kubernetes集群安装指南：docker-ce部署

docker是POD基本运行环境，kubernetes默认以dockerd作为runtime运行引擎，在安装docker-ce前必须先升级内核到最新lts版，这是因为为了让docker-ce支持数据存储类型overlay2，这里将会以二进制文件方式部署在所有的worker节点上部署docker-ce。

1. 准备工作

#################### Variable parameter setting ######################DOCKER_INSTALL_PATH=/data/apps/k8s/dockerSOFTWARE=/root/softwareVERSION=18.09.6PACKAGE=docker-${VERSION}.tgzDOWNLOAD_URL=https://download.docker.com/linux/static/stable/x86_64/$PACKAGEMIRRORS1=https://docker.mirrors.ustc.edu.cnMIRRORS2=https://registry-mirrors.mo9.comUSER=docker

2. 安装docker

准备docker-ce安装环境

# 1.Uninstall the original docker installation packagesudo yum -y remove docker docker-client \  docker-client-latest  docker-common docker-latest \  docker-latest-logrotate docker-selinux docker-engine-selinux docker-engine ### 2 Setting firewall rules for docker/sbin/iptables -P FORWARD ACCEPTsudo sed -i '/iptables -P FORWARD ACCEPT/d' /etc/rc.localecho -e "/sbin/iptables -P FORWARD ACCEPT"  >> /etc/rc.local### 3.Install docker-ce package with yum.sudo yum install -y yum-utils device-mapper-persistent-data lvm2 bridge-utils sudo yum-config-manager \  --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

创建docker安装相关安装目录以及dockers用户组

### 4.Install docker-ce package with source.# Check if the install directory exists and Check if the docker group exists .if [ ! -d $DOCKER_INSTALL_PATH/bin ]; then     mkdir -p $DOCKER_INSTALL_PATH/binfiegrep "^$USER" /etc/group-if [ $? -ne 0 ]; then     groupadd $USERfi### 5.Download source package of docker-ceif [ ! -f "$SOFTWARE/docker-${VERSION}.tgz" ]; then     wget $DOWNLOAD_URL -P $SOFTWARE >>/dev/null 2>&1ficd $SOFTWARE && tar -zxf $SOFTWARE/docker-${VERSION}.tgz -C ./sudo cp -fp $SOFTWARE/docker/* $DOCKER_INSTALL_PATH/bincd $DOCKER_INSTALL_PATH/bin/ln -sf docker,dockerd,containerd,containerd-shim,runc,ctr /usr/local/bin### 6.Create daemon.json file for docker# Create daemon.json file  pathif [ ! -d "/etc/docker" ]; then     mkdir /etