushed
1.22.8: digest: sha256:50959b61a78965749c461aa6fe6d8e9cd301a31831696d0c0d6148537169f026 size: 740
v2.6.1: Pulling from kubernetesui/dashboard
596ae5b8318a: Pull complete
b721c920bca6: Pull complete
Digest: sha256:290bebc3cd96c22b6f89e7b21f5c2b16ce5c275a0ec2c2de10e0d8b9dd110289
Status: Downloaded newer image for kubernetesui/dashboard:v2.6.1
docker.io/kubernetesui/dashboard:v2.6.1
The push refers to repository [easzlab.io.local:5000/kubernetesui/dashboard]
c58918b599bb: Pushed
7364952c25ac: Pushed
v2.6.1: digest: sha256:71699b1050dc542343dc1b353f31e5a4fa4d1150bfed52ee5da4b2aab0244811 size: 736
v1.0.8: Pulling from kubernetesui/metrics-scraper
978be80e3ee3: Pull complete
5866d2c04d96: Pull complete
Digest: sha256:76049887f07a0476dc93efc2d3569b9529bf982b22d29f356092ce206e98765c
Status: Downloaded newer image for kubernetesui/metrics-scraper:v1.0.8
docker.io/kubernetesui/metrics-scraper:v1.0.8
The push refers to repository [easzlab.io.local:5000/kubernetesui/metrics-scraper]
bcec7eb9e567: Pushed
d01384fea991: Pushed
v1.0.8: digest: sha256:43227e8286fd379ee0415a5e2156a9439c4056807e3caa38e1dd413b0644807a size: 736
v0.5.2: Pulling from easzlab/metrics-server
e8614d09b7be: Pull complete
334ef31a5c43: Pull complete
Digest: sha256:6879d1d3e42c06fa383aed4988fc8f39901d46fb29d25a5b41c88f9d4b6854b1
Status: Downloaded newer image for easzlab/metrics-server:v0.5.2
docker.io/easzlab/metrics-server:v0.5.2
The push refers to repository [easzlab.io.local:5000/easzlab/metrics-server]
b2839a50be1a: Pushed
6d75f23be3dd: Pushed
v0.5.2: digest: sha256:6879d1d3e42c06fa383aed4988fc8f39901d46fb29d25a5b41c88f9d4b6854b1 size: 739
3.8: Pulling from easzlab/pause
9457426d6899: Pull complete
Digest: sha256:e0cc6dba04bee00badd8b13495d4411060b5563a9499fbc20e46316328efad30
Status: Downloaded newer image for easzlab/pause:3.8
docker.io/easzlab/pause:3.8
The push refers to repository [easzlab.io.local:5000/easzlab/pause]
961e93cda9dd: Pushed
3.8: digest: sha256:e0cc6dba04bee00badd8b13495d4411060b5563a9499fbc20e46316328efad30 size: 526
3.4.0: Pulling from easzlab/kubeasz
Digest: sha256:7068bd0cb9a52a23b127b9fb8d0a7225a71c1258ffad6a46ad6096992f452444
Status: Image is up to date for easzlab/kubeasz:3.4.0
docker.io/easzlab/kubeasz:3.4.0
2022-09-28 20:14:51 INFO Action successed: download_all
【可选】下载额外容器镜像(cilium,flannel,prometheus等)
[root@easzlab-deploy-01 data]#./ezdown -X
2022-09-28 20:17:25 INFO Action begin: get_extra_images
2022-09-28 20:17:25 INFO download extra images, then upload to the local registry
v0.19.2: Pulling from rancher/mirrored-flannelcni-flannel
72cfd02ff4d0: Pull complete
d3c4b0baabb7: Pull complete
c85cac0635f2: Pull complete
2b6512b1d6e3: Pull complete
c1dff32ba8a0: Pull complete
22bceeb28e57: Pull complete
f03476813b25: Pull complete
Digest: sha256:c9786f434d4663c924aeca1a2e479786d63df0d56c5d6bd62a64915f81d62ff0
Status: Downloaded newer image for rancher/mirrored-flannelcni-flannel:v0.19.2
docker.io/rancher/mirrored-flannelcni-flannel:v0.19.2
v1.1.0: Pulling from rancher/mirrored-flannelcni-flannel-cni-plugin
6097bfa160c1: Downloading
d10987c60bb3: Download complete
v1.1.0: Pulling from rancher/mirrored-flannelcni-flannel-cni-plugin
6097bfa160c1: Pull complete
d10987c60bb3: Pull complete
Digest: sha256:28d3a6be9f450282bf42e4dad143d41da23e3d91f66f19c01ee7fd21fd17cb2b
Status: Downloaded newer image for rancher/mirrored-flannelcni-flannel-cni-plugin:v1.1.0
docker.io/rancher/mirrored-flannelcni-flannel-cni-plugin:v1.1.0
The push refers to repository [easzlab.io.local:5000/flannelcni/flannel]
83f8e343131f: Pushed
835dd64c8553: Pushed
ff282a43c8ba: Pushed
5699696bec4d: Pushed
65f0081cfe88: Pushed
3f5278879490: Pushed
7df5bd7bd262: Pushed
v0.19.2: digest: sha256:79c2231af0453bc38a8ad71ddf6116ade906a43f72460838f3435fb2ec19d88c size: 1785
The push refers to repository [easzlab.io.local:5000/flannelcni/flannel-cni-plugin]
10a68dbd8595: Pushed
64242626f2eb: Pushed
v1.1.0: digest: sha256:190ba8db6e14fd49578bc7993cd44dc332ad31fd871acc0af0038bd026791795 size: 738
v4.0.2: Pulling from easzlab/nfs-subdir-external-provisioner
60775238382e: Pull complete
528677575c0b: Pull complete
Digest: sha256:f741e403b3ca161e784163de3ebde9190905fdbf7dfaa463620ab8f16c0f6423
Status: Downloaded newer image for easzlab/nfs-subdir-external-provisioner:v4.0.2
docker.io/easzlab/nfs-subdir-external-provisioner:v4.0.2
The push refers to repository [easzlab.io.local:5000/easzlab/nfs-subdir-external-provisioner]
ad321585b8f5: Pushed
1a5ede0c966b: Pushed
v4.0.2: digest: sha256:f741e403b3ca161e784163de3ebde9190905fdbf7dfaa463620ab8f16c0f6423 size: 739
v1.12.2: Pulling from cilium/cilium
d329b44976fb: Pull complete
006f67f017b8: Pull complete
1e1851b4e968: Pull complete
a283a6f80178: Pull complete
c9c44b5ebfdf: Pull complete
6f69073ff856: Pull complete
14f06b0b7ae5: Pull complete
Digest: sha256:986f8b04cfdb35cf714701e58e35da0ee63da2b8a048ab596ccb49de58d5ba36
Status: Downloaded newer image for cilium/cilium:v1.12.2
docker.io/cilium/cilium:v1.12.2
v1.12.2: Pulling from cilium/operator-generic
2dad0edf7dfd: Pull complete
4bad70c4c214: Pull complete
e679ae5f0f15: Pull complete
6dd24b53216b: Pull complete
Digest: sha256:00508f78dae5412161fa40ee30069c2802aef20f7bdd20e91423103ba8c0df6e
Status: Downloaded newer image for cilium/operator-generic:v1.12.2
docker.io/cilium/operator-generic:v1.12.2
v1.12.2: Pulling from cilium/hubble-relay
58a1107b953f: Pull complete
fad7da931fbb: Pull complete
2830bc408608: Pull complete
fe4cde7c47c7: Pull complete
Digest: sha256:6f3496c28f23542f2645d614c0a9e79e3b0ae2732080da794db41c33e4379e5c
Status: Downloaded newer image for cilium/hubble-relay:v1.12.2
docker.io/cilium/hubble-relay:v1.12.2
v0.9.2: Pulling from cilium/hubble-ui-backend
213ec9aee27d: Already exists
57a1bfdbd93c: Pull complete
d7a114283bcf: Pull complete
953d937c0627: Pull complete
Digest: sha256:a3ac4d5b87889c9f7cc6323e86d3126b0d382933bd64f44382a92778b0cde5d7
Status: Downloaded newer image for cilium/hubble-ui-backend:v0.9.2
docker.io/cilium/hubble-ui-backend:v0.9.2
v0.9.2: Pulling from cilium/hubble-ui
213ec9aee27d: Already exists
892d49217577: Pull complete
6f26d9659113: Pull complete
73092bab8b20: Pull complete
06bc554f307b: Pull complete
1948e9edd80d: Pull complete
ae5305cdc6d6: Pull complete
8211291305fc: Pull complete
Digest: sha256:d3596efc94a41c6b772b9afe6fe47c17417658956e04c3e2a28d293f2670663e
Status: Downloaded newer image for cilium/hubble-ui:v0.9.2
docker.io/cilium/hubble-ui:v0.9.2
v1.3.0: Pulling from cilium/json-mock
f7ec5a41d630: Downloading
af85e22911d9: Downloading
6ed131a8f5c2: Downloading
801ded78b2fb: Downloading
cfe48796d574: Downloading
3235ef5bd8ca: Download complete
dd8f4d010c5b: Download complete
v1.3.0: Pulling from cilium/json-mock
f7ec5a41d630: Pull complete
af85e22911d9: Pull complete
6ed131a8f5c2: Pull complete
801ded78b2fb: Pull complete
cfe48796d574: Pull complete
3235ef5bd8ca: Pull complete
dd8f4d010c5b: Pull complete
Digest: sha256:9cf89b42b619d58b4b6f61972e2bc358adea715c4de300e5164922a260d9d0cd
Status: Downloaded newer image for cilium/json-mock:v1.3.0
docker.io/cilium/json-mock:v1.3.0
7: Pulling from library/centos
2d473b07cdd5: Downloading
7: Pulling from library/centos
2d473b07cdd5: Pull complete
Digest: sha256:c73f515d06b0fa07bb18d8202035e739a494ce760aa73129f60f4bf2bd22b407
Status: Downloaded newer image for centos:7
docker.io/library/centos:7
The push refers to repository [easzlab.io.local:5000/cilium/cilium]
9ce8a0145353: Pushed
18634eef488a: Pushed
7542efce3cdb: Pushed
c112a273ee07: Pushed
3f114d9adeb9: Pushed
79a0283abc7a: Pushed
ea2889d9898a: Pushed
v1.12.2: digest: sha256:9ed02d2cff08eb6d213b3b0b3d8881ad31ee0b0faa0bdccd28f1444c272fb169 size: 1787
The push refers to repository [easzlab.io.local:5000/cilium/operator-generic]
3979147b5a2b: Pushed
de34524d50de: Pushed
70bf37aa8253: Pushed
29830504fd46: Pushed
v1.12.2: digest: sha256:aa4e0a081522bae0bdf764402778c7234608d4ce989af2bd19ede71e72905ab4 size: 1159
The push refers to repository [easzlab.io.local:5000/cilium/hubble-relay]
2ee5dc1aa669: Pushed
99c527678613: Pushed
8d8f3c819cca: Pushed
d3a2efa9d85d: Pushed
v1.12.2: digest: sha256:e6093feadb69d9c8e1961384fbfbaec0b5580d7b41d0c1f0e4c171fddd6cec70 size: 1159
The push refers to repository [easzlab.io.local:5000/cilium/hubble-ui-backend]
9cc814e471b9: Pushed
c6af49e77a9b: Pushed
4915ff362557: Pushed
994393dc58e7: Pushed
v0.9.2: digest: sha256:7717a14edfee4bdf400bd958e393770fe93ba2b5ab53429020c1e8a46180e746 size: 1158
The push refers to repository [easzlab.io.local:5000/cilium/hubble-ui]
7ee6b9361768: Pushed
a31ebd3ef7b1: Pushed
9c102ac0e527: Pushed
07cb962d0f4e: Pushed
bef7baf944aa: Pushed
eab3c5787a67: Pushed
f7c934b863c3: Pushed
994393dc58e7: Mounted from cilium/hubble-ui-backend
v0.9.2: digest: sha256:096dc0a23a693b4b96b47758045113967f40d2ff0c5527efc62ae54ee92717db size: 1988
The push refers to repository [easzlab.io.local:5000/cilium/json-mock]
e04d90ad7b89: Pushed
7aaab7a1a9ce: Pushed
2271d383a4bf: Pushed
f214264638b8: Pushed
40ca771d71b0: Pushed
bf68d90e55c7: Pushed
7e718b9c0c8c: Pushed
v1.3.0: digest: sha256:9cf89b42b619d58b4b6f61972e2bc358adea715c4de300e5164922a260d9d0cd size: 1786
The push refers to repository [easzlab.io.local:5000/centos]
174f56854903: Pushed
7: digest: sha256:dead07b4d8ed7e29e98de0f4504d87e8880d4347859d839686a31da35a3b532f size: 529
v2.5.0: Pulling from easzlab/kube-state-metrics
36698cfa5275: Downloading
c770874a9c13: Download complete
v2.5.0: Pulling from easzlab/kube-state-metrics
36698cfa5275: Pull complete
c770874a9c13: Pull complete
Digest: sha256:8f5d17635bcfcf49186154b9745e08015879ef1c01853f1ff74366db5da4137b
Status: Downloaded newer image for easzlab/kube-state-metrics:v2.5.0
docker.io/easzlab/kube-state-metrics:v2.5.0
v1.2.0: Pulling from easzlab/kube-webhook-certgen
36698cfa5275: Already exists
844a9d2cd370: Pull complete
Digest: sha256:634ade7bceb1bac460d0c45a3ed87a1d2dce0a6b01bc98d4294b3fc8a8f2f22c
Status: Downloaded newer image for easzlab/kube-webhook-certgen:v1.2.0
docker.io/easzlab/kube-webhook-certgen:v1.2.0
9.0.5: Pulling from grafana/grafana
ab6db1bc80d0: Pull complete
ae347da55f63: Pull complete
0e10574af1aa: Pull complete
02da444d267b: Pull complete
5bf97094b4b5: Pull complete
65e029f3afde: Pull complete
d33c335b3867: Pull complete
056d87b365da: Pull complete
4e65e613e79e: Pull complete
Digest: sha256:6847695bc353a659a18c6f44bd0b5a94de5d2eeff995a671db6e982370dfe4e8
Status: Downloaded newer image for grafana/grafana:9.0.5
docker.io/grafana/grafana:9.0.5
