离线安装docker、registry、k8s、helm

Published on with 0 views and 0 comments

离线安装docker

下载离线安装包:https://download.docker.com/linux/static/stable/x86_64/

把离线包上传到服务器解压:

image.png

把命令放到/usr/bin下,

在/etc/systemd/system下添加docker.service

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd --graph=/var/docker/lib/
ExecReload=/bin/kill -s HUP $MAINPID
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
#TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s

[Install]
WantedBy=multi-user.target

启动:systemctl start docker

开机自启:systemctl enable docker

查看状态:systemctl status docker

安装registry

准备好registry镜像

在有网的机器pull:docker pull registry

save: docker save -o registry.image registry

在需要安装的机器上load:docker load < registry.image

启动

docker run -d -v /data/registry:/var/lib/registry 
-p 5000:5000 
--restart=always 
--name registry registry

启动参数说明:

-v:宿主机挂载目录:/var/lib/registry

-p:宿主机端口:5000

--name:容器名称

在客户端查看镜像仓库中的所有镜像:

curl http://your-server-ip:5000/v2/_catalog

上传镜像

修改/etc/docker/daemon.json,没有就创建

添加如下内容:

{ 
    "insecure-registries" : [ "your-server-ip:5000" ] 
}

重启docker:systemctl restart docker

给镜像打tag:

docker tag your-image-name:tagname your-server-ip:5000/your-image-name:tagname

上传:

docker push your-registry-server-ip:5000/your-image-name:tagname

下载镜像

docker pull your-server-ip:5000/your-image-name:tagname

离线安装k8s

推荐使用sealos:https://www.sealyun.com/instructions

离线安装helm

1、下载二进制包

https://github.com/helm/helm/releases

解压,命令放到$PATH下

2、创建rbac-config.yaml文件:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: tiller
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: tiller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: tiller
    namespace: kube-system

执行:kubectl create -f rbac-config.yaml

3、安装tiller

helm init --upgrade --service-account tiller --tiller-image registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.14.2 --stable-repo-url http://127.0.0.1/

备注:上面命令中的**--stable-repo-url http://127.0.0.1/这个是我用nginx做的,这儿下面放了一个文件index.yaml文件,可以从这儿下载到 https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts/index.yaml

4、校验

查看pod:kubectl get pod -n kube-system|grep tiller

image.png

检查客户端和服务端是否一致:helm version

image.png

5、helm删除

helm reset -f
rm -rf ~/.helm
标题:离线安装docker、registry、k8s、helm
作者:fyzzz
地址:https://fyzzz.cn/articles/2020/12/28/1609122804214.html