在"China Azure中部署Kubernetes(K8S)集群"一文中,我们使用的ACS Version及Kubernete Version版本都比较低,ACS Version为0.8.0,Kubernete Version为1.6。随着ACS版本及Kubernete版本的不断跟新,我们会尽可能的采用新的version部署我们的集群服务。本文将使用 ACS Version为0.18.8,Kubernete Version为1.10.4 进行部署,同时Kubernetes.json的配置文件也加入了多个限制条件,详情操作见下:

1.查看Ubuntu 机器Version

root@hlmubu1604n1ma:~# lsb_release -a

No LSB modules are available.

Distributor ID:    Ubuntu

Description:    Ubuntu 16.04. LTS

Release:    16.04

Codename:    xenial

2.在该Ubuntu机器上安装CLI 2.0

root@hlmubu1604n1ma:~# az

     /\

    /  \    _____   _ _  ___ _

   / /\ \  |_  / | | | \'__/ _\

  / ____ \  / /| |_| | | |  __/

 /_/    \_\/___|\__,_|_|  \___|

Welcome to the cool new Azure CLI!

Use `az --version` to display the current version.

Here are the base commands:

3.下载并安装 Azure 容器服务引擎(acs-engine)

wget https://github.com/Azure/acs-engine/releases/download/v0.18.8/acs-engine-v0.18.8-linux-amd64.tar.gz

tar zxvf acs-engine-v0.18.8-linux-amd64.tar.gz

cd acs-engine-v0.18.8-linux-amd64/

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64# ./acs-engine version

Version: v0.18.8

GitCommit: 71d88da

GitTreeState: clean

4.创建资源组并获取服务主体身份(service principal)

root@hlmubu1604n1ma:~# az cloud set -n AzureChinaCloud

root@hlmubu1604n1ma:~# az login -u "***@***.onmschina.cn"

Password:

[

  {

    "cloudName": "AzureChinaCloud",

    "id": "***",

    "isDefault": true,

    "name": "He Liming (anitay)",

    "state": "Enabled",

    "tenantId": "***",

    "user": {

      "name": "***",

      "type": "user"

    }

  }

]

root@hlmubu1604n1ma:~# az account set --subscription  "***"

root@hlmubu1604n1ma:~# az group create -n hlmk8srgt1 -l chinanorth

{

  "id": "/subscriptions/***/resourceGroups/hlmk8srgt1",

  "location": "chinanorth",

  "managedBy": null,

  "name": "hlmk8srgt1",

  "properties": {

    "provisioningState": "Succeeded"

  },

  "tags": null

}


root@hlmubu1604n1ma:~# az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/***/resourceGroups/hlmk8srgt1"
Retrying role assignment creation: / 
Retrying role assignment creation: / 
Retrying role assignment creation: / 
Retrying role assignment creation: / 
Retrying role assignment creation: / 
Retrying role assignment creation: / 
{ 
"appId": "***", 
"displayName": "azure-cli-2018-09-18-07-49-05", 
"name": "http://azure-cli-2018-09-18-07-49-05", 
"password": "***", "tenant": "***" 
} 

备注:记录appId及password的值以备后续使用

5.创建一个kubernets.json模板文件

{

   "apiVersion": "vlabs",

   "location": "chinanorth",

   "properties" :   {

      "orchestratorProfile" : {

         "orchestratorType" : "Kubernetes",

         "kubernetesConfig" : {

            "schedulerConfig" : {

               "--profiling" : "false"

            },

            "enableRbac":false,

            "apiServerConfig" : {

               "--audit-log-path" : "/var/log/audit.log",

               "--audit-log-maxage": "",

               "--audit-log-maxsize": "",

               "--audit-log-maxbackup": "",

               "--anonymous-auth":"false",

               "--profiling":"false"

            },

           "addons": [

               {

                 "name":"tiller",

                 "enabled":false

               },

               {

                "name":"kubernetes-dashboard",

                  "enabled":false

               },

               {

                  "name":"cluster-autoscaler",

                  "config":                  {

                     "maxNodes":"",

                     "minNodes":""

                  },

                  "enabled":true

               }

            ],

            "dnsServiceIP" : "10.2.0.240",

            "networkPolicy": "calico",

            "kubeletConfig" :  {

              "--make-iptables-util-chains":"true",

               "--allow-privileged":"false",

               "--keep-terminated-pod-volumes":"false",

               "--read-only-port": "",

               "--event-qps": "",

               "--cadvisor-port": ""

            },

            "serviceCidr": "10.2.0.0/24",

            "controllerManagerConfig": {

               "--terminated-pod-gc-threshold": "",

               "--profiling":"false"

            }

          },

         "orchestratorVersion": "1.10.4"

      },

      "agentPoolProfiles": [

         {

            "storageProfile": "ManagedDisks",

            "name": "macsetupdeve",

            "count": ,

            "osType": "Linux",

            "vnetSubnetId": "/subscriptions/***/resourceGroups/hlmk8st1/providers/Microsoft.Network/virtualNetworks/hlmk8svnet/subnets/default",

            "vmSize": "Standard_A2_v2",

            "availabilityProfile": "VirtualMachineScaleSets"

         }

      ],

      "servicePrincipalProfile": {

         "clientId": "***",

         "secret": "***"

      },

      "linuxProfile": {

         "adminUsername": "stone",

         "ssh": {

            "publicKeys": [

               {

                  "keyData": "ssh-rsa *** root@hlmubu1604n1ma"

               }

            ]

         }

      },

      "masterProfile": {

         "firstConsecutiveStaticIP": "10.2.0.100",

         "storageProfile": "ManagedDisks",

         "count": ,

         "dnsPrefix": "hlmk8s-mstr000",

         "vnetSubnetId": "/subscriptions/***/resourceGroups/hlmk8st1/providers/Microsoft.Network/virtualNetworks/hlmk8svnet/subnets/default",

         "vmSize": "Standard_A2_v2"

      }

   }

}

备注:

clientId为之前记录的appId; secret为之前记录的password; keyData为登陆机器所需的公钥(需要使用ssh-keygen命令生成)

6.生成Azure模板文件

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64# ./acs-engine generate kubernetes.json

INFO[] Generating assets into _output/hlmk8s-mstr001...

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64# ls

acs-engine  kubernetes.json  kubernetes.json.bak  kubernetes.json.bak1  kubernetes.json.bak2  LICENSE  _output  README.md  translations

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64# cd _output/

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64/_output# ls

hlmk8s-mstr000  hlmk8s-mstr001

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64/_output# cd hlmk8s-mstr001/

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64/_output/hlmk8s-mstr001# ls

apimodel.json  apiserver.key     azuredeploy.parameters.json  ca.key      client.key      etcdclient.key  etcdpeer0.key   etcdserver.key  kubectlClient.crt

apiserver.crt  azuredeploy.json  ca.crt                       client.crt  etcdclient.crt  etcdpeer0.crt   etcdserver.crt  kubeconfig      kubectlClient.key

7.部署Kubernetes集群,该过程大约需要20分钟左右

备注:使用较新的ACS生成的"azuredeploy.parameters.json"文件,不需要修改URL,直接就可以运行

root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64/_output/hlmk8s-mstr001# az group deployment create --resource-group hlmk8srgt1 --template-file azuredeploy.json --parameters azuredeploy.parameters.json

8.使用Kubectl工具,并查看集群节点状态

备注:Azure Portal界面显示如下

Azure 部署K8S(二)的更多相关文章

  1. ansible一键部署k8s单机环境

    一.虚拟机准备 干净的Centsot7.4.4G内存.2个CPU 最小化安装,最好带虚拟化 二.执行初始化脚本 注意:脚本中配置静态网卡根据实际网卡名称配置,我用的是ens33 可以用 sed -i ...

  2. 使用saltstack自动部署K8S

    使用saltstack自动部署K8S 一.环境准备 1.1 规划 1. 操作系统 CentOS-7.x-x86_64. 2. 关闭 iptables 和 SELinux. 3. 所有节点的主机名和 I ...

  3. 使用kubeadm部署k8s

    k8s组件 master,node master中包括apiserver,scheduler,controller.etcd apiserver:负责接收用户请求,并且保存至etcd中. schedu ...

  4. 二进制部署k8s

    一.二进制部署 k8s集群 1)参考文章 博客: https://blog.qikqiak.com 文章: https://www.qikqiak.com/post/manual-install-hi ...

  5. 解决阿里云ECS下kubeadm部署k8s无法指定公网IP

    背景 一般情况下,"kubeadm"部署集群时指定"--apiserver-advertise-address=<public_ip>"参数,即可在 ...

  6. lvs+keepalived部署k8s v1.16.4高可用集群

    一.部署环境 1.1 主机列表 主机名 Centos版本 ip docker version flannel version Keepalived version 主机配置 备注 lvs-keepal ...

  7. Centos7.6部署k8s v1.16.4高可用集群(主备模式)

    一.部署环境 主机列表: 主机名 Centos版本 ip docker version flannel version Keepalived version 主机配置 备注 master01 7.6. ...

  8. 使用RKE快速部署k8s集群

    一.环境准备 1.1环境信息 IP地址 角色 部署软件 10.10.100.5 K8s Master Etcd.Control 10.10.100.17 K8s Worker1 Worker 10.1 ...

  9. 使用kubeadm部署k8s集群[v1.18.0]

    使用kubeadm部署k8s集群 环境 IP地址 主机名 节点 10.0.0.63 k8s-master1 master1 10.0.0.63 k8s-master2 master2 10.0.0.6 ...

随机推荐

  1. 今天无意中发现的WWW.threadPriority

    WWW.threadPriority     Description Priority of AssetBundle decompression thread. You can control dec ...

  2. for 续7

    ----------siwuxie095                 for 中的变量:     FOR 变量参照的替换已被增强.您现在可以使用下列选项语法: ~I - 删除任何引号(" ...

  3. php 共享内存学习(APC扩展)

    问题:希望可以在进程间共享变量,为共享数据提供快速访问 解决方案:使用APC扩展的数据存储功能 (cli模式下没有作用) //获取原来的值 $population = apc_fetch('popul ...

  4. BaseSEOPage统一设置网站SEO

    代码: public class BaseSeoPage : System.Web.UI.Page { protected override void OnPreLoad(EventArgs e) { ...

  5. crt key转p12, jks p12互转,windows生成jks,

    crt key转p12, jks p12互转,windows生成jks, 摘自:https://blog.csdn.net/u010801696/article/details/86546191 20 ...

  6. WAMP不能启动, 一直处于红色图标或者橙色图标的解决办法

    WAMP不能启动, 一直处于红色图标(正常启动为绿色吧) 考虑是端口的问题,我找到wamp文件夹中的wamp\bin\apache\apache2.2.22\conf路径下的httpd.conf文件, ...

  7. asp.net core 1.1 + mysqlsugar + y-ui Demo

    最近研究下asp.net core 此源码架构 : .net core  mvc 简单三层 依赖注入(.net core自带) mysql + mysqlsugar +sqlsugarcore 需要修 ...

  8. qmake -Visual Studio

    创建 Visual Studio Projiect 文件 开发者使用 Visual Studio 写Qt应用可以使用Qt商业版提供的Visual Studio integration faciliti ...

  9. swoole实现websocket推送

    环境配置:      swoole 1.9.3.centos6.5(虚拟机).PHP7.01   思路:      ①通过server中的collections取出fd      ②写一个admin. ...

  10. 图解利用Word来发布博客

    目前大部分的博客作者在用Word写博客这件事情上都会遇到以下3个痛点: 1.所有博客平台关闭了文档发布接口,用户无法使用Word,Windows Live Writer等工具来发布博客.使用Word写 ...