Skip to content
GitLab
Unverified Commit f56b2d69 authored by cuisongliu's avatar cuisongliu Committed by GitHub
Browse files

merge master (#768) 

* refactor(ci): add auto invite (#762)
parent 927df0f5
main add-code-of-conduct-1 dev-refactor feature/buildah master release-v3.4.0 release-v4.0.0 release-v4.1.3 v4.1.4-rc1 v4.1.3 v4.1.3-rc1 v4.1.2 v4.1.2-rc1 v4.1.1 v4.1.0 v4.1.0-rc3 v4.1.0-rc2 v4.1.0-rc1 v4.0.0 v4.0.0-rc1 v4.0.0-alpha.16 v4.0.0-alpha.15 v4.0.0-alpha.14 v4.0.0-alpha.13 v4.0.0-alpha.12 v4.0.0-alpha.11 v4.0.0-alpha.10 v4.0.0-alpha.9 v4.0.0-alpha.8 v4.0.0-alpha.7 v4.0.0-alpha.6 v4.0.0-alpha.5 v4.0.0-alpha.4 v4.0.0-alpha.3 v4.0.0-alpha.2 v4.0.0-alpha.1
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 102 additions and 189 deletions
+102 -189
README.md
+ 7
- 7
View file @ f56b2d69
......@@ -43,7 +43,7 @@
- Debian 9+, x86_64/ arm64
- Ubuntu 16.04, 18.04, 20.04, x86_64/ arm64
- Centos/RHEL 7.6+, x86_64/ arm64
- 其他支持 systemd 的系统环境. x86_64/ arm64
- 其他支持 systemd 的系统环境, x86_64/ arm64
- Kylin arm64
## kubernetes 版本
......@@ -73,7 +73,7 @@
- kubernetes1.20+ 使用containerd作为cri. 不需要用户安装docker/containerd. sealos会安装1.3.9版本containerd。
- kubernetes1.19及以下 使用docker作为cri。 也不需要用户安装docker。 sealos会安装1.19.03版本docker
- 网络和 DNS 要求:
- 确保 /etc/resolv.conf 中的 DNS 地址可用。否则,可能会导致群集中coredns异常。
- 确保 /etc/resolv.conf 中的 DNS 地址可用。否则,可能会导致群集中coredns异常。
- 如果使用阿里云/华为云主机部署。 默认的pod网段会和阿里云的dns网段冲突, 建议自定义修改pod网段, 在init的时候指定`--podcidr` 来修改。
- sealos 默认会关闭防火墙, 如果需要打开防火墙, 建议手动放行相关的端口。
- 内核要求:
......@@ -85,10 +85,10 @@
主机名|IP地址
---|---
master0|192.168.0.2
master1|192.168.0.3
master2|192.168.0.4
node0|192.168.0.5
master0|192.168.0.2
master1|192.168.0.3
master2|192.168.0.4
node0|192.168.0.5
服务器密码:123456
......@@ -99,7 +99,7 @@ node0|192.168.0.5
```sh
# 下载并安装sealos, sealos是个golang的二进制工具,直接下载拷贝到bin目录即可, release页面也可下载
$ wget -c https://sealyun.oss-cn-beijing.aliyuncs.com/latest/sealos && \
chmod +x sealos && mv sealos /usr/bin
chmod +x sealos && mv sealos /usr/bin
# 下载离线资源包
$ wget -c https://sealyun.oss-cn-beijing.aliyuncs.com/05a3db657821277f5f3b92d834bbaf98-v1.22.0/kube1.22.0.tar.gz
......
README_en.md
+ 95
- 182
View file @ f56b2d69
......@@ -11,13 +11,14 @@ Build a production kubernetes HA cluster.
* If any master is down, lvscare will remove the ipvs realserver, when master recover it will add it back.
* Sealos will send package and apply install commands, so we needn't ansible.
# Supported Environment
# Supported Environment
## Linux Distributions
## Linux Distributions, CPU Architecture
- Debian 9+, x86_64/ arm64
- Ubuntu 16.04, 18.04, 20.04 , x86_64/ arm64
- Centos/RHEL 7.6+, x86_64/ arm64
- 99% systemd manage linux system x86_64/ arm64
- 99% systemd manage linux system x86_64/ arm64
- Kylin arm64
## kubernetes Versions
......@@ -30,214 +31,126 @@ Build a production kubernetes HA cluster.
