参考:
离线安装几乎与在线安装相同,不同之处是您必须创建一个本地仓库来托管 Docker 镜像。下面演示如何在离线环境中将 KubeSphere 安装到 Kubernetes 上。
准备工作
检查集群中是否有默认 StorageClass(准备默认 StorageClass 是安装 KubeSphere 的前提条件,请使用 kubectl get sc
进行确认)。
本实践中采用local-path-storage,参考:https://github.com/rancher/local-path-provisioner
1、创建local-path-storage资源
apiVersion: v1
kind: Namespace
metadata:
name: local-path-storage
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: local-path-provisioner-service-account
namespace: local-path-storage
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: local-path-provisioner-role
rules:
- apiGroups: [ "" ]
resources: [ "nodes", "persistentvolumeclaims", "configmaps" ]
verbs: [ "get", "list", "watch" ]
- apiGroups: [ "" ]
resources: [ "endpoints", "persistentvolumes", "pods" ]
verbs: [ "*" ]
- apiGroups: [ "" ]
resources: [ "events" ]
verbs: [ "create", "patch" ]
- apiGroups: [ "storage.k8s.io" ]
resources: [ "storageclasses" ]
verbs: [ "get", "list", "watch" ]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: local-path-provisioner-bind
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: local-path-provisioner-role
subjects:
- kind: ServiceAccount
name: local-path-provisioner-service-account
namespace: local-path-storage
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: local-path-provisioner
namespace: local-path-storage
spec:
replicas: 1
selector:
matchLabels:
app: local-path-provisioner
template:
metadata:
labels:
app: local-path-provisioner
spec:
serviceAccountName: local-path-provisioner-service-account
containers:
- name: local-path-provisioner
image: dockerhub.kubekey.local/rancher/local-path-provisioner:v0.0.23
imagePullPolicy: IfNotPresent
command:
- local-path-provisioner
- --debug
- start
- --config
- /etc/config/config.json
volumeMounts:
- name: config-volume
mountPath: /etc/config/
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumes:
- name: config-volume
configMap:
name: local-path-config
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: local-path
provisioner: rancher.io/local-path
volumeBindingMode: WaitForFirstConsumer
reclaimPolicy: Delete
---
kind: ConfigMap
apiVersion: v1
metadata:
name: local-path-config
namespace: local-path-storage
data:
config.json: |-
{
"nodePathMap":[
{
"node":"DEFAULT_PATH_FOR_NON_LISTED_NODES",
"paths":["/opt/local-path-provisioner"]
}
]
}
setup: |-
#!/bin/sh
set -eu
mkdir -m 0777 -p "$VOL_DIR"
teardown: |-
#!/bin/sh
set -eu
rm -rf "$VOL_DIR"
helperPod.yaml: |-
apiVersion: v1
kind: Pod
metadata:
name: helper-pod
spec:
containers:
- name: helper-pod
image: dockerhub.kubekey.local/library/busybox:latest
imagePullPolicy: IfNotPresent
2、设置sc为默认的存储类型
kubectl patch storageclass local-path -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
准备安装镜像
1、当您在离线环境中安装 KubeSphere 时,需要事先准备一个包含所有必需镜像的镜像包。
使用以下命令从能够访问互联网的机器上下载镜像清单文件 images-list.txt:
curl -L -O https://github.com/kubesphere/ks-installer/releases/download/v3.3.1/images-list.txt
本示例安装KubeSphere 最小集,包含KubeSphere 自身组件及监控组件,所需镜像如下:
##kubesphere-images
dockerhub.kubekey.local/kubesphere/ks-installer:v3.3.1
dockerhub.kubekey.local/kubesphere/ks-apiserver:v3.3.1
dockerhub.kubekey.local/kubesphere/ks-console:v3.3.1
dockerhub.kubekey.local/kubesphere/ks-controller-manager:v3.3.1
dockerhub.kubekey.local/kubesphere/ks-upgrade:v3.3.1
dockerhub.kubekey.local/kubesphere/kubectl:v1.22.0
dockerhub.kubekey.local/minio/minio:RELEASE.2019-08-07T01-59-21Z
dockerhub.kubekey.local/minio/mc:RELEASE.2019-08-07T23-14-43Z
dockerhub.kubekey.local/csiplugin/snapshot-controller:v4.0.0
dockerhub.kubekey.local/mirrorgooglecontainers/defaultbackend-amd64:1.4
dockerhub.kubekey.local/library/alpine:3.14
dockerhub.kubekey.local/library/redis:5.0.14-alpine
##kubesphere-monitoring-images
dockerhub.kubekey.local/prom/prometheus:v2.34.0
dockerhub.kubekey.local/kubesphere/prometheus-config-reloader:v0.55.1
dockerhub.kubekey.local/kubesphere/prometheus-operator:v0.55.1
dockerhub.kubekey.local/kubesphere/kube-rbac-proxy:v0.11.0
dockerhub.kubekey.local/kubesphere/kube-state-metrics:v2.5.0
dockerhub.kubekey.local/prom/node-exporter:v1.3.1
dockerhub.kubekey.local/prom/alertmanager:v0.23.0
dockerhub.kubekey.local/kubesphere/kube-rbac-proxy:v0.8.0
dockerhub.kubekey.local/kubesphere/notification-manager-operator:v1.4.0
dockerhub.kubekey.local/kubesphere/notification-manager:v1.4.0
dockerhub.kubekey.local/kubesphere/notification-tenant-sidecar:v3.2.0
##local-path-provisioner
dockerhub.kubekey.local/rancher/local-path-provisioner:v0.0.23
dockerhub.kubekey.local/library/busybox:latest
2、下载 offline-installation-tool.sh
curl -L -O https://github.com/kubesphere/ks-installer/releases/download/v3.3.1/offline-installation-tool.sh
3、使 .sh 文件可执行
chmod +x offline-installation-tool.sh
4、通过 offline-installation-tool.sh 拉取镜像
./offline-installation-tool.sh -s -l images-list.txt -d ./kubesphere-images
推送镜像至私有仓库
./offline-installation-tool.sh -l images-list.txt -d ./kubesphere-images -r dockerhub.kubekey.local
备注:
命令中的域名是 dockerhub.kubekey.local。请确保使用您自己仓库的地址。
下载部署文件
与在现有 Kubernetes 集群上在线安装 KubeSphere 相似,您也需要事先下载 cluster-configuration.yaml 和 kubesphere-installer.yaml
1、执行以下命令下载这两个文件,并将它们传输至您充当任务机的机器,用于安装。
curl -L -O https://github.com/kubesphere/ks-installer/releases/download/v3.3.1/cluster-configuration.yaml
curl -L -O https://github.com/kubesphere/ks-installer/releases/download/v3.3.1/kubesphere-installer.yaml
2、编辑 cluster-configuration.yaml 添加您的私有镜像仓库。例如,本教程中的仓库地址是 dockerhub.kubekey.local,将它用作 .spec.local_registry 的值,如下所示:
spec:
persistence:
storageClass: ""
authentication:
jwtSecret: ""
local_registry: dockerhub.kubekey.local # Add this line manually; make sure you use your own registry address.
3、编辑完成后保存 cluster-configuration.yaml,修改kubesphere-installer.yaml中镜像名,替换自己仓库的地址,如下:
spec:
serviceAccountName: ks-installer
containers:
- name: installer
image: dockerhub.kubekey.local/kubesphere/ks-installer:v3.3.1
imagePullPolicy: "Always"
开始安装
kubectl apply -f kubesphere-installer.yaml
kubectl apply -f cluster-configuration.yaml
可以通过以下命令检查安装日志:
kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l 'app in (ks-install, ks-installer)' -o jsonpath='{.items[0].metadata.name}') -f
安装成功后,您可以通过 http://{IP}:30880 使用默认帐户和密码访问 KubeSphere 的 Web 控制台。