k8s-v1.23.5依赖下载

几年前安装使用过k8s(kubernetes)，明白安装过程最大的一个难关是容器镜像的下载，所以找回原来的文章，试着用原来的代理翻墙的方式，但是原来可行的 ssh -D socks5 的方式在 Amazon Linux 2 上面不好使，最后直接在外网主机上安装并缓冲RPM，然后下载打包 k8s.gcr.io 下的所有镜像。

尽管过程没有那么的严谨，但是每个步骤还是都得执行的。

参考文章

安装Docker

k8s的pod需要容器运行时（Container Runtime），这里直接选择熟悉的docker。外网的主机是centos7的，按照docker官网步骤安装。

## https://docs.docker.com/engine/install/centos/
$ sudo yum remove docker \
                   docker-client \
                   docker-client-latest \
                   docker-common \
                   docker-latest \
                   docker-latest-logrotate \
                   docker-logrotate \
                   docker-engine

$ sudo yum install -y yum-utils
$ sudo yum-config-manager \
     --add-repo \
     https://download.docker.com/linux/centos/docker-ce.repo

$ yum list docker-ce --showduplicates | sort -r

$ sudo yum clean all
$ sudo yum install docker-ce docker-ce-cli containerd.io

$ sudo service docker start
$ sudo systemctl enable docker
# docker info

## https://kubernetes.io/zh/docs/setup/production-environment/container-runtimes/#docker
$ cat <<EOF | sudo tee /etc/docker/daemon.json
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2"
}
EOF

$ sudo systemctl enable docker
$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

安装 kubeadm、kubelet 和 kubectl

## 设置缓冲
# vi /etc/yum.conf 
keepcache=1


## https://kubernetes.io/zh/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#%E5%AE%89%E8%A3%85-kubeadm-kubelet-%E5%92%8C-kubectl
## 在官网基础上，禁用gpgcheck
# cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF

## 将 SELinux 设置为 permissive 模式（相当于将其禁用）
# sudo setenforce 0
# sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

# sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

## 无需启动 sudo systemctl enable --now kubelet

把缓冲的rpm下载到本地

[root@ea5df05219bb /]# cd /var/cache/yum/
[root@ea5df05219bb yum]# ll -R 

[root@ea5df05219bb yum]# yum install lrzsz 

[root@ea5df05219bb yum]# sz x86_64/7/kubernetes/packages/*

在没有互联网连接的情况下运行kubeadm

## https://kubernetes.io/zh/docs/reference/setup-tools/kubeadm/kubeadm-init/#%E5%9C%A8%E6%B2%A1%E6%9C%89%E4%BA%92%E8%81%94%E7%BD%91%E8%BF%9E%E6%8E%A5%E7%9A%84%E6%83%85%E5%86%B5%E4%B8%8B%E8%BF%90%E8%A1%8C-kubeadm

# kubeadm config images list
k8s.gcr.io/kube-apiserver:v1.23.5
k8s.gcr.io/kube-controller-manager:v1.23.5
k8s.gcr.io/kube-scheduler:v1.23.5
k8s.gcr.io/kube-proxy:v1.23.5
k8s.gcr.io/pause:3.6
k8s.gcr.io/etcd:3.5.1-0
k8s.gcr.io/coredns/coredns:v1.8.6

# kubeadm config images pull
[config/images] Pulled k8s.gcr.io/kube-apiserver:v1.23.5
[config/images] Pulled k8s.gcr.io/kube-controller-manager:v1.23.5
[config/images] Pulled k8s.gcr.io/kube-scheduler:v1.23.5
[config/images] Pulled k8s.gcr.io/kube-proxy:v1.23.5
[config/images] Pulled k8s.gcr.io/pause:3.6
[config/images] Pulled k8s.gcr.io/etcd:3.5.1-0
[config/images] Pulled k8s.gcr.io/coredns/coredns:v1.8.6

# docker images
REPOSITORY                           TAG       IMAGE ID       CREATED         SIZE
k8s.gcr.io/kube-apiserver            v1.23.5   3fc1d62d6587   14 hours ago    135MB
k8s.gcr.io/kube-proxy                v1.23.5   3c53fa8541f9   14 hours ago    112MB
k8s.gcr.io/kube-controller-manager   v1.23.5   b0c9e5e4dbb1   14 hours ago    125MB
k8s.gcr.io/kube-scheduler            v1.23.5   884d49d6d8c9   14 hours ago    53.5MB
k8s.gcr.io/etcd                      3.5.1-0   25f8c7f3da61   4 months ago    293MB
k8s.gcr.io/coredns/coredns           v1.8.6    a4ca41631cc7   5 months ago    46.8MB
k8s.gcr.io/pause                     3.6       6270bb605e12   6 months ago    683kB
centos                               7         8652b9f0cb4c   16 months ago   204MB

# docker images | awk '{print $1}' | grep k8s | xargs echo 
k8s.gcr.io/kube-apiserver k8s.gcr.io/kube-proxy k8s.gcr.io/kube-controller-manager k8s.gcr.io/kube-scheduler k8s.gcr.io/etcd k8s.gcr.io/coredns/coredns k8s.gcr.io/pause

# docker save -o k8s-v1.23.5.tar k8s.gcr.io/kube-apiserver k8s.gcr.io/kube-proxy k8s.gcr.io/kube-controller-manager k8s.gcr.io/kube-scheduler k8s.gcr.io/etcd k8s.gcr.io/coredns/coredns k8s.gcr.io/pause
# gzip k8s-v1.23.5.tar

把导出的images下载回来后，加载到本地主机

[ec2-user@k8s ~]$ docker load -i k8s-v1.23.5.tar.gz 

metrics-server

metrics server的镜像也是在google的服务上的，也下载保存下来。在dashboard上可以通过它查看node/pod的cpu/内存占用图形情况。

# docker pull k8s.gcr.io/metrics-server/metrics-server:v0.6.1

# docker save -o metrics-server-v0.6.1.tar k8s.gcr.io/metrics-server/metrics-server:v0.6.1
# gzip metrics-server-v0.6.1.tar 

下载回来后，加载到本地主机

[ec2-user@k8s ~]$ docker load -i metrics-server-v0.6.1.tar.gz 

基本安装好后，本地镜像如下：

[ec2-user@k8s ~]$ docker images 
REPOSITORY                                       TAG       IMAGE ID       CREATED        SIZE
k8s.gcr.io/kube-apiserver                        v1.23.5   3fc1d62d6587   39 hours ago   135MB
k8s.gcr.io/kube-proxy                            v1.23.5   3c53fa8541f9   39 hours ago   112MB
k8s.gcr.io/kube-scheduler                        v1.23.5   884d49d6d8c9   39 hours ago   53.5MB
k8s.gcr.io/kube-controller-manager               v1.23.5   b0c9e5e4dbb1   39 hours ago   125MB
rancher/mirrored-flannelcni-flannel              v0.17.0   9247abf08677   2 weeks ago    59.8MB
k8s.gcr.io/metrics-server/metrics-server         v0.6.1    e57a417f15d3   5 weeks ago    68.8MB
rancher/mirrored-flannelcni-flannel-cni-plugin   v1.0.1    ac40ce625740   8 weeks ago    8.1MB
k8s.gcr.io/etcd                                  3.5.1-0   25f8c7f3da61   4 months ago   293MB
k8s.gcr.io/coredns/coredns                       v1.8.6    a4ca41631cc7   5 months ago   46.8MB
k8s.gcr.io/pause                                 3.6       6270bb605e12   6 months ago   683kB

[ec2-user@worker1 ~]$ docker images 
REPOSITORY                                       TAG       IMAGE ID       CREATED        SIZE
k8s.gcr.io/kube-apiserver                        v1.23.5   3fc1d62d6587   39 hours ago   135MB
k8s.gcr.io/kube-proxy                            v1.23.5   3c53fa8541f9   39 hours ago   112MB
k8s.gcr.io/kube-controller-manager               v1.23.5   b0c9e5e4dbb1   39 hours ago   125MB
k8s.gcr.io/kube-scheduler                        v1.23.5   884d49d6d8c9   39 hours ago   53.5MB
kubernetesui/dashboard                           v2.5.1    7fff914c4a61   7 days ago     243MB
rancher/mirrored-flannelcni-flannel              v0.17.0   9247abf08677   2 weeks ago    59.8MB
k8s.gcr.io/metrics-server/metrics-server         v0.6.1    e57a417f15d3   5 weeks ago    68.8MB
rancher/mirrored-flannelcni-flannel-cni-plugin   v1.0.1    ac40ce625740   8 weeks ago    8.1MB
k8s.gcr.io/etcd                                  3.5.1-0   25f8c7f3da61   4 months ago   293MB
k8s.gcr.io/coredns/coredns                       v1.8.6    a4ca41631cc7   5 months ago   46.8MB
k8s.gcr.io/pause                                 3.6       6270bb605e12   6 months ago   683kB
kubernetesui/metrics-scraper                     v1.0.7    7801cfc6d5c0   9 months ago   34.4MB

小结

本文就要在外网模拟了一下安装，把需要翻墙的两个组件（rpm，docker image）缓冲下来，然后在本地机器上直接使用。

下载的最新版本v1.23.5 的（需翻墙的）依赖可以在百度网盘下载：

链接：https://pan.baidu.com/s/1P3ABqKGt1JhNkg-9yB22yQ 
提取码：k7af

–END

Winse Blog

走走停停都是风景, 熙熙攘攘都向最好, 忙忙碌碌都为明朝, 何畏之.