1.19.2: Pulling from kiwigrid/k8s-sidecar
2408cc74d12b: Pull complete
2f22aa6a21a6: Pull complete
54cc066f118a: Pull complete
03624af3d529: Pull complete
4ae78d2f3e6f: Pull complete
0dfb2e0b65d6: Pull complete
3fe44b098aaa: Pull complete
Digest: sha256:6a8671702d6f8651c11bee1cd9a24d3dde6a5a05e0972d91c35009c38b527616
Status: Downloaded newer image for quay.io/kiwigrid/k8s-sidecar:1.19.2
quay.io/kiwigrid/k8s-sidecar:1.19.2
v0.58.0: Pulling from prometheus-operator/prometheus-config-reloader
19d511225f94: Pull complete
f8b4a0d0d975: Pull complete
d2a49902d20a: Pull complete
Digest: sha256:1a6125ca1f0eca550e86857608082738ba350bf60d6fbc8c55892318447fd5d8
Status: Downloaded newer image for quay.io/prometheus-operator/prometheus-config-reloader:v0.58.0
quay.io/prometheus-operator/prometheus-config-reloader:v0.58.0
v0.58.0: Pulling from prometheus-operator/prometheus-operator
19d511225f94: Already exists
f8b4a0d0d975: Already exists
dae8d016087e: Pull complete
Digest: sha256:a226889c2bd68975ae3652c5d3d6e7f9d491701c1ae3596fd9d40783b828ac89
Status: Downloaded newer image for quay.io/prometheus-operator/prometheus-operator:v0.58.0
quay.io/prometheus-operator/prometheus-operator:v0.58.0
v0.24.0: Pulling from prometheus/alertmanager
554879bb3004: Pull complete
9ec611452210: Pull complete
c7c947db7a9a: Pull complete
eff15e454e36: Pull complete
5ec1118139b6: Pull complete
738ac0558d5b: Pull complete
Digest: sha256:088464f949de8065b9da7dfce7302a633d700e9d598e2bebc03310712f083b31
Status: Downloaded newer image for quay.io/prometheus/alertmanager:v0.24.0
quay.io/prometheus/alertmanager:v0.24.0
v1.3.1: Pulling from prometheus/node-exporter
aa2a8d90b84c: Pull complete
b45d31ee2d7f: Pull complete
b5db1e299295: Pull complete
Digest: sha256:f2269e73124dd0f60a7d19a2ce1264d33d08a985aed0ee6b0b89d0be470592cd
Status: Downloaded newer image for quay.io/prometheus/node-exporter:v1.3.1
quay.io/prometheus/node-exporter:v1.3.1
v2.37.0: Pulling from prometheus/prometheus
19d511225f94: Already exists
7fe869475116: Pull complete
88ec36e096ed: Pull complete
7a4aeda17239: Pull complete
af1d3a52da4e: Pull complete
4d08c466a1d1: Pull complete
9c6d6afbec8e: Pull complete
019f81b64579: Pull complete
efec518336ea: Pull complete
4a028982dd68: Pull complete
20e1e75ff0e2: Pull complete
f69724d873f8: Pull complete
Digest: sha256:56e7f18e05dd567f96c05046519760b356f52450c33f6e0055a110a493a41dc4
Status: Downloaded newer image for quay.io/prometheus/prometheus:v2.37.0
quay.io/prometheus/prometheus:v2.37.0
The push refers to repository [easzlab.io.local:5000/prometheus/kube-state-metrics]
43ee67fc20d1: Pushed
0b031aac6569: Pushed
v2.5.0: digest: sha256:8f5d17635bcfcf49186154b9745e08015879ef1c01853f1ff74366db5da4137b size: 739
The push refers to repository [easzlab.io.local:5000/prometheus/kube-webhook-certgen]
000a475ce9a1: Pushed
0b031aac6569: Mounted from prometheus/kube-state-metrics
v1.2.0: digest: sha256:634ade7bceb1bac460d0c45a3ed87a1d2dce0a6b01bc98d4294b3fc8a8f2f22c size: 739
The push refers to repository [easzlab.io.local:5000/prometheus/grafana]
69658eabb705: Pushed
bcd9beeff376: Pushed
2f7c3074c3b8: Pushed
faf7d8073f7a: Pushed
738a07b7f6e0: Pushed
f8619b5b952f: Pushed
3fd4c427182f: Pushed
ed4f604cddec: Pushed
ad543cd673bd: Pushed
9.0.5: digest: sha256:a6e9ea9332f75870bd91517657c4008cbe9d587ba2afb9203c1111985a65017d size: 2202
The push refers to repository [easzlab.io.local:5000/prometheus/k8s-sidecar]
e8a4ba313020: Pushed
cc43753555c2: Pushed
87652a1ad873: Pushed
9ad237c539b1: Pushed
24a6c9301506: Pushed
09c126bb3acd: Pushed
24302eb7d908: Pushed
1.19.2: digest: sha256:67a3035f949777a53dcbee0b1d343dd470cda27d394439e8446f44ecb9a50f65 size: 1785
The push refers to repository [easzlab.io.local:5000/prometheus/prometheus-config-reloader]
0470cf4875e9: Pushed
8cddef237f5d: Pushed
7ad00cd55506: Pushed
v0.58.0: digest: sha256:f136b81e08dd5a7371e34a321a551e95fb925dd97f5b41a3271f8a36f03bfa55 size: 948
The push refers to repository [easzlab.io.local:5000/prometheus/prometheus-operator]
33ca42118836: Pushed
8cddef237f5d: Mounted from prometheus/prometheus-config-reloader
7ad00cd55506: Mounted from prometheus/prometheus-config-reloader
v0.58.0: digest: sha256:828fbb2fe43fa1ffc720a1ac54f2555c24ba765cdc8d7e9a42b077f86ca2f888 size: 949
The push refers to repository [easzlab.io.local:5000/prometheus/alertmanager]
a80bf55dd94f: Pushed
e30a866cd6d1: Pushed
1fab62a9c3e2: Pushed
43ac410b5fc4: Pushed
502843f4d0ac: Pushed
797ac4999b67: Pushed
v0.24.0: digest: sha256:b1ba90841a82ea24d79d4e6255b96025a9e89275bec0fae87d75a5959461971e size: 1575
The push refers to repository [easzlab.io.local:5000/prometheus/node-exporter]
5f6d9bc8e23d: Pushed
8d42cad20cac: Pushed
36b45d63da70: Pushed
v1.3.1: digest: sha256:d5b2a2e2bb07a4a5a7c4bd9e54641cab63e1d2627622dbde17efc04849d3d30d size: 948
The push refers to repository [easzlab.io.local:5000/prometheus/prometheus]
186bc542093a: Pushed
940e29e82227: Pushed
d877f42b3c37: Pushed
27796fb8d8eb: Pushed
36d3caff627c: Pushed
dca8138c81fe: Pushed
55cae1772d3d: Pushed
071700b88bcc: Pushed
1d7a495d612a: Pushed
15bf9376052b: Pushed
198706498439: Pushed
7ad00cd55506: Mounted from prometheus/prometheus-operator
v2.37.0: digest: sha256:8ab20bc5a8bee3b8107bb2f533deea35da5641a608f9b0c16e683d6c60d3ee84 size: 2824
2022-09-28 20:27:13 INFO Action successed: get_extra_images
[root@easzlab-deploy-01 data]#docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
easzlab/kubeasz 3.4.0 cd5271e57cdc 10 days ago 164MB
easzlab/kubeasz-k8s-bin v1.25.1 afa7b68d3157 12 days ago 490MB
easzlab/kubeasz-ext-bin 1.3.0 af3b603751da 12 days ago 518MB
easzlab.io.local:5000/cilium/operator-generic v1.12.2 1f3c9d687645 13 days ago 63MB
cilium/operator-generic v1.12.2 1f3c9d687645 13 days ago 63MB
cilium/cilium v1.12.2 743cf6b60787 13 days ago 456MB
easzlab.io.local:5000/cilium/cilium v1.12.2 743cf6b60787 13 days ago 456MB
cilium/hubble-relay v1.12.2 861d08668fcc 13 days ago 47.1MB
easzlab.io.local:5000/cilium/hubble-relay v1.12.2 861d08668fcc 13 days ago 47.1MB
rancher/mirrored-flannelcni-flannel v0.19.2 8b675dda11bb 3 weeks ago 62.3MB
easzlab.io.local:5000/flannelcni/flannel v0.19.2 8b675dda11bb 3 weeks ago 62.3MB
cilium/hubble-ui v0.9.2 e7c3d8afc3c6 4 weeks ago 32.9MB
easzlab.io.local:5000/cilium/hubble-ui v0.9.2 e7c3d8afc3c6 4 weeks ago 32.9MB
easzlab.io.local:5000/cilium/hubble-ui-backend v0.9.2 7805e70d8cf2 4 weeks ago 44.7MB
cilium/hubble-ui-backend v0.9.2 7805e70d8cf2 4 weeks ago 44.7MB
kubernetesui/dashboard v2.6.1 783e2b6d87ed 6 weeks ago 246MB
easzlab.io.local:5000/kubernetesui/dashboard v2.6.1 783e2b6d87ed 6 weeks ago 246MB
registry 2 3a0f7b0a13ef 7 weeks ago 24.1MB
easzlab/k8s-dns-node-cache 1.22.8 1fb97f9b9338 2 months ago 64.2MB
easzlab.io.local:5000/easzlab/k8s-dns-node-cache 1.22.8 1fb97f9b9338 2 months ago 64.2MB
easzlab.io.local:5000/prometheus/grafana 9.0.5 2b174b8f29e6 2 months ago 288MB
grafana/grafana 9.0.5 2b174b8f29e6 2 months ago 288MB
easzlab.io.local:5000/prometheus/prometheus-config-reloader v0.58.0 8cf7abb82445 2 months ago 12.2MB
quay.io/prometheus-operator/prometheus-config-reloader v0.58.0 8cf7abb82445 2 months ago 12.2MB
easzlab.io.local:5000/prometheus/prometheus-operator v0.58.0 9c9d8f361165 2 months ago 49.9MB
quay.io/prometheus-operator/prometheus-operator v0.58.0 9c9d8f361165 2 months ago 49.9MB
calico/kube-controllers v3.23.3 32d39d8db456 2 months ago 127MB
easzlab.io.local:5000/calico/kube-controllers v3.23.3 32d39d8db456 2 months ago 127MB
calico/cni v3.23.3 ecf96bae0aa7 2 months ago 254MB
easzlab.io.local:5000/calico/cni v3.23.3 ecf96bae0aa7 2 months ago 254MB
calico/node v3.23.3 5f5175f39b19 2 months ago 203MB
easzlab.io.local:5000/calico/node v3.23.3 5f5175f39b19 2 months ago 203MB
quay.io/prometheus/prometheus v2.37.0 c3d2a0b3481a 2 months ago 214MB
easzlab.io.local:5000/prometheus/prometheus v2.37.0 c3d2a0b3481a 2 months ago 214MB
easzlab/pause 3.8 4873874c08ef 3 months ago 711kB
easzlab.io.local:5000/easzlab/pause 3.8 4873874c08ef 3 months ago 711kB
easzlab.io.local:5000/prometheus/k8s-sidecar 1.19.2 fd4332507a22 3 months ago 75.8MB
quay.io/kiwigrid/k8s-sidecar 1.19.2 fd4332507a22 3 months ago 75.8MB
easzlab/kube-state-metrics v2.5.0 b781b8478c27 3 months ago 38.3MB
easzlab.io.local:5000/prometheus/kube-state-metrics v2.5.0 b781b8478c27 3 months ago 38.3MB
kubernetesui/metrics-scraper v1.0.8 115053965e86 4 months ago 43.8MB
easzlab.io.local:5000/kubernetesui/metrics-scraper v1.0.8 115053965e86 4 months ago 43.8MB
easzlab.io.local:5000/coredns/coredns 1.9.3 5185b96f0bec 4 months ago 48.8MB
coredns/coredns 1.9.3 5185b96f0bec 4 months ago 48.8MB
rancher/mirrored-flannelcni-flannel-cni-plugin v1.1.0 fcecffc7ad4a 4 months ago 8.09MB
easzlab.io.local:5000/flannelcni/flannel-cni-plugin v1.1.0 fcecffc7ad4a 4 months ago 8.09MB
easzlab/kube-webhook-certgen v1.2.0 e4251a60b28d 4 months ago 45.7MB
easzlab.io.local:5000/prometheus/kube-webhook-certgen v1.2.0 e4251a60b28d 4 months ago 45.7MB
easzlab.io.local:5000/prometheus/alertmanager v0.24.0 e556bd45e16c 6 months ago 59.7MB
quay.io/prometheus/alertmanager v0.24.0 e556bd45e16c 6 months ago 59.7MB
easzlab.io.local:5000/prometheus/node-exporter v1.3.1 1dbe0e931976 9 months ago 20.9MB
quay.io/prometheus/node-exporter v1.3.1 1dbe0e931976 9 months ago 20.9MB
easzlab/metrics-server v0.5.2 f73640fb5061 10 months ago 64.3MB
easzlab.io.local:5000/easzlab/metrics-server v0.5.2 f73640fb5061 10 months ago 64.3MB
centos 7 eeb6ee3f44bd 12 months ago 204MB
easzlab.io.local:5000/centos 7 eeb6ee3f44bd 12 months ago 204MB
cilium/json-mock v1.3.0 6e3fceeae168 17 months ago 204MB
easzlab.io.local:5000/cilium/json-mock v1.3.0 6e3fceeae168 17 months ago 204MB
easzlab/nfs-subdir-external-provisioner v4.0.2 932b0bface75 18 months ago 43.8MB
easzlab.io.local:5000/easzlab/nfs-subdir-external-provisioner v4.0.2 932b0bface75 18 months ago 43.8MB
创建集群配置实例
#创建集群配置实例
[root@easzlab-deploy-01 data]#./ezdown -S
2022-09-28 20:28:47 INFO Action begin: start_kubeasz_docker
2022-09-28 20:28:48 INFO try to run kubeasz in a container
2022-09-28 20:28:48 DEBUG get host IP: 10.0.0.50
09c6e78e577bd3d00eb447877ecba2c2c32a121e6cd243710f69b5e0fd98cb81
2022-09-28 20:28:49 INFO Action successed: start_kubeasz_docker
[root@easzlab-deploy-01 data]#docker exec -it kubeasz ezctl new k8s-01
2022-09-28 12:30:02 DEBUG generate custom cluster files in /etc/kubeasz/clusters/k8s-01
2022-09-28 12:30:02 DEBUG set versions
2022-09-28 12:30:02 DEBUG cluster k8s-01: files successfully created.
