From 6d536c66e5e773b8caea6ce686ba4975cc84f7ae Mon Sep 17 00:00:00 2001 From: "huanqing.shao" Date: Tue, 19 Nov 2019 11:54:55 +0800 Subject: [PATCH] 1.16.3 --- .../install-script/v1.16.3/init-master.sh | 35 ++ .../install-script/v1.16.3/init_master.sh | 44 ++ .../install-script/v1.16.3/install-kubelet.sh | 100 ++++ .../install-script/v1.16.3/install_kubelet.sh | 98 ++++ .../install-script/v1.16.3/nginx-ingress.yaml | 168 ++++++ install/history-k8s/install-k8s-1.16.2.md | 514 ++++++++++++++++++ install/install-k8s.md | 29 +- 7 files changed, 974 insertions(+), 14 deletions(-) create mode 100644 .vuepress/public/install-script/v1.16.3/init-master.sh create mode 100644 .vuepress/public/install-script/v1.16.3/init_master.sh create mode 100644 .vuepress/public/install-script/v1.16.3/install-kubelet.sh create mode 100644 .vuepress/public/install-script/v1.16.3/install_kubelet.sh create mode 100644 .vuepress/public/install-script/v1.16.3/nginx-ingress.yaml create mode 100644 install/history-k8s/install-k8s-1.16.2.md diff --git a/.vuepress/public/install-script/v1.16.3/init-master.sh b/.vuepress/public/install-script/v1.16.3/init-master.sh new file mode 100644 index 0000000..15b2ea9 --- /dev/null +++ b/.vuepress/public/install-script/v1.16.3/init-master.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +# 只在 master 节点执行 + +# 查看完整配置选项 https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta2 +rm -f ./kubeadm-config.yaml +cat < ./kubeadm-config.yaml +apiVersion: kubeadm.k8s.io/v1beta2 +kind: ClusterConfiguration +kubernetesVersion: v1.16.3 +imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers +controlPlaneEndpoint: "${APISERVER_NAME}:6443" +networking: + serviceSubnet: "10.96.0.0/16" + podSubnet: "${POD_SUBNET}" + dnsDomain: "cluster.local" +EOF + +# kubeadm init +# 根据您服务器网速的情况,您需要等候 3 - 10 分钟 +kubeadm init --config=kubeadm-config.yaml --upload-certs + +# 配置 kubectl +rm -rf /root/.kube/ +mkdir /root/.kube/ +cp -i /etc/kubernetes/admin.conf /root/.kube/config + +# 安装 calico 网络插件 +# 参考文档 https://docs.projectcalico.org/v3.9/getting-started/kubernetes/ +rm -f calico-3.9.2.yaml +wget https://kuboard.cn/install-script/calico/calico-3.9.2.yaml +sed -i "s#192\.168\.0\.0/16#${POD_SUBNET}#" calico-3.9.2.yaml +kubectl apply -f calico-3.9.2.yaml + +echo -e "\033[31;1m请确保您正在使用 https://kuboard.cn/install/install-k8s.html 上的最新K8S安装文档,并加入了在线答疑QQ群808894550,以避免碰到问题时无人解答\033[0m" diff --git a/.vuepress/public/install-script/v1.16.3/init_master.sh b/.vuepress/public/install-script/v1.16.3/init_master.sh new file mode 100644 index 0000000..9e26b37 --- /dev/null +++ b/.vuepress/public/install-script/v1.16.3/init_master.sh @@ -0,0 +1,44 @@ +#!/bin/bash + +# 只在 master 节点执行 + +# 脚本出错时终止执行 +set -e + +if [ ${#POD_SUBNET} -eq 0 ] || [ ${#APISERVER_NAME} -eq 0 ]; then + echo -e "\033[31;1m请确保您已经设置了环境变量 POD_SUBNET 和 APISERVER_NAME \033[0m" + echo 当前POD_SUBNET=$POD_SUBNET + echo 当前APISERVER_NAME=$APISERVER_NAME + exit 1 +fi + + +# 查看完整配置选项 https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta2 +rm -f ./kubeadm-config.yaml +cat < ./kubeadm-config.yaml +apiVersion: kubeadm.k8s.io/v1beta2 +kind: ClusterConfiguration +kubernetesVersion: v1.16.3 +imageRepository: registry.cn-hangzhou.aliyuncs.com/google_containers +controlPlaneEndpoint: "${APISERVER_NAME}:6443" +networking: + serviceSubnet: "10.96.0.0/16" + podSubnet: "${POD_SUBNET}" + dnsDomain: "cluster.local" +EOF + +# kubeadm init +# 根据您服务器网速的情况,您需要等候 3 - 10 分钟 +kubeadm init --config=kubeadm-config.yaml --upload-certs + +# 配置 kubectl +rm -rf /root/.kube/ +mkdir /root/.kube/ +cp -i /etc/kubernetes/admin.conf /root/.kube/config + +# 安装 calico 网络插件 +# 参考文档 https://docs.projectcalico.org/v3.9/getting-started/kubernetes/ +rm -f calico-3.9.2.yaml +wget https://kuboard.cn/install-script/calico/calico-3.9.2.yaml +sed -i "s#192\.168\.0\.0/16#${POD_SUBNET}#" calico-3.9.2.yaml +kubectl apply -f calico-3.9.2.yaml diff --git a/.vuepress/public/install-script/v1.16.3/install-kubelet.sh b/.vuepress/public/install-script/v1.16.3/install-kubelet.sh new file mode 100644 index 0000000..61446a6 --- /dev/null +++ b/.vuepress/public/install-script/v1.16.3/install-kubelet.sh @@ -0,0 +1,100 @@ +#!