• k8s-离线安装coreos


    1.安装准备

     

    下载iso

    前往页面https://coreos.com/os/docs/latest/booting-with-iso.html

    版本:stable 1465.7.0

    日期:2017.09.26

     

    准备ignition.json

    {
      "ignition": {
        "version": "2.0.0",
        "config": {}
      },
    
      "storage": {
        "files": [
          {
            "filesystem": "root",
            "path": "/etc/hostname",
            "contents": {
              "source": "data:,systech01",
              "verification": {}
            },
            "mode": 420,
            "user": {},
            "group": {}
          },{
            "filesystem": "root",
            "path": "/etc/hosts",
            "contents": {
              "source": "data:,127.0.0.1%09localhost%0A127.0.0.1%20systech01",
              "verification": {}
            },
            "mode": 420,
            "user": {},
            "group": {}
          }     
        ]
      },
      "systemd": {
        "units": [
          {
            "name": "settimezone.service",
            "enable": true,
            "contents": "[Unit]
    Description=time zone Asia/Shanghai
    [Service]
    ExecStart=/usr/bin/timedatectl set-timezone Asia/Shanghai
    RemainAfterExit=yes
    Type=oneshot  
    [Install]
    WantedBy=multi-user.target   
    "
          }
        ]
      },
      "networkd": {
        "units": [
          {
            "name": "00-static.network",
            "contents": "[Match]
    Name=eth0
    
    [Network]
    DNS=192.168.3.1
    Address=192.168.3.101/24
    Gateway=192.168.3.1
    DHCP=no      
    "
          }
        ]
      },
    
      "passwd": {
        "users": [
          {
            "name": "core",
            "sshAuthorizedKeys": [
              "ssh-rsa AAAAB3NzaC1yc2EAAAADAQA...kYoT8jhrw== mengkzhaoyun@gmail.com"
            ]
          },{
            "name": "root",
            "passwordHash ": "$1$maTXmv6V$4UuGlRDpBZtipAhlPZ2/J0"
          }
        ]
      }
    }
    • /etc/hostname : 主机名
    • /etc/hosts : 本地域名解析设置
    • settimezone.service : 时区设置
    • 00-static.network : 静态IP设置
    • users : 为用户core配置sshkey登陆,root密码登陆(123456)

     

    下载镜像安装文件

    模板URL-https://${channel}.release.core-os.net/amd64-usr/${version}/xxx

    例子-https://stable.release.core-os.net/amd64-usr/1465.7.0/version.txt
    ~/current/version.txt
    ~/1465.7.0/coreos_production_image.bin.bz2
    ~/1465.7.0/coreos_production_image.bin.bz2.DIGESTS
    ~/1465.7.0/coreos_production_image.bin.bz2.DIGESTS.asc
    ~/1465.7.0/coreos_production_image.bin.bz2.DIGESTS.sig
    ~/1465.7.0/coreos_production_image.bin.bz2.sig

    搭建HTTP镜像服务器

    使用python在本地建一个HTTP镜像服务器,默认使用8000端口http://192.168.3.99:8000

    $ cd c:/coreos
    $ python -m SimpleHTTPServer

    将上面下载的文件拷贝至c:/coreos目录中

    ./ignition.json

    ./current/version.txt

    ./1465.7.0/coreos_production_image.bin.bz2

    ./1465.7.0/coreos_production_image.bin.bz2.DIGESTS :

    ./1465.7.0/coreos_production_image.bin.bz2.DIGESTS.asc

    ./1465.7.0/coreos_production_image.bin.bz2.DIGESTS.sig

    ./1465.7.0/coreos_production_image.bin.bz2.sig

     

    2.硬盘安装CoreOS

     

    启动镜像

    设置好虚拟机配置为Linux/coreos64,内存>1G,加载[Linux]coreos_1465.7.0_production_iso_image.iso启动镜像

    注意:内存大小要大于1G,因为加载ISO时coreos将在内存里面跑,需要使用命令安装到本地的硬盘上。

     

    安装coreos

    # 下载 ignition.json
    $ wget http://192.168.3.99:8000/ignition.json
    # 安装命令
    $ sudo coreos-install -b http://192.168.3.99:8000 -d /dev/sda -C stable -i ~/ignition.json

    注意:/dev/sda指硬盘安装,由coreos维护的默认路径,指向硬盘根目录

     

    3.其他

     

    使用coreos-install安装coreos

    [汪云飞2014.11.03]平台云基石-CoreOS之离线安装篇(无需互联网)

    [涯余2015.01.21]Coreos 安装及配置

    上面两篇博文很仔细的记录了ISO离线安装coreos的步骤,本文参考了部分内容。

     

    coreos设置静态IP

    在/etc/systemd/network下新建一个文件00-static.network

    [Match]

    Name=eth0

     

    [Network]

    DNS=192.168.3.1

    Address=192.168.3.231/24

    Gateway=192.168.3.1

    DHCP=no     

    eth0 : 默认的网卡名称,设置时请检查默认网卡的名称,使用(ip a)命令查看

     

    然后重启网络服务

    $ sudo systemctl daemon-reload
    $ sudo systemctl restart systemd-networkd
    

    如何生成password的hash

    来源coreos官网,有以下几种生成hash的方式:

    # On Debian/Ubuntu (via the package "whois")
    mkpasswd --method=SHA-512 --rounds=4096
    
    # OpenSSL (note: this will only make md5crypt.  While better than plantext it should not be considered fully secure)
    openssl passwd -1
    
    # Python (change password and salt values)
    python -c "import crypt, getpass, pwd; print crypt.crypt('password', '$6$SALT$')"
    
    # Perl (change password and salt values)
    perl -e 'print crypt("password","$6$SALT$") . "
    "'
    

    来自 <https://coreos.com/os/docs/latest/cloud-config.html>

    上文使用openssl生成的hash,用于ignition.json中的示例

    123456

    $1$maTXmv6V$4UuGlRDpBZtipAhlPZ2/J0

    镜像文件下载

    百度云分享

    http://pan.baidu.com/s/1o81GAbo

  • 相关阅读:
    散列
    Studio 3T破解方式
    springboot整合elasticsearch时的版本问题:
    ElasticSearch6.4.1 【Rejecting mapping update to [posts] as the final mapping would have more than 1 type】
    IP地址查询API
    拉姆达表达式 追加 条件判断 Expression<Func<T, bool>>
    类 映射 遍历大全
    jquery load(URL,FUNCTION(){}) 异步加载页面
    LINQ to Entities 不识别方法的解决方案
    当实体类属性超多时候 映射给实体类属性赋值(拉姆达+实体类映射)
  • 原文地址:https://www.cnblogs.com/mengkzhaoyun/p/7599300.html
Copyright © 2020-2023  润新知