2022-09-28 12:30:02 INFO next steps 1: to config '/etc/kubeasz/clusters/k8s-01/hosts'
2022-09-28 12:30:02 INFO next steps 2: to config '/etc/kubeasz/clusters/k8s-01/config.yml'
[root@easzlab-deploy-01 data]#ls /etc/kubeasz/
README.md ansible.cfg bin clusters docs down example ezctl ezdown manifests pics playbooks roles tools
[root@easzlab-deploy-01 data]#ls /etc/kubeasz/manifests/
efk es-cluster ingress jenkins mariadb-cluster mysql-cluster redis-cluster storage
[root@easzlab-deploy-01 data]#ls /etc/kubeasz/clusters/
k8s-01
[root@easzlab-deploy-01 data]#ls /etc/kubeasz/clusters/k8s-01/
config.yml hosts
[root@easzlab-deploy-01 data]#echo "alias dk='docker exec -it kubeasz'" >> /root/.bashrc
[root@easzlab-deploy-01 data]#source /root/.bashrc
[root@easzlab-deploy-01 data]#dk ezctl setup k8s-01 all
ansible-playbook -i clusters/k8s-01/hosts -e @clusters/k8s-01/config.yml playbooks/90.setup.yml
2022-09-28 12:52:58 INFO cluster:k8s-01 setup step:all begins in 5s, press any key to abort:
PLAY [kube_master,kube_node,etcd,ex_lb,chrony] *****************************************************************************************************************************************
TASK [Gathering Facts] *****************************************************************************************************************************************************************
ok: [10.0.0.122]
ok: [10.0.0.131]
ok: [10.0.0.120]
ok: [10.0.0.121]
ok: [10.0.0.130]
ok: [10.0.0.132]
ok: [10.0.0.140]
ok: [10.0.0.141]
ok: [10.0.0.142]
PLAY [localhost] ***********************************************************************************************************************************************************************
TASK [Gathering Facts] *****************************************************************************************************************************************************************
ok: [localhost]
TASK [deploy : prepare some dirs] ******************************************************************************************************************************************************
changed: [localhost] => (item=/etc/kubeasz/clusters/k8s-01/ssl)
changed: [localhost] => (item=/etc/kubeasz/clusters/k8s-01/backup)
changed: [localhost] => (item=/etc/kubeasz/clusters/k8s-01/yml)
ok: [localhost] => (item=~/.kube)
TASK [deploy : 本地设置 bin 目录权限] **********************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 读取ca证书stat信息] ***********************************************************************************************************************************************************
ok: [localhost]
TASK [deploy : 准备CA配置文件和签名请求] **********************************************************************************************************************************************************
changed: [localhost] => (item=ca-config.json)
changed: [localhost] => (item=ca-csr.json)
TASK [deploy : 生成 CA 证书和私钥] ************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 准备kubectl使用的admin证书签名请求] ************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 创建admin证书与私钥] ***********************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 设置集群参数] *****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 设置客户端认证参数] **************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 设置上下文参数] ****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 选择默认上下文] ****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 安装kubeconfig] ***********************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 准备kube-proxy 证书签名请求] ****************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 创建 kube-proxy证书与私钥] *****************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 设置集群参数] *****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 设置客户端认证参数] **************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 设置上下文参数] ****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 选择默认上下文] ****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 准备kube-controller-manager 证书签名请求] ***************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 创建 kube-controller-manager证书与私钥] ****************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 设置集群参数] *****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 设置认证参数] *****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 设置上下文参数] ****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 选择默认上下文] ****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 准备kube-scheduler 证书签名请求] ************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 创建 kube-scheduler证书与私钥] *************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 设置集群参数] *****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 设置认证参数] *****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 设置上下文参数] ****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 选择默认上下文] ****************************************************************************************************************************************************************
changed: [localhost]
TASK [deploy : 本地创建 ezdown/ezctl 工具的软连接] ***********************************************************************************************************************************************
ok: [localhost] => (item=ezdown)
ok: [localhost] => (item=ezctl)
TASK [deploy : ansible 控制端创建 kubectl 软链接] **********************************************************************************************************************************************
changed: [localhost]
PLAY [kube_master,kube_node,etcd] ******************************************************************************************************************************************************
TASK [prepare : apt更新缓存刷新] *************************************************************************************************************************************************************
ok: [10.0.0.122]
ok: [10.0.0.120]
ok: [10.0.0.121]
ok: [10.0.0.130]
ok: [10.0.0.132]
ok: [10.0.0.141]
ok: [10.0.0.142]
changed: [10.0.0.131]
changed: [10.0.0.140]
TASK [prepare : 删除ubuntu默认安装] **********************************************************************************************************************************************************
changed: [10.0.0.122] => (item=ufw)
changed: [10.0.0.121] => (item=ufw)
changed: [10.0.0.122] => (item=lxd)
changed: [10.0.0.131] => (item=ufw)
changed: [10.0.0.121] => (item=lxd)
changed: [10.0.0.130] => (item=ufw)
changed: [10.0.0.120] => (item=ufw)
changed: [10.0.0.122] => (item=lxcfs)
changed: [10.0.0.131] => (item=lxd)
changed: [10.0.0.130] => (item=lxd)
changed: [10.0.0.121] => (item=lxcfs)
changed: [10.0.0.120] => (item=lxd)
changed: [10.0.0.131] => (item=lxcfs)
changed: [10.0.0.122] => (item=lxc-common)
changed: [10.0.0.130] => (item=lxcfs)
changed: [10.0.0.121] => (item=lxc-common)
changed: [10.0.0.120] => (item=lxcfs)
changed: [10.0.0.131] => (item=lxc-common)
changed: [10.0.0.130] => (item=lxc-common)
changed: [10.0.0.120] => (item=lxc-common)
changed: [10.0.0.132] => (item=ufw)
changed: [10.0.0.140] => (item=ufw)
changed: [10.0.0.141] => (item=ufw)
changed: [10.0.0.140] => (item=lxd)
changed: [10.0.0.132] => (item=lxd)
changed: [10.0.0.141] => (item=lxd)
changed: [10.0.0.140] => (item=lxcfs)
changed: [10.0.0.141] => (item=lxcfs)
changed: [10.0.0.132] => (item=lxcfs)
changed: [10.0.0.140] => (item=lxc-common)
changed: [10.0.0.141] => (item=lxc-common)
changed: [10.0.0.132] => (item=lxc-common)
changed: [10.0.0.142] => (item=ufw)
changed: [10.0.0.142] => (item=lxd)
changed: [10.0.0.142] => (item=lxcfs)
changed: [10.0.0.142] => (item=lxc-common)
TASK [prepare : 安装 ubuntu/debian基础软件] **************************************************************************************************************************************************
changed: [10.0.0.122]
changed: [10.0.0.131]
changed: [10.0.0.121]
changed: [10.0.0.120]
changed: [10.0.0.130]
changed: [10.0.0.132]
changed: [10.0.0.140]
changed: [10.0.0.141]
changed: [10.0.0.142]
TASK [prepare : 准备 journal 日志相关目录] *****************************************************************************************************************************************************
changed: [10.0.0.120] => (item=/etc/systemd/journald.conf.d)
changed: [10.0.0.121] => (item=/etc/systemd/journald.conf.d)
changed: [10.0.0.122] => (item=/etc/systemd/journald.conf.d)
changed: [10.0.0.130] => (item=/etc/systemd/journald.conf.d)
changed: [10.0.0.131] => (item=/etc/systemd/journald.conf.d)
ok: [10.0.0.120] => (item=/var/log/journal)
ok: [10.0.0.121] => (item=/var/log/journal)
ok: [10.0.0.122] => (item=/var/log/journal)
ok: [10.0.0.130] => (item=/var/log/journal)
ok: [10.0.0.131] => (item=/var/log/journal)
changed: [10.0.0.140] => (item=/etc/systemd/journald.conf.d)
changed: [10.0.0.132] => (item=/etc/systemd/journald.conf.d)
changed: [10.0.0.142] => (item=/etc/systemd/journald.conf.d)
changed: [10.0.0.141] => (item=/etc/systemd/journald.conf.d)
ok: [10.0.0.140] => (item=/var/log/journal)
ok: [10.0.0.142] => (item=/var/log/journal)
ok: [10.0.0.132] => (item=/var/log/journal)
ok: [10.0.0.141] => (item=/var/log/journal)
TASK [prepare : 优化设置 journal 日志] *******************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.140]
changed: [10.0.0.142]
changed: [10.0.0.141]
changed: [10.0.0.132]
TASK [prepare : 重启 journald 服务] ********************************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.122]
changed: [10.0.0.120]
changed: [10.0.0.132]
changed: [10.0.0.140]
changed: [10.0.0.141]
changed: [10.0.0.142]
TASK [prepare : 禁用系统 swap] *************************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.131]
changed: [10.0.0.130]
changed: [10.0.0.132]
changed: [10.0.0.122]
changed: [10.0.0.121]
changed: [10.0.0.141]
changed: [10.0.0.140]
changed: [10.0.0.142]
TASK [prepare : 删除fstab swap 相关配置] *****************************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.130]
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.131]
changed: [10.0.0.140]
changed: [10.0.0.141]
changed: [10.0.0.142]
changed: [10.0.0.132]
TASK [prepare : 转换内核版本为浮点数] ************************************************************************************************************************************************************
ok: [10.0.0.120]
ok: [10.0.0.121]
ok: [10.0.0.122]
ok: [10.0.0.130]
ok: [10.0.0.131]
ok: [10.0.0.132]
ok: [10.0.0.140]
ok: [10.0.0.141]
ok: [10.0.0.142]
TASK [prepare : 加载内核模块] ****************************************************************************************************************************************************************
changed: [10.0.0.131] => (item=br_netfilter)
changed: [10.0.0.120] => (item=br_netfilter)
changed: [10.0.0.121] => (item=br_netfilter)
changed: [10.0.0.131] => (item=ip_vs)
changed: [10.0.0.130] => (item=br_netfilter)
changed: [10.0.0.122] => (item=br_netfilter)
changed: [10.0.0.131] => (item=ip_vs_rr)
changed: [10.0.0.131] => (item=ip_vs_wrr)
changed: [10.0.0.120] => (item=ip_vs)
changed: [10.0.0.131] => (item=ip_vs_sh)
changed: [10.0.0.121] => (item=ip_vs)
changed: [10.0.0.130] => (item=ip_vs)
changed: [10.0.0.122] => (item=ip_vs)
ok: [10.0.0.131] => (item=nf_conntrack)
changed: [10.0.0.121] => (item=ip_vs_rr)
changed: [10.0.0.122] => (item=ip_vs_rr)
changed: [10.0.0.130] => (item=ip_vs_rr)
changed: [10.0.0.120] => (item=ip_vs_rr)
changed: [10.0.0.121] => (item=ip_vs_wrr)
changed: [10.0.0.130] => (item=ip_vs_wrr)
changed: [10.0.0.122] => (item=ip_vs_wrr)
changed: [10.0.0.120] => (item=ip_vs_wrr)
changed: [10.0.0.130] => (item=ip_vs_sh)
changed: [10.0.0.121] => (item=ip_vs_sh)
ok: [10.0.0.121] => (item=nf_conntrack)
ok: [10.0.0.130] => (item=nf_conntrack)
changed: [10.0.0.122] => (item=ip_vs_sh)
ok: [10.0.0.122] => (item=nf_conntrack)
changed: [10.0.0.120] => (item=ip_vs_sh)
changed: [10.0.0.132] => (item=br_netfilter)
changed: [10.0.0.140] => (item=br_netfilter)
changed: [10.0.0.141] => (item=br_netfilter)
ok: [10.0.0.120] => (item=nf_conntrack)
changed: [10.0.0.140] => (item=ip_vs)
changed: [10.0.0.142] => (item=br_netfilter)
changed: [10.0.0.141] => (item=ip_vs)
changed: [10.0.0.132] => (item=ip_vs)
changed: [10.0.0.140] => (item=ip_vs_rr)
changed: [10.0.0.132] => (item=ip_vs_rr)
changed: [10.0.0.141] => (item=ip_vs_rr)
changed: [10.0.0.140] => (item=ip_vs_wrr)
changed: [10.0.0.141] => (item=ip_vs_wrr)
changed: [10.0.0.132] => (item=ip_vs_wrr)
changed: [10.0.0.140] => (item=ip_vs_sh)
ok: [10.0.0.140] => (item=nf_conntrack)
changed: [10.0.0.141] => (item=ip_vs_sh)
changed: [10.0.0.132] => (item=ip_vs_sh)
changed: [10.0.0.142] => (item=ip_vs)
ok: [10.0.0.141] => (item=nf_conntrack)
ok: [10.0.0.132] => (item=nf_conntrack)
changed: [10.0.0.142] => (item=ip_vs_rr)
changed: [10.0.0.142] => (item=ip_vs_wrr)
changed: [10.0.0.142] => (item=ip_vs_sh)
