kuboard-press/install/install-common-vm.md

## 制作标准机镜像

通过使用标准机镜像，可以

- **避免重复执行对测试机安装必要软件的过程**
- **以一种相对标准化的过程管理测试机的维护**

标准机镜像中预装了如下内容：

  - docker
  - gitlab-runner
  - kubernetes images

本文档描述的安装过程已基于 centos 7.6 验证

标准机镜像的制作过程描述如下：

### 安装docker

**卸载旧版本**

```bash
sudo yum remove docker \
	docker-client \
	docker-client-latest \
	docker-common \
	docker-latest \
	docker-latest-logrotate \
	docker-logrotate \
	docker-selinux \
	docker-engine-selinux \
	docker-engine
```

**下载依赖包及安装包**

```bash
wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm

wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-cli-18.09.7-3.el7.x86_64.rpm

wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-18.09.7-3.el7.x86_64.rpm
```

**安装**

```bash
sudo yum install -y containerd.io-1.2.6-3.3.el7.x86_64.rpm
sudo yum install -y docker-ce-cli-18.09.7-3.el7.x86_64.rpm
sudo yum install -y docker-ce-18.09.7-3.el7.x86_64.rpm
sudo systemctl enable docker
```

**启动 docker 服务**

```bash
sudo systemctl start docker
```

**检查 docker 版本**

```bash
docker version
```



**参考文档**

https://docs.docker.com/install/linux/docker-ce/centos/

https://docs.docker.com/install/linux/linux-postinstall/



### 安装 nfs-utils

**执行安装命令**

```bash
sudo yum install nfs-utils
```

必须先安装 nfs-utils 才能挂载 nfs 网络存储



### K8S基本配置

**配置K8S的yum源**

```bash
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
        http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
```

**关闭swap、防火墙**

```bash
swapoff -a
```

**关闭SeLinux**

```bash
setenforce 0
```

**修改 /etc/sysctl.conf**

```vim /etc/sysctl.conf```

向其中添加

```
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
```

如下图所示

![image-20190715085036593](./install-common-vm.assets/image-20190715085036593.png ':size=600x445')



**安装kubelet、kubeadm、kubectl**

```bash
yum install -y kubelet-1.15.0 kubeadm-1.15.0 kubectl-1.15.0
```



**修改docker Cgroup Driver为systemd**

```vim /usr/lib/systemd/system/docker.service```

向其中他添加

```--exec-opt native.cgroupdriver=systemd```

如下图所示

![屏幕快照 2019-07-15 09.01.21](./install-common-vm.assets/image2019-07-15_09.01.21.png ':size=1000x326')



重启 docker

```
systemctl daemon-reload
systemctl restart docker
```



**启动kubelet**

```bash
systemctl enable kubelet && systemctl start kubelet
```



**加载 kubernetes 镜像**

由于k8s服务相关镜像在国外镜像源，国内无法访问

执行以下命令添加docker k8s国内镜像源

```bash
curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://f1361db2.m.daocloud.io

systemctl restart docker
```

**拉取k8s相关镜像**

```bash
docker pull mirrorgooglecontainers/kube-apiserver:v1.15.0
docker pull mirrorgooglecontainers/kube-controller-manager:v1.15.0
docker pull mirrorgooglecontainers/kube-scheduler:v1.15.0
docker pull mirrorgooglecontainers/kube-proxy:v1.15.0
docker pull mirrorgooglecontainers/pause:3.1
docker pull mirrorgooglecontainers/etcd:3.3.10
docker pull coredns/coredns:1.3.1
```

**更改镜像名为k8s官网镜像**

```bash
docker tag d235b23c3570 k8s.gcr.io/kube-proxy:v1.15.0
docker tag 201c7a840312 k8s.gcr.io/kube-apiserver:v1.15.0
docker tag 2d3813851e87 k8s.gcr.io/kube-scheduler:v1.15.0
docker tag 8328bb49b652 k8s.gcr.io/kube-controller-manager:v1.15.0
docker tag da86e6ba6ca1 k8s.gcr.io/pause:3.1
docker tag eb516548c180 k8s.gcr.io/coredns:1.3.1
docker tag 2c4adeb21b4f k8s.gcr.io/etcd:3.3.10
```



**制作镜像**

请参考阿里云基于ECS [制作虚拟机镜像](https://help.aliyun.com/document_detail/35109.html?spm=5176.2020520101.0.0.75fc4df5mtdFmV) 的文档