本文介绍如何给您在阿里云上自建的Kubernetes集群部署Virtual Kubelet。

自建kubernetes集群

采用yaml的方式部署virtual-kubelet。

准备工作

部署virtual-kubelet准备工作,需要通过阿里云获取信息:

参数 参数含义 获取路径
ECI_ACCESS_KEY 用户AccessKey 请参见获取AccessKey
ECI_SECRET_KEY 用户SecretKey 同上。
ALIYUN_CLUSTERID 集群ID 用户自定义一个唯一标示,作为集群ID
ECI_REGION 地域名称 登录弹性容器实例控制台,获取Region信息,例如:华北2,对应RegionID cn-beijing
ECI_VPC 集群的VPC 登录专有网络,根据已选Region,获取合适VPC ID
ECI_VSWITCH 虚拟交换机 登录专有网络>交换机,根据已选VpcID,获取合适交换机ID
ECI_SECURITY_GROUP 安全组 登录专有网络,根据已选VpcID,点击进入专有网络详情>网络资源>安全组,获取合适安全组ID
YAML文件
cat deployment-vk.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: virtual-node-sa
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: virtual-node-role-binding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: virtual-node-sa
    namespace: kube-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: virtual-node-controller
  namespace: kube-system
  labels:
    app: virtual-node-controller
spec:
  replicas: 1
  selector:
    matchLabels:
      app: virtual-node-controller
  template:
    metadata:
      labels:
        app: virtual-node-controller
    spec:
      serviceAccount: virtual-node-sa
      containers:
      - name: alicloud-virtual-kubelet
        image: registry.cn-hangzhou.aliyuncs.com/acs/virtual-nodes-eci:v1.0.0.3-aliyun
        imagePullPolicy: Always
        args: ["--provider", "alibabacloud"]
        env:
        - name: KUBELET_PORT
          value: "10250"
        - name: VKUBELET_POD_IP
          valueFrom:
            fieldRef:
              fieldPath: status.podIP
        - name: VKUBELET_TAINT_KEY
          value: "virtual-kubelet.io/provider"
        - name: VKUBELET_TAINT_VALUE
          value: "alibabacloud"
        - name: VKUBELET_TAINT_EFFECT
          value: "NoSchedule"
        - name: ECI_REGION
          value: ${aliyun_region_name}
        - name: ECI_VPC
          value: ${aliyun_vpc_id}
        - name: ECI_VSWITCH
          value: ${aliyun_vswitch_id}
        - name: ECI_SECURITY_GROUP
          value: ${aliyun_sg_id}
        - name: ECI_ACCESS_KEY
          value: ${aliyun_access_key}
        - name: ECI_SECRET_KEY
          value: ${aliyun_secret_key}
        - name: ALIYUN_CLUSTERID
          value: ${custom_define_cluster_id}	

根据之前准备的信息,替换yaml文件中的:

  • aliyun_region_name
  • aliyun_vpc_id
  • aliyun_vswitch_id
  • aliyun_sg_id
  • aliyun_access_key
  • aliyun_secret_key

最后,需要给你的集群设置集群ID,替换custom_define_cluster_id

执行部署

# 部署前,集群Node节点信息
[root@k8s-master01 ~]#
[root@k8s-master01 ~]# kubectl get node -o wide
NAME                 STATUS   ROLES    AGE   VERSION   INTERNAL-IP    EXTERNAL-IP   OS-IMAGE                     KERNEL-VERSION                CONTAINER-RUNTIME
k8s-master01      Ready    <none>   50d   v1.14.2      192.168.0.15     <none>           CentOS Linux 7 (Core)   3.10.0-957.21.3.el7.x86_64   docker://18.9.6
k8s-master02      Ready    <none>   50d   v1.14.2      192.168.0.16     <none>           CentOS Linux 7 (Core)   3.10.0-957.21.3.el7.x86_64   docker://18.9.6
k8s-master03      Ready    <none>   50d   v1.14.2      192.168.0.17     <none>           CentOS Linux 7 (Core)   3.10.0-957.21.3.el7.x86_64   docker://18.9.6

# 部署
[root@k8s-master01 ~]# kubectl apply -f deployment-vk.yaml
serviceaccount/virtual-node-sa created
clusterrolebinding.rbac.authorization.k8s.io/virtual-node-role-binding created
deployment.apps/virtual-node-controller created

# 查看部署情况
[root@k8s-master01 ~]# kubectl get deploy/virtual-node-controller -n kube-system
NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
virtual-node-controller   1/1         1                      1                  161m

# 获取集群Node列表
[root@k8s-master01 ~]# kubectl get node -o wide
NAME                  STATUS   ROLES    AGE   VERSION   INTERNAL-IP    EXTERNAL-IP   OS-IMAGE                     KERNEL-VERSION                CONTAINER-RUNTIME
k8s-master01      Ready    <none>   50d    v1.14.2      192.168.0.15     <none>           CentOS Linux 7 (Core)   3.10.0-957.21.3.el7.x86_64   docker://18.9.6
k8s-master02      Ready    <none>   50d    v1.14.2      192.168.0.16     <none>           CentOS Linux 7 (Core)   3.10.0-957.21.3.el7.x86_64   docker://18.9.6
k8s-master03      Ready    <none>   50d    v1.14.2      192.168.0.17     <none>           CentOS Linux 7 (Core)   3.10.0-957.21.3.el7.x86_64   docker://18.9.6
virtual-kubelet    Ready     agent      82m   v1.11.2      172.30.176.3     <none>           <unknown>                  <unknown>                         <unknown>
			

验证

  1. 指定节点创建pod。
    cat test-pod.yaml
    apiVersion: v1
    kind: Pod
    metadata:
      name: test-pod
    spec:
      containers:
      - name: centos
        image: centos:latest
        args:
        - /bin/sh
        - -c
        - date; sleep 6000h
      nodeName: virtual-kubelet
    
    # 创建Pod
    [root@k8s-master01 ~]# kubectl create -f test-pod.yaml
    pod/test-pod created	
  2. 检查Pod创建情况。
    [root@k8s-master01 ~]# kubectl get pod/test-pod -o wide
    NAME       READY   STATUS    RESTARTS   AGE   IP                    NODE                  NOMINATED NODE   READINESS GATES
    test-pod   1/1         Running   0                 95s   192.168.6.165   virtual-kubelet   <none>                      <none>
    
    # virtual-kubelet会为运行在VK节点的Pod添加Annotation
    [root@k8s-master01 ~]# kubectl  get pod -o yaml test-pod
    apiVersion: v1
    kind: Pod
    metadata:
      annotations:
        ProviderCreate: done
        k8s.aliyun.com/eci-instance-id: eci-2zeaak7c7i6xb5uqnw4m	
  3. 通过ECI控制台查看。