文章目錄
- 1. 簡介
- 2. Docker + 手動部署鏡像方式
- 2.1 安裝docker
- 2.2 導入鏡像
- 2.3 安裝 k3s
- 2.4 檢視
- 3. Containerd + 手動部署鏡像方式
- 3.1 導入鏡像到 containerd 鏡像清單
- 3.2 授予可執行權限
- 3.3 安裝 K3s
- 4. Containerd + 私有鏡像倉庫方式
- 4.1 配置 K3s 鏡像倉庫
- 4.2 授予可執行權限
- 4.3 安裝 K3s
- 5. Docker + 私有鏡像倉庫方式
- 5.1 配置 K3s 鏡像倉庫
- 5.2 授予可執行權限
- 5.3 安裝 K3s
- 6. 解除安裝
1. 簡介
K3s 是一個輕量級的 Kubernetes 發行版,在 2020 年統計的 K3s 下載下傳量中,K3s 的全球下載下傳量已經超過 100 萬次,每周平均被安裝超過 2 萬次,其中 30%的下載下傳量來自于中國。在國内已經有許多使用者将 K3s 應用到了各種邊緣計算和物聯網裝置中,同時也被廣泛應用于智能工廠部署的生産線機器人和一些世界上最大型的風力發電廠當中。
針對生産環境下的 K3s,一個不可逾越的問題就是離線安裝。在你的離線環境需要準備以下 3 個元件:
- K3s 的安裝腳本
- K3s 的二進制檔案
- K3s 依賴的鏡像
通過K3s Release頁面(https://github.com/k3s-io/k3s/releases )下載下傳二進制檔案與鏡像,如果在國内使用,推薦從 http://mirror.cnrancher.com 獲得這些元件。
離線安裝的重點在于K3s 依賴的鏡像部分,因為 K3s 的"安裝腳本"和"二進制檔案"隻需要下載下傳到對應目錄,然後賦予相應的權限即可,非常簡單。但K3s 依賴的鏡像的安裝方式取決于你使用的是手動部署鏡像還是私有鏡像倉庫,也取決于容器運作時使用的是
containerd
還是
docker
。
針對不同的組合形式,可以分為以下幾種形式來實作離線安裝:
-
Containerd
-
Docker
-
Containerd
-
Docker
2. Docker + 手動部署鏡像方式
假設你已經将同一版本的 K3s 的安裝腳本(
k3s-install.sh
)、K3s 的二進制檔案(
k3s
)、K3s 依賴的鏡像(
k3s-airgap-images-amd64.tar
)下載下傳到了/root目錄下。
與 containerd 不同,使用 docker 作為容器運作時,啟動 K3s 不會導入
/var/lib/rancher/k3s/agent/images/
目錄下的鏡像。是以在啟動 K3s 之前我們需要将 K3s 依賴的鏡像手動導入到 docker 鏡像清單中。
$ ls
k3s k3s-airgap-images-amd64.tar k3s-install.sh
$ cp k3s /usr/local/bin/ 2.1 安裝docker
- docker 安裝
2.2 導入鏡像
$ docker load -i k3s-airgap-images-amd64.tar 4fc242d58285: Loading layer [==================================================>] 5.855 MB/5.855 MB
43ca363a6184: Loading layer [==================================================>] 17.5 MB/17.5 MB
ac85d27cf099: Loading layer [==================================================>] 90.36 MB/90.36 MB
f95c9a53e804: Loading layer [==================================================>] 125.6 MB/125.6 MB
Loaded image: rancher/klipper-helm:v0.7.3-build20220613
eb4bde6b29a6: Loading layer [==================================================>] 5.876 MB/5.876 MB
b73f2911df5c: Loading layer [==================================================>] 2.625 MB/2.625 MB
681d12cb8ee1: Loading layer [==================================================>] 3.584 kB/3.584 kB
Loaded image: rancher/klipper-lb:v0.3.5
8d3ac3489996: Loading layer [==================================================>] 5.866 MB/5.866 MB
2d6fddee6202: Loading layer [==================================================>] 29.39 MB/29.39 MB
Loaded image: rancher/local-path-provisioner:v0.0.21
256bc5c338a6: Loading layer [==================================================>] 336.4 kB/336.4 kB
5cc7f3ffa7e3: Loading layer [==================================================>] 49.33 MB/49.33 MB
Loaded image: rancher/mirrored-coredns-coredns:1.9.1
0b16ab2571f4: Loading layer [==================================================>] 1.459 MB/1.459 MB
Loaded image: rancher/mirrored-library-busybox:1.34.1
34d5ebaa5410: Loading layer [==================================================>] 5.866 MB/5.866 MB
694ee27c6a0b: Loading layer [==================================================>] 2.852 MB/2.852 MB
e32614d8591c: Loading layer [==================================================>] 99.74 MB/99.74 MB
44aad00a5195: Loading layer [==================================================>] 2.048 kB/2.048 kB
Loaded image: rancher/mirrored-library-traefik:2.9.1
5b1fa8e3e100: Loading layer [==================================================>] 3.697 MB/3.697 MB
3dc34f14eb83: Loading layer [==================================================>] 66.43 MB/66.43 MB
Loaded image: rancher/mirrored-metrics-server:v0.6.1
1021ef88c797: Loading layer [==================================================>] 684.5 kB/684.5 kB
Loaded image: rancher/mirrored-pause:3.6
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rancher/mirrored-library-traefik 2.9.1 e6de8578b238 4 weeks ago 107 MB
rancher/mirrored-library-busybox 1.34.1 ff4a8eb070e1 4 weeks ago 1.24 MB
rancher/klipper-helm v0.7.3-build20220613 38b3b9ad736a 4 months ago 239 MB
rancher/mirrored-coredns-coredns 1.9.1 99376d8f35e0 7 months ago 49.5 MB
rancher/mirrored-metrics-server v0.6.1 e57a417f15d3 8 months ago 68.8 MB
rancher/klipper-lb v0.3.5 dbd43b6716a0 9 months ago 8.09 MB
rancher/local-path-provisioner v0.0.21 fb9b574e03c3 10 months ago 35 MB
rancher/mirrored-pause 3.6 6270bb605e12 14 months ago 683 kB 2.3 安裝 k3s
$ INSTALL_K3S_SKIP_DOWNLOAD=true INSTALL_K3S_EXEC='--docker' /root/k3s-install.sh [INFO] Skipping k3s download and verify
[INFO] Skipping installation of SELinux RPM
[INFO] Skipping /usr/local/bin/kubectl symlink to k3s, command exists in PATH at /usr/bin/kubectl
[INFO] Skipping /usr/local/bin/crictl symlink to k3s, command exists in PATH at /usr/bin/crictl
[INFO] Skipping /usr/local/bin/ctr symlink to k3s, command exists in PATH at /usr/bin/ctr
[INFO] Creating killall script /usr/local/bin/k3s-killall.sh
[INFO] Creating uninstall script /usr/local/bin/k3s-uninstall.sh
[INFO] env: Creating environment file /etc/systemd/system/k3s.service.env
[INFO] systemd: Creating service file /etc/systemd/system/k3s.service
[INFO] systemd: Enabling k3s unit
Created symlink from /etc/systemd/system/multi-user.target.wants/k3s.service to /etc/systemd/system/k3s.service.
[INFO] systemd: Starting k3s 2.4 檢視
k3s kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system local-path-provisioner-5b5579c644-fmq74 1/1 Running 0 59s
kube-system coredns-75fc8f8fff-nhn4s 1/1 Running 0 59s
kube-system helm-install-traefik-crd-pksg7 0/1 Completed 0 60s
kube-system metrics-server-5c8978b444-7tmd9 1/1 Running 0 59s
kube-system svclb-traefik-db846a66-mq5wk 2/2 Running 0 32s
kube-system traefik-9c6dc6686-fpj6s 1/1 Running 0 32s
kube-system helm-install-traefik-66zjk 0/1 Completed 2 60s 把 master 節點機器上的
/etc/rancher/k3s/k3s.yaml
檔案内容寫入到
~/.kube/config
檔案,不要忘記修改 server 位址改為 master 節點位址:
$ kubectl get node
Unable to connect to the server: x509: certificate signed by unknown authority
$ cp /root/.kube/config /tmp/kubeconfig
$ cp /etc/rancher/k3s/k3s.yaml /root/.kube/config
cp: overwrite ‘/root/.kube/config’? y
$ vim /root/.kube/config
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJlRENDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUyTmpZM056UTJNakl3SGhjTk1qSXhNREkyTURnMU56QXlXaGNOTXpJeE1ESXpNRGcxTnpBeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUyTmpZM056UTJNakl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFUaXJHV0RId25zcExvaU0rQ2t2cTd6d1JGRHZiZmdGVnBkbnZjbzB0d08KQjNvRVVpL2VKaFpRV3Y2N0xCc3VqYzBGOEZYSmFIdHpnLzJyVUVzWHNqY3RvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVS9ZNE4ySVFIdlVMaWwvclVzbkk4CmtxVHhSSEl3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loQUp0Ym1JYlAwNGY3eTlqWmdic1MrMi9yck5mMk9TaVkKVFpZOVR0Q0tsM3p2QWlFQXdLNGV3ZkgwUDhiRWlyYmhuYXF6QmFTd0pnQW9ycU9XclhnaHY4eXByQkU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
server: https://k3s_master:6443 #修改127.0.0.1為master hostname(k3s_master)
name: default
contexts:
......
$ kubectl get ns
NAME STATUS AGE
default Active 4m45s
kube-system Active 4m45s
kube-public Active 4m45s
kube-node-lease Active 4m45s
$ kubectl get node
NAME STATUS ROLES AGE VERSION
k3smaster Ready control-plane,master 4m50s v1.25.3+k3s1 3. Containerd + 手動部署鏡像方式
假設你已經将同一版本的 K3s 的安裝腳本(k3s-install.sh)、K3s 的二進制檔案(k3s)、K3s 依賴的鏡像(
k3s-airgap-images-amd64.tar
)下載下傳到了/root目錄下。
如果你使用的容器運作時為
containerd
,在啟動 K3s 時,它會檢查
/var/lib/rancher/k3s/agent/images/
是否存在可用的鏡像壓縮包,如果存在,就将該鏡像導入到containerd 鏡像清單中。是以我們隻需要下載下傳 K3s 依賴的鏡像到
/var/lib/rancher/k3s/agent/images/
目錄,然後啟動 K3s 即可。
3.1 導入鏡像到 containerd 鏡像清單
sudo mkdir -p /var/lib/rancher/k3s/agent/images/
sudo cp /root/k3s-airgap-images-amd64.tar /var/lib/rancher/k3s/agent/images/ 3.2 授予可執行權限
sudo chmod a+x /root/k3s /root/k3s-install.sh
sudo cp /root/k3s /usr/local/bin/ 3.3 安裝 K3s
INSTALL_K3S_SKIP_DOWNLOAD=true /root/k3s-install.sh 稍等片刻,即可檢視到 K3s 已經成功啟動:
$ crictl images
IMAGE TAG IMAGE ID SIZE
docker.io/rancher/coredns-coredns 1.8.0 296a6d5035e2d 42.6MB
docker.io/rancher/klipper-helm v0.3.2 4be09ab862d40 146MB
docker.io/rancher/klipper-lb v0.1.2 897ce3c5fc8ff 6.46MB
docker.io/rancher/library-busybox 1.31.1 1c35c44120825 1.44MB
docker.io/rancher/library-traefik 1.7.19 aa764f7db3051 86.6MB
docker.io/rancher/local-path-provisioner v0.0.14 e422121c9c5f9 42MB
docker.io/rancher/metrics-server v0.3.6 9dd718864ce61 41.2MB
docker.io/rancher/pause 3.1 da86e6ba6ca19 746kB
$ kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system local-path-provisioner-7c458769fb-zdg9z 1/1 Running 0 38s
kube-system coredns-854c77959c-696gk 1/1 Running 0 38s
kube-system metrics-server-86cbb8457f-hs6vw 1/1 Running 0 38s
kube-system helm-install-traefik-4pgcr 0/1 Completed 0 38s
kube-system svclb-traefik-bq7wl 2/2 Running 0 17s
kube-system traefik-6f9cbd9bd4-jccd7 1/1 Running 0 17s 4. Containerd + 私有鏡像倉庫方式
假設你已經将同一版本的 K3s 的安裝腳本(k3s-install.sh)、K3s 的二進制檔案(k3s)下載下傳到了/root目錄下。并且 K3s 所需要的鏡像已經上傳到了鏡像倉庫(本例的鏡像倉庫位址為:http://192.168.64.44:5000)。K3s 所需的鏡像清單可以從 K3s Release頁面的
k3s-images.txt
獲得。
4.1 配置 K3s 鏡像倉庫
啟動 K3s 預設會從
docker.io
拉取鏡像。使用
containerd
容器運作時在離線安裝時,我們隻需要将鏡像倉庫位址配置到
docker.io
下的
endpoint
即可,更多配置說明請參考配置
containerd
鏡像倉庫完全攻略或K3s 官方文檔:
https://docs.rancher.cn/docs/k3s/installation/private-registry/_index/
sudo mkdir -p /etc/rancher/k3s
sudo cat >> /etc/rancher/k3s/registries.yaml <<EOF
mirrors:
"docker.io":
endpoint:
- "http://192.168.64.44:5000"
- "https://registry-1.docker.io"
EOF 4.2 授予可執行權限
sudo chmod a+x /root/k3s /root/k3s-install.sh
sudo cp /root/k3s /usr/local/bin/ 4.3 安裝 K3s
INSTALL_K3S_SKIP_DOWNLOAD=true /root/k3s-install.sh 稍等片刻,即可檢視到 K3s 已經成功啟動:
$ crictl images
IMAGE TAG IMAGE ID SIZE
docker.io/rancher/coredns-coredns 1.8.0 296a6d5035e2d 12.9MB
docker.io/rancher/klipper-helm v0.3.2 4be09ab862d40 50.7MB