ok: [10.0.0.142] => (item=nf_conntrack)
TASK [prepare : 尝试加载nf_conntrack_ipv4] *************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.130]
changed: [10.0.0.122]
changed: [10.0.0.131]
changed: [10.0.0.132]
changed: [10.0.0.140]
changed: [10.0.0.142]
changed: [10.0.0.141]
TASK [prepare : 启用systemd自动加载模块服务] *****************************************************************************************************************************************************
ok: [10.0.0.120]
ok: [10.0.0.121]
ok: [10.0.0.130]
ok: [10.0.0.131]
ok: [10.0.0.122]
ok: [10.0.0.132]
ok: [10.0.0.142]
ok: [10.0.0.141]
ok: [10.0.0.140]
TASK [prepare : 增加内核模块开机加载配置] **********************************************************************************************************************************************************
changed: [10.0.0.131]
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
changed: [10.0.0.130]
changed: [10.0.0.142]
changed: [10.0.0.140]
changed: [10.0.0.132]
changed: [10.0.0.141]
TASK [prepare : 设置系统参数] ****************************************************************************************************************************************************************
changed: [10.0.0.131]
changed: [10.0.0.121]
changed: [10.0.0.130]
changed: [10.0.0.122]
changed: [10.0.0.120]
changed: [10.0.0.132]
changed: [10.0.0.141]
changed: [10.0.0.140]
changed: [10.0.0.142]
TASK [prepare : 生效系统参数] ****************************************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.120]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.122]
changed: [10.0.0.132]
changed: [10.0.0.141]
changed: [10.0.0.140]
changed: [10.0.0.142]
TASK [prepare : 创建 systemd 配置目录] *******************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
changed: [10.0.0.131]
changed: [10.0.0.132]
changed: [10.0.0.130]
changed: [10.0.0.140]
changed: [10.0.0.141]
changed: [10.0.0.142]
TASK [prepare : 设置系统 ulimits] **********************************************************************************************************************************************************
changed: [10.0.0.131]
changed: [10.0.0.121]
changed: [10.0.0.122]
changed: [10.0.0.130]
changed: [10.0.0.132]
changed: [10.0.0.120]
changed: [10.0.0.141]
changed: [10.0.0.142]
changed: [10.0.0.140]
TASK [prepare : 把SCTP列入内核模块黑名单] ********************************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.122]
changed: [10.0.0.120]
changed: [10.0.0.132]
changed: [10.0.0.141]
changed: [10.0.0.140]
changed: [10.0.0.142]
TASK [prepare : prepare some dirs] *****************************************************************************************************************************************************
changed: [10.0.0.120] => (item=/opt/kube/bin)
changed: [10.0.0.122] => (item=/opt/kube/bin)
changed: [10.0.0.121] => (item=/opt/kube/bin)
changed: [10.0.0.130] => (item=/opt/kube/bin)
changed: [10.0.0.131] => (item=/opt/kube/bin)
changed: [10.0.0.120] => (item=/etc/kubernetes/ssl)
changed: [10.0.0.121] => (item=/etc/kubernetes/ssl)
changed: [10.0.0.122] => (item=/etc/kubernetes/ssl)
changed: [10.0.0.130] => (item=/etc/kubernetes/ssl)
changed: [10.0.0.131] => (item=/etc/kubernetes/ssl)
changed: [10.0.0.130] => (item=/root/.kube)
changed: [10.0.0.121] => (item=/root/.kube)
changed: [10.0.0.131] => (item=/root/.kube)
changed: [10.0.0.120] => (item=/root/.kube)
changed: [10.0.0.122] => (item=/root/.kube)
changed: [10.0.0.130] => (item=/etc/cni/net.d)
changed: [10.0.0.121] => (item=/etc/cni/net.d)
changed: [10.0.0.131] => (item=/etc/cni/net.d)
changed: [10.0.0.120] => (item=/etc/cni/net.d)
changed: [10.0.0.122] => (item=/etc/cni/net.d)
changed: [10.0.0.132] => (item=/opt/kube/bin)
changed: [10.0.0.141] => (item=/opt/kube/bin)
changed: [10.0.0.140] => (item=/opt/kube/bin)
changed: [10.0.0.141] => (item=/etc/kubernetes/ssl)
changed: [10.0.0.132] => (item=/etc/kubernetes/ssl)
changed: [10.0.0.142] => (item=/opt/kube/bin)
changed: [10.0.0.141] => (item=/root/.kube)
changed: [10.0.0.140] => (item=/etc/kubernetes/ssl)
changed: [10.0.0.142] => (item=/etc/kubernetes/ssl)
changed: [10.0.0.132] => (item=/root/.kube)
changed: [10.0.0.141] => (item=/etc/cni/net.d)
changed: [10.0.0.140] => (item=/root/.kube)
changed: [10.0.0.142] => (item=/root/.kube)
changed: [10.0.0.132] => (item=/etc/cni/net.d)
changed: [10.0.0.140] => (item=/etc/cni/net.d)
changed: [10.0.0.142] => (item=/etc/cni/net.d)
TASK [prepare : symlink /usr/bin/python -> /usr/bin/python3] ***************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
changed: [10.0.0.140]
changed: [10.0.0.141]
changed: [10.0.0.142]
TASK [prepare : 写入环境变量$PATH] ***********************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
changed: [10.0.0.140]
changed: [10.0.0.141]
changed: [10.0.0.142]
TASK [prepare : 添加 kubectl 自动补全] *******************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
changed: [10.0.0.140]
changed: [10.0.0.141]
changed: [10.0.0.142]
TASK [prepare : 添加 local registry hosts 解析] ********************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
changed: [10.0.0.140]
changed: [10.0.0.141]
changed: [10.0.0.142]
TASK [prepare : 分发 kubeconfig配置文件] *****************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.131]
changed: [10.0.0.121]
changed: [10.0.0.122]
changed: [10.0.0.130]
changed: [10.0.0.132]
TASK [prepare : 分发 kube-proxy.kubeconfig配置文件] ******************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.130]
changed: [10.0.0.122]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [prepare : 分发controller/scheduler kubeconfig配置文件] *********************************************************************************************************************************
changed: [10.0.0.120] => (item=kube-controller-manager.kubeconfig)
changed: [10.0.0.121] => (item=kube-controller-manager.kubeconfig)
changed: [10.0.0.122] => (item=kube-controller-manager.kubeconfig)
changed: [10.0.0.120] => (item=kube-scheduler.kubeconfig)
changed: [10.0.0.122] => (item=kube-scheduler.kubeconfig)
changed: [10.0.0.121] => (item=kube-scheduler.kubeconfig)
PLAY [etcd] ****************************************************************************************************************************************************************************
TASK [etcd : prepare some dirs] ********************************************************************************************************************************************************
changed: [10.0.0.140]
changed: [10.0.0.142]
changed: [10.0.0.141]
TASK [etcd : 下载etcd二进制文件] **************************************************************************************************************************************************************
changed: [10.0.0.140] => (item=etcd)
changed: [10.0.0.142] => (item=etcd)
changed: [10.0.0.141] => (item=etcd)
changed: [10.0.0.142] => (item=etcdctl)
changed: [10.0.0.140] => (item=etcdctl)
changed: [10.0.0.141] => (item=etcdctl)
TASK [etcd : 创建etcd证书请求] ***************************************************************************************************************************************************************
changed: [10.0.0.140]
TASK [etcd : 创建 etcd证书和私钥] *************************************************************************************************************************************************************
changed: [10.0.0.140]
TASK [etcd : 分发etcd证书相关] ***************************************************************************************************************************************************************
changed: [10.0.0.140] => (item=ca.pem)
changed: [10.0.0.141] => (item=ca.pem)
changed: [10.0.0.142] => (item=ca.pem)
changed: [10.0.0.140] => (item=etcd.pem)
changed: [10.0.0.141] => (item=etcd.pem)
changed: [10.0.0.142] => (item=etcd.pem)
changed: [10.0.0.140] => (item=etcd-key.pem)
changed: [10.0.0.141] => (item=etcd-key.pem)
changed: [10.0.0.142] => (item=etcd-key.pem)
TASK [etcd : 创建etcd的systemd unit文件] ****************************************************************************************************************************************************
changed: [10.0.0.140]
changed: [10.0.0.141]
changed: [10.0.0.142]
TASK [etcd : 开机启用etcd服务] ***************************************************************************************************************************************************************
changed: [10.0.0.140]
changed: [10.0.0.141]
changed: [10.0.0.142]
TASK [etcd : 开启etcd服务] *****************************************************************************************************************************************************************
changed: [10.0.0.141]
changed: [10.0.0.142]
changed: [10.0.0.140]
TASK [etcd : 以轮询的方式等待服务同步完成] ***********************************************************************************************************************************************************
changed: [10.0.0.140]
changed: [10.0.0.141]
changed: [10.0.0.142]
PLAY [kube_master,kube_node] ***********************************************************************************************************************************************************
TASK [containerd : 获取是否已经安装containerd] *************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [containerd : 准备containerd相关目录] ***************************************************************************************************************************************************
ok: [10.0.0.120] => (item=/opt/kube/bin)
ok: [10.0.0.121] => (item=/opt/kube/bin)
ok: [10.0.0.122] => (item=/opt/kube/bin)
ok: [10.0.0.131] => (item=/opt/kube/bin)
ok: [10.0.0.130] => (item=/opt/kube/bin)
changed: [10.0.0.120] => (item=/etc/containerd)
changed: [10.0.0.121] => (item=/etc/containerd)
changed: [10.0.0.122] => (item=/etc/containerd)
changed: [10.0.0.131] => (item=/etc/containerd)
ok: [10.0.0.132] => (item=/opt/kube/bin)
changed: [10.0.0.130] => (item=/etc/containerd)
changed: [10.0.0.132] => (item=/etc/containerd)
TASK [containerd : 加载内核模块 overlay] *****************************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.120]
changed: [10.0.0.131]
changed: [10.0.0.130]
changed: [10.0.0.122]
changed: [10.0.0.132]
TASK [containerd : 下载 containerd 二进制文件] ************************************************************************************************************************************************
changed: [10.0.0.122] => (item=containerd)
changed: [10.0.0.131] => (item=containerd)
changed: [10.0.0.121] => (item=containerd)
changed: [10.0.0.120] => (item=containerd)
changed: [10.0.0.130] => (item=containerd)
changed: [10.0.0.122] => (item=containerd-shim)
changed: [10.0.0.131] => (item=containerd-shim)
changed: [10.0.0.121] => (item=containerd-shim)
changed: [10.0.0.130] => (item=containerd-shim)
changed: [10.0.0.120] => (item=containerd-shim)
changed: [10.0.0.122] => (item=containerd-shim-runc-v1)
changed: [10.0.0.131] => (item=containerd-shim-runc-v1)
changed: [10.0.0.121] => (item=containerd-shim-runc-v1)
changed: [10.0.0.130] => (item=containerd-shim-runc-v1)
changed: [10.0.0.120] => (item=containerd-shim-runc-v1)
changed: [10.0.0.121] => (item=containerd-shim-runc-v2)
changed: [10.0.0.120] => (item=containerd-shim-runc-v2)
changed: [10.0.0.131] => (item=containerd-shim-runc-v2)
changed: [10.0.0.122] => (item=containerd-shim-runc-v2)
changed: [10.0.0.130] => (item=containerd-shim-runc-v2)
changed: [10.0.0.122] => (item=crictl)
changed: [10.0.0.130] => (item=crictl)
changed: [10.0.0.131] => (item=crictl)
changed: [10.0.0.120] => (item=crictl)
changed: [10.0.0.121] => (item=crictl)
changed: [10.0.0.121] => (item=ctr)
changed: [10.0.0.122] => (item=ctr)
changed: [10.0.0.130] => (item=ctr)
changed: [10.0.0.131] => (item=ctr)
changed: [10.0.0.120] => (item=ctr)
changed: [10.0.0.131] => (item=runc)
changed: [10.0.0.130] => (item=runc)
changed: [10.0.0.121] => (item=runc)
changed: [10.0.0.122] => (item=runc)
changed: [10.0.0.120] => (item=runc)
changed: [10.0.0.132] => (item=containerd)
changed: [10.0.0.132] => (item=containerd-shim)
changed: [10.0.0.132] => (item=containerd-shim-runc-v1)
changed: [10.0.0.132] => (item=containerd-shim-runc-v2)
changed: [10.0.0.132] => (item=crictl)
changed: [10.0.0.132] => (item=ctr)
changed: [10.0.0.132] => (item=runc)
TASK [containerd : 创建 containerd 配置文件] *************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.130]
changed: [10.0.0.121]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [containerd : 创建systemd unit文件] ***************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [containerd : 创建 crictl 配置] *******************************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.122]
changed: [10.0.0.120]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [containerd : 开机启用 containerd 服务] *************************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.120]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.122]
