基于 Cluster API 管理集群

前言

Kubernetes Cluster API 提供了一种声明式的集群创建、配置、管理模式，能够对集群的全生命周期进行有效管理（https://cluster-api.sigs.k8s.io/introduction.html）本文提供简单试用记录。

准备 Kubernetes 集群（管理集群）

节点	操作系统	IP	Docker 版本	kubernetes 版本	网络
node-01	Ubuntu 18.04.1 LTS	192.168.137.131	19.03.1	v1.17.1	Calico v3.7.3
node-02	Ubuntu 18.04.1 LTS	192.168.137.99	19.03.1	v1.17.1	Calico v3.7.3

管理集群安装命令笔记：

(node-01) # kubeadm init --pod-network-cidr=192.200.0.0/16
(node-01) # mkdir -p $HOME/.kube
(node-01) # sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
(node-01) # wget https://docs.projectcalico.org/v3.11/manifests/calico.yaml
(node-01) # sed -i "s/192.168/192.200/g" calico.yaml
(node-01) # kubectl apply -f calico.yaml
(node-02) # kubeadm join 192.168.137.131:6443 --token xxx   --discovery-token-ca-cert-hash sha256:xxx

部署 Cluster API Controller

(node-01) # kubectl create -f https://github.com/kubernetes-sigs/cluster-api/releases/download/v0.2.9/cluster-api-components.yaml

部署 Bootstrap Provider （cluster-api-bootstrap-provider-kubeadm）

通过 watch 和 process KubeadmConfig Cluster Machine 对象，实现对集群机器的配置

(node-01) # kubectl create -f https://github.com/kubernetes-sigs/cluster-api-bootstrap-provider-kubeadm/releases/download/v0.1.5/bootstrap-components.yaml

部署 Infrastructure Provider （cluster-api-provider-docker）

通过 watch 和 process DockerCluster DockerMachine Cluster Machine 来供应基础设施

(node-01) # kubectl create -f https://github.com/kubernetes-sigs/cluster-api-provider-docker/releases/download/v0.2.1/provider-components.yaml

创建一个单节点 Kubernetes 集群

• 创建 Cluster 对象，指定后端使用 DockerCluster

  准备部署文件 cluster.yaml

apiVersion: cluster.x-k8s.io/v1alpha2
kind: Cluster
metadata:
  name: capi-quickstart
spec:
  clusterNetwork:
    pods:
      cidrBlocks: ["192.200.0.0/16"]
  infrastructureRef:
    apiVersion: infrastructure.cluster.x-k8s.io/v1alpha2
    kind: DockerCluster
    name: capi-quickstart
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha2
kind: DockerCluster
metadata:
  name: capi-quickstart

(node-01) # kubectl apply -f cluster.yaml

• 创建 Machine 对象，指定使用 DockerMachine 供应机器，使用 KubeadmConfig 进行节点配置

  准备部署文件 machine.yaml

apiVersion: cluster.x-k8s.io/v1alpha2
kind: Machine
metadata:
  name: capi-quickstart-controlplane-0
  labels:
    cluster.x-k8s.io/control-plane: "true"
    cluster.x-k8s.io/cluster-name: "capi-quickstart"
spec:
  version: v1.15.3
  bootstrap:
    configRef:
      apiVersion: bootstrap.cluster.x-k8s.io/v1alpha2
      kind: KubeadmConfig
      name: capi-quickstart-controlplane-0
  infrastructureRef:
    kind: DockerMachine
    apiVersion: infrastructure.cluster.x-k8s.io/v1alpha2
    name: capi-quickstart-controlplane-0
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha2
kind: DockerMachine
metadata:
  name: capi-quickstart-controlplane-0
---
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha2
kind: KubeadmConfig
metadata:
  name: capi-quickstart-controlplane-0
spec:
  initConfiguration:
    nodeRegistration:
      kubeletExtraArgs:
        # Default thresholds are higher to provide a buffer before resources
        # are completely depleted, at the cost of requiring more total
        # resources. These low thresholds allow running with fewer resources.
        # Appropriate for testing or development only.
        eviction-hard: nodefs.available<0%,nodefs.inodesFree<0%,imagefs.available<0%
  clusterConfiguration:
    networking:
      serviceSubnet: "10.96.0.0/12"
      podSubnet: "192.200.0.0/16"
      dnsDomain: "cluster.local"
    controllerManager:
      extraArgs:
        # Enables dynamic storage provisioning without a cloud provider.
        # Appropriate for testing or development only.
        enable-hostpath-provisioner: "true"

(node-01) # kubectl apply -f machine.yaml

• 查看集群状态

(node-01) # kubectl get cluster
NAME              PHASE
capi-quickstart   provisioned
(node-01) # kubectl get machine
NAME                             PROVIDERID                                                  PHASE
capi-quickstart-controlplane-0   docker:capi-quickstart-capi-quickstart-controlplane-0   running

访问新创建的集群

获取新集群的 kubeconfig 文件

(node-01) # kubectl --namespace=default get secret/capi-quickstart-kubeconfig -o json \
  | jq -r .data.value \
  | base64 --decode \
  > ./capi-quickstart.kubeconfig

注意：执行下面步骤时，需要到 capi-quickstart-controlplane-0 所在宿主机执行，实验中是 node-02，因此需要提前将 capi-quickstart.kubeconfig 拷贝到对应主机：

(node-02) # kubectl --kubeconfig=./capi-quickstart.kubeconfig apply -f https://docs.projectcalico.org/v3.8/manifests/calico.yaml
(node-02) # kubectl --kubeconfig=./capi-quickstart.kubeconfig get node
NAME                                             STATUS   ROLES    AGE   VERSION
capi-quickstart-capi-quickstart-controlplane-0   Ready    master   32m   v1.15.3

新集群的节点状态已经 Ready ！

到这里，我们已经能够对新建集群使用 kubectl 进行常规操作，后续再介绍集群扩容等高级特性。