README
¶
kok-operator
kok-operator 可以自动化完成高可用 kubernetes 部署
特性
- 支持 fake-apiserver、k3s 作为 bootstrap cluster,解决第一次部署集群没有元集群问题
- 云原生架构,crd+controller,采用声明式 api 描述一个集群的生命周期(创建,升级,删除)
- 支持 baremetal 和 hosted 两种方式部署集群
- 支持 containerd,并且支持配置 mirror
- 自动生成集群所有证书,无坑版100年集群证书
- 除 kubelet 外集群组件全部容器化部署,采用 static pod 方式部署高可用 etcd 集群
- 支持 coredns、kube-proxy、flannel、metrics-server、metallb、contour 等 addons 模板化部署
- 支持 centos、ubuntu、debian 系统
- 支持 helm v3, repo 管理
- 支持多集群管理,支持 master 高可用
安装部署
准备
下载启动 k3s 集群
# 下载二进制文件, 进入tools目录
$ cd tools
$ bash https://raw.githubusercontent.com/wtxue/kok-operator/master/tools/centos-k3s-node.sh
# 等待 k3s 运行正常后,查看 k3s admin kubeconfig
$ cat /etc/rancher/k3s/k3s.yaml
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJXRENCL3FBREFnRUNBZ0VBTUFvR0NDcUdTTTQ5QkFNQ01DTXhJVEFmQmdOVkJBTU1HR3N6Y3kxelpYSjIKWlhJdFkyRkFNVFl3TkRNNU56STVNakFlRncweU1ERXhNRE13T1RVME5USmFGdzB6TURFeE1ERXdPVFUwTlRKYQpNQ014SVRBZkJnTlZCQU1NR0dzemN5MXpaWEoyWlhJdFkyRkFNVFl3TkRNNU56STVNakJaTUJNR0J5cUdTTTQ5CkFnRUdDQ3FHU000OUF3RUhBMElBQkE5WGZEVTRkcmZPTnplSWlKMDV4WUNTWjA4REJYN2ZoMURaZzFNdUQ4VmYKWVQwS2R5SCtyRzZQVi9xdExMbHFocGM2Rkp1MlZiR3VsbFZ6T0hIa2VDaWpJekFoTUE0R0ExVWREd0VCL3dRRQpBd0lDcERBUEJnTlZIUk1CQWY4RUJUQURBUUgvTUFvR0NDcUdTTTQ5QkFNQ0Ewa0FNRVlDSVFEckZvK1pyNWY3CllHTUdQSnVhQ3dQdmZlNURqZGRXNm52R2pWNVRKM1IwclFJaEFQcXVWelJUMUczMEgrYmdDS3NobWhUQXZxMWwKUU9sakVUdjlkYnFGMTNSUAotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://127.0.0.1:6443 # 注意外部访问,修改 127.0.0.1 为 k3s 结点 IP
name: default
contexts:
- context:
cluster: default
user: default
name: default
current-context: default
kind: Config
preferences: {}
users:
- name: default
user:
password: 6253ebe7e75ce5afe7baaad49f99371c
username: admin
Get a kubeconfig by the k3s node ip
export NodeIP=xx.xx.xx.xx
mkdir -p $HOME/.kube
sudo cat /etc/rancher/k3s/k3s.yaml | sed 's/127.0.0.1/'$NodeIP'/g' > $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
运行
本地运行
# apply crd
$ kubectl apply -f manifests/crds/
customresourcedefinition.apiextensions.k8s.io/clustercredentials.devops.k8s.io created
customresourcedefinition.apiextensions.k8s.io/clusters.devops.k8s.io created
customresourcedefinition.apiextensions.k8s.io/machines.devops.k8s.io created
# 指定 kubeconfig 运行
$ go run cmd/admin-controller/main.go ctrl -v 4 --kubeconfig={}/k3s-kubeconfig.yaml
helm v3 安装运行
helm upgrade --install kok-operator --create-namespace --namespace kok-system --debug ./charts/kok-operator
kubectl get pod -n kok-system
NAME READY STATUS RESTARTS AGE
kok-operator-6ff65bc44b-hg4nh 1/1 Running 0 31m
创建集群
创建裸金属集群
# 创建集群cr
$ kubectl apply -f ./manifests/example-cluster.yaml
# 创建集群结点
$ kubectl apply -f ./manifests/example-cluster-node.yaml
创建托管集群
创建托管集群时,kok-operator 需要运行在 meta 高可用集群上,这里使用集群名为 meta-cluster, 注意一个 namespace 一个托管集群
# 创建 etcd 集群
$ kubectl apply -f ./manifests/etcd-statefulset.yaml
# 创建托管集群cr
kubectl apply -f ./manifests/hosted-cluster.yaml
# 创建托管集群结点
kubectl apply -f ./manifests/hosted-cluster-node.yaml
Development
This project uses Kubebuilder for CRD API generation.
计划
- 打通元集群及托管集群 service 网络,以支持聚合 apiserver
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
pkg
|
|
|
apis/devops/v1
Package v1 contains API Schema definitions for the devops v1 API group +kubebuilder:object:generate=true +groupName=devops.k8s.io
|
Package v1 contains API Schema definitions for the devops v1 API group +kubebuilder:object:generate=true +groupName=devops.k8s.io |
|
apis/kubeadm/v1beta2
Package v1beta2 defines the v1beta2 version of the kubeadm configuration file format.
|
Package v1beta2 defines the v1beta2 version of the kubeadm configuration file format. |
|
apis/workload/v1
Package v1 contains API Schema definitions for the app v1 API group +kubebuilder:object:generate=true +groupName=workload.k8s.io
|
Package v1 contains API Schema definitions for the app v1 API group +kubebuilder:object:generate=true +groupName=workload.k8s.io |
Click to show internal directories.
Click to hide internal directories.