changed: [10.0.0.132]
TASK [containerd : 开启 containerd 服务] ***************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [containerd : 轮询等待containerd服务运行] *************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.130]
changed: [10.0.0.122]
changed: [10.0.0.121]
changed: [10.0.0.131]
changed: [10.0.0.132]
PLAY [kube_master] *********************************************************************************************************************************************************************
TASK [kube-lb : prepare some dirs] *****************************************************************************************************************************************************
changed: [10.0.0.122] => (item=/etc/kube-lb/sbin)
changed: [10.0.0.120] => (item=/etc/kube-lb/sbin)
changed: [10.0.0.121] => (item=/etc/kube-lb/sbin)
changed: [10.0.0.122] => (item=/etc/kube-lb/logs)
changed: [10.0.0.120] => (item=/etc/kube-lb/logs)
changed: [10.0.0.121] => (item=/etc/kube-lb/logs)
changed: [10.0.0.122] => (item=/etc/kube-lb/conf)
changed: [10.0.0.120] => (item=/etc/kube-lb/conf)
changed: [10.0.0.121] => (item=/etc/kube-lb/conf)
TASK [kube-lb : 下载二进制文件kube-lb(nginx)] *************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-lb : 创建kube-lb的配置文件] ********************************************************************************************************************************************************
changed: [10.0.0.122]
changed: [10.0.0.120]
changed: [10.0.0.121]
TASK [kube-lb : 创建kube-lb的systemd unit文件] **********************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.122]
changed: [10.0.0.120]
TASK [kube-lb : 开机启用kube-lb服务] *********************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
TASK [kube-lb : 开启kube-lb服务] ***********************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
TASK [kube-lb : 以轮询的方式等待kube-lb服务启动] ***************************************************************************************************************************************************
changed: [10.0.0.122]
changed: [10.0.0.121]
changed: [10.0.0.120]
TASK [kube-master : 下载 kube_master 二进制] ************************************************************************************************************************************************
changed: [10.0.0.122] => (item=kube-apiserver)
changed: [10.0.0.120] => (item=kube-apiserver)
changed: [10.0.0.121] => (item=kube-apiserver)
changed: [10.0.0.121] => (item=kube-controller-manager)
changed: [10.0.0.122] => (item=kube-controller-manager)
changed: [10.0.0.120] => (item=kube-controller-manager)
changed: [10.0.0.121] => (item=kube-scheduler)
changed: [10.0.0.120] => (item=kube-scheduler)
changed: [10.0.0.122] => (item=kube-scheduler)
changed: [10.0.0.121] => (item=kubectl)
changed: [10.0.0.122] => (item=kubectl)
changed: [10.0.0.120] => (item=kubectl)
TASK [kube-master : 注册变量 KUBERNETES_SVC_IP] ********************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
TASK [kube-master : 设置变量 CLUSTER_KUBERNETES_SVC_IP] ************************************************************************************************************************************
ok: [10.0.0.120]
ok: [10.0.0.121]
ok: [10.0.0.122]
TASK [kube-master : 创建 kubernetes 证书签名请求] **********************************************************************************************************************************************
changed: [10.0.0.121]
ok: [10.0.0.122]
ok: [10.0.0.120]
TASK [kube-master : 创建 kubernetes 证书和私钥] ***********************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
TASK [kube-master : 创建 aggregator proxy证书签名请求] *****************************************************************************************************************************************
changed: [10.0.0.120]
ok: [10.0.0.121]
ok: [10.0.0.122]
TASK [kube-master : 创建 aggregator-proxy证书和私钥] ******************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.120]
changed: [10.0.0.122]
TASK [kube-master : 分发 kubernetes证书] ***************************************************************************************************************************************************
changed: [10.0.0.120] => (item=ca.pem)
changed: [10.0.0.121] => (item=ca.pem)
changed: [10.0.0.122] => (item=ca.pem)
changed: [10.0.0.120] => (item=ca-key.pem)
changed: [10.0.0.121] => (item=ca-key.pem)
changed: [10.0.0.122] => (item=ca-key.pem)
changed: [10.0.0.121] => (item=kubernetes.pem)
changed: [10.0.0.120] => (item=kubernetes.pem)
changed: [10.0.0.122] => (item=kubernetes.pem)
changed: [10.0.0.121] => (item=kubernetes-key.pem)
changed: [10.0.0.120] => (item=kubernetes-key.pem)
changed: [10.0.0.122] => (item=kubernetes-key.pem)
changed: [10.0.0.120] => (item=aggregator-proxy.pem)
changed: [10.0.0.122] => (item=aggregator-proxy.pem)
changed: [10.0.0.121] => (item=aggregator-proxy.pem)
changed: [10.0.0.120] => (item=aggregator-proxy-key.pem)
changed: [10.0.0.122] => (item=aggregator-proxy-key.pem)
changed: [10.0.0.121] => (item=aggregator-proxy-key.pem)
TASK [kube-master : 替换 kubeconfig 的 apiserver 地址] **************************************************************************************************************************************
changed: [10.0.0.120] => (item=/root/.kube/config)
changed: [10.0.0.122] => (item=/root/.kube/config)
changed: [10.0.0.121] => (item=/root/.kube/config)
changed: [10.0.0.120] => (item=/etc/kubernetes/kube-controller-manager.kubeconfig)
changed: [10.0.0.121] => (item=/etc/kubernetes/kube-controller-manager.kubeconfig)
changed: [10.0.0.122] => (item=/etc/kubernetes/kube-controller-manager.kubeconfig)
changed: [10.0.0.120] => (item=/etc/kubernetes/kube-scheduler.kubeconfig)
changed: [10.0.0.122] => (item=/etc/kubernetes/kube-scheduler.kubeconfig)
changed: [10.0.0.121] => (item=/etc/kubernetes/kube-scheduler.kubeconfig)
TASK [kube-master : 创建 master 服务的 systemd unit 文件] *************************************************************************************************************************************
changed: [10.0.0.120] => (item=kube-apiserver.service)
changed: [10.0.0.122] => (item=kube-apiserver.service)
changed: [10.0.0.121] => (item=kube-apiserver.service)
changed: [10.0.0.120] => (item=kube-controller-manager.service)
changed: [10.0.0.122] => (item=kube-controller-manager.service)
changed: [10.0.0.121] => (item=kube-controller-manager.service)
changed: [10.0.0.120] => (item=kube-scheduler.service)
changed: [10.0.0.122] => (item=kube-scheduler.service)
changed: [10.0.0.121] => (item=kube-scheduler.service)
TASK [kube-master : enable master 服务] **************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
TASK [kube-master : 启动 master 服务] ******************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-master : 轮询等待kube-apiserver启动] **********************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
FAILED - RETRYING: 轮询等待kube-controller-manager启动 (8 retries left).
TASK [kube-master : 轮询等待kube-controller-manager启动] *************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.122]
FAILED - RETRYING: 轮询等待kube-controller-manager启动 (7 retries left).
changed: [10.0.0.120]
TASK [kube-master : 轮询等待kube-scheduler启动] **********************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
TASK [kube-master : 以轮询的方式等待master服务启动完成] **********************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-master : 获取user:kubernetes是否已经绑定对应角色] ***************************************************************************************************************************************
changed: [10.0.0.120]
TASK [kube-master : 创建user:kubernetes角色绑定] *********************************************************************************************************************************************
changed: [10.0.0.120]
TASK [kube-node : 创建kube_node 相关目录] ****************************************************************************************************************************************************
changed: [10.0.0.120] => (item=/var/lib/kubelet)
changed: [10.0.0.121] => (item=/var/lib/kubelet)
changed: [10.0.0.122] => (item=/var/lib/kubelet)
changed: [10.0.0.121] => (item=/var/lib/kube-proxy)
changed: [10.0.0.120] => (item=/var/lib/kube-proxy)
changed: [10.0.0.122] => (item=/var/lib/kube-proxy)
ok: [10.0.0.121] => (item=/etc/cni/net.d)
ok: [10.0.0.120] => (item=/etc/cni/net.d)
ok: [10.0.0.122] => (item=/etc/cni/net.d)
TASK [kube-node : 下载 kubelet,kube-proxy 二进制和基础 cni plugins] ****************************************************************************************************************************
ok: [10.0.0.121] => (item=kubectl)
ok: [10.0.0.120] => (item=kubectl)
ok: [10.0.0.122] => (item=kubectl)
changed: [10.0.0.120] => (item=kubelet)
changed: [10.0.0.121] => (item=kubelet)
changed: [10.0.0.122] => (item=kubelet)
changed: [10.0.0.121] => (item=kube-proxy)
changed: [10.0.0.120] => (item=kube-proxy)
changed: [10.0.0.122] => (item=kube-proxy)
changed: [10.0.0.122] => (item=bridge)
changed: [10.0.0.121] => (item=bridge)
changed: [10.0.0.120] => (item=bridge)
changed: [10.0.0.120] => (item=host-local)
changed: [10.0.0.121] => (item=host-local)
changed: [10.0.0.122] => (item=host-local)
changed: [10.0.0.121] => (item=loopback)
changed: [10.0.0.120] => (item=loopback)
changed: [10.0.0.122] => (item=loopback)
TASK [kube-node : 替换 kubeconfig 的 apiserver 地址] ****************************************************************************************************************************************
ok: [10.0.0.120]
ok: [10.0.0.121]
ok: [10.0.0.122]
TASK [kube-node : 准备kubelet 证书签名请求] ****************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
TASK [kube-node : 创建 kubelet 证书与私钥] ****************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 分发ca 证书] *************************************************************************************************************************************************************
ok: [10.0.0.120]
ok: [10.0.0.122]
ok: [10.0.0.121]
TASK [kube-node : 分发kubelet 证书] ********************************************************************************************************************************************************
changed: [10.0.0.120] => (item=kubelet.pem)
changed: [10.0.0.121] => (item=kubelet.pem)
changed: [10.0.0.122] => (item=kubelet.pem)
changed: [10.0.0.120] => (item=kubelet-key.pem)
changed: [10.0.0.121] => (item=kubelet-key.pem)
changed: [10.0.0.122] => (item=kubelet-key.pem)
TASK [kube-node : 设置集群参数] **************************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 设置客户端认证参数] ***********************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 设置上下文参数] *************************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 选择默认上下文] *************************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 准备 cni配置文件] **********************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 注册变量 DNS_SVC_IP] *****************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 设置变量 CLUSTER_DNS_SVC_IP] *********************************************************************************************************************************************
ok: [10.0.0.120]
ok: [10.0.0.121]
ok: [10.0.0.122]
TASK [kube-node : 创建kubelet的配置文件] ******************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 创建kubelet的systemd unit文件] ********************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 开机启用kubelet 服务] ******************************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.120]
changed: [10.0.0.122]
TASK [kube-node : 开启kubelet 服务] ********************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
TASK [kube-node : 替换 kube-proxy.kubeconfig 的 apiserver 地址] *****************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 创建kube-proxy 配置] *****************************************************************************************************************************************************
changed: [10.0.0.122]
changed: [10.0.0.120]
changed: [10.0.0.121]
TASK [kube-node : 创建kube-proxy 服务文件] ***************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 开机启用kube-proxy 服务] ***************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
TASK [kube-node : 开启kube-proxy 服务] *****************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 轮询等待kube-proxy启动] ****************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [kube-node : 轮询等待kubelet启动] *******************************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.120]
changed: [10.0.0.122]
FAILED - RETRYING: 轮询等待node达到Ready状态 (8 retries left).
FAILED - RETRYING: 轮询等待node达到Ready状态 (8 retries left).
FAILED - RETRYING: 轮询等待node达到Ready状态 (8 retries left).
TASK [kube-node : 轮询等待node达到Ready状态] ***************************************************************************************************************************************************
changed: [10.0.0.121]
changed: [10.0.0.120]
changed: [10.0.0.122]
TASK [kube-node : 设置node节点role] ********************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [Making master nodes SchedulingDisabled] ******************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
TASK [Setting master role name] ********************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
PLAY [kube_node] ***********************************************************************************************************************************************************************
TASK [kube-lb : prepare some dirs] *****************************************************************************************************************************************************
changed: [10.0.0.132] => (item=/etc/kube-lb/sbin)
changed: [10.0.0.131] => (item=/etc/kube-lb/sbin)
changed: [10.0.0.130] => (item=/etc/kube-lb/sbin)
changed: [10.0.0.132] => (item=/etc/kube-lb/logs)
changed: [10.0.0.131] => (item=/etc/kube-lb/logs)
changed: [10.0.0.130] => (item=/etc/kube-lb/logs)
changed: [10.0.0.132] => (item=/etc/kube-lb/conf)
changed: [10.0.0.131] => (item=/etc/kube-lb/conf)
changed: [10.0.0.130] => (item=/etc/kube-lb/conf)
TASK [kube-lb : 下载二进制文件kube-lb(nginx)] *************************************************************************************************************************************************
changed: [10.0.0.132]
changed: [10.0.0.131]
changed: [10.0.0.130]
TASK [kube-lb : 创建kube-lb的配置文件] ********************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-lb : 创建kube-lb的systemd unit文件] **********************************************************************************************************************************************
changed: [10.0.0.131]
changed: [10.0.0.130]
changed: [10.0.0.132]
TASK [kube-lb : 开机启用kube-lb服务] *********************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-lb : 开启kube-lb服务] ***********************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-lb : 以轮询的方式等待kube-lb服务启动] ***************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 创建kube_node 相关目录] ****************************************************************************************************************************************************
changed: [10.0.0.130] => (item=/var/lib/kubelet)
changed: [10.0.0.131] => (item=/var/lib/kubelet)
changed: [10.0.0.132] => (item=/var/lib/kubelet)
changed: [10.0.0.130] => (item=/var/lib/kube-proxy)
changed: [10.0.0.131] => (item=/var/lib/kube-proxy)
changed: [10.0.0.132] => (item=/var/lib/kube-proxy)
ok: [10.0.0.130] => (item=/etc/cni/net.d)
ok: [10.0.0.131] => (item=/etc/cni/net.d)
ok: [10.0.0.132] => (item=/etc/cni/net.d)
TASK [kube-node : 下载 kubelet,kube-proxy 二进制和基础 cni plugins] ****************************************************************************************************************************
changed: [10.0.0.131] => (item=kubectl)
changed: [10.0.0.130] => (item=kubectl)
changed: [10.0.0.132] => (item=kubectl)
changed: [10.0.0.131] => (item=kubelet)
changed: [10.0.0.130] => (item=kubelet)
changed: [10.0.0.132] => (item=kubelet)
changed: [10.0.0.131] => (item=kube-proxy)
changed: [10.0.0.130] => (item=kube-proxy)
changed: [10.0.0.132] => (item=kube-proxy)
changed: [10.0.0.131] => (item=bridge)
changed: [10.0.0.130] => (item=bridge)
changed: [10.0.0.132] => (item=bridge)
changed: [10.0.0.131] => (item=host-local)
changed: [10.0.0.130] => (item=host-local)
changed: [10.0.0.132] => (item=host-local)
changed: [10.0.0.131] => (item=loopback)
changed: [10.0.0.132] => (item=loopback)
changed: [10.0.0.130] => (item=loopback)
TASK [kube-node : 替换 kubeconfig 的 apiserver 地址] ****************************************************************************************************************************************
changed: [10.0.0.132]
changed: [10.0.0.130]
changed: [10.0.0.131]
TASK [kube-node : 准备kubelet 证书签名请求] ****************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.132]
changed: [10.0.0.131]
TASK [kube-node : 创建 kubelet 证书与私钥] ****************************************************************************************************************************************************
changed: [10.0.0.131]
changed: [10.0.0.130]
changed: [10.0.0.132]
TASK [kube-node : 分发ca 证书] *************************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 分发kubelet 证书] ********************************************************************************************************************************************************
changed: [10.0.0.130] => (item=kubelet.pem)
changed: [10.0.0.131] => (item=kubelet.pem)
changed: [10.0.0.132] => (item=kubelet.pem)
changed: [10.0.0.130] => (item=kubelet-key.pem)
changed: [10.0.0.131] => (item=kubelet-key.pem)
changed: [10.0.0.132] => (item=kubelet-key.pem)
TASK [kube-node : 设置集群参数] **************************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 设置客户端认证参数] ***********************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 设置上下文参数] *************************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 选择默认上下文] *************************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 准备 cni配置文件] **********************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 注册变量 DNS_SVC_IP] *****************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 设置变量 CLUSTER_DNS_SVC_IP] *********************************************************************************************************************************************
ok: [10.0.0.130]
ok: [10.0.0.131]
ok: [10.0.0.132]
TASK [kube-node : 创建kubelet的配置文件] ******************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 创建kubelet的systemd unit文件] ********************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 开机启用kubelet 服务] ******************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 开启kubelet 服务] ********************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 替换 kube-proxy.kubeconfig 的 apiserver 地址] *****************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 创建kube-proxy 配置] *****************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 创建kube-proxy 服务文件] ***************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.132]
changed: [10.0.0.131]
TASK [kube-node : 开机启用kube-proxy 服务] ***************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 开启kube-proxy 服务] *****************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 轮询等待kube-proxy启动] ****************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 轮询等待kubelet启动] *******************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
FAILED - RETRYING: 轮询等待node达到Ready状态 (8 retries left).
FAILED - RETRYING: 轮询等待node达到Ready状态 (8 retries left).
FAILED - RETRYING: 轮询等待node达到Ready状态 (8 retries left).
TASK [kube-node : 轮询等待node达到Ready状态] ***************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [kube-node : 设置node节点role] ********************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
PLAY [kube_master,kube_node] ***********************************************************************************************************************************************************
TASK [calico : 在节点创建相关目录] **************************************************************************************************************************************************************
changed: [10.0.0.131] => (item=/etc/calico/ssl)
changed: [10.0.0.130] => (item=/etc/calico/ssl)
changed: [10.0.0.132] => (item=/etc/calico/ssl)
changed: [10.0.0.120] => (item=/etc/calico/ssl)
changed: [10.0.0.121] => (item=/etc/calico/ssl)
changed: [10.0.0.122] => (item=/etc/calico/ssl)
TASK [calico : 创建calico 证书请求] **********************************************************************************************************************************************************
ok: [10.0.0.120]
changed: [10.0.0.122]
ok: [10.0.0.121]
ok: [10.0.0.131]
ok: [10.0.0.130]
ok: [10.0.0.132]
TASK [calico : 创建 calico证书和私钥] *********************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.121]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [calico : 分发calico证书相关] ***********************************************************************************************************************************************************
changed: [10.0.0.121] => (item=ca.pem)
changed: [10.0.0.130] => (item=ca.pem)
changed: [10.0.0.131] => (item=ca.pem)
changed: [10.0.0.120] => (item=ca.pem)
changed: [10.0.0.122] => (item=ca.pem)
changed: [10.0.0.121] => (item=calico.pem)
changed: [10.0.0.131] => (item=calico.pem)
changed: [10.0.0.130] => (item=calico.pem)
changed: [10.0.0.120] => (item=calico.pem)
changed: [10.0.0.121] => (item=calico-key.pem)
changed: [10.0.0.131] => (item=calico-key.pem)
changed: [10.0.0.122] => (item=calico.pem)
changed: [10.0.0.130] => (item=calico-key.pem)
changed: [10.0.0.120] => (item=calico-key.pem)
changed: [10.0.0.132] => (item=ca.pem)
changed: [10.0.0.122] => (item=calico-key.pem)
changed: [10.0.0.132] => (item=calico.pem)
changed: [10.0.0.132] => (item=calico-key.pem)
TASK [calico : get calico-etcd-secrets info] *******************************************************************************************************************************************
changed: [10.0.0.120]
TASK [calico : 创建 calico-etcd-secrets] *************************************************************************************************************************************************
changed: [10.0.0.120]
TASK [calico : 配置 calico DaemonSet yaml文件] *********************************************************************************************************************************************
changed: [10.0.0.120]
TASK [calico : 运行 calico网络] ************************************************************************************************************************************************************
changed: [10.0.0.120]
TASK [calico : 删除默认cni配置] **************************************************************************************************************************************************************
changed: [10.0.0.120]
changed: [10.0.0.121]
changed: [10.0.0.122]
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [calico : 下载calicoctl 客户端] ********************************************************************************************************************************************************
changed: [10.0.0.130] => (item=calicoctl)
changed: [10.0.0.131] => (item=calicoctl)
changed: [10.0.0.122] => (item=calicoctl)
changed: [10.0.0.121] => (item=calicoctl)
changed: [10.0.0.120] => (item=calicoctl)
changed: [10.0.0.132] => (item=calicoctl)
TASK [calico : 准备 calicoctl配置文件] *******************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.120]
changed: [10.0.0.122]
changed: [10.0.0.131]
changed: [10.0.0.121]
changed: [10.0.0.132]
FAILED - RETRYING: 轮询等待calico-node 运行,视下载镜像速度而定 (15 retries left).
FAILED - RETRYING: 轮询等待calico-node 运行,视下载镜像速度而定 (15 retries left).
FAILED - RETRYING: 轮询等待calico-node 运行,视下载镜像速度而定 (15 retries left).
FAILED - RETRYING: 轮询等待calico-node 运行,视下载镜像速度而定 (15 retries left).
FAILED - RETRYING: 轮询等待calico-node 运行,视下载镜像速度而定 (15 retries left).
TASK [calico : 轮询等待calico-node 运行,视下载镜像速度而定] *******************************************************************************************************************************************
changed: [10.0.0.122]
FAILED - RETRYING: 轮询等待calico-node 运行,视下载镜像速度而定 (14 retries left).
FAILED - RETRYING: 轮询等待calico-node 运行,视下载镜像速度而定 (14 retries left).
FAILED - RETRYING: 轮询等待calico-node 运行,视下载镜像速度而定 (15 retries left).
FAILED - RETRYING: 轮询等待calico-node 运行,视下载镜像速度而定 (14 retries left).
FAILED - RETRYING: 轮询等待calico-node 运行,视下载镜像速度而定 (14 retries left).
changed: [10.0.0.121]
changed: [10.0.0.130]
changed: [10.0.0.132]
changed: [10.0.0.120]
changed: [10.0.0.131]
PLAY [kube_node] ***********************************************************************************************************************************************************************
TASK [cluster-addon : 获取所有已经创建的POD信息] **************************************************************************************************************************************************
changed: [10.0.0.130]
TASK [cluster-addon : 注册变量 DNS_SVC_IP] *************************************************************************************************************************************************
changed: [10.0.0.130]
changed: [10.0.0.131]
changed: [10.0.0.132]
TASK [cluster-addon : 设置变量 CLUSTER_DNS_SVC_IP] *****************************************************************************************************************************************
ok: [10.0.0.130]
ok: [10.0.0.131]
ok: [10.0.0.132]
TASK [cluster-addon : debug] ***********************************************************************************************************************************************************
ok: [10.0.0.130] => {
"CLUSTER_DNS_SVC_IP": "10.100.0.2"
}
ok: [10.0.0.131] => {
"CLUSTER_DNS_SVC_IP": "10.100.0.2"
}
ok: [10.0.0.132] => {
"CLUSTER_DNS_SVC_IP": "10.100.0.2"
}
TASK [cluster-addon : 准备 DNS的部署文件] *****************************************************************************************************************************************************
changed: [10.0.0.130]
TASK [cluster-addon : 创建coredns部署] *****************************************************************************************************************************************************
changed: [10.0.0.130]
TASK [cluster-addon : 准备dnscache的部署文件] *************************************************************************************************************************************************
changed: [10.0.0.130]
TASK [cluster-addon : 创建dnscache部署] ****************************************************************************************************************************************************
changed: [10.0.0.130]
