1.4、部署docker
所有节点都需要docker(复用master节点为node节点运行pod)
1.4.0、下载docker二进制文件
k8s-01:~ # cd /opt/k8s/packages/ k8s-01:/opt/k8s/packages # wget https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/static/stable/x86_64/docker-19.03.9.tgz k8s-01:/opt/k8s/packages # tar xf docker-19.03.9.tgz
1.4.1、配置docker镜像加速
k8s-01:~ # cd conf/ k8s-01:/opt/k8s/conf # cat > daemon.json <<-EOF { "registry-mirrors": ["https://bk6kzfqm.mirror.aliyuncs.com"], "exec-opts": ["native.cgroupdriver=systemd"], "log-driver": "json-file", "log-opts": { "max-size": "100m" }, "storage-driver": "overlay2", "storage-opts": [ "overlay2.override_kernel_check=true" ] } EOF
1.4.2、配置docker为systemctl管理
k8s-01:/opt/k8s/conf # cd /opt/k8s/conf/ k8s-01:/opt/k8s/conf # cat > docker.service <<-EOF [Unit] Description=Docker Application Container Engine Documentation=https://docs.docker.com [Service] Type=notify # the default is not to use systemd for cgroups because the delegate issues still # exists and systemd currently does not support the cgroup feature set required # for containers run by docker ExecStart=/usr/bin/dockerd \$DOCKER_NETWORK_OPTIONS EnvironmentFile=-/run/flannel/docker ExecReload=/bin/kill -s HUP \$MAINPID TimeoutSec=0 RestartSec=2 Restart=always # Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229. # Both the old, and new location are accepted by systemd 229 and up, so using the old location # to make them work for either version of systemd. StartLimitBurst=3 # Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230. # Both the old, and new name are accepted by systemd 230 and up, so using the old name to make # this option work for either version of systemd. StartLimitInterval=60s # Having non-zero Limit*s causes performance problems due to accounting overhead # in the kernel. We recommend using cgroups to do container-local accounting. LimitNOFILE=infinity LimitNPROC=infinity LimitCORE=infinity # Comment TasksMax if your systemd version does not support it. # Only systemd 226 and above support this option. TasksMax=infinity # set delegate yes so that systemd does not reset the cgroups of docker containers Delegate=yes # kill only the docker process, not all processes in the cgroup KillMode=process [Install] WantedBy=multi-user.target EOF
1.4.3、启动docker服务
#!/usr/bin/env bash source /opt/k8s/bin/k8s-env.sh for host in ${NODE_IPS[@]} do printf "\e[1;34m${host}\e[0m\n" ssh root@${host} "mkdir /etc/docker" scp /opt/k8s/packages/docker/* ${host}:/usr/bin/ scp /opt/k8s/conf/daemon.json ${host}:/etc/docker/ scp /opt/k8s/conf/docker.service ${host}:/etc/systemd/system/ ssh root@${host} "systemctl daemon-reload && \ systemctl enable docker --now && \ systemctl status docker | grep Active" done
1.4.4、查看所有节点docker和flannel的网卡是否为同一网段
#!/usr/bin/env bash source /opt/k8s/bin/k8s-env.sh for host in ${NODE_IPS[@]} do printf "\e[1;34m${host}\e[0m\n" ssh root@${host} 'ifconfig | egrep "docker*|flannel*" -A 1' done