- 1.21+
- 1.22+
Looking for more supported versions[sealyun.com](https://www.sealyun.com)
Looking for more supported versions, [sealyun.com](https://www.sealyun.com).
sealos is currently supported the latest k8s 1.22+
## Requirements and Recommendations
- Minimum resource requirements
- Minimum resource requirements
- 2 vCpu
- 4G RAM
- 40G+ Storage
- OS requirements
- SSH can access to all nodes.
- hostname is uniq and satisfied kubernetes requirements
- hostname is unique, and satisfied kubernetes requirements.
- Time synchronization for all nodes.
- network Iface has a stranger name, change it to (eth.*|en.*|em.*)
- kubernetes1.20+, use containerd for default cri. user should not to install containerd or docker-ce. sealos will do it
- kubernetes1.19-, use docker for default cri. user should not to install docker-ce. sealos will do it for you
- Networking and DNS requirements:
- Make sure the DNS address in /etc/resolv.conf is available. Otherwise, it may cause some issues of DNS in cluster。
- if you use aliyun/huawei cloud to deploy kubernetes 。 default pod cidr is confilct with dns cidr, we recommand you install kubernetes init flag to add `--podcidr` to aviod this problem。
- sealos default to disable firewalld ,It's recommended that you turn off the firewall. if you want to use firewalld , remember to allow kubernetes port traffic。
# Quick Start
## PreInstall
* Install and start docker
* Download [kubernetes offline package](http://store.lameleg.com) copy it to /root.
* Download [latest sealos](https://github.com/fanux/sealos/releases) on release page.
* Support kuberentes 1.14.0+
## Install
Multi master HA:
```
sealos init --master 192.168.0.2 \
--master 192.168.0.3 \
--master 192.168.0.4 \
--node 192.168.0.5 \
--user root \
--passwd your-server-password \
--version v1.14.1 \
--pkg-url /root/kube1.14.1.tar.gz
```
- if network card has a stranger name, change it to (eth.*|en.*|em.*).
- kubernetes1.20+, use containerd for default cri. user should not to install containerd or docker-ce. sealos will do it.
- kubernetes1.19-, use docker for default cri. user should not to install docker-ce. sealos will do it for you.
- Networking and DNS requirements:
- Make sure the DNS address in /etc/resolv.conf is available. Otherwise, it may cause some issues of DNS in cluster.
- if you use aliyun/huawei cloud to deploy kubernetes. default pod cidr is conflict with dns cidr, we recommend you install kubernetes init flag to add `--podcidr` to avoid this problem.
- sealos default to disable firewalld, It's recommended that you turn off the firewall. if you want to use firewalld , remember to allow kubernetes port traffic.
- Kernel requirements:
- When cni components choose cilium, the kernel version must not be lower than 5.4
OR single master:
```
sealos init --master 192.168.0.2 \
--node 192.168.0.5 \
--user root \
--passwd your-server-password \
--version v1.14.1 \
--pkg-url /root/kube1.14.1.tar.gz
```
# 🚀 Quick Start
OR using ssh private key:
```
sealos init --master 172.16.198.83 \
--node 172.16.198.84 \
--pkg-url https://sealyun.oss-cn-beijing.aliyuncs.com/free/kube1.15.0.tar.gz \
--pk /root/kubernetes.pem # this is your ssh private key file \
--version v1.15.0
```
> Environmental information
Thats all!