TASK [cluster-addon : 准备 metrics-server的部署文件] ******************************************************************************************************************************************
changed: [10.0.0.130]
TASK [cluster-addon : 创建 metrics-server部署] *********************************************************************************************************************************************
changed: [10.0.0.130]
TASK [cluster-addon : prepare some dirs] ***********************************************************************************************************************************************
changed: [10.0.0.130]
TASK [cluster-addon : 准备 dashboard的部署文件] ***********************************************************************************************************************************************
changed: [10.0.0.130] => (item=kubernetes-dashboard.yaml)
changed: [10.0.0.130] => (item=admin-user-sa-rbac.yaml)
changed: [10.0.0.130] => (item=read-user-sa-rbac.yaml)
TASK [cluster-addon : 创建 dashboard部署] **************************************************************************************************************************************************
changed: [10.0.0.130]
PLAY RECAP *****************************************************************************************************************************************************************************
10.0.0.120 : ok=103 changed=93 unreachable=0 failed=0 skipped=167 rescued=0 ignored=0
10.0.0.121 : ok=97 changed=87 unreachable=0 failed=0 skipped=150 rescued=0 ignored=0
10.0.0.122 : ok=97 changed=87 unreachable=0 failed=0 skipped=150 rescued=0 ignored=0
10.0.0.130 : ok=91 changed=83 unreachable=0 failed=0 skipped=176 rescued=0 ignored=0
10.0.0.131 : ok=81 changed=74 unreachable=0 failed=0 skipped=151 rescued=0 ignored=0
10.0.0.132 : ok=81 changed=73 unreachable=0 failed=0 skipped=151 rescued=0 ignored=0
10.0.0.140 : ok=33 changed=30 unreachable=0 failed=0 skipped=116 rescued=0 ignored=0
10.0.0.141 : ok=31 changed=27 unreachable=0 failed=0 skipped=116 rescued=0 ignored=0
10.0.0.142 : ok=31 changed=27 unreachable=0 failed=0 skipped=116 rescued=0 ignored=0
localhost : ok=33 changed=30 unreachable=0 failed=0 skipped=11 rescued=0 ignored=0
启动keepalive和haproxy
[root@easzlab-deploy-01 ansible]#vim start_haproxy_keepalive.yaml
---
- name: start service
hosts: haproxykeepalive
tasks:
- name: sysctl
sysctl:
name: net.ipv4.ip_nonlocal_bind
value: "1"
sysctl_set: yes
- name: check_haproxy.sh
copy:
src: check_haproxy.sh
dest: /etc/keepalived/check_haproxy.sh
- name: config service
service:
name: "{{ item }}"
state: started
enabled: yes
loop:
- haproxy
- keepalived
[root@easzlab-deploy-01 ansible]#ansible-playbook start_haproxy_keepalive.yaml
PLAY [start service] ************************************************************************************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************************************************************************************
ok: [easzlab-haproxy-keepalive-01]
ok: [easzlab-haproxy-keepalive-03]
ok: [easzlab-haproxy-keepalive-02]
TASK [sysctl] *******************************************************************************************************************************************************************************
changed: [easzlab-haproxy-keepalive-03]
changed: [easzlab-haproxy-keepalive-01]
changed: [easzlab-haproxy-keepalive-02]
TASK [check_haproxy.sh] *********************************************************************************************************************************************************************
changed: [easzlab-haproxy-keepalive-01]
changed: [easzlab-haproxy-keepalive-03]
changed: [easzlab-haproxy-keepalive-02]
TASK [config service] ***********************************************************************************************************************************************************************
changed: [easzlab-haproxy-keepalive-02] => (item=haproxy)
changed: [easzlab-haproxy-keepalive-03] => (item=haproxy)
changed: [easzlab-haproxy-keepalive-01] => (item=haproxy)
changed: [easzlab-haproxy-keepalive-02] => (item=keepalived)
changed: [easzlab-haproxy-keepalive-03] => (item=keepalived)
changed: [easzlab-haproxy-keepalive-01] => (item=keepalived)
PLAY RECAP **********************************************************************************************************************************************************************************
easzlab-haproxy-keepalive-01 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-haproxy-keepalive-02 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-haproxy-keepalive-03 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
登录dashboard
[root@easzlab-deploy-01 ~]#kubectl get secrets -A
NAMESPACE NAME TYPE DATA AGE
kube-system admin-user kubernetes.io/service-account-token 3 13h
kube-system calico-etcd-secrets Opaque 3 14h
kube-system dashboard-read-user kubernetes.io/service-account-token 3 13h
kube-system kubernetes-dashboard-certs Opaque 0 13h
kube-system kubernetes-dashboard-csrf Opaque 1 13h
kube-system kubernetes-dashboard-key-holder Opaque 2 13h
[root@easzlab-deploy-01 ~]#kubectl describe secrets -n kube-system admin-user
Name: admin-user
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: admin-user
kubernetes.io/service-account.uid: c5dd8aa3-d63e-48d1-80d6-0fe7db28d261
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1302 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6InMwYmQwclk3M0J2WUs2OUZxdEkzNTcyZ2FaV0h1bWQyc1FRVWhsY1dER0kifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJjNWRkOGFhMy1kNjNlLTQ4ZDEtODBkNi0wZmU3ZGIyOGQyNjEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.ZC0Ybj4zV2MasFCmCtKYWUlB70cDc7Tta1l9ZfLgXWe9UrZjsW3ZXjCIDbh58PCLArccbqyFnulPZmj2lRT5hYZckMlsD3afLjd6PCMc4JH7PmrnX6ZutPD1pjInybmc-OKeNB1qCR0ySCBH5JJg_HYVM_JrzP6HTQ7r_S4ThCTlYt2VIxQbWCne5_-6So-UJLJMKbOT8jnwVl7kPPDO8tEuhfP_os0Ui7G_SrzV0_ZD9jvxB9hXzIdxkukPgnFcmyiF-k5m0xEW_RIiQRURJFU4HzUm1dAFgK9ivyRuZJTLzg-8BsCv3LOSfMFlJTcrDnF_4_AheNy8Drt5XkL6rw
[root@easzlab-deploy-01 ~]#cat .kube/config
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURsRENDQW55Z0F3SUJBZ0lVUklSZ3NPcTh5Y0hlckY3WmRtYURib2FOdEJBd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1lURUxNQWtHQTFVRUJoTUNRMDR4RVRBUEJnTlZCQWdUQ0VoaGJtZGFhRzkxTVFzd0NRWURWUVFIRXdKWQpVekVNTUFvR0ExVUVDaE1EYXpoek1ROHdEUVlEVlFRTEV3WlRlWE4wWlcweEV6QVJCZ05WQkFNVENtdDFZbVZ5CmJtVjBaWE13SUJjTk1qSXdPVEk0TVRJME9UQXdXaGdQTWpFeU1qQTVNRFF4TWpRNU1EQmFNR0V4Q3pBSkJnTlYKQkFZVEFrTk9NUkV3RHdZRFZRUUlFd2hJWVc1bldtaHZkVEVMTUFrR0ExVUVCeE1DV0ZNeEREQUtCZ05WQkFvVApBMnM0Y3pFUE1BMEdBMVVFQ3hNR1UzbHpkR1Z0TVJNd0VRWURWUVFERXdwcmRXSmxjbTVsZEdWek1JSUJJakFOCkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQWtoQ1c4SEh0Y3V5UDVueGdZWm4rZFVwSThuczQKMkZlOXVxTzBPREx6RXpaVWVBNXNNMWZXQXpkVHRjTUlPSVlURWJGOFVEOHk4L3IzK3YyaDlndnN2SnFkZWVtYgoyREppR3dodlowTVdEUHgzMktLWUkvSVR0U3FvcDVxUTFjbDcxdnFBTmp1Z2Y2VlY4MGlzK1pSYm5pQTA1WjZhCkVMWDJzMGh4WlVmbkdQemxVT3cwN0x6a2sxL0p3TFc0Uis4Y09nTDVpRVVoNE1QSlRCR1EvYXpuSDNSZ3VrUlgKVVV0OG13TDgraVJQWnZ6U1RtbjlqSUkzcWFHTGdDWTRocU82enppc0NMMWgwWDJaMlhFTDY2amVROHpCdXJWZQo2M0JOTy9PYTRQMk5TdXZzMDZsRGR0SzhwUy9ONEEzKzM5anpZNlZJa01TcnVwWFBMNWdzTGM5V2Z3SURBUUFCCm8wSXdRREFPQmdOVkhROEJBZjhFQkFNQ0FRWXdEd1lEVlIwVEFRSC9CQVV3QXdFQi96QWRCZ05WSFE0RUZnUVUKRTVxNVhYUzFTNWM2N2tMbnVVMFZBVkUwVWR3d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFDdDV2eXluWFk0ZwpwenlPc0N2YnJVMDRTcGFyaEtHSldNZCtaTFRhdzVXNmk4dllPWnVYbkx6c2t6dnZuMzREaVVqMFRhVEpsenNiCkwybWFhSCsreFpucDhUVk03eHU3aDl1OXFjdFRzaldpM1o1ZDdCTXp2b2VjUEVEYkgwWUZwbmJnUTV0NGpFOTMKUEZzZ01NVmlidkZuMkJVaWtsSXRLc3Q4emMxMXdTZEYwWmxuZExlSUtHSjM0dXNmQUNuUEdQdHA0clZ6Rm1hcwpYMlBCTHFnRDZOVGkrWU5qWXhDK3plNzJadmFxWUxMT1RTbDFOWnhPWU84UmVVenI1aXh0OVNITmQwWUhZUE8yCnM3RUFQR0pxVWlMeklDb0xaVlJTWE1ESnBHRjJrQUxOWEFoTUloMUd0MVppd2xhWEdFc2JQVTd5OTFnTlZaZGcKU2Fsb0x2K0NRZGc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
server: https://10.0.0.120:6443
name: cluster1
contexts:
- context:
cluster: cluster1
user: admin
name: context-cluster1
current-context: context-cluster1
kind: Config
preferences: {}
users:
- name: admin
user:
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQxekNDQXIrZ0F3SUJBZ0lVTllmRE1jMWhucXA4RzBpaENMdkZpZ1oxY2dFd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1lURUxNQWtHQTFVRUJoTUNRMDR4RVRBUEJnTlZCQWdUQ0VoaGJtZGFhRzkxTVFzd0NRWURWUVFIRXdKWQpVekVNTUFvR0ExVUVDaE1EYXpoek1ROHdEUVlEVlFRTEV3WlRlWE4wWlcweEV6QVJCZ05WQkFNVENtdDFZbVZ5CmJtVjBaWE13SUJjTk1qSXdPVEk0TVRJME9UQXdXaGdQTWpBM01qQTVNVFV4TWpRNU1EQmFNR2N4Q3pBSkJnTlYKQkFZVEFrTk9NUkV3RHdZRFZRUUlFd2hJWVc1bldtaHZkVEVMTUFrR0ExVUVCeE1DV0ZNeEZ6QVZCZ05WQkFvVApEbk41YzNSbGJUcHRZWE4wWlhKek1ROHdEUVlEVlFRTEV3WlRlWE4wWlcweERqQU1CZ05WQkFNVEJXRmtiV2x1Ck1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBdU5oMnRHRDJnV2tTdjdJRU83TkMKLzF5TTFNRkFFMXNUb3hDVlBRbDJlQXJJczRFdllXN2ZXZzhkNHZUQmpZQ1BzVHExR1Jud0NmM0VDZHQyb0p3eApkdDlRVGFXY0d3d25mUHA0K3lGeFVVTDlGU0RoTVZZSWVSVTVhQ3JPcDJmOXN2d1RycHpPckdsMmFFdTgrQThKCmlCN3dUd2tHaGJWZ1lOVTVGUmxVeWNoV0ZPVSt3ejl6NDlMQkRnVC9xbWJsdE5EV2lqLzltS3NSTkpYS2xhc2wKdURFeHdkdXVWUkdkdmpvT0ZYdjd2R2Q4ZGV2QUduRlhpNTZpRUxYemplQ2RxQnRtb1l0a3dRbkVza3A5ZG5xSApsZkNWZ1NpaWFSNkNLYUhHaFVwRTNjZTVNaXZwWUNLTlhteXk1R3ROd3J6a2dLOHQ1NGF0UlUyQnFYeEluMW52CkFRSURBUUFCbzM4d2ZUQU9CZ05WSFE4QkFmOEVCQU1DQmFBd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSEF3RUcKQ0NzR0FRVUZCd01DTUF3R0ExVWRFd0VCL3dRQ01BQXdIUVlEVlIwT0JCWUVGRmhYenAyS0Qxb2dxV2VwMWRFegpiK2pqRS9uYU1COEdBMVVkSXdRWU1CYUFGQk9hdVYxMHRVdVhPdTVDNTdsTkZRRlJORkhjTUEwR0NTcUdTSWIzCkRRRUJDd1VBQTRJQkFRQ0djUWFHWkpINklLUEtjUmV6cjZkdHA4Sm1JK1dhNGNVUWxlbGJXek8xQmVxaDBCeHMKR255dXNoREtiWUdrbjdheDcrNml1VEpJemRGZUh3NEREZzh3b0hKdUdSYkNtVWt3KytpanhXYk9HcjRYdHFBKwpIQ1JGVllRdVFTSkhCVFY1dWlIcDNnRmNTbE1TWnBXNS82b0FRQVN6V2xJR1FlemlxeXl0RkpkQVdZM3h0SXQ0CnQ3T1R2RXBUWmpyNUMvMFZiODZwZnV5MW1STFpucFM3RXYySnUza2NyNFhGcG13eTdVR0RYVWdpbUl4VGtiZ1kKa2orM2c0dTBJdm9tQm9WRWtnUVc3ekNxS0NVUk1hazc2czFqNk5SLzk3encyRFRWQURKcVpvKy85Z0ZkS2ZneQo2YmRKM250ZWNFTkJaYVltWWpsRWtKVXVKa014OUFSRUZrTzEKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBdU5oMnRHRDJnV2tTdjdJRU83TkMvMXlNMU1GQUUxc1RveENWUFFsMmVBcklzNEV2CllXN2ZXZzhkNHZUQmpZQ1BzVHExR1Jud0NmM0VDZHQyb0p3eGR0OVFUYVdjR3d3bmZQcDQreUZ4VVVMOUZTRGgKTVZZSWVSVTVhQ3JPcDJmOXN2d1RycHpPckdsMmFFdTgrQThKaUI3d1R3a0doYlZnWU5VNUZSbFV5Y2hXRk9VKwp3ejl6NDlMQkRnVC9xbWJsdE5EV2lqLzltS3NSTkpYS2xhc2x1REV4d2R1dVZSR2R2am9PRlh2N3ZHZDhkZXZBCkduRlhpNTZpRUxYemplQ2RxQnRtb1l0a3dRbkVza3A5ZG5xSGxmQ1ZnU2lpYVI2Q0thSEdoVXBFM2NlNU1pdnAKWUNLTlhteXk1R3ROd3J6a2dLOHQ1NGF0UlUyQnFYeEluMW52QVFJREFRQUJBb0lCQVFDcVBRSW1ZbDdsRktabAowa2UveS90YVFCeWNIVmNyL0dkN2VOeFptSXQ1UjBWTXZSK3I5bmJSOUxZcnZnczhqVGpKbXk0SzdpNTZwVEtWCmVZQXByM0NHOEdoKytwVm8rNnFxbWV3dUxjQzFmS0tsZ09DbGxYeThOMlhsbi9jdmlzREd4UTVEZEx1TFlwM2cKdEZCWGpWSFVBZHFFaitWbjQ0SGQ3TUpqd2k2cW5ydlVEajc0R3VDMld4WFNsUDltWm5LalBHL2kxak9wNkpiUwpKSlBuWkZVSDhua0pXWkpvT3M3YzMyTVdVTU1TSUUzdTZHOGFHR3ZsM0Fpb3VYaVhPOWp0TXphOTlpU1VyblRiCk1MSi82b1pqRi9mQjk2NHJtbHgzazVodWhEclpRdktvMHYzQ1RWYmlRVjZ1aExpSllweXkzMnFPdVpRc2JmOE8KRy9zaHpONzVBb0dCQU9mNnRBaDRzcVNsTnpWWWdYZjZUcUVzU3htekNTT2t3MXJLR2hkbzc3NkJzL0pIWmJ6cQozdTMrUFNyR1FqbHllN2toTTdwY0ZhZUszMG1QRmVZeWxoMy9WTE84b2k5R2tleFNWcHF4Qmk2UW1CejlwVSt4ClZPTHBUS3Z6Y1JTVXorbEExblJRSTdkOFkxNlYyV2o0Q3ZoQmVtTVJhSmtidTRJc1dGa0w1elVyQW9HQkFNdjgKVjFyQnhucm5kUDJ6aEZHcCtybjZWc2Z5bUpxbmU3VWRiK3o1NHJnQ2N5cVQ0NnNFZ0lMR295SG5uQjVod3BJWAprdWJxUm5TT0NUR3Zxem9RNTNpQkFBWjRMUHZJcnRMY3o4MDQvQnFaSVVsOFhVdGtVdWYzSnRqMGxaNHlva1hhCmZjZ2FVcDlzOVBWVnVTNWpMTzR1NG80Rjd4c3JTSGpUUUtjdmRDNkRBb0dCQU5IcHV4VmJXcE8vNk5nOTBWSG0KejFYcXhiNW9rcUdOU3pVUllsRENwUWFuU1ZTNEpLaXhnNjZwKzJHRWE1S2VOTFNPQmNmaDRicHM0S1lvY3ZHTgozdWNnRDk1Z21BWGRmdGZ3bmV0MnVwaFNRVU1paG44NWdRMmZmTUN3RmloQWpHNk9QRUNkNytQdUMrRWdDYzZCCmZUT3QxSGhtM1ZhR2tNTTNLMjdRWlpSbkFvR0FYeThudi9UTjNnbmxJSUZGRENwS0VjQk1BRThtZ0h3SWtMSGsKeVdxdExYb1BMVjRIRFlVelJsTFVTbnpkNzV0a2hIRTFua1RSalkrOW9JNjlVb0lTMExzNVBNdVZDZ1JSOTVrTAo2bEpkNlRkdFBmSW5Rb2ZVMitNTElJKzR4VElSWUpFY3dtUHVDL0IydVlnL3VmS1RRNjFqRUN5YXIwM2FLbTlCCkt3Sk1yMnNDZ1lCSVF3R3BPYXExWDVZSmp0YTVkZWc2eVRqdFRsWUtBNXFJZU9neWJJeUVCdmFIZjMzS3k5SjUKcm51ZG5sUWM5VjVsdkFEL1p3ZUE1VVVOOXo5TUVKcGlITlJQc2VJU3l0RS9FdnJHQnBYT09Ub2haSFEvUlVGcQp6US9QZ1ZYaE4zZDAydCtwaXhQVmRhQ2k2VkpwdDl4L2Mvc2FlcHE4dmpoUnpJRnRFT3ZaZlE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
[root@easzlab-deploy-01 ~]#kubectl get svc -A
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.100.0.1 <none> 443/TCP 14h
kube-system dashboard-metrics-scraper ClusterIP 10.100.229.191 <none> 8000/TCP 14h
kube-system kube-dns ClusterIP 10.100.0.2 <none> 53/UDP,53/TCP,9153/TCP 14h
kube-system kube-dns-upstream ClusterIP 10.100.163.119 <none> 53/UDP,53/TCP 14h
kube-system kubernetes-dashboard NodePort 10.100.44.73 <none> 443:50887/TCP 14h
kube-system metrics-server ClusterIP 10.100.13.185 <none> 443/TCP 14h
kube-system node-local-dns ClusterIP None <none> 9253/TCP 14h
添加ceph节点
[root@easzlab-deploy-01 data]#cd /etc/kubeasz/
[root@easzlab-deploy-01 kubeasz]#./ezctl add-node k8s-01 10.0.0.160
ln: failed to create symbolic link '/usr/bin/python': File exists
2022-09-29 11:11:24 INFO add 10.0.0.160 into 'kube_node' group
2022-09-29 11:11:24 INFO start to add a work node:10.0.0.160 into cluster:k8s-01
PLAY [10.0.0.160] **********************************************************************************************************************************************************************
TASK [Gathering Facts] *****************************************************************************************************************************************************************
ok: [10.0.0.160]
TASK [prepare : apt更新缓存刷新] *************************************************************************************************************************************************************
ok: [10.0.0.160]
TASK [prepare : 删除ubuntu默认安装] **********************************************************************************************************************************************************
changed: [10.0.0.160] => (item=ufw)
changed: [10.0.0.160] => (item=lxd)
changed: [10.0.0.160] => (item=lxcfs)
changed: [10.0.0.160] => (item=lxc-common)