docker.io/rancher/klipper-lb v0.1.2 897ce3c5fc8ff 2.71MB
docker.io/rancher/library-traefik 1.7.19 aa764f7db3051 24MB
docker.io/rancher/local-path-provisioner v0.0.14 e422121c9c5f9 13.4MB
docker.io/rancher/metrics-server v0.3.6 9dd718864ce61 10.5MB
docker.io/rancher/pause 3.1 da86e6ba6ca19 326kB
$ kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system local-path-provisioner-7c458769fb-7w8hb 1/1 Running 0 37s
kube-system coredns-854c77959c-f8m2n 1/1 Running 0 37s
kube-system helm-install-traefik-9lbrx 0/1 Completed 0 38s
kube-system svclb-traefik-x8f6f 2/2 Running 0 29s
kube-system metrics-server-86cbb8457f-f7lb7 1/1 Running 0 37s
kube-system traefik-6f9cbd9bd4-4s66r 1/1 Running 0 29s 5. Docker + 私有鏡像倉庫方式
- 私有鏡像倉庫搭建教程請參考
設你已經将同一版本的 K3s 的安裝腳本(k3s-install.sh)、K3s 的二進制檔案(k3s)下載下傳到了/root目錄下。并且 K3s 所需要的鏡像已經上傳到了鏡像倉庫(本例的鏡像倉庫位址為:
http://192.168.64.44:5000
)。K3s 所需的鏡像清單可以從 K3s Release頁面的k3s-images.txt獲得。
5.1 配置 K3s 鏡像倉庫
Docker 不支援像
containerd
那樣可以通過修改
docker.io
對應的
endpoint
(預設為
https://registry-1.docker.io
)來間接修改預設鏡像倉庫的位址。但在Docker中可以通過配置registry-mirrors來實作從其他鏡像倉庫中擷取K3s鏡像。這樣配置之後,會先從registry-mirrors配置的位址拉取鏡像,如果擷取不到才會從預設的docker.io擷取鏡像,進而滿足了我們的需求。
cat >> /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["http://192.168.64.44:5000"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker 5.2 授予可執行權限
sudo chmod a+x /root/k3s /root/k3s-install.sh
sudo cp /root/k3s /usr/local/bin/ 5.3 安裝 K3s
INSTALL_K3S_SKIP_DOWNLOAD=true INSTALL_K3S_EXEC='--docker' /root/k3s-install.sh 稍等片刻,即可檢視到 K3s 已經成功啟動:
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
rancher/klipper-helm v0.3.2 4be09ab862d4 7 weeks ago 145MB
rancher/coredns-coredns 1.8.0 296a6d5035e2 2 months ago 42.5MB
rancher/local-path-provisioner v0.0.14 e422121c9c5f 7 months ago 41.7MB
rancher/library-traefik 1.7.19 aa764f7db305 14 months ago 85.7MB
rancher/metrics-server v0.3.6 9dd718864ce6 14 months ago 39.9MB
rancher/klipper-lb v0.1.2 897ce3c5fc8f 19 months ago 6.1MB
rancher/pause 3.1 da86e6ba6ca1 3 years ago 742kB
$ kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system helm-install-traefik-bcclh 0/1 Completed 0 33s
kube-system coredns-854c77959c-kp85f 1/1 Running 0 33s
kube-system metrics-server-86cbb8457f-85fpd 1/1 Running 0 33s
kube-system local-path-provisioner-7c458769fb-r5nkw 1/1 Running 0 33s
kube-system svclb-traefik-rbmhk 2/2 Running 0 24s
kube-system traefik-6f9cbd9bd4-k6t9n 1/1 Running 0 24s 6. 解除安裝
如果您使用安裝腳本安裝了 K3s,那麼在安裝過程中會生成一個解除安裝 K3s 的腳本。
解除安裝 K3s 會删除叢集資料和所有腳本。要使用不同的安裝選項重新啟動叢集,請使用不同的标志重新運作安裝腳本。
要從 server 節點解除安裝 K3s,請運作:
/usr/local/bin/k3s-uninstall.sh /usr/local/bin/k3s-agent-uninstall.sh - k3s 離線安裝文檔
- 一文搞定全場景K3s離線安裝
- https://get.k3s.io/
- https://github.com/k3s-io/k3s/releases
![Java String.format方法的簡單使用[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)