Hostname|IP Address
---|---
master0|192.168.0.2
master1|192.168.0.3
master2|192.168.0.4
node0|192.168.0.5
```
--master masters list
--node nodes list
--user host user name
--passwd host passwd
--pkg-url you offline package location
--version kubernetes version
```
Server password:123456
Check cluster:
```
[root@iZj6cdqfqw4o4o9tc0q44rZ ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
izj6cdqfqw4o4o9tc0q44rz Ready master 2m25s v1.14.1
izj6cdqfqw4o4o9tc0q44sz Ready master 119s v1.14.1
izj6cdqfqw4o4o9tc0q44tz Ready master 63s v1.14.1
izj6cdqfqw4o4o9tc0q44uz Ready <none> 38s v1.14.1
[root@iZj6cdqfqw4o4o9tc0q44rZ ~]# kubectl get pod --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-5cbcccc885-9n2p8 1/1 Running 0 3m1s
kube-system calico-node-656zn 1/1 Running 0 93s
kube-system calico-node-bv5hn 1/1 Running 0 2m54s
kube-system calico-node-f2vmd 1/1 Running 0 3m1s
kube-system calico-node-tbd5l 1/1 Running 0 118s
kube-system coredns-fb8b8dccf-8bnkv 1/1 Running 0 3m1s
kube-system coredns-fb8b8dccf-spq7r 1/1 Running 0 3m1s
kube-system etcd-izj6cdqfqw4o4o9tc0q44rz 1/1 Running 0 2m25s
kube-system etcd-izj6cdqfqw4o4o9tc0q44sz 1/1 Running 0 2m53s
kube-system etcd-izj6cdqfqw4o4o9tc0q44tz 1/1 Running 0 118s
kube-system kube-apiserver-izj6cdqfqw4o4o9tc0q44rz 1/1 Running 0 2m15s
kube-system kube-apiserver-izj6cdqfqw4o4o9tc0q44sz 1/1 Running 0 2m54s
kube-system kube-apiserver-izj6cdqfqw4o4o9tc0q44tz 1/1 Running 1 47s
kube-system kube-controller-manager-izj6cdqfqw4o4o9tc0q44rz 1/1 Running 1 2m43s
kube-system kube-controller-manager-izj6cdqfqw4o4o9tc0q44sz 1/1 Running 0 2m54s
kube-system kube-controller-manager-izj6cdqfqw4o4o9tc0q44tz 1/1 Running 0 63s
kube-system kube-proxy-b9b9z 1/1 Running 0 2m54s
kube-system kube-proxy-nf66n 1/1 Running 0 3m1s
kube-system kube-proxy-q2bqp 1/1 Running 0 118s
kube-system kube-proxy-s5g2k 1/1 Running 0 93s
kube-system kube-scheduler-izj6cdqfqw4o4o9tc0q44rz 1/1 Running 1 2m43s
kube-system kube-scheduler-izj6cdqfqw4o4o9tc0q44sz 1/1 Running 0 2m54s
kube-system kube-scheduler-izj6cdqfqw4o4o9tc0q44tz 1/1 Running 0 61s
kube-system kube-sealyun-lvscare-izj6cdqfqw4o4o9tc0q44uz 1/1 Running 0 86s
```
**kubernetes .0, the version is not recommended for production environment!!!**
## Clean
```
sealos clean
> Just prepare the server and execute the following command on any server
```sh
# download and install sealos, sealos is a binary tool of golang, just download and copy directly to the bin directory, the release page can also be downloaded
$ wget -c https://sealyun.oss-cn-beijing.aliyuncs.com/latest/sealos && \
chmod +x sealos && mv sealos /usr/bin
# download offline resource pack
$ wget -c https://sealyun.oss-cn-beijing.aliyuncs.com/05a3db657821277f5f3b92d834bbaf98-v1.22.0/kube1.22.0.tar.gz
# Install a three-master kubernetes cluster
$ sealos init --passwd '123456' \
--master 192.168.0.2 --master 192.168.0.3 --master 192.168.0.4 \
--node 192.168.0.5 \
--pkg-url /root/kube1.22.0.tar.gz \
--version v1.22.0
```
Or clean a master or node
> Parameter meaning
| parameter | meaning | example |
|-----------|--------------------------------------------------------------------------------------------------------------|-------------------------|
| passwd | server password | 123456 |
| master | k8s master IP Address | 192.168.0.2 |
| node | k8s node IP Address | 192.168.0.3 |
| pkg-url | offline resource package address, support downloading to local or a remote address | /root/kube1.22.0.tar.gz |
| version | [Resource pack](https://www.sealyun.com/goodsDetail?type=cloud_kernel&name=kubernetes) Corresponding version | v1.22.0 |
> add master
```shell script
sealos clean --master 192.168.0.2
sealos clean --node 192.168.0.3
🐳 → sealos join --master 192.168.0.6 --master 192.168.0.7
🐳 → sealos join --master 192.168.0.6-192.168.0.9 # or multiple consecutive IPs
```
## Add nodes
> add node
```shell script