TASK [prepare : 安装 ubuntu/debian基础软件] **************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 准备 journal 日志相关目录] *****************************************************************************************************************************************************
changed: [10.0.0.160] => (item=/etc/systemd/journald.conf.d)
ok: [10.0.0.160] => (item=/var/log/journal)
TASK [prepare : 优化设置 journal 日志] *******************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 重启 journald 服务] ********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 禁用系统 swap] *************************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 删除fstab swap 相关配置] *****************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 转换内核版本为浮点数] ************************************************************************************************************************************************************
ok: [10.0.0.160]
TASK [prepare : 加载内核模块] ****************************************************************************************************************************************************************
changed: [10.0.0.160] => (item=br_netfilter)
changed: [10.0.0.160] => (item=ip_vs)
changed: [10.0.0.160] => (item=ip_vs_rr)
changed: [10.0.0.160] => (item=ip_vs_wrr)
changed: [10.0.0.160] => (item=ip_vs_sh)
ok: [10.0.0.160] => (item=nf_conntrack)
TASK [prepare : 尝试加载nf_conntrack_ipv4] *************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 启用systemd自动加载模块服务] *****************************************************************************************************************************************************
ok: [10.0.0.160]
TASK [prepare : 增加内核模块开机加载配置] **********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 设置系统参数] ****************************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 生效系统参数] ****************************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 创建 systemd 配置目录] *******************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 设置系统 ulimits] **********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 把SCTP列入内核模块黑名单] ********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : prepare some dirs] *****************************************************************************************************************************************************
changed: [10.0.0.160] => (item=/opt/kube/bin)
changed: [10.0.0.160] => (item=/etc/kubernetes/ssl)
changed: [10.0.0.160] => (item=/root/.kube)
changed: [10.0.0.160] => (item=/etc/cni/net.d)
TASK [prepare : symlink /usr/bin/python -> /usr/bin/python3] ***************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 写入环境变量$PATH] ***********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 添加 kubectl 自动补全] *******************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 添加 local registry hosts 解析] ********************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 分发 kubeconfig配置文件] *****************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [prepare : 分发 kube-proxy.kubeconfig配置文件] ******************************************************************************************************************************************
changed: [10.0.0.160]
TASK [containerd : 获取是否已经安装containerd] *************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [containerd : 准备containerd相关目录] ***************************************************************************************************************************************************
ok: [10.0.0.160] => (item=/opt/kube/bin)
changed: [10.0.0.160] => (item=/etc/containerd)
TASK [containerd : 加载内核模块 overlay] *****************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [containerd : 下载 containerd 二进制文件] ************************************************************************************************************************************************
changed: [10.0.0.160] => (item=containerd)
changed: [10.0.0.160] => (item=containerd-shim)
changed: [10.0.0.160] => (item=containerd-shim-runc-v1)
changed: [10.0.0.160] => (item=containerd-shim-runc-v2)
changed: [10.0.0.160] => (item=crictl)
changed: [10.0.0.160] => (item=ctr)
changed: [10.0.0.160] => (item=runc)
TASK [containerd : 创建 containerd 配置文件] *************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [containerd : 创建systemd unit文件] ***************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [containerd : 创建 crictl 配置] *******************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [containerd : 开机启用 containerd 服务] *************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [containerd : 开启 containerd 服务] ***************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [containerd : 轮询等待containerd服务运行] *************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-lb : prepare some dirs] *****************************************************************************************************************************************************
changed: [10.0.0.160] => (item=/etc/kube-lb/sbin)
changed: [10.0.0.160] => (item=/etc/kube-lb/logs)
changed: [10.0.0.160] => (item=/etc/kube-lb/conf)
TASK [kube-lb : 下载二进制文件kube-lb(nginx)] *************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-lb : 创建kube-lb的配置文件] ********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-lb : 创建kube-lb的systemd unit文件] **********************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-lb : 开机启用kube-lb服务] *********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-lb : 开启kube-lb服务] ***********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-lb : 以轮询的方式等待kube-lb服务启动] ***************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 创建kube_node 相关目录] ****************************************************************************************************************************************************
changed: [10.0.0.160] => (item=/var/lib/kubelet)
changed: [10.0.0.160] => (item=/var/lib/kube-proxy)
ok: [10.0.0.160] => (item=/etc/cni/net.d)
TASK [kube-node : 下载 kubelet,kube-proxy 二进制和基础 cni plugins] ****************************************************************************************************************************
changed: [10.0.0.160] => (item=kubectl)
changed: [10.0.0.160] => (item=kubelet)
changed: [10.0.0.160] => (item=kube-proxy)
changed: [10.0.0.160] => (item=bridge)
changed: [10.0.0.160] => (item=host-local)
changed: [10.0.0.160] => (item=loopback)
TASK [kube-node : 替换 kubeconfig 的 apiserver 地址] ****************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 准备kubelet 证书签名请求] ****************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 创建 kubelet 证书与私钥] ****************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 分发ca 证书] *************************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 分发kubelet 证书] ********************************************************************************************************************************************************
changed: [10.0.0.160] => (item=kubelet.pem)
changed: [10.0.0.160] => (item=kubelet-key.pem)
TASK [kube-node : 设置集群参数] **************************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 设置客户端认证参数] ***********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 设置上下文参数] *************************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 选择默认上下文] *************************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 准备 cni配置文件] **********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 注册变量 DNS_SVC_IP] *****************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 设置变量 CLUSTER_DNS_SVC_IP] *********************************************************************************************************************************************
ok: [10.0.0.160]
TASK [kube-node : 创建kubelet的配置文件] ******************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 创建kubelet的systemd unit文件] ********************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 开机启用kubelet 服务] ******************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 开启kubelet 服务] ********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 替换 kube-proxy.kubeconfig 的 apiserver 地址] *****************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 创建kube-proxy 配置] *****************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 创建kube-proxy 服务文件] ***************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 开机启用kube-proxy 服务] ***************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 开启kube-proxy 服务] *****************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 轮询等待kube-proxy启动] ****************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 轮询等待kubelet启动] *******************************************************************************************************************************************************
changed: [10.0.0.160]
FAILED - RETRYING: 轮询等待node达到Ready状态 (8 retries left).
TASK [kube-node : 轮询等待node达到Ready状态] ***************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [kube-node : 设置node节点role] ********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [calico : 在节点创建相关目录] **************************************************************************************************************************************************************
changed: [10.0.0.160] => (item=/etc/calico/ssl)
TASK [calico : 创建calico 证书请求] **********************************************************************************************************************************************************
ok: [10.0.0.160]
TASK [calico : 创建 calico证书和私钥] *********************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [calico : 分发calico证书相关] ***********************************************************************************************************************************************************
changed: [10.0.0.160] => (item=ca.pem)
changed: [10.0.0.160] => (item=calico.pem)
changed: [10.0.0.160] => (item=calico-key.pem)
TASK [calico : get calico-etcd-secrets info] *******************************************************************************************************************************************
changed: [10.0.0.160]
TASK [calico : 配置 calico DaemonSet yaml文件] *********************************************************************************************************************************************
ok: [10.0.0.160]
TASK [calico : 运行 calico网络] ************************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [calico : 删除默认cni配置] **************************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [calico : 下载calicoctl 客户端] ********************************************************************************************************************************************************
changed: [10.0.0.160] => (item=calicoctl)
TASK [calico : 准备 calicoctl配置文件] *******************************************************************************************************************************************************
changed: [10.0.0.160]
TASK [calico : 轮询等待calico-node 运行,视下载镜像速度而定] *******************************************************************************************************************************************
changed: [10.0.0.160]
PLAY RECAP *****************************************************************************************************************************************************************************
10.0.0.160 : ok=81 changed=74 unreachable=0 failed=0 skipped=169 rescued=0 ignored=0
#另外两个节点同上
#检查是否部署成功
[root@easzlab-deploy-01 ~]#kubectl get node -A
NAME STATUS ROLES AGE VERSION
10.0.0.120 Ready,SchedulingDisabled master 14h v1.25.1
10.0.0.121 Ready,SchedulingDisabled master 14h v1.25.1
10.0.0.122 Ready,SchedulingDisabled master 14h v1.25.1
10.0.0.130 Ready node 14h v1.25.1
10.0.0.131 Ready node 14h v1.25.1
10.0.0.132 Ready node 14h v1.25.1
10.0.0.160 Ready node 12m v1.25.1
10.0.0.161 Ready node 6m27s v1.25.1
10.0.0.162 Ready node 2m2s v1.25.1
安装nerdctl
[root@easzlab-deploy-01 files]#wget https://github.com/containerd/nerdctl/releases/download/v0.22.2/nerdctl-0.22.2-linux-amd64.tar.gz
[root@easzlab-deploy-01 ansible]#vim install_nerdctl.yaml
---
- name: install_nerdctl
hosts: master,node,ceph
tasks:
- name: unarchive
unarchive:
src: nerdctl-0.22.2-linux-amd64.tar.gz
dest: /usr/local/bin/
[root@easzlab-deploy-01 ansible]#ansible-playbook install_nerdctl.yaml
PLAY [install_nerdctl] **********************************************************************************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************************************************************************************
ok: [easzlab-k8s-master-01]
ok: [easzlab-k8s-master-03]
ok: [easzlab-k8s-node-02]
ok: [easzlab-k8s-master-02]
ok: [easzlab-k8s-node-01]
ok: [easzlab-k8s-ceph-01]
ok: [easzlab-k8s-node-03]
ok: [easzlab-k8s-ceph-02]
ok: [easzlab-k8s-ceph-03]
TASK [unarchive] ****************************************************************************************************************************************************************************
changed: [easzlab-k8s-master-03]
changed: [easzlab-k8s-master-01]
changed: [easzlab-k8s-node-01]
changed: [easzlab-k8s-node-02]
changed: [easzlab-k8s-master-02]
changed: [easzlab-k8s-ceph-01]
changed: [easzlab-k8s-node-03]
changed: [easzlab-k8s-ceph-02]
changed: [easzlab-k8s-ceph-03]
PLAY RECAP **********************************************************************************************************************************************************************************
easzlab-k8s-ceph-01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-ceph-02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-ceph-03 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-master-01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-master-02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-master-03 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-node-01 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-node-02 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
easzlab-k8s-node-03 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
