网站导航
> 文档中心 > kubeedge离线搭建

kubeedge离线搭建

网友: 文档中心 2022-04-15 14:42:46

kubeedge搭建前绝条件
1.cloud端部署kubernetes>1.18&&<=1.21
2.edge端部署docker>1.9

一、Cloud端和Edge端部署keadm
1.进入GitHub的release页面复制keadm的下载地址:https://github.com/kubeedge/kubeedge/releases
cloud
2.解压文件

tar -zxvf keadm-v1.9.2-linux-amd64.tar.gzcd keadm-v1.9.2-linux-amd64/keadm/chmod +x keadmcp keadm /usr/local/bin/keadm version

二、在Cloud端部署
获取适合自己云端机器类型的keadm
离线物料准备(在网络能正常拉到物料时可跳过)
a. 将crds文件夹中的所有内容平移到部署机的/etc/kubeedge/crds目录下
b. 将kubeedge压缩包放置到/etc/kubeedge目录下
c. 将checksum放置到/etc/kubeedge目录下
d. 将cloudcore.service放置到/etc/kubeedge目录下
e. 将certgen.sh放置到/etc/kubeedge目录下

1.生成密钥

export CLOUDCOREIPS="x.x.x.x"/etc/kubeedge/certgen.sh stream/etc/kubeedge/certgen.sh genCertAndKey server

注:x.x.x.x为对外IP地址

2.设置iptable

iptables -t nat -A OUTPUT -p tcp --dport 10350 -j DNAT --to $CLOUDCOREIPS:10003

3.cloudcore运行

keadm init --advertise-address="THE-EXPOSED-IP"

4.修改yaml文件/etc/kubeedge/config/cloudcore.yaml,中enable改成true

cloudStream:  enable: true  streamPort: 10003  tlsStreamCAFile: /etc/kubeedge/ca/streamCA.crt  tlsStreamCertFile: /etc/kubeedge/certs/stream.crt  tlsStreamPrivateKeyFile: /etc/kubeedge/certs/stream.key  tlsTunnelCAFile: /etc/kubeedge/ca/rootCA.crt  tlsTunnelCertFile: /etc/kubeedge/certs/server.crt  tlsTunnelPrivateKeyFile: /etc/kubeedge/certs/server.key  tunnelPort: 10004

5.设置systemctl
将cloudcore.server复制到/usr/lib/systemd/system/

pkill cloudcorecp /etc/kubeedge/cloudcore.service /usr/lib/systemd/system/systemctl restart cloudcore

6.修改kube-proxy文件

 kubectl edit daemonsets.apps -n kube-system kube-proxy

添加如下字段

affinity:nodeAffinity:  requiredDuringSchedulingIgnoredDuringExecution:    nodeSelectorTerms:      - matchExpressions:   - key: node-role.kubernetes.io/edge     operator: DoesNotExist

7.获取token

keadm gettoken

三、在Edge端部署
在云端运行 keadm gettoken 将返回token令牌,该令牌将在加入边缘节点时使用。
离线物料准备
a. 将kubeedge压缩包放置到/etc/kubeedge目录下
b. 将checksum下载到/etc/kubeedge目录下
c. 将edgecore.service下载到/etc/kubeedge目录下
d.将cloud端ca、certs复制到edge端的/etc/kubeedge目录下

1.运行edgecore

./keadm join --cloudcore-ipport=x.x.x.x:10000 --token=xxxx

2.修改yaml文件/etc/kubeedge/config/edgecore.yaml,将enable设置成true

edgeStream:  enable: true  handshakeTimeout: 30  readDeadline: 15  server: 192.168.0.139:10004  tlsTunnelCAFile: /etc/kubeedge/ca/rootCA.crt  tlsTunnelCertFile: /etc/kubeedge/certs/server.crt  tlsTunnelPrivateKeyFile: /etc/kubeedge/certs/server.key  writeDeadline: 15

重启edgecore

systemcl restart edgecore.service

四、kubeedge卸载方案

#或者强制卸载 --force./keadm reset --force#删除相关文件rm -rf /etc/systemd/system/edgecore.servicerm -rf /usr/lib/systemd/system/edgecore.servicerm -rf /etc/kubeedge#停止服务systemctl stop edgecore.servicesystemctl daemon-reloadps aux|grep edgecore
网络标签:

相关问题