KubeEdge是一个开源系统,可将本机容器化的业务流程和设备管理扩展到Edge上的主机。它基于Kubernetes构建,并为网络,应用程序部署以及云与边缘之间的元数据同步提供核心基础架构支持。
参考:https://github.com/kubernetes/dashboard
选用示例:KubeEdge Counter Demo计数器是一个伪设备,用户无需任何额外的物理设备即可运行此演示。计数器在边缘侧运行,用户可以从云侧在Web中对其进行控制,也可以从云侧在Web中获得计数器值。原理图如下:
参考:https://github.com/kubernetes/dashboard
选用示例:KubeEdge Counter Demo计数器是一个伪设备,用户无需任何额外的物理设备即可运行此演示。计数器在边缘侧运行,用户可以从云侧在Web中对其进行控制,也可以从云侧在Web中获得计数器值。原理图如下:
它还支持MQTT,并允许开发人员编写自定义逻辑并在Edge上启用资源受限的设备通信。KubeEdge由云部分和边缘部分组成,边缘和云部分现已开源,本文将基于Centos8.0系统对KugeEdge进行编译与部署。
系统配置
集群环境
禁用开机启动防火墙
# systemctl disable firewalld
永久禁用SELinux
编辑文件/etc/selinux/config,将SELINUX修改为disabled,如下:
# sed -i 's/SELINUX=permissive/SELINUX=disabled/' /etc/sysconfig/selinuxSELINUX=disabled
关闭系统Swap(可选)
# sed -i 's/.*swap.*/#&/' /etc/fstab#/dev/mapper/centos-swap swap swap defaults 0 0
所有机器安装Docker
# yum install wget container-selinux -y# wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm# yum erase runc -y# rpm -ivh containerd.io-1.2.6-3.3.el7.x86_64.rpm注意:上面的步骤在centos7中无须操作# update-alternatives --set iptables /usr/sbin/iptables-legacy# yum install -y yum-utils device-mapper-persistent-data lvm2 && yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo && yum makecache# yum -y install docker-ce# systemctl enable docker.service && systemctl start docker说明:如果想安装指定版本的Docker# yum -y install docker-ce-18.06.3.ce
重启系统
# reboot
cloud节点部署K8s
配置yum源
就算使用官方建议的多副本 + 联邦,仍然会遇到一些问题:[root@ke-cloud ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64enabled=1gpgcheck=1repo_gpgcheck=1gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF
安装kubeadm、kubectl
[root@ke-cloud ~]# yum makecache[root@ke-cloud ~]# yum install -y kubelet kubeadm kubectl ipvsadm说明:如果想安装指定版本的kubeadm[root@ke-cloud ~]# yum install kubelet-1.17.0-0.x86_64 kubeadm-1.17.0-0.x86_64 kubectl-1.17.0-0.x86_64
配置内核参数
[root@ke-cloud ~]# cat <<EOF > /etc/sysctl.d/k8s.confnet.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1vm.swappiness=0EOF[root@ke-cloud ~]# sysctl --system[root@ke-cloud ~]# modprobe br_netfilter[root@ke-cloud ~]# sysctl -p /etc/sysctl.d/k8s.conf加载ipvs相关内核模块如果重新开机,需要重新加载(可以写在 /etc/rc.local 中开机自动加载)[root@ke-cloud ~]# modprobe ip_vs[root@ke-cloud ~]# modprobe ip_vs_rr[root@ke-cloud ~]# modprobe ip_vs_wrr[root@ke-cloud ~]# modprobe ip_vs_sh[root@ke-cloud ~]# modprobe nf_conntrack_ipv4查看是否加载成功[root@ke-cloud ~]# lsmod | grep ip_vs
拉取镜像
[root@ke-cloud ~]# kubeadm config images listI0716 20:10:22.666500 6001 version.go:251] remote version is much newer: v1.18.6; falling back to: stable-1.17W0716 20:10:23.059486 6001 validation.go:28] Cannot validate kubelet config - no validator is availableW0716 20:10:23.059501 6001 validation.go:28] Cannot validate kube-proxy config - no validator is availablek8s.gcr.io/kube-apiserver:v1.17.9k8s.gcr.io/kube-controller-manager:v1.17.9k8s.gcr.io/kube-scheduler:v1.17.9k8s.gcr.io/kube-proxy:v1.17.9k8s.gcr.io/pause:3.1k8s.gcr.io/etcd:3.4.3-0k8s.gcr.io/coredns:1.6.5
使用kubeadm config images pull命令拉取上述镜像,如下:
[root@ke-cloud ~]# kubeadm config images pullI0716 20:11:12.188139 6015 version.go:251] remote version is much newer: v1.18.6; falling back to: stable-1.17W0716 20:11:12.580861 6015 validation.go:28] Cannot validate kube-proxy config - no validator is availableW0716 20:11:12.580877 6015 validation.go:28] Cannot validate kubelet config - no validator is available[config/images] Pulled k8s.gcr.io/kube-apiserver:v1.17.9[config/images] Pulled k8s.gcr.io/kube-controller-manager:v1.17.9[config/images] Pulled k8s.gcr.io/kube-scheduler:v1.17.9[config/images] Pulled k8s.gcr.io/kube-proxy:v1.17.9[config/images] Pulled k8s.gcr.io/pause:3.1[config/images] Pulled k8s.gcr.io/etcd:3.4.3-0[config/images] Pulled k8s.gcr.io/coredns:1.6.5
查看下载下来的镜像,如下:
[root@ke-cloud ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEk8s.gcr.io/kube-proxy v1.17.9 ddc09a4c2193 19 hours ago 117MBk8s.gcr.io/kube-controller-manager v1.17.9 c7f1dde319ee 19 hours ago 161MBk8s.gcr.io/kube-apiserver v1.17.9 7417868987f3 19 hours ago 171MBk8s.gcr.io/kube-scheduler v1.17.9 f7b1228fa995 19 hours ago 94.4MBk8s.gcr.io/coredns 1.6.5 70f311871ae1 8 months ago 41.6MBk8s.gcr.io/etcd 3.4.3-0 303ce5db0e90 8 months ago 288MBk8s.gcr.io/pause 3.1 da86e6ba6ca1 2 years ago 742kB
配置Kubelet(可选)
在cloud端配置kubelet并非必须,主要是为了验证K8s集群的部署是否正确,也可以在云端搭建Dashboard等应用。
1)获取Docker的cgroups
[root@ke-cloud ~]# DOCKER_CGROUPS=$(docker info | grep 'Cgroup' | cut -d' ' -f4)[root@ke-cloud ~]# echo $DOCKER_CGROUPScgroupfs
2)配置kubelet的cgroups
[root@ke-cloud ~]# cat >/etc/sysconfig/kubelet<<EOFKUBELET_EXTRA_ARGS="--cgroup-driver=$DOCKER_CGROUPS --pod-infra-container-image=k8s.gcr.io/pause:3.1"EOF
3)启动kubelet
[root@ke-cloud ~]# systemctl daemon-reload[root@ke-cloud ~]# systemctl enable kubelet && systemctl start kubelet特别说明:在这里使用systemctl status kubelet会发现报错误信息,这个错误在运行kubeadm init 生成CA证书后会被自动解决,此处可先忽略。
初始化集群
使用kubeadm init命令进行集群初始化,初始化完成必须要记录下初始化过程最后的命令,如下图所示:
[root@ke-cloud ~]# kubeadm init --kubernetes-version=v1.17.9 \--pod-network-cidr=10.244.0.0/16 \--apiserver-advertise-address=192.168.1.66 \--ignore-preflight-errors=Swap[init] Using Kubernetes version: v1.17.9...Your Kubernetes control-plane has initialized successfully!To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/configYou should now deploy a pod network to the cluster.Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:https://kubernetes.io/docs/concepts/cluster-administration/addons/Then you can join any number of worker nodes by running the following on each as root:kubeadm join 192.168.1.66:6443 --token mskyxo.1gvtjenik78cm1ip \--discovery-token-ca-cert-hash sha256:89fd70b84d6beaff3c0223f288a675080034d108b5673cf66502267291078a04
进一步配置kubectl
[root@ke-cloud ~]# rm -rf $HOME/.kube[root@ke-cloud ~]# mkdir -p $HOME/.kube[root@ke-cloud ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config[root@ke-cloud ~]# chown $(id -u):$(id -g) $HOME/.kube/config
查看node节点
[root@ke-cloud ~]# systemctl status kubeletNAME STATUS ROLES AGE VERSIONke-cloud NotReady master 3m3s v1.17.0
配置网络插件(可选)
特别说明:版本会经常更新,如果配置成功,就手动去https://raw.githubusercontent.com/coreos/flannel/master/Documentation/ 下载最新版yaml文件
1)下载flannel插件的yaml文件
[root@ke-cloud ~]# cd ~ && mkdir flannel && cd flannel[root@ke-cloud ~]# curl -O https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml2)启动
[root@ke-cloud ~]# kubectl apply -f ~/flannel/kube-flannel.yml3)查看
注意:只有网络插件也安装配置完成之后,node才能会显示为ready状态。[root@ke-cloud ~]# kubectl get nodeNAME STATUS ROLES AGE VERSIONke-cloud Ready master 12h v1.17.0[root@ke-cloud ~]# kubectl get pods -n kube-systemNAME READY STATUS RESTARTS AGEcoredns-6955765f44-k65xx 1/1 Running 0 12hcoredns-6955765f44-r2q6g 1/1 Running 0 12hetcd-ke-cloud 1/1 Running 0 12hkube-apiserver-ke-cloud 1/1 Running 0 12hkube-controller-manager-ke-cloud 1/1 Running 0 12hkube-flannel-ds-amd64-lrsrh 1/1 Running 0 12hkube-proxy-vr44d 1/1 Running 0 12hkube-scheduler-ke-cloud 1/1 Running 0 12h[root@ke-cloud ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12h
K8s安装dashboard(可选)
参考:https://github.com/kubernetes/dashboard
KubeEdge的安装与配置
Cloud端配置
准备工作
1)下载golang
[root@ke-cloud ~]# wget https://golang.google.cn/dl/go1.14.4.linux-amd64.tar.gz[root@ke-cloud ~]# tar -zxvf go1.14.4.linux-amd64.tar.gz -C /usr/local
2)配置golang环境
[root@ke-cloud ~]# vim /etc/profile文件末尾添加:# golang envexport GOROOT=/usr/local/goexport GOPATH=/data/gopathexport PATH=$PATH:$GOROOT/bin:$GOPATH/bin[root@ke-cloud ~]# source /etc/profile[root@ke-cloud ~]# mkdir -p /data/gopath && cd /data/gopath[root@ke-cloud ~]# mkdir -p src pkg bin
3)下载KubeEdge源码
[root@ke-cloud ~]# git clone https://github.com/kubeedge/kubeedge $GOPATH/src/github.com/kubeedge/kubeedge
部署cloudcore
可以通过本地部署的方式部署KubeEdge(这需要单独编译cloudcore和edgecore,部署方式参考:https://docs.kubeedge.io/en/latest/setup/local.html) ,也可以通过keadm的方式部署KubeEdge(部署方式参考:https://docs.kubeedge.io/en/latest/setup/keadm.html) 。本文选用了在操作上更简单的keadm部署方式。
1)编译kubeadm
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/kubeedge[root@ke-cloud ~]# make all WHAT=keadm说明:编译后的二进制文件在./_output/local/bin下,单独编译cloudcore与edgecore的方式如下:[root@ke-cloud ~]# make all WHAT=cloudcore && make all WHAT=edgecore
2)创建cloud节点
[root@ke-cloud ~]# keadm init --advertise-address="192.168.1.66"Kubernetes version verification passed, KubeEdge installation will start......KubeEdge cloudcore is running, For logs visit: /var/log/kubeedge/cloudcore.logCloudCore started
edge端配置
edge端也可以通过keadm进行配置,可以将cloud端编译生成的二进制可执行文件通过scp命令复制到edge端。
从云端获取令牌
在云端运行将返回令牌,该令牌将在加入边缘节点时使用。keadm gettoken
[root@ke-cloud ~]# keadm gettoken8ca5a29595498fbc0648ca59208681f9d18dae86ecff10e70991cde96a6f4199.eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1OTUwMzU0Mjh9.YR-N628S5wEFLifC0sM9t-IuIWkgSK-kizFnyAy5Q50
加入边缘节点
keadm join将安装edgecore和mqtt。它还提供了一个标志,通过它可以设置特定的版本。
重要的提示:• --cloudcore-ipport 标志是强制性标志。• 如果要自动为边缘节点应用证书,--token则需要。• 云和边缘端使用的kubeEdge版本应相同。[root@ke-edge1 ~]# keadm join --cloudcore-ipport=192.168.1.66:10000 --token=8ca5a29595498fbc0648ca59208681f9d18dae86ecff10e70991cde96a6f4199.eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1OTUwMzU0Mjh9.YR-N628S5wEFLifC0sM9t-IuIWkgSK-kizFnyAy5Q50Host has mosquit+ already installed and running. Hence skipping the installation steps !!!...KubeEdge edgecore is running, For logs visit: /var/log/kubeedge/edgecore.log
验证
边缘端在启动edgecore后,会与云端的cloudcore进行通信,K8s进而会将边缘端作为一个node纳入K8s的管控。
[root@ke-cloud ~]# kubectl get nodeNAME STATUS ROLES AGE VERSIONke-cloud Ready master 13h v1.17.0ke-edge1 Ready agent,edge 64s v1.17.1-kubeedge-v1.3.1[root@ke-cloud ~]# kubectl get pods -n kube-systemNAME READY STATUS RESTARTS AGEcoredns-6955765f44-k65xx 1/1 Running 0 13hcoredns-6955765f44-r2q6g 1/1 Running 0 13hetcd-ke-cloud 1/1 Running 0 13hkube-apiserver-ke-cloud 1/1 Running 0 13hkube-controller-manager-ke-cloud 1/1 Running 0 13hkube-flannel-ds-amd64-fgtdq 0/1 Error 5 5m55skube-flannel-ds-amd64-lrsrh 1/1 Running 0 13hkube-proxy-vr44d 1/1 Running 0 13hkube-scheduler-ke-cloud 1/1 Running 0 13h说明:如果在K8s集群中配置过flannel网络插件(见2.7),这里由于edge节点没有部署kubelet,所以调度到edge节点上的flannel pod会创建失败。这不影响KubeEdge的使用,可以先忽略这个问题。
运行KubeEdge示例
选用示例:KubeEdge Counter Demo计数器是一个伪设备,用户无需任何额外的物理设备即可运行此演示。计数器在边缘侧运行,用户可以从云侧在Web中对其进行控制,也可以从云侧在Web中获得计数器值。原理图如下:
详细文档参考:https://github.com/kubeedge/examples/tree/master/kubeedge-counter-demo
准备工作
1)本示例要求KubeEdge版本必须是v1.2.1+
2)下载示例代码:[root@ke-cloud ~]# kubectl get nodeNAME STATUS ROLES AGE VERSIONke-cloud Ready master 13h v1.17.0ke-edge1 Ready agent,edge 64s v1.17.1-kubeedge-v1.3.1说明:本文接下来的验证将使用边缘节点ke-edge1进行,如果你参考本文进行相关验证,后续边缘节点名称的配置需要根据你的实际情况进行更改。
