suse 12 二进制部署 Kubernetets 1.19.7 - 第04章 - 部署docker服务

1.4、部署docker

• 所有节点都需要docker（复用master节点为node节点运行pod）

1.4.0、下载docker二进制文件

k8s-01:~ # cd /opt/k8s/packages/
k8s-01:/opt/k8s/packages # wget https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/static/stable/x86_64/docker-19.03.9.tgz
k8s-01:/opt/k8s/packages # tar xf docker-19.03.9.tgz

1.4.1、配置docker镜像加速

k8s-01:~ # cd conf/
k8s-01:/opt/k8s/conf # cat > daemon.json <<-EOF
{
    
    
  "registry-mirrors": ["https://bk6kzfqm.mirror.aliyuncs.com"],
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    
    
    "max-size": "100m"
  },
  "storage-driver": "overlay2",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ]
}
EOF

1.4.2、配置docker为systemctl管理

k8s-01:/opt/k8s/conf # cd /opt/k8s/conf/
k8s-01:/opt/k8s/conf # cat > docker.service <<-EOF
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd  \$DOCKER_NETWORK_OPTIONS
EnvironmentFile=-/run/flannel/docker
ExecReload=/bin/kill -s HUP \$MAINPID
TimeoutSec=0
RestartSec=2
Restart=always

# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3

# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s

# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity

# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity

# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes

# kill only the docker process, not all processes in the cgroup
KillMode=process

[Install]
WantedBy=multi-user.target
EOF

1.4.3、启动docker服务

#!/usr/bin/env bash
source /opt/k8s/bin/k8s-env.sh

for host in ${NODE_IPS[@]}
do
    printf "\e[1;34m${host}\e[0m\n"
    ssh root@${host} "mkdir /etc/docker"
    scp /opt/k8s/packages/docker/* ${host}:/usr/bin/
    scp /opt/k8s/conf/daemon.json ${host}:/etc/docker/
    scp /opt/k8s/conf/docker.service ${host}:/etc/systemd/system/
    ssh root@${host} "systemctl daemon-reload && \
                      systemctl enable docker --now && \
                      systemctl status docker | grep Active"
done

1.4.4、查看所有节点docker和flannel的网卡是否为同一网段

#!/usr/bin/env bash
source /opt/k8s/bin/k8s-env.sh

for host in ${NODE_IPS[@]}
do
    printf "\e[1;34m${host}\e[0m\n"
    ssh root@${host} 'ifconfig | egrep "docker*|flannel*" -A 1'
done