sealos join --master 192.168.0.2 # join master
sealos join --node 192.168.0.3 --node 192.168.0.4 # join master
🐳 → sealos join --node 192.168.0.6 --node 192.168.0.7
🐳 → sealos join --node 192.168.0.6-192.168.0.9 # or multiple consecutive IPs
```
Also can use 192.168.0.3-192.168.0.3 to specify multi IPs
## Using config file
For example, we need add a certSANs `sealyun.com`:
```
sealos config -t kubeadm >> kubeadm-config.yaml.tmpl
```
See the config template file `cat kubeadm-config.yaml.tmpl`, edit it add `sealyun.com`:
```
apiVersion: kubeadm.k8s.io/v1beta1
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: {{.Master0}}
bindPort: 6443
---
apiVersion: kubeadm.k8s.io/v1beta1
kind: ClusterConfiguration
kubernetesVersion: {{.Version}}
controlPlaneEndpoint: "{{.ApiServer}}:6443"
imageRepository: {{.Repo}}
networking:
# dnsDomain: cluster.local
podSubnet: {{.PodCIDR}}
serviceSubnet: {{.SvcCIDR}}
apiServer:
certSANs:
- sealyun.com # add to certSANs
- 127.0.0.1
- {{.ApiServer}}
{{range .Masters -}}
- {{.}}
{{end -}}
{{range .CertSANS -}}
- {{.}}
{{end -}}
- {{.VIP}}
extraArgs:
feature-gates: TTLAfterFinished=true
extraVolumes:
- name: localtime
hostPath: /etc/localtime
mountPath: /etc/localtime
readOnly: true
pathType: File
controllerManager:
extraArgs:
feature-gates: TTLAfterFinished=true
experimental-cluster-signing-duration: 876000h
extraVolumes:
- hostPath: /etc/localtime
mountPath: /etc/localtime
name: localtime
readOnly: true
pathType: File
scheduler:
extraArgs:
feature-gates: TTLAfterFinished=true
extraVolumes:
- hostPath: /etc/localtime
mountPath: /etc/localtime
name: localtime
readOnly: true
pathType: File
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
mode: "ipvs"
ipvs:
excludeCIDRs:
- "{{.VIP}}/32"
> delete the specified master
```shell script
🐳 → sealos clean --master 192.168.0.6 --master 192.168.0.7
🐳 → sealos clean --master 192.168.0.6-192.168.0.9 # or multiple consecutive IPs
```
Then using --kubeadm-config flag:
> Delete the specified node
```shell script
🐳 → sealos clean --node 192.168.0.6 --node 192.168.0.7
🐳 → sealos clean --node 192.168.0.6-192.168.0.9 # or multiple consecutive IPs
```
sealos init --kubeadm-config kubeadm-config.yaml.tmpl \
--master 192.168.0.2 \
--master 192.168.0.3 \
--master 192.168.0.4 \
--node 192.168.0.5 \
--user root \
--passwd your-server-password \
--version v1.14.1 \
--pkg-url /root/kube1.14.1.tar.gz
> clean up the cluster
```shell script
🐳 → sealos clean --all
```
# ✅ Feature
- [x] Support ARM version offline package, v1.20 version offline package supports containerd integration, completely abandon docker
- [x] 99 years certificate, support cluster backup and upgrade
- [x] Does not rely on ansible haproxy keepalived, a binary tool, 0 dependencies
- [x] Offline installation, different versions of kubernetes download corresponding to different versions [Resource pack](https://www.sealyun.com/goodsDetail?type=cloud_kernel&name=kubernetes), Offline package contains all binary files configuration files and images
- [x] High-availability local LIB implemented through ipvs, which takes up less resources, is stable and reliable, and is similar to the implementation of kube-proxy
- [x] Almost compatible with all environments that support systemd x86_64 architecture
- [x] Easily add and delete cluster nodes
- [x] Thousands of users use sealos in the online environment, which is stable and reliable
- [x] The resource pack is placed on Alibaba Cloud OSS, so you don’t have to worry about network speed anymore
- [x] dashboard ingress prometheus apps offline packaging, a key installation
# 📊 Stats
![Alt](https://repobeats.axiom.co/api/embed/10ce83c1d8452210bc4a0b5a5df9d59bbc35d889.svg "Repobeats analytics image")
[简体中文](README.md)
[More offline packages](https://sealyun.com)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

免费DevSecOps平台,让您的项目体验完整的DevSecOps流程,让项目更安全