[root@ke-cloud ~]# git clone https://github.com/kubeedge/examples.git $GOPATH/src/github.com/kubeedge/examples
创建device model和device
1)创建device model
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/crds[root@ke-cloud crds~]# kubectl create -f kubeedge-counter-model.yaml2)创建device根据你的实际情况修改matchExpressions:
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/crds[root@ke-cloud crds~]# vim kubeedge-counter-instance.yamlapiVersion: devices.kubeedge.io/v1alpha1kind: Devicemetadata:name: counterlabels:description: 'counter'manufacturer: 'test'spec:deviceModelRef:name: counter-modelnodeSelector:nodeSelectorTerms:- matchExpressions:- key: 'kubernetes.io/hostname'operator: Invalues:- ke-edge1status:twins:- propertyName: statusdesired:metadata:type: stringvalue: 'OFF'reported:metadata:type: stringvalue: '0'[root@ke-cloud crds~]# kubectl create -f kubeedge-counter-instance.yaml
部署云端应用
1)修改代码
云端应用web-controller-app用来控制边缘端的pi-counter-app应用,该程序默认监听的端口号为80,此处修改为8089,如下所示:
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/web-controller-app[root@ke-cloud web-controller-app~]# vim main.gopackage mainimport ("github.com/astaxie/beego""github.com/kubeedge/examples/kubeedge-counter-demo/web-controller-app/controller")func main() {beego.Router("/", new(controllers.TrackController), "get:Index")beego.Router("/track/control/:trackId", new(controllers.TrackController), "get,post:ControlTrack")beego.Run(":8089")}
2)构建镜像
注意:构建镜像时,请将源码拷贝到GOPATH对应的路径下,如果开启了go mod请关闭。
[root@ke-cloud web-controller-app~]# make all[root@ke-cloud web-controller-app~]# make docker
3)部署web-controller-app
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/crds[root@ke-cloud crds~]# kubectl apply -f kubeedge-web-controller-app.yaml
部署边缘端应用
边缘端的pi-counter-app应用受云端应用控制,主要与mqtt服务器通信,进行简单的计数功能。
1)修改代码与构建镜像需要将Makefile中的GOARCH修改为amd64才能运行该容器。
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/counter-mapper[root@ke-cloud counter-mapper~]# vim Makefile.PHONY: all pi-execute-app docker cleanall: pi-execute-apppi-execute-app:GOARCH=amd64 go build -o pi-counter-app main.godocker:docker build . -t kubeedge/kubeedge-pi-counter:v1.0.0clean:rm -f pi-counter-app[root@ke-cloud counter-mapper~]# make all[root@ke-cloud counter-mapper~]# make docker
2)部署Pi Counter App
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/crds[root@ke-cloud crds~]# kubectl apply -f kubeedge-pi-counter-app.yaml说明:为了防止Pod的部署卡在`ContainerCreating`,这里直接通过docker save、scp和docker load命令将镜像发布到边缘端[root@ke-cloud ~]# docker save -o kubeedge-pi-counter.tar kubeedge/kubeedge-pi-counter:v1.0.0[root@ke-cloud ~]# scp kubeedge-pi-counter.tar root@192.168.1.56:/root[root@ke-edge1 ~]# docker load -i kubeedge-pi-counter.tar
运行效果
现在,KubeEdge Demo的云端部分和边缘端的部分都已经部署完毕,如下:
[root@ke-cloud ~]# kubectl get pods -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESkubeedge-counter-app-758b9b4ffd-f8qjj 1/1 Running 0 26m 192.168.1.66 ke-cloud <none> <none>kubeedge-pi-counter-c69698d6-rb4xz 1/1 Running 0 2m 192.168.1.56 ke-edge1 <none> <none>我们现在开始测试一下该Demo运行效果:1)执行ON命令在web页面上选择ON,并点击Execute,可以在edge节点上通过以下命令查看执行结果:
[root@ke-edge1 ~]# docker logs -f counter-container-id
2)查看counter STATUS在web页面上选择STATUS,并点击Execute,会在Web页面上返回counter当前的status,如下所示:
2)执行OFF命令在web页面上选择OFF,并点击Execute,可以再edge节点上通过以下命令查看执行结果:
[root@ke-edge1 ~]# docker logs -f counter-container-id
总结
首先在云端使用了kubeadm轻松搭建了一个K8s集群。
然后使用了非常方便、易用的keadm在云端和边缘端搭建了KubeEdge的核心组件:cloudcore和edgecore。部署成功后,KubeEdge边缘节点会作为一个node被K8s管控。
最后用了KubeEdge官方提供的examples(kubeedge-counter-demo)运行了一个示例,这一示例完美地展现了kubeEdge的边缘设备管理、边云协同能力。KubeEdge是一个开源系统,可将本机容器化的业务流程和设备管理扩展到Edge上的主机。它基于Kubernetes构建,并为网络,应用程序部署以及云与边缘之间的元数据同步提供核心基础架构支持。
它还支持MQTT,并允许开发人员编写自定义逻辑并在Edge上启用资源受限的设备通信。KubeEdge由云部分和边缘部分组成,边缘和云部分现已开源,本文将基于Centos8.0系统对KugeEdge进行编译与部署。系统配置
集群环境
禁用开机启动防火墙
# systemctl disable firewalld
永久禁用SELinux
编辑文件/etc/selinux/config,将SELINUX修改为disabled,如下:# sed -i 's/SELINUX=permissive/SELINUX=disabled/' /etc/sysconfig/selinuxSELINUX=disabled
关闭系统Swap(可选)
Kbernetes 1.8 开始要求关闭系统的Swap,如果不关闭,默认配置下kubelet将无法启动,如下:# sed -i 's/.*swap.*/#&/' /etc/fstab#/dev/mapper/centos-swap swap swap defaults 0 0
所有机器安装Docker
# yum install wget container-selinux -y# wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm# yum erase runc -y# rpm -ivh containerd.io-1.2.6-3.3.el7.x86_64.rpm注意:上面的步骤在centos7中无须操作# update-alternatives --set iptables /usr/sbin/iptables-legacy# yum install -y yum-utils device-mapper-persistent-data lvm2 && yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo && yum makecache# yum -y install docker-ce# systemctl enable docker.service && systemctl start docker说明:如果想安装指定版本的Docker# yum -y install docker-ce-18.06.3.ce重启系统
# reboot
cloud节点部署K8s
配置yum源
就算使用官方建议的多副本 + 联邦,仍然会遇到一些问题:[root@ke-cloud ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64enabled=1gpgcheck=1repo_gpgcheck=1gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF
安装kubeadm、kubectl
[root@ke-cloud ~]# yum makecache[root@ke-cloud ~]# yum install -y kubelet kubeadm kubectl ipvsadm说明:如果想安装指定版本的kubeadm[root@ke-cloud ~]# yum install kubelet-1.17.0-0.x86_64 kubeadm-1.17.0-0.x86_64 kubectl-1.17.0-0.x86_64配置内核参数