/bin/bash + +# 在 master 节点和 worker 节点都要执行 + +# 安装 docker +# 参考文档如下 +# https://docs.docker.com/install/linux/docker-ce/centos/ +# https://docs.docker.com/install/linux/linux-postinstall/ + +# 卸载旧版本 +yum remove -y docker \ +docker-client \ +docker-client-latest \ +docker-common \ +docker-latest \ +docker-latest-logrotate \ +docker-logrotate \ +docker-selinux \ +docker-engine-selinux \ +docker-engine + +# 设置 yum repository +yum install -y yum-utils \ +device-mapper-persistent-data \ +lvm2 +yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo + +# 安装并启动 docker +yum install -y docker-ce-18.09.7 docker-ce-cli-18.09.7 containerd.io +systemctl enable docker +systemctl start docker + +# 安装 nfs-utils +# 必须先安装 nfs-utils 才能挂载 nfs 网络存储 +yum install -y nfs-utils +yum install -y wget + +# 关闭 防火墙 +systemctl stop firewalld +systemctl disable firewalld + +# 关闭 SeLinux +setenforce 0 +sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config + +# 关闭 swap +swapoff -a +yes | cp /etc/fstab /etc/fstab_bak +cat /etc/fstab_bak |grep -v swap > /etc/fstab + +# 修改 /etc/sysctl.conf +# 如果有配置,则修改 +sed -i "s#^net.ipv4.ip_forward.*#net.ipv4.ip_forward=1#g" /etc/sysctl.conf +sed -i "s#^net.bridge.bridge-nf-call-ip6tables.*#net.bridge.bridge-nf-call-ip6tables=1#g" /etc/sysctl.conf +sed -i "s#^net.bridge.bridge-nf-call-iptables.*#net.bridge.bridge-nf-call-iptables=1#g" /etc/sysctl.conf +# 可能没有,追加 +echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf +echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf +echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf +# 执行命令以应用 +sysctl -p + +# 配置K8S的yum源 +cat < /etc/yum.repos.d/kubernetes.repo +[kubernetes] +name=Kubernetes +baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 +enabled=1 +gpgcheck=0 +repo_gpgcheck=0 +gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg + http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg +EOF + +# 卸载旧版本 +yum remove -y kubelet kubeadm kubectl + +# 安装kubelet、kubeadm、kubectl +yum install -y kubelet-1.16.3 kubeadm-1.16.3 kubectl-1.16.3 + +# 修改docker Cgroup Driver为systemd +# # 将/usr/lib/systemd/system/docker.service文件中的这一行 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock +# # 修改为 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd +# 如果不修改,在添加 worker 节点时可能会碰到如下错误 +# [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". +# Please follow the guide at https://kubernetes.io/docs/setup/cri/ +sed -i "s#^ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd#g" /usr/lib/systemd/system/docker.service + +# 设置 docker 镜像,提高 docker 镜像下载速度和稳定性 +# 如果您访问 https://hub.docker.io 速度非常稳定,亦可以跳过这个步骤 +curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://f1361db2.m.daocloud.io + +# 重启 docker,并启动 kubelet +systemctl daemon-reload +systemctl restart docker +systemctl enable kubelet && systemctl start kubelet + +docker version + +echo -e "\033[31;1mKubernetes.org.cn发文审核周期长,请确保您正在使用 https://kuboard.cn/install/install-k8s.html 上的最新文档,并加入了在线答疑QQ群808894550,以避免碰到问题时无人解答\033[0m" diff --git a/.vuepress/public/install-script/v1.16.3/install_kubelet.sh b/.vuepress/public/install-script/v1.16.3/install_kubelet.sh new file mode 100644 index 0000000..fed7326 --- /dev/null +++ b/.vuepress/public/install-script/v1.16.3/install_kubelet.sh @@ -0,0 +1,98 @@ +#!/bin/bash + +# 在 master 节点和 worker 节点都要执行 + +# 安装 docker +# 参考文档如下 +# https://docs.docker.com/install/linux/docker-ce/centos/ +# https://docs.docker.com/install/linux/linux-postinstall/ + +# 卸载旧版本 +yum remove -y docker \ +docker-client \ +docker-client-latest \ +docker-common \ +docker-latest \ +docker-latest-logrotate \ +docker-logrotate \ +docker-selinux \ +docker-engine-selinux \ +docker-engine + +# 设置 yum repository +yum install -y yum-utils \ +device-mapper-persistent-data \ +lvm2 +yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo + +# 安装并启动 docker +yum install -y docker-ce-18.09.7 docker-ce-cli-18.09.7 containerd.io +systemctl enable docker +systemctl start docker + +# 安装 nfs-utils +# 必须先安装 nfs-utils 才能挂载 nfs 网络存储 +yum install -y nfs-utils +yum install -y wget + +# 关闭 防火墙 +systemctl stop firewalld +systemctl disable firewalld + +# 关闭 SeLinux +setenforce 0 +sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config + +# 关闭 swap +swapoff -a +yes | cp /etc/fstab /etc/fstab_bak +cat /etc/fstab_bak |grep -v swap > /etc/fstab + +# 修改 /etc/sysctl.conf +# 如果有配置,则修改 +sed -i "s#^net.ipv4.ip_forward.*#net.ipv4.ip_forward=1#g" /etc/sysctl.conf +sed -i "s#^net.bridge.bridge-nf-call-ip6tables.*#net.bridge.bridge-nf-call-ip6tables=1#g" /etc/sysctl.conf +sed -i "s#^net.bridge.bridge-nf-call-iptables.*#net.bridge.bridge-nf-call-iptables=1#g" /etc/sysctl.conf +# 可能没有,追加 +echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf +echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf +echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf +# 执行命令以应用 +sysctl -p + +# 配置K8S的yum源 +cat < /etc/yum.repos.d/kubernetes.repo +[kubernetes] +name=Kubernetes +baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 +enabled=1 +gpgcheck=0 +repo_gpgcheck=0 +gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg + http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg +EOF + +# 卸载旧版本 +yum remove -y kubelet kubeadm kubectl + +# 安装kubelet、kubeadm、kubectl +yum install -y kubelet-1.16.3 kubeadm-1.16.3 kubectl-1.16.3 + +# 修改docker Cgroup Driver为systemd +# # 将/usr/lib/systemd/system/docker.service文件中的这一行 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock +# # 修改为 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd +# 如果不修改,在添加 worker 节点时可能会碰到如下错误 +# [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". +# Please follow the guide at https://kubernetes.io/docs/setup/cri/ +sed -i "s#^ExecStart=/usr/bin/dockerd.*#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --exec-opt native.cgroupdriver=systemd#g" /usr/lib/systemd/system/docker.service + +# 设置 docker 镜像,提高 docker 镜像下载速度和稳定性 +# 如果您访问 https://hub.docker.io 速度非常稳定,亦可以跳过这个步骤 +curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://f1361db2.m.daocloud.io + +# 重启 docker,并启动 kubelet +systemctl daemon-reload +systemctl restart docker +systemctl enable kubelet && systemctl start kubelet + +docker version diff --git a/.vuepress/public/install-script/v1.16.3/nginx-ingress.yaml b/.vuepress/public/install-script/v1.16.3/nginx-ingress.yaml new file mode 100644 index 0000000..06d4d8e --- /dev/null +++ b/.vuepress/public/install-script/v1.16.3/nginx-ingress.yaml @@ -0,0 +1,168 @@ +# 如果打算用于生产环境,请参考 https://github.com/nginxinc/kubernetes-ingress/blob/v1.5.5/docs/installation.md 并根据您自己的情况做进一步定制 + +apiVersion: v1 +kind: Namespace +metadata: + name: nginx-ingress + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: nginx-ingress + namespace: nginx-ingress + +--- +apiVersion: v1 +kind: Secret +metadata: + name: default-server-secret + namespace: nginx-ingress +type: Opaque +data: + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN2akNDQWFZQ0NRREFPRjl0THNhWFhEQU5CZ2txaGtpRzl3MEJBUXNGQURBaE1SOHdIUVlEVlFRRERCWk8KUjBsT1dFbHVaM0psYzNORGIyNTBjbTlzYkdWeU1CNFhEVEU0TURreE1qRTRNRE16TlZvWERUSXpNRGt4TVRFNApNRE16TlZvd0lURWZNQjBHQTFVRUF3d1dUa2RKVGxoSmJtZHlaWE56UTI5dWRISnZiR3hsY2pDQ0FTSXdEUVlKCktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUwvN2hIUEtFWGRMdjNyaUM3QlBrMTNpWkt5eTlyQ08KR2xZUXYyK2EzUDF0azIrS3YwVGF5aGRCbDRrcnNUcTZzZm8vWUk1Y2Vhbkw4WGM3U1pyQkVRYm9EN2REbWs1Qgo4eDZLS2xHWU5IWlg0Rm5UZ0VPaStlM2ptTFFxRlBSY1kzVnNPazFFeUZBL0JnWlJVbkNHZUtGeERSN0tQdGhyCmtqSXVuektURXUyaDU4Tlp0S21ScUJHdDEwcTNRYzhZT3ExM2FnbmovUWRjc0ZYYTJnMjB1K1lYZDdoZ3krZksKWk4vVUkxQUQ0YzZyM1lma1ZWUmVHd1lxQVp1WXN2V0RKbW1GNWRwdEMzN011cDBPRUxVTExSakZJOTZXNXIwSAo1TmdPc25NWFJNV1hYVlpiNWRxT3R0SmRtS3FhZ25TZ1JQQVpQN2MwQjFQU2FqYzZjNGZRVXpNQ0F3RUFBVEFOCkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQWpLb2tRdGRPcEsrTzhibWVPc3lySmdJSXJycVFVY2ZOUitjb0hZVUoKdGhrYnhITFMzR3VBTWI5dm15VExPY2xxeC9aYzJPblEwMEJCLzlTb0swcitFZ1U2UlVrRWtWcitTTFA3NTdUWgozZWI4dmdPdEduMS9ienM3bzNBaS9kclkrcUI5Q2k1S3lPc3FHTG1US2xFaUtOYkcyR1ZyTWxjS0ZYQU80YTY3Cklnc1hzYktNbTQwV1U3cG9mcGltU1ZmaXFSdkV5YmN3N0NYODF6cFErUyt1eHRYK2VBZ3V0NHh3VlI5d2IyVXYKelhuZk9HbWhWNThDd1dIQnNKa0kxNXhaa2VUWXdSN0diaEFMSkZUUkk3dkhvQXprTWIzbjAxQjQyWjNrN3RXNQpJUDFmTlpIOFUvOWxiUHNoT21FRFZkdjF5ZytVRVJxbStGSis2R0oxeFJGcGZnPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBdi91RWM4b1JkMHUvZXVJTHNFK1RYZUprckxMMnNJNGFWaEMvYjVyYy9XMlRiNHEvClJOcktGMEdYaVN1eE9ycXgrajlnamx4NXFjdnhkenRKbXNFUkJ1Z1B0ME9hVGtIekhvb3FVWmcwZGxmZ1dkT0EKUTZMNTdlT1l0Q29VOUZ4amRXdzZUVVRJVUQ4R0JsRlNjSVo0b1hFTkhzbysyR3VTTWk2Zk1wTVM3YUhudzFtMApxWkdvRWEzWFNyZEJ6eGc2clhkcUNlUDlCMXl3VmRyYURiUzc1aGQzdUdETDU4cGszOVFqVUFQaHpxdmRoK1JWClZGNGJCaW9CbTVpeTlZTW1hWVhsMm0wTGZzeTZuUTRRdFFzdEdNVWozcGJtdlFmazJBNnljeGRFeFpkZFZsdmwKMm82MjBsMllxcHFDZEtCRThCay90elFIVTlKcU56cHpoOUJUTXdJREFRQUJBb0lCQVFDZklHbXowOHhRVmorNwpLZnZJUXQwQ0YzR2MxNld6eDhVNml4MHg4Mm15d1kxUUNlL3BzWE9LZlRxT1h1SENyUlp5TnUvZ2IvUUQ4bUFOCmxOMjRZTWl0TWRJODg5TEZoTkp3QU5OODJDeTczckM5bzVvUDlkazAvYzRIbjAzSkVYNzZ5QjgzQm9rR1FvYksKMjhMNk0rdHUzUmFqNjd6Vmc2d2szaEhrU0pXSzBwV1YrSjdrUkRWYmhDYUZhNk5nMUZNRWxhTlozVDhhUUtyQgpDUDNDeEFTdjYxWTk5TEI4KzNXWVFIK3NYaTVGM01pYVNBZ1BkQUk3WEh1dXFET1lvMU5PL0JoSGt1aVg2QnRtCnorNTZud2pZMy8yUytSRmNBc3JMTnIwMDJZZi9oY0IraVlDNzVWYmcydVd6WTY3TWdOTGQ5VW9RU3BDRkYrVm4KM0cyUnhybnhBb0dCQU40U3M0ZVlPU2huMVpQQjdhTUZsY0k2RHR2S2ErTGZTTXFyY2pOZjJlSEpZNnhubmxKdgpGenpGL2RiVWVTbWxSekR0WkdlcXZXaHFISy9iTjIyeWJhOU1WMDlRQ0JFTk5jNmtWajJTVHpUWkJVbEx4QzYrCk93Z0wyZHhKendWelU0VC84ajdHalRUN05BZVpFS2FvRHFyRG5BYWkyaW5oZU1JVWZHRXFGKzJyQW9HQkFOMVAKK0tZL0lsS3RWRzRKSklQNzBjUis3RmpyeXJpY05iWCtQVzUvOXFHaWxnY2grZ3l4b25BWlBpd2NpeDN3QVpGdwpaZC96ZFB2aTBkWEppc1BSZjRMazg5b2pCUmpiRmRmc2l5UmJYbyt3TFU4NUhRU2NGMnN5aUFPaTVBRHdVU0FkCm45YWFweUNweEFkREtERHdObit3ZFhtaTZ0OHRpSFRkK3RoVDhkaVpBb0dCQUt6Wis1bG9OOTBtYlF4VVh5YUwKMjFSUm9tMGJjcndsTmVCaWNFSmlzaEhYa2xpSVVxZ3hSZklNM2hhUVRUcklKZENFaHFsV01aV0xPb2I2NTNyZgo3aFlMSXM1ZUtka3o0aFRVdnpldm9TMHVXcm9CV2xOVHlGanIrSWhKZnZUc0hpOGdsU3FkbXgySkJhZUFVWUNXCndNdlQ4NmNLclNyNkQrZG8wS05FZzFsL0FvR0FlMkFVdHVFbFNqLzBmRzgrV3hHc1RFV1JqclRNUzRSUjhRWXQKeXdjdFA4aDZxTGxKUTRCWGxQU05rMXZLTmtOUkxIb2pZT2pCQTViYjhibXNVU1BlV09NNENoaFJ4QnlHbmR2eAphYkJDRkFwY0IvbEg4d1R0alVZYlN5T294ZGt5OEp0ek90ajJhS0FiZHd6NlArWDZDODhjZmxYVFo5MWpYL3RMCjF3TmRKS2tDZ1lCbyt0UzB5TzJ2SWFmK2UwSkN5TGhzVDQ5cTN3Zis2QWVqWGx2WDJ1VnRYejN5QTZnbXo5aCsKcDNlK2JMRUxwb3B0WFhNdUFRR0xhUkcrYlNNcjR5dERYbE5ZSndUeThXczNKY3dlSTdqZVp2b0ZpbmNvVlVIMwphdmxoTUVCRGYxSjltSDB5cDBwWUNaS2ROdHNvZEZtQktzVEtQMjJhTmtsVVhCS3gyZzR6cFE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo= + +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: nginx-config + namespace: nginx-ingress +data: + server-names-hash-bucket-size: "1024" + + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: nginx-ingress +rules: +- apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - update + - create +- apiGroups: + - "" + resources: + - pods + verbs: + - list +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - extensions + resources: + - ingresses + verbs: + - list + - watch + - get +- apiGroups: + - "extensions" + resources: + - ingresses/status + verbs: + - update +- apiGroups: + - k8s.nginx.org + resources: + - virtualservers + - virtualserverroutes + verbs: + - list + - watch + - get + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: nginx-ingress +subjects: +- kind: ServiceAccount + name: nginx-ingress + namespace: nginx-ingress +roleRef: + kind: ClusterRole + name: nginx-ingress + apiGroup: rbac.authorization.k8s.io + +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: nginx-ingress + namespace: nginx-ingress + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "9113" +spec: + selector: + matchLabels: + app: nginx-ingress + template: + metadata: + labels: + app: nginx-ingress + spec: + serviceAccountName: nginx-ingress + containers: + - image: nginx/nginx-ingress:1.5.5 + name: nginx-ingress + ports: + - name: http + containerPort: 80 + hostPort: 80 + - name: https + containerPort: 443 + hostPort: 443 + - name: prometheus + containerPort: 9113 + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + args: + - -nginx-configmaps=$(POD_NAMESPACE)/nginx-config + - -default-server-tls-secret=$(POD_NAMESPACE)/default-server-secret + #- -v=3 # Enables extensive logging. Useful for troubleshooting. + #- -report-ingress-status + #- -external-service=nginx-ingress + #- -enable-leader-election + - -enable-prometheus-metrics + #- -enable-custom-resources diff --git a/install/history-k8s/install-k8s-1.16.2.md b/install/history-k8s/install-k8s-1.16.2.md new file mode 100644 index 0000000..83aad60 --- /dev/null +++ b/install/history-k8s/install-k8s-1.16.2.md @@ -0,0 +1,514 @@ +--- +vssueId: 15 +# layout: StepLayout +sharingTitle: K8S入门第一步---安装,装不好还有人免费远程协助,更有K8S免费教程提供,你还在等什么? +description: Kubernete安装文档_Kubernetes最新稳定版v1.16.2的快速安装文档_该文档由众多网友验证并在线提出修改意见_持续不断地更新和完善_并且通过QQ群提供免费在线答疑的服务 +meta: + - name: keywords + content: Kubernetes安装,K8S安装,kubeadm,Kubernetes 安装,K8S 安装 +--- + +# 使用kubeadm安装kubernetes_v1.16.2 + + + +## 文档特点 + +
+ +
+ +## 配置要求 + +对于 Kubernetes 初学者,推荐在阿里云或腾讯云采购如下配置:(您也可以使用自己的虚拟机、私有云等您最容易获得的 Linux 环境) + +* 至少2台 **2核4G** 的服务器 +* **Cent OS 7.6** + + + +[腾讯云11.11爆款1核2G云服务器首购88元,免费领9888元代金券,百款云产品一折起](https://cloud.tencent.com/act/cps/redirect?redirect=1050&cps_key=2ee6baa049659f4713ddc55a51314372&from=console) + + + +[阿里云双十一,All in Cloud,低至一折](https://www.aliyun.com/1111/2019/home?userCode=obezo3pg) + + + +::: danger 警告 +* 因为双十一,许多网友使用腾讯云、阿里云不同的账号各买了一台优惠价格的机器。目前我没有找到方法将不同局域网内的机器通过公网连接组成K8S集群,请谨慎。 +* 建议的做法是:腾讯云(或阿里云)采购一台优惠价格的包年实例作为 Master,同时再采购一台竞价实例(腾讯云)或抢占式实例(阿里云)作为 Worker 节点。竞价实例(抢占式实例)按分钟付费,以阿里云为例,一台2核8G的机器一天下来的费用大概是 1.2 - 1.5元。 +* 再次强调:按照本文档进行安装时,所有节点必须在同一个局域网内 +::: + +**安装后的软件版本为** + +* Kubernetes v1.16.2 + * calico 3.9 + * nginx-ingress 1.5.5 +* Docker 18.09.7 + +> 如果要安装 Kubernetes 历史版本,请参考: +> * [安装 Kubernetes v1.16.1 单Master节点](/install/history-k8s/install-k8s-1.16.1.html) +> * [安装 Kubernetes v1.16.0 单Master节点](/install/history-k8s/install-k8s-1.16.0.html) +> * [安装 Kubernetes v1.15.4 单Master节点](/install/history-k8s/install-k8s-1.15.4.html) +> * [安装 Kubernetes v1.15.3 单Master节点](/install/history-k8s/install-k8s-1.15.3.html) +> * [安装 Kubernetes v1.15.2 单Master节点](/install/history-k8s/install-k8s-1.15.2.html) +> * [安装 Kubernetes v1.15.1 单Master节点](/install/history-k8s/install-k8s-1.15.1.html) + + + +安装后的拓扑图如下:下载拓扑图源文件 使用Axure RP 9.0可打开该文件 + +强烈建议初学者先按照此文档完成安装,在对 K8S 有更多理解后,再参考文档 [安装Kubernetes高可用](./install-kubernetes.html) + +

+Kubernetes安装:Kubernetes安装拓扑图 +

+ +::: tip 关于二进制安装 + +kubeadm 是 Kubernetes 官方支持的安装方式,“二进制” 不是。本文档采用 kubernetes.io 官方推荐的 kubeadm 工具安装 kubernetes 集群。 + +::: + + + +## 检查 centos / hostname + +``` sh +# 在 master 节点和 worker 节点都要执行 +cat /etc/redhat-release + +# 此处 hostname 的输出将会是该机器在 Kubernetes 集群中的节点名字 +# 不能使用 localhost 作为节点的名字 +hostname + +# 请使用 lscpu 命令,核对 CPU 信息 +# Architecture: x86_64 本安装文档不支持 arm 架构 +# CPU(s): 2 CPU 内核数量不能低于 2 +lscpu +``` + +**操作系统兼容性** + + + + +
+ +| CentOS 版本 | 本文档是否兼容 | 备注 | +| ----------- | --------------------------------------- | ----------------------------------- | +| 7.7 | 😄 | 已验证 | +| 7.6 | 😄 | 已验证 | +| 7.5 | 😞 | 已证实会出现 kubelet 无法启动的问题 | +| 7.4 | 😞 | 同上 | +| 7.3 | 😞 | 同上 | +| 7.2 | 😞 | 同上 | + +
+ + + + + + +::: tip 修改 hostname +如果您需要修改 hostname,可执行如下指令: +``` sh +# 修改 hostname +hostnamectl set-hostname your-new-host-name +# 查看修改结果 +hostnamectl status +# 设置 hostname 解析 +echo "127.0.0.1 $(hostname)" >> /etc/hosts +``` +::: + +## 检查网络 + +在所有节点执行命令 +``` {2,11,13} +[root@demo-master-a-1 ~]$ ip route show +default via 172.21.0.1 dev eth0 +169.254.0.0/16 dev eth0 scope link metric 1002 +172.21.0.0/20 dev eth0 proto kernel scope link src 172.21.0.12 + +[root@demo-master-a-1 ~]$ ip address +1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 + link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 + inet 127.0.0.1/8 scope host lo + valid_lft forever preferred_lft forever +2: eth0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 + link/ether 00:16:3e:12:a4:1b brd ff:ff:ff:ff:ff:ff + inet 172.17.216.80/20 brd 172.17.223.255 scope global dynamic eth0 + valid_lft 305741654sec preferred_lft 305741654sec +``` +::: tip kubelet使用的IP地址 +* `ip route show` 命令中,可以知道机器的默认网卡,通常是 `eth0`,如 ***default via 172.21.0.23 dev eth0*** +* `ip address` 命令中,可显示默认网卡的 IP 地址,Kubernetes 将使用此 IP 地址与集群内的其他节点通信,如 `172.17.216.80` +* 所有节点上 Kubernetes 所使用的 IP 地址必须可以互通(无需 NAT 映射、无安全组或防火墙隔离) +::: + + +## 安装docker及kubelet + + + + + +使用 root 身份在所有节点执行如下代码,以安装软件: +- docker +- nfs-utils +- kubectl / kubeadm / kubelet + + + + + + + +``` sh +# 在 master 节点和 worker 节点都要执行 + +curl -sSL https://kuboard.cn/install-script/v1.16.2/install_kubelet.sh | sh + +``` + + + + +手动执行以下代码,效果与快速安装完全相同。 + +<<< @/.vuepress/public/install-script/v1.16.2/install_kubelet.sh + +::: warning +如果此时执行 `service status kubelet` 命令,将得到 kubelet 启动失败的错误提示,请忽略此错误,因为必须完成后续步骤中 kubeadm init 的操作,kubelet 才能正常启动 +::: + + + + + + + + + + + +## 初始化 master 节点 + +::: danger 关于初始化时用到的环境变量 +* **APISERVER_NAME** 不能是 master 的 hostname +* **APISERVER_NAME** 必须全为小写字母、数字、小数点,不能包含减号 +* **POD_SUBNET** 所使用的网段不能与 ***master节点/worker节点*** 所在的网段重叠。该字段的取值为一个 CIDR 值,如果您对 CIDR 这个概念还不熟悉,请仍然执行 export POD_SUBNET=10.100.0.1/16 命令,不做修改 +::: + + + + + +``` sh +# 只在 master 节点执行 +# 替换 x.x.x.x 为 master 节点实际 IP(请使用内网 IP) +# export 命令只在当前 shell 会话中有效,开启新的 shell 窗口后,如果要继续安装过程,请重新执行此处的 export 命令 +export MASTER_IP=x.x.x.x +# 替换 apiserver.demo 为 您想要的 dnsName +export APISERVER_NAME=apiserver.demo +# Kubernetes 容器组所在的网段,该网段安装完成后,由 kubernetes 创建,事先并不存在于您的物理网络中 +export POD_SUBNET=10.100.0.1/16 +echo "${MASTER_IP} ${APISERVER_NAME}" >> /etc/hosts +curl -sSL https://kuboard.cn/install-script/v1.16.2/init_master.sh | sh +``` + + + + +``` sh +# 只在 master 节点执行 +# 替换 x.x.x.x 为 master 节点的内网IP +# export 命令只在当前 shell 会话中有效,开启新的 shell 窗口后,如果要继续安装过程,请重新执行此处的 export 命令 +export MASTER_IP=x.x.x.x +# 替换 apiserver.demo 为 您想要的 dnsName +export APISERVER_NAME=apiserver.demo +# Kubernetes 容器组所在的网段,该网段安装完成后,由 kubernetes 创建,事先并不存在于您的物理网络中 +export POD_SUBNET=10.100.0.1/16 +echo "${MASTER_IP} ${APISERVER_NAME}" >> /etc/hosts +``` + +<<< @/.vuepress/public/install-script/v1.16.2/init_master.sh {22} + + + + + +如果出错点这里 + + + +* 请确保您的环境符合 [安装docker及kubelet](#安装docker及kubelet) 中所有勾选框的要求 +* 请确保您使用 root 用户执行初始化命令 +* 不能下载 kubernetes 的 docker 镜像 + * 安装文档中,默认使用阿里云的 docker 镜像仓库,然而,有时候,该镜像会罢工 + * 如碰到不能下载 docker 镜像的情况,请尝试手工初始化,并修改手工初始化脚本里的第22行(文档中已高亮)为: + ```yaml + imageRepository: gcr.azk8s.cn/google-containers + ``` +* 检查环境变量,执行如下命令 + ``` sh + echo MASTER_IP=${MASTER_IP} && echo APISERVER_NAME=${APISERVER_NAME} && echo POD_SUBNET=${POD_SUBNET} + ``` + 请验证如下几点: + * 环境变量 ***MASTER_IP*** 的值应该为 master 节点的 **内网IP**,如果不是,请重新 export + * **APISERVER_NAME** 不能是 master 的 hostname + * **APISERVER_NAME** 必须全为小写字母、数字、小数点,不能包含减号 + * **POD_SUBNET** 所使用的网段不能与 ***master节点/worker节点*** 所在的网段重叠。该字段的取值为一个 CIDR 值,如果您对 CIDR 这个概念还不熟悉,请仍然执行 export POD_SUBNET=10.100.0.1/16 命令,不做修改 +* 重新初始化 master 节点前,请先执行 `kubeadm reset -f` 操作 + + + + +**检查 master 初始化结果** + +``` sh +# 只在 master 节点执行 + +# 执行如下命令,等待 3-10 分钟,直到所有的容器组处于 Running 状态 +watch kubectl get pod -n kube-system -o wide + +# 查看 master 节点初始化结果 +kubectl get nodes -o wide +``` + + + +## 初始化 worker节点 + +### 获得 join命令参数 + +**在 master 节点上执行** + +``` sh +# 只在 master 节点执行 +kubeadm token create --print-join-command +``` + +可获取kubeadm join 命令及参数,如下所示 + +``` sh +# kubeadm token create 命令的输出 +kubeadm join apiserver.demo:6443 --token mpfjma.4vjjg8flqihor4vt --discovery-token-ca-cert-hash sha256:6f7a8e40a810323672de5eee6f4d19aa2dbdb38411845a1bf5dd63485c43d303 +``` + +::: tip 有效时间 +该 token 的有效时间为 2 个小时,2小时内,您可以使用此 token 初始化任意数量的 worker 节点。 +::: + + +### 初始化worker + +**针对所有的 worker 节点执行** + +``` sh +# 只在 worker 节点执行 +# 替换 x.x.x.x 为 master 节点的内网 IP +export MASTER_IP=x.x.x.x +# 替换 apiserver.demo 为初始化 master 节点时所使用的 APISERVER_NAME +export APISERVER_NAME=apiserver.demo +echo "${MASTER_IP} ${APISERVER_NAME}" >> /etc/hosts + +# 替换为 master 节点上 kubeadm token create 命令的输出 +kubeadm join apiserver.demo:6443 --token mpfjma.4vjjg8flqihor4vt --discovery-token-ca-cert-hash sha256:6f7a8e40a810323672de5eee6f4d19aa2dbdb38411845a1bf5dd63485c43d303 +``` + +如果出错点这里 + + + +### 常见错误原因 +经常在群里提问为什么 join 不成功的情况大致有这几种: + +#### worker 节点不能访问 apiserver + + 在worker节点执行以下语句可验证worker节点是否能访问 apiserver + ``` sh + curl -ik https://apiserver.demo:6443 + ``` + 如果不能,请在 master 节点上验证 + ``` sh + curl -ik https://localhost:6443 + ``` + 正常输出结果如下所示: + ``` {1} + HTTP/1.1 403 Forbidden + Cache-Control: no-cache, private + Content-Type: application/json + X-Content-Type-Options: nosniff + Date: Fri, 15 Nov 2019 04:34:40 GMT + Content-Length: 233 + + { + "kind": "Status", + "apiVersion": "v1", + "metadata": { + ... + ``` + ::: tip 可能原因 + * 如果 master 节点能够访问 apiserver、而 worker 节点不能,则请检查自己的网络设置 + * /etc/hosts 是否正确设置? + * 是否有安全组或防火墙的限制? + ::: + +#### worker 节点默认网卡 + + * [Kubelet使用的 IP 地址](#检查网络) 与 master 节点可互通(无需 NAT 映射),且没有防火墙、安全组隔离 + * 如果你使用 vmware 或 virtualbox 创建虚拟机用于 K8S 学习,可以尝试 NAT 模式的网络,而不是桥接模式的网络 + +### 移除worker节点并重试 + +::: warning +正常情况下,您无需移除 worker 节点,如果添加到集群出错,您可以移除 worker 节点,再重新尝试添加 +::: + +在准备移除的 worker 节点上执行 + +``` sh +# 只在 worker 节点执行 +kubeadm reset -f +``` + +在 master 节点 demo-master-a-1 上执行 + +```sh +# 只在 master 节点执行 +kubectl get nodes -o wide +``` +如果列表中没有您要移除的节点,则忽略下一个步骤 + +``` sh +# 只在 master 节点执行 +kubectl delete node demo-worker-x-x +``` + +::: tip +* 将 demo-worker-x-x 替换为要移除的 worker 节点的名字 +* worker 节点的名字可以通过在节点 demo-master-a-1 上执行 kubectl get nodes 命令获得 +::: + + + + +### 检查初始化结果 + +在 master 节点上执行 + +``` sh +# 只在 master 节点执行 +kubectl get nodes -o wide +``` +输出结果如下所示: +```sh +[root@demo-master-a-1 ~]# kubectl get nodes +NAME STATUS ROLES AGE VERSION +demo-master-a-1 Ready master 5m3s v1.16.2 +demo-worker-a-1 Ready 2m26s v1.16.2 +demo-worker-a-2 Ready 3m56s v1.16.2 +``` + + + + +## 安装 Ingress Controller + + + + + +**在 master 节点上执行** + +``` sh +# 只在 master 节点执行 +kubectl apply -f https://kuboard.cn/install-script/v1.16.2/nginx-ingress.yaml +``` + + + + + +**在 master 节点上执行** + +只在您想选择其他 Ingress Controller 的情况下卸载 + +``` sh +# 只在 master 节点执行 +kubectl delete -f https://kuboard.cn/install-script/v1.16.2/nginx-ingress.yaml +``` + + + + +<<< @/.vuepress/public/install-script/v1.16.2/nginx-ingress.yaml + + + + + + +**配置域名解析** + +将域名 *.demo.yourdomain.com 解析到 demo-worker-a-2 的 IP 地址 z.z.z.z (也可以是 demo-worker-a-1 的地址 y.y.y.y) + +**验证配置** + +在浏览器访问 a.demo.yourdomain.com,将得到 404 NotFound 错误页面 + +::: tip 提示 + +许多初学者在安装 Ingress Controller 时会碰到问题,请不要灰心,可暂时跳过 ***安装 Ingress Controller*** 这个部分,等您学完 www.kuboard.cn 上 [Kubernetes 入门](/learning/k8s-basics/kubernetes-basics.html) 以及 [通过互联网访问您的应用程序](/learning/k8s-intermediate/service/ingress.html) 这两部分内容后,再来回顾 Ingress Controller 的安装。 + +::: + +::: warning +如果您打算将 Kubernetes 用于生产环境,请参考此文档 [Installing Ingress Controller](https://github.com/nginxinc/kubernetes-ingress/blob/v1.5.3/docs/installation.md),完善 Ingress 的配置 +::: + + + + + +## 下一步 + +如果您使用自己笔记本上的虚拟机安装的集群,将来打算重启虚拟机,请参考 [重启Kubernetes集群](./k8s-restart.html) + +:tada: :tada: :tada: + +您已经完成了 Kubernetes 集群的安装,下一步请: + +点击此处,给个GitHub Star +支持一下吧,这么多人都 star 了呢,怎么能少得了您呢? + +[安装 Kuboard - 微服务管理界面](/install/install-dashboard.html) + +[获取 Kubernetes 免费教程](/learning/) + + + diff --git a/install/install-k8s.md b/install/install-k8s.md index 83aad60..994dd97 100644 --- a/install/install-k8s.md +++ b/install/install-k8s.md @@ -2,20 +2,20 @@ vssueId: 15 # layout: StepLayout sharingTitle: K8S入门第一步---安装,装不好还有人免费远程协助,更有K8S免费教程提供,你还在等什么? -description: Kubernete安装文档_Kubernetes最新稳定版v1.16.2的快速安装文档_该文档由众多网友验证并在线提出修改意见_持续不断地更新和完善_并且通过QQ群提供免费在线答疑的服务 +description: Kubernete安装文档_Kubernetes最新稳定版v1.16.3的快速安装文档_该文档由众多网友验证并在线提出修改意见_持续不断地更新和完善_并且通过QQ群提供免费在线答疑的服务 meta: - name: keywords content: Kubernetes安装,K8S安装,kubeadm,Kubernetes 安装,K8S 安装 --- -# 使用kubeadm安装kubernetes_v1.16.2 +# 使用kubeadm安装kubernetes_v1.16.3 ## 文档特点
- +
## 配置要求 @@ -46,12 +46,13 @@ meta: **安装后的软件版本为** -* Kubernetes v1.16.2 +* Kubernetes v1.16.3 * calico 3.9 * nginx-ingress 1.5.5 * Docker 18.09.7 > 如果要安装 Kubernetes 历史版本,请参考: +> * [安装 Kubernetes v1.16.1 单Master节点](/install/history-k8s/install-k8s-1.16.2.html) > * [安装 Kubernetes v1.16.1 单Master节点](/install/history-k8s/install-k8s-1.16.1.html) > * [安装 Kubernetes v1.16.0 单Master节点](/install/history-k8s/install-k8s-1.16.0.html) > * [安装 Kubernetes v1.15.4 单Master节点](/install/history-k8s/install-k8s-1.15.4.html) @@ -181,7 +182,7 @@ default via 172.21.0.1 dev eth0 ``` sh # 在 master 节点和 worker 节点都要执行 -curl -sSL https://kuboard.cn/install-script/v1.16.2/install_kubelet.sh | sh +curl -sSL https://kuboard.cn/install-script/v1.16.3/install_kubelet.sh | sh ``` @@ -190,7 +191,7 @@ curl -sSL https://kuboard.cn/install-script/v1.16.2/install_kubelet.sh | sh 手动执行以下代码,效果与快速安装完全相同。 -<<< @/.vuepress/public/install-script/v1.16.2/install_kubelet.sh +<<< @/.vuepress/public/install-script/v1.16.3/install_kubelet.sh ::: warning 如果此时执行 `service status kubelet` 命令,将得到 kubelet 启动失败的错误提示,请忽略此错误,因为必须完成后续步骤中 kubeadm init 的操作,kubelet 才能正常启动 @@ -230,7 +231,7 @@ export APISERVER_NAME=apiserver.demo # Kubernetes 容器组所在的网段,该网段安装完成后,由 kubernetes 创建,事先并不存在于您的物理网络中 export POD_SUBNET=10.100.0.1/16 echo "${MASTER_IP} ${APISERVER_NAME}" >> /etc/hosts -curl -sSL https://kuboard.cn/install-script/v1.16.2/init_master.sh | sh +curl -sSL https://kuboard.cn/install-script/v1.16.3/init_master.sh | sh ``` @@ -248,7 +249,7 @@ export POD_SUBNET=10.100.0.1/16 echo "${MASTER_IP} ${APISERVER_NAME}" >> /etc/hosts ``` -<<< @/.vuepress/public/install-script/v1.16.2/init_master.sh {22} +<<< @/.vuepress/public/install-script/v1.16.3/init_master.sh {22} @@ -424,9 +425,9 @@ kubectl get nodes -o wide ```sh [root@demo-master-a-1 ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION -demo-master-a-1 Ready master 5m3s v1.16.2 -demo-worker-a-1 Ready 2m26s v1.16.2 -demo-worker-a-2 Ready 3m56s v1.16.2 +demo-master-a-1 Ready master 5m3s v1.16.3 +demo-worker-a-1 Ready 2m26s v1.16.3 +demo-worker-a-2 Ready 3m56s v1.16.3 ``` @@ -444,7 +445,7 @@ demo-worker-a-2 Ready 3m56s v1.16.2 ``` sh # 只在 master 节点执行 -kubectl apply -f https://kuboard.cn/install-script/v1.16.2/nginx-ingress.yaml +kubectl apply -f https://kuboard.cn/install-script/v1.16.3/nginx-ingress.yaml ``` @@ -457,13 +458,13 @@ kubectl apply -f https://kuboard.cn/install-script/v1.16.2/nginx-ingress.yaml ``` sh # 只在 master 节点执行 -kubectl delete -f https://kuboard.cn/install-script/v1.16.2/nginx-ingress.yaml +kubectl delete -f https://kuboard.cn/install-script/v1.16.3/nginx-ingress.yaml ``` -<<< @/.vuepress/public/install-script/v1.16.2/nginx-ingress.yaml +<<< @/.vuepress/public/install-script/v1.16.3/nginx-ingress.yaml