[root@ke-cloud ~]# cat <<EOF > /etc/sysctl.d/k8s.confnet.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1vm.swappiness=0EOF[root@ke-cloud ~]# sysctl --system[root@ke-cloud ~]# modprobe br_netfilter[root@ke-cloud ~]# sysctl -p /etc/sysctl.d/k8s.conf加载ipvs相关内核模块如果重新开机,需要重新加载(可以写在 /etc/rc.local 中开机自动加载)[root@ke-cloud ~]# modprobe ip_vs[root@ke-cloud ~]# modprobe ip_vs_rr[root@ke-cloud ~]# modprobe ip_vs_wrr[root@ke-cloud ~]# modprobe ip_vs_sh[root@ke-cloud ~]# modprobe nf_conntrack_ipv4查看是否加载成功[root@ke-cloud ~]# lsmod | grep ip_vs拉取镜像
用命令查看版本当前kubeadm对应的k8s组件镜像版本,如下:[root@ke-cloud ~]# kubeadm config images listI0716 20:10:22.666500 6001 version.go:251] remote version is much newer: v1.18.6; falling back to: stable-1.17W0716 20:10:23.059486 6001 validation.go:28] Cannot validate kubelet config - no validator is availableW0716 20:10:23.059501 6001 validation.go:28] Cannot validate kube-proxy config - no validator is availablek8s.gcr.io/kube-apiserver:v1.17.9k8s.gcr.io/kube-controller-manager:v1.17.9k8s.gcr.io/kube-scheduler:v1.17.9k8s.gcr.io/kube-proxy:v1.17.9k8s.gcr.io/pause:3.1k8s.gcr.io/etcd:3.4.3-0k8s.gcr.io/coredns:1.6.5
使用kubeadm config images pull命令拉取上述镜像,如下:[root@ke-cloud ~]# kubeadm config images pullI0716 20:11:12.188139 6015 version.go:251] remote version is much newer: v1.18.6; falling back to: stable-1.17W0716 20:11:12.580861 6015 validation.go:28] Cannot validate kube-proxy config - no validator is availableW0716 20:11:12.580877 6015 validation.go:28] Cannot validate kubelet config - no validator is available[config/images] Pulled k8s.gcr.io/kube-apiserver:v1.17.9[config/images] Pulled k8s.gcr.io/kube-controller-manager:v1.17.9[config/images] Pulled k8s.gcr.io/kube-scheduler:v1.17.9[config/images] Pulled k8s.gcr.io/kube-proxy:v1.17.9[config/images] Pulled k8s.gcr.io/pause:3.1[config/images] Pulled k8s.gcr.io/etcd:3.4.3-0[config/images] Pulled k8s.gcr.io/coredns:1.6.5
查看下载下来的镜像,如下:[root@ke-cloud ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEk8s.gcr.io/kube-proxy v1.17.9 ddc09a4c2193 19 hours ago 117MBk8s.gcr.io/kube-controller-manager v1.17.9 c7f1dde319ee 19 hours ago 161MBk8s.gcr.io/kube-apiserver v1.17.9 7417868987f3 19 hours ago 171MBk8s.gcr.io/kube-scheduler v1.17.9 f7b1228fa995 19 hours ago 94.4MBk8s.gcr.io/coredns 1.6.5 70f311871ae1 8 months ago 41.6MBk8s.gcr.io/etcd 3.4.3-0 303ce5db0e90 8 months ago 288MBk8s.gcr.io/pause 3.1 da86e6ba6ca1 2 years ago 742kB
配置Kubelet(可选)
在cloud端配置kubelet并非必须,主要是为了验证K8s集群的部署是否正确,也可以在云端搭建Dashboard等应用。
1)获取Docker的cgroups[root@ke-cloud ~]# DOCKER_CGROUPS=$(docker info | grep 'Cgroup' | cut -d' ' -f4)[root@ke-cloud ~]# echo $DOCKER_CGROUPScgroupfs
2)配置kubelet的cgroups[root@ke-cloud ~]# cat >/etc/sysconfig/kubelet<<EOFKUBELET_EXTRA_ARGS="--cgroup-driver=$DOCKER_CGROUPS --pod-infra-container-image=k8s.gcr.io/pause:3.1"EOF
3)启动kubelet[root@ke-cloud ~]# systemctl daemon-reload[root@ke-cloud ~]# systemctl enable kubelet && systemctl start kubelet
特别说明:在这里使用systemctl status kubelet会发现报错误信息,这个错误在运行kubeadm init 生成CA证书后会被自动解决,此处可先忽略。初始化集群
使用kubeadm init命令进行集群初始化,初始化完成必须要记录下初始化过程最后的命令,如下图所示:[root@ke-cloud ~]# kubeadm init --kubernetes-version=v1.17.9 \--pod-network-cidr=10.244.0.0/16 \--apiserver-advertise-address=192.168.1.66 \--ignore-preflight-errors=Swap[init] Using Kubernetes version: v1.17.9...Your Kubernetes control-plane has initialized successfully!To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/configYou should now deploy a pod network to the cluster.Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:https://kubernetes.io/docs/concepts/cluster-administration/addons/Then you can join any number of worker nodes by running the following on each as root:kubeadm join 192.168.1.66:6443 --token mskyxo.1gvtjenik78cm1ip \--discovery-token-ca-cert-hash sha256:89fd70b84d6beaff3c0223f288a675080034d108b5673cf66502267291078a04
进一步配置kubectl[root@ke-cloud ~]# rm -rf $HOME/.kube[root@ke-cloud ~]# mkdir -p $HOME/.kube[root@ke-cloud ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config[root@ke-cloud ~]# chown $(id -u):$(id -g) $HOME/.kube/config
查看node节点[root@ke-cloud ~]# systemctl status kubeletNAME STATUS ROLES AGE VERSIONke-cloud NotReady master 3m3s v1.17.0
配置网络插件(可选)
特别说明:版本会经常更新,如果配置成功,就手动去https://raw.githubusercontent.com/coreos/flannel/master/Documentation/ 下载最新版yaml文件
1)下载flannel插件的yaml文件[root@ke-cloud ~]# cd ~ && mkdir flannel && cd flannel[root@ke-cloud ~]# curl -O https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
2)启动[root@ke-cloud ~]# kubectl apply -f ~/flannel/kube-flannel.yml
3)查看
注意:只有网络插件也安装配置完成之后,node才能会显示为ready状态。[root@ke-cloud ~]# kubectl get nodeNAME STATUS ROLES AGE VERSIONke-cloud Ready master 12h v1.17.0[root@ke-cloud ~]# kubectl get pods -n kube-systemNAME READY STATUS RESTARTS AGEcoredns-6955765f44-k65xx 1/1 Running 0 12hcoredns-6955765f44-r2q6g 1/1 Running 0 12hetcd-ke-cloud 1/1 Running 0 12hkube-apiserver-ke-cloud 1/1 Running 0 12hkube-controller-manager-ke-cloud 1/1 Running 0 12hkube-flannel-ds-amd64-lrsrh 1/1 Running 0 12hkube-proxy-vr44d 1/1 Running 0 12hkube-scheduler-ke-cloud 1/1 Running 0 12h[root@ke-cloud ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12hK8s安装dashboard(可选)
参考:https://github.com/kubernetes/dashboardKubeEdge的安装与配置
Cloud端配置
cloud端负责编译KubeEdge的相关组件与运行cloudcore。准备工作
1)下载golang
[root@ke-cloud ~]# wget https://golang.google.cn/dl/go1.14.4.linux-amd64.tar.gz[root@ke-cloud ~]# tar -zxvf go1.14.4.linux-amd64.tar.gz -C /usr/local
2)配置golang环境
[root@ke-cloud ~]# vim /etc/profile文件末尾添加:# golang envexport GOROOT=/usr/local/goexport GOPATH=/data/gopathexport PATH=$PATH:$GOROOT/bin:$GOPATH/bin[root@ke-cloud ~]# source /etc/profile[root@ke-cloud ~]# mkdir -p /data/gopath && cd /data/gopath[root@ke-cloud ~]# mkdir -p src pkg bin3)下载KubeEdge源码
[root@ke-cloud ~]# git clone https://github.com/kubeedge/kubeedge $GOPATH/src/github.com/kubeedge/kubeedge
部署cloudcore
可以通过本地部署的方式部署KubeEdge(这需要单独编译cloudcore和edgecore,部署方式参考:https://docs.kubeedge.io/en/latest/setup/local.html) ,也可以通过keadm的方式部署KubeEdge(部署方式参考:https://docs.kubeedge.io/en/latest/setup/keadm.html) 。本文选用了在操作上更简单的keadm部署方式。1)编译kubeadm
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/kubeedge[root@ke-cloud ~]# make all WHAT=keadm说明:编译后的二进制文件在./_output/local/bin下,单独编译cloudcore与edgecore的方式如下:[root@ke-cloud ~]# make all WHAT=cloudcore && make all WHAT=edgecore2)创建cloud节点
[root@ke-cloud ~]# keadm init --advertise-address="192.168.1.66"Kubernetes version verification passed, KubeEdge installation will start......KubeEdge cloudcore is running, For logs visit: /var/log/kubeedge/cloudcore.logCloudCore startededge端配置
edge端也可以通过keadm进行配置,可以将cloud端编译生成的二进制可执行文件通过scp命令复制到edge端。从云端获取令牌
在云端运行将返回令牌,该令牌将在加入边缘节点时使用。keadm gettoken[root@ke-cloud ~]# keadm gettoken8ca5a29595498fbc0648ca59208681f9d18dae86ecff10e70991cde96a6f4199.eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1OTUwMzU0Mjh9.YR-N628S5wEFLifC0sM9t-IuIWkgSK-kizFnyAy5Q50
加入边缘节点
keadm join将安装edgecore和mqtt。它还提供了一个标志,通过它可以设置特定的版本。
重要的提示:• --cloudcore-ipport 标志是强制性标志。• 如果要自动为边缘节点应用证书,--token则需要。• 云和边缘端使用的kubeEdge版本应相同。[root@ke-edge1 ~]# keadm join --cloudcore-ipport=192.168.1.66:10000 --token=8ca5a29595498fbc0648ca59208681f9d18dae86ecff10e70991cde96a6f4199.eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1OTUwMzU0Mjh9.YR-N628S5wEFLifC0sM9t-IuIWkgSK-kizFnyAy5Q50Host has mosquit+ already installed and running. Hence skipping the installation steps !!!...KubeEdge edgecore is running, For logs visit: /var/log/kubeedge/edgecore.log验证
边缘端在启动edgecore后,会与云端的cloudcore进行通信,K8s进而会将边缘端作为一个node纳入K8s的管控。[root@ke-cloud ~]# kubectl get nodeNAME STATUS ROLES AGE VERSIONke-cloud Ready master 13h v1.17.0ke-edge1 Ready agent,edge 64s v1.17.1-kubeedge-v1.3.1[root@ke-cloud ~]# kubectl get pods -n kube-systemNAME READY STATUS RESTARTS AGEcoredns-6955765f44-k65xx 1/1 Running 0 13hcoredns-6955765f44-r2q6g 1/1 Running 0 13hetcd-ke-cloud 1/1 Running 0 13hkube-apiserver-ke-cloud 1/1 Running 0 13hkube-controller-manager-ke-cloud 1/1 Running 0 13hkube-flannel-ds-amd64-fgtdq 0/1 Error 5 5m55skube-flannel-ds-amd64-lrsrh 1/1 Running 0 13hkube-proxy-vr44d 1/1 Running 0 13hkube-scheduler-ke-cloud 1/1 Running 0 13h说明:如果在K8s集群中配置过flannel网络插件(见2.7),这里由于edge节点没有部署kubelet,所以调度到edge节点上的flannel pod会创建失败。这不影响KubeEdge的使用,可以先忽略这个问题。运行KubeEdge示例
选用示例:KubeEdge Counter Demo计数器是一个伪设备,用户无需任何额外的物理设备即可运行此演示。计数器在边缘侧运行,用户可以从云侧在Web中对其进行控制,也可以从云侧在Web中获得计数器值。原理图如下:
详细文档参考:https://github.com/kubeedge/examples/tree/master/kubeedge-counter-demo准备工作
1)本示例要求KubeEdge版本必须是v1.2.1+
2)下载示例代码:[root@ke-cloud ~]# kubectl get nodeNAME STATUS ROLES AGE VERSIONke-cloud Ready master 13h v1.17.0ke-edge1 Ready agent,edge 64s v1.17.1-kubeedge-v1.3.1说明:本文接下来的验证将使用边缘节点ke-edge1进行,如果你参考本文进行相关验证,后续边缘节点名称的配置需要根据你的实际情况进行更改。[root@ke-cloud ~]# git clone https://github.com/kubeedge/examples.git $GOPATH/src/github.com/kubeedge/examples
创建device model和device
1)创建device model
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/crds[root@ke-cloud crds~]# kubectl create -f kubeedge-counter-model.yaml
2)创建device根据你的实际情况修改matchExpressions:[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/crds[root@ke-cloud crds~]# vim kubeedge-counter-instance.yamlapiVersion: devices.kubeedge.io/v1alpha1kind: Devicemetadata:name: counterlabels:description: 'counter'manufacturer: 'test'spec:deviceModelRef:name: counter-modelnodeSelector:nodeSelectorTerms:- matchExpressions:- key: 'kubernetes.io/hostname'operator: Invalues:- ke-edge1status:twins:- propertyName: statusdesired:metadata:type: stringvalue: 'OFF'reported:metadata:type: stringvalue: '0'[root@ke-cloud crds~]# kubectl create -f kubeedge-counter-instance.yaml部署云端应用
1)修改代码
云端应用web-controller-app用来控制边缘端的pi-counter-app应用,该程序默认监听的端口号为80,此处修改为8089,如下所示:[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/web-controller-app[root@ke-cloud web-controller-app~]# vim main.gopackage mainimport ("github.com/astaxie/beego""github.com/kubeedge/examples/kubeedge-counter-demo/web-controller-app/controller")func main() {beego.Router("/", new(controllers.TrackController), "get:Index")beego.Router("/track/control/:trackId", new(controllers.TrackController), "get,post:ControlTrack")beego.Run(":8089")}2)构建镜像
注意:构建镜像时,请将源码拷贝到GOPATH对应的路径下,如果开启了go mod请关闭。[root@ke-cloud web-controller-app~]# make all[root@ke-cloud web-controller-app~]# make docker
3)部署web-controller-app
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/crds[root@ke-cloud crds~]# kubectl apply -f kubeedge-web-controller-app.yaml
部署边缘端应用
边缘端的pi-counter-app应用受云端应用控制,主要与mqtt服务器通信,进行简单的计数功能。
1)修改代码与构建镜像需要将Makefile中的GOARCH修改为amd64才能运行该容器。[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/counter-mapper[root@ke-cloud counter-mapper~]# vim Makefile.PHONY: all pi-execute-app docker cleanall: pi-execute-apppi-execute-app:GOARCH=amd64 go build -o pi-counter-app main.godocker:docker build . -t kubeedge/kubeedge-pi-counter:v1.0.0clean:rm -f pi-counter-app[root@ke-cloud counter-mapper~]# make all[root@ke-cloud counter-mapper~]# make docker2)部署Pi Counter App
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/crds[root@ke-cloud crds~]# kubectl apply -f kubeedge-pi-counter-app.yaml说明:为了防止Pod的部署卡在`ContainerCreating`,这里直接通过docker save、scp和docker load命令将镜像发布到边缘端[root@ke-cloud ~]# docker save -o kubeedge-pi-counter.tar kubeedge/kubeedge-pi-counter:v1.0.0[root@ke-cloud ~]# scp kubeedge-pi-counter.tar root@192.168.1.56:/root[root@ke-edge1 ~]# docker load -i kubeedge-pi-counter.tar运行效果
现在,KubeEdge Demo的云端部分和边缘端的部分都已经部署完毕,如下:[root@ke-cloud ~]# kubectl get pods -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESkubeedge-counter-app-758b9b4ffd-f8qjj 1/1 Running 0 26m 192.168.1.66 ke-cloud <none> <none>kubeedge-pi-counter-c69698d6-rb4xz 1/1 Running 0 2m 192.168.1.56 ke-edge1 <none> <none>
我们现在开始测试一下该Demo运行效果:1)执行ON命令在web页面上选择ON,并点击Execute,可以在edge节点上通过以下命令查看执行结果:[root@ke-edge1 ~]# docker logs -f counter-container-id
2)查看counter STATUS在web页面上选择STATUS,并点击Execute,会在Web页面上返回counter当前的status,如下所示:
2)执行OFF命令在web页面上选择OFF,并点击Execute,可以再edge节点上通过以下命令查看执行结果:[root@ke-edge1 ~]# docker logs -f counter-container-id
总结
文本采用的KubeEdge安装和部署流程是非常简易的,具体体现在:最后用了KubeEdge官方提供的examples(kubeedge-counter-demo)运行了一个示例,这一示例完美地展现了kubeEdge的边缘设备管理、边云协同能力。
然后使用了非常方便、易用的keadm在云端和边缘端搭建了KubeEdge的核心组件:cloudcore和edgecore。部署成功后,KubeEdge边缘节点会作为一个node被K8s管控。
首先在云端使用了kubeadm轻松搭建了一个K8s集群。
它还支持MQTT,并允许开发人员编写自定义逻辑并在Edge上启用资源受限的设备通信。KubeEdge由云部分和边缘部分组成,边缘和云部分现已开源,本文将基于Centos8.0系统对KugeEdge进行编译与部署。
系统配置
集群环境
禁用开机启动防火墙
# systemctl disable firewalld
永久禁用SELinux
编辑文件/etc/selinux/config,将SELINUX修改为disabled,如下:
# sed -i 's/SELINUX=permissive/SELINUX=disabled/' /etc/sysconfig/selinuxSELINUX=disabled
关闭系统Swap(可选)
# sed -i 's/.*swap.*/#&/' /etc/fstab#/dev/mapper/centos-swap swap swap defaults 0 0
所有机器安装Docker
# yum install wget container-selinux -y# wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm# yum erase runc -y# rpm -ivh containerd.io-1.2.6-3.3.el7.x86_64.rpm注意:上面的步骤在centos7中无须操作# update-alternatives --set iptables /usr/sbin/iptables-legacy# yum install -y yum-utils device-mapper-persistent-data lvm2 && yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo && yum makecache# yum -y install docker-ce# systemctl enable docker.service && systemctl start docker说明:如果想安装指定版本的Docker# yum -y install docker-ce-18.06.3.ce
重启系统
# reboot
cloud节点部署K8s
配置yum源
就算使用官方建议的多副本 + 联邦,仍然会遇到一些问题:[root@ke-cloud ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo[kubernetes]name=Kubernetesbaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64enabled=1gpgcheck=1repo_gpgcheck=1gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF
安装kubeadm、kubectl
[root@ke-cloud ~]# yum makecache[root@ke-cloud ~]# yum install -y kubelet kubeadm kubectl ipvsadm说明:如果想安装指定版本的kubeadm[root@ke-cloud ~]# yum install kubelet-1.17.0-0.x86_64 kubeadm-1.17.0-0.x86_64 kubectl-1.17.0-0.x86_64
配置内核参数
[root@ke-cloud ~]# cat <<EOF > /etc/sysctl.d/k8s.confnet.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1vm.swappiness=0EOF[root@ke-cloud ~]# sysctl --system[root@ke-cloud ~]# modprobe br_netfilter[root@ke-cloud ~]# sysctl -p /etc/sysctl.d/k8s.conf加载ipvs相关内核模块如果重新开机,需要重新加载(可以写在 /etc/rc.local 中开机自动加载)[root@ke-cloud ~]# modprobe ip_vs[root@ke-cloud ~]# modprobe ip_vs_rr[root@ke-cloud ~]# modprobe ip_vs_wrr[root@ke-cloud ~]# modprobe ip_vs_sh[root@ke-cloud ~]# modprobe nf_conntrack_ipv4查看是否加载成功[root@ke-cloud ~]# lsmod | grep ip_vs
拉取镜像
[root@ke-cloud ~]# kubeadm config images listI0716 20:10:22.666500 6001 version.go:251] remote version is much newer: v1.18.6; falling back to: stable-1.17W0716 20:10:23.059486 6001 validation.go:28] Cannot validate kubelet config - no validator is availableW0716 20:10:23.059501 6001 validation.go:28] Cannot validate kube-proxy config - no validator is availablek8s.gcr.io/kube-apiserver:v1.17.9k8s.gcr.io/kube-controller-manager:v1.17.9k8s.gcr.io/kube-scheduler:v1.17.9k8s.gcr.io/kube-proxy:v1.17.9k8s.gcr.io/pause:3.1k8s.gcr.io/etcd:3.4.3-0k8s.gcr.io/coredns:1.6.5
使用kubeadm config images pull命令拉取上述镜像,如下:
[root@ke-cloud ~]# kubeadm config images pullI0716 20:11:12.188139 6015 version.go:251] remote version is much newer: v1.18.6; falling back to: stable-1.17W0716 20:11:12.580861 6015 validation.go:28] Cannot validate kube-proxy config - no validator is availableW0716 20:11:12.580877 6015 validation.go:28] Cannot validate kubelet config - no validator is available[config/images] Pulled k8s.gcr.io/kube-apiserver:v1.17.9[config/images] Pulled k8s.gcr.io/kube-controller-manager:v1.17.9[config/images] Pulled k8s.gcr.io/kube-scheduler:v1.17.9[config/images] Pulled k8s.gcr.io/kube-proxy:v1.17.9[config/images] Pulled k8s.gcr.io/pause:3.1[config/images] Pulled k8s.gcr.io/etcd:3.4.3-0[config/images] Pulled k8s.gcr.io/coredns:1.6.5
查看下载下来的镜像,如下:
[root@ke-cloud ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEk8s.gcr.io/kube-proxy v1.17.9 ddc09a4c2193 19 hours ago 117MBk8s.gcr.io/kube-controller-manager v1.17.9 c7f1dde319ee 19 hours ago 161MBk8s.gcr.io/kube-apiserver v1.17.9 7417868987f3 19 hours ago 171MBk8s.gcr.io/kube-scheduler v1.17.9 f7b1228fa995 19 hours ago 94.4MBk8s.gcr.io/coredns 1.6.5 70f311871ae1 8 months ago 41.6MBk8s.gcr.io/etcd 3.4.3-0 303ce5db0e90 8 months ago 288MBk8s.gcr.io/pause 3.1 da86e6ba6ca1 2 years ago 742kB
配置Kubelet(可选)
在cloud端配置kubelet并非必须,主要是为了验证K8s集群的部署是否正确,也可以在云端搭建Dashboard等应用。
1)获取Docker的cgroups
[root@ke-cloud ~]# DOCKER_CGROUPS=$(docker info | grep 'Cgroup' | cut -d' ' -f4)[root@ke-cloud ~]# echo $DOCKER_CGROUPScgroupfs
2)配置kubelet的cgroups
[root@ke-cloud ~]# cat >/etc/sysconfig/kubelet<<EOFKUBELET_EXTRA_ARGS="--cgroup-driver=$DOCKER_CGROUPS --pod-infra-container-image=k8s.gcr.io/pause:3.1"EOF
3)启动kubelet
[root@ke-cloud ~]# systemctl daemon-reload[root@ke-cloud ~]# systemctl enable kubelet && systemctl start kubelet特别说明:在这里使用systemctl status kubelet会发现报错误信息,这个错误在运行kubeadm init 生成CA证书后会被自动解决,此处可先忽略。
初始化集群
使用kubeadm init命令进行集群初始化,初始化完成必须要记录下初始化过程最后的命令,如下图所示:
[root@ke-cloud ~]# kubeadm init --kubernetes-version=v1.17.9 \--pod-network-cidr=10.244.0.0/16 \--apiserver-advertise-address=192.168.1.66 \--ignore-preflight-errors=Swap[init] Using Kubernetes version: v1.17.9...Your Kubernetes control-plane has initialized successfully!To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/configYou should now deploy a pod network to the cluster.Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:https://kubernetes.io/docs/concepts/cluster-administration/addons/Then you can join any number of worker nodes by running the following on each as root:kubeadm join 192.168.1.66:6443 --token mskyxo.1gvtjenik78cm1ip \--discovery-token-ca-cert-hash sha256:89fd70b84d6beaff3c0223f288a675080034d108b5673cf66502267291078a04
进一步配置kubectl
[root@ke-cloud ~]# rm -rf $HOME/.kube[root@ke-cloud ~]# mkdir -p $HOME/.kube[root@ke-cloud ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config[root@ke-cloud ~]# chown $(id -u):$(id -g) $HOME/.kube/config
查看node节点
[root@ke-cloud ~]# systemctl status kubeletNAME STATUS ROLES AGE VERSIONke-cloud NotReady master 3m3s v1.17.0
配置网络插件(可选)
特别说明:版本会经常更新,如果配置成功,就手动去https://raw.githubusercontent.com/coreos/flannel/master/Documentation/ 下载最新版yaml文件
1)下载flannel插件的yaml文件
[root@ke-cloud ~]# cd ~ && mkdir flannel && cd flannel[root@ke-cloud ~]# curl -O https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml2)启动
[root@ke-cloud ~]# kubectl apply -f ~/flannel/kube-flannel.yml3)查看
注意:只有网络插件也安装配置完成之后,node才能会显示为ready状态。[root@ke-cloud ~]# kubectl get nodeNAME STATUS ROLES AGE VERSIONke-cloud Ready master 12h v1.17.0[root@ke-cloud ~]# kubectl get pods -n kube-systemNAME READY STATUS RESTARTS AGEcoredns-6955765f44-k65xx 1/1 Running 0 12hcoredns-6955765f44-r2q6g 1/1 Running 0 12hetcd-ke-cloud 1/1 Running 0 12hkube-apiserver-ke-cloud 1/1 Running 0 12hkube-controller-manager-ke-cloud 1/1 Running 0 12hkube-flannel-ds-amd64-lrsrh 1/1 Running 0 12hkube-proxy-vr44d 1/1 Running 0 12hkube-scheduler-ke-cloud 1/1 Running 0 12h[root@ke-cloud ~]# kubectl get svcNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEkubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12h
K8s安装dashboard(可选)
参考:https://github.com/kubernetes/dashboard
KubeEdge的安装与配置
Cloud端配置
准备工作
1)下载golang
[root@ke-cloud ~]# wget https://golang.google.cn/dl/go1.14.4.linux-amd64.tar.gz[root@ke-cloud ~]# tar -zxvf go1.14.4.linux-amd64.tar.gz -C /usr/local
2)配置golang环境
[root@ke-cloud ~]# vim /etc/profile文件末尾添加:# golang envexport GOROOT=/usr/local/goexport GOPATH=/data/gopathexport PATH=$PATH:$GOROOT/bin:$GOPATH/bin[root@ke-cloud ~]# source /etc/profile[root@ke-cloud ~]# mkdir -p /data/gopath && cd /data/gopath[root@ke-cloud ~]# mkdir -p src pkg bin
3)下载KubeEdge源码
[root@ke-cloud ~]# git clone https://github.com/kubeedge/kubeedge $GOPATH/src/github.com/kubeedge/kubeedge
部署cloudcore
可以通过本地部署的方式部署KubeEdge(这需要单独编译cloudcore和edgecore,部署方式参考:https://docs.kubeedge.io/en/latest/setup/local.html) ,也可以通过keadm的方式部署KubeEdge(部署方式参考:https://docs.kubeedge.io/en/latest/setup/keadm.html) 。本文选用了在操作上更简单的keadm部署方式。
1)编译kubeadm
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/kubeedge[root@ke-cloud ~]# make all WHAT=keadm说明:编译后的二进制文件在./_output/local/bin下,单独编译cloudcore与edgecore的方式如下:[root@ke-cloud ~]# make all WHAT=cloudcore && make all WHAT=edgecore
2)创建cloud节点
[root@ke-cloud ~]# keadm init --advertise-address="192.168.1.66"Kubernetes version verification passed, KubeEdge installation will start......KubeEdge cloudcore is running, For logs visit: /var/log/kubeedge/cloudcore.logCloudCore started
edge端配置
edge端也可以通过keadm进行配置,可以将cloud端编译生成的二进制可执行文件通过scp命令复制到edge端。
从云端获取令牌
在云端运行将返回令牌,该令牌将在加入边缘节点时使用。keadm gettoken
[root@ke-cloud ~]# keadm gettoken8ca5a29595498fbc0648ca59208681f9d18dae86ecff10e70991cde96a6f4199.eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1OTUwMzU0Mjh9.YR-N628S5wEFLifC0sM9t-IuIWkgSK-kizFnyAy5Q50
加入边缘节点
keadm join将安装edgecore和mqtt。它还提供了一个标志,通过它可以设置特定的版本。
重要的提示:• --cloudcore-ipport 标志是强制性标志。• 如果要自动为边缘节点应用证书,--token则需要。• 云和边缘端使用的kubeEdge版本应相同。[root@ke-edge1 ~]# keadm join --cloudcore-ipport=192.168.1.66:10000 --token=8ca5a29595498fbc0648ca59208681f9d18dae86ecff10e70991cde96a6f4199.eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1OTUwMzU0Mjh9.YR-N628S5wEFLifC0sM9t-IuIWkgSK-kizFnyAy5Q50Host has mosquit+ already installed and running. Hence skipping the installation steps !!!...KubeEdge edgecore is running, For logs visit: /var/log/kubeedge/edgecore.log
验证
边缘端在启动edgecore后,会与云端的cloudcore进行通信,K8s进而会将边缘端作为一个node纳入K8s的管控。
[root@ke-cloud ~]# kubectl get nodeNAME STATUS ROLES AGE VERSIONke-cloud Ready master 13h v1.17.0ke-edge1 Ready agent,edge 64s v1.17.1-kubeedge-v1.3.1[root@ke-cloud ~]# kubectl get pods -n kube-systemNAME READY STATUS RESTARTS AGEcoredns-6955765f44-k65xx 1/1 Running 0 13hcoredns-6955765f44-r2q6g 1/1 Running 0 13hetcd-ke-cloud 1/1 Running 0 13hkube-apiserver-ke-cloud 1/1 Running 0 13hkube-controller-manager-ke-cloud 1/1 Running 0 13hkube-flannel-ds-amd64-fgtdq 0/1 Error 5 5m55skube-flannel-ds-amd64-lrsrh 1/1 Running 0 13hkube-proxy-vr44d 1/1 Running 0 13hkube-scheduler-ke-cloud 1/1 Running 0 13h说明:如果在K8s集群中配置过flannel网络插件(见2.7),这里由于edge节点没有部署kubelet,所以调度到edge节点上的flannel pod会创建失败。这不影响KubeEdge的使用,可以先忽略这个问题。
运行KubeEdge示例
选用示例:KubeEdge Counter Demo计数器是一个伪设备,用户无需任何额外的物理设备即可运行此演示。计数器在边缘侧运行,用户可以从云侧在Web中对其进行控制,也可以从云侧在Web中获得计数器值。原理图如下:
详细文档参考:https://github.com/kubeedge/examples/tree/master/kubeedge-counter-demo
准备工作
1)本示例要求KubeEdge版本必须是v1.2.1+
2)下载示例代码:[root@ke-cloud ~]# kubectl get nodeNAME STATUS ROLES AGE VERSIONke-cloud Ready master 13h v1.17.0ke-edge1 Ready agent,edge 64s v1.17.1-kubeedge-v1.3.1说明:本文接下来的验证将使用边缘节点ke-edge1进行,如果你参考本文进行相关验证,后续边缘节点名称的配置需要根据你的实际情况进行更改。
[root@ke-cloud ~]# git clone https://github.com/kubeedge/examples.git $GOPATH/src/github.com/kubeedge/examples
创建device model和device
1)创建device model
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/crds[root@ke-cloud crds~]# kubectl create -f kubeedge-counter-model.yaml2)创建device根据你的实际情况修改matchExpressions:
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/crds[root@ke-cloud crds~]# vim kubeedge-counter-instance.yamlapiVersion: devices.kubeedge.io/v1alpha1kind: Devicemetadata:name: counterlabels:description: 'counter'manufacturer: 'test'spec:deviceModelRef:name: counter-modelnodeSelector:nodeSelectorTerms:- matchExpressions:- key: 'kubernetes.io/hostname'operator: Invalues:- ke-edge1status:twins:- propertyName: statusdesired:metadata:type: stringvalue: 'OFF'reported:metadata:type: stringvalue: '0'[root@ke-cloud crds~]# kubectl create -f kubeedge-counter-instance.yaml
部署云端应用
1)修改代码
云端应用web-controller-app用来控制边缘端的pi-counter-app应用,该程序默认监听的端口号为80,此处修改为8089,如下所示:
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/web-controller-app[root@ke-cloud web-controller-app~]# vim main.gopackage mainimport ("github.com/astaxie/beego""github.com/kubeedge/examples/kubeedge-counter-demo/web-controller-app/controller")func main() {beego.Router("/", new(controllers.TrackController), "get:Index")beego.Router("/track/control/:trackId", new(controllers.TrackController), "get,post:ControlTrack")beego.Run(":8089")}
2)构建镜像
注意:构建镜像时,请将源码拷贝到GOPATH对应的路径下,如果开启了go mod请关闭。
[root@ke-cloud web-controller-app~]# make all[root@ke-cloud web-controller-app~]# make docker
3)部署web-controller-app
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/crds[root@ke-cloud crds~]# kubectl apply -f kubeedge-web-controller-app.yaml
部署边缘端应用
边缘端的pi-counter-app应用受云端应用控制,主要与mqtt服务器通信,进行简单的计数功能。
1)修改代码与构建镜像需要将Makefile中的GOARCH修改为amd64才能运行该容器。
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/counter-mapper[root@ke-cloud counter-mapper~]# vim Makefile.PHONY: all pi-execute-app docker cleanall: pi-execute-apppi-execute-app:GOARCH=amd64 go build -o pi-counter-app main.godocker:docker build . -t kubeedge/kubeedge-pi-counter:v1.0.0clean:rm -f pi-counter-app[root@ke-cloud counter-mapper~]# make all[root@ke-cloud counter-mapper~]# make docker
2)部署Pi Counter App
[root@ke-cloud ~]# cd $GOPATH/src/github.com/kubeedge/examples/kubeedge-counter-demo/crds[root@ke-cloud crds~]# kubectl apply -f kubeedge-pi-counter-app.yaml说明:为了防止Pod的部署卡在`ContainerCreating`,这里直接通过docker save、scp和docker load命令将镜像发布到边缘端[root@ke-cloud ~]# docker save -o kubeedge-pi-counter.tar kubeedge/kubeedge-pi-counter:v1.0.0[root@ke-cloud ~]# scp kubeedge-pi-counter.tar root@192.168.1.56:/root[root@ke-edge1 ~]# docker load -i kubeedge-pi-counter.tar
运行效果
现在,KubeEdge Demo的云端部分和边缘端的部分都已经部署完毕,如下:
[root@ke-cloud ~]# kubectl get pods -o wideNAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATESkubeedge-counter-app-758b9b4ffd-f8qjj 1/1 Running 0 26m 192.168.1.66 ke-cloud <none> <none>kubeedge-pi-counter-c69698d6-rb4xz 1/1 Running 0 2m 192.168.1.56 ke-edge1 <none> <none>我们现在开始测试一下该Demo运行效果:1)执行ON命令在web页面上选择ON,并点击Execute,可以在edge节点上通过以下命令查看执行结果:
[root@ke-edge1 ~]# docker logs -f counter-container-id
2)查看counter STATUS在web页面上选择STATUS,并点击Execute,会在Web页面上返回counter当前的status,如下所示:
2)执行OFF命令在web页面上选择OFF,并点击Execute,可以再edge节点上通过以下命令查看执行结果:
[root@ke-edge1 ~]# docker logs -f counter-container-id
总结
首先在云端使用了kubeadm轻松搭建了一个K8s集群。
然后使用了非常方便、易用的keadm在云端和边缘端搭建了KubeEdge的核心组件:cloudcore和edgecore。部署成功后,KubeEdge边缘节点会作为一个node被K8s管控。
最后用了KubeEdge官方提供的examples(kubeedge-counter-demo)运行了一个示例,这一示例完美地展现了kubeEdge的边缘设备管理、边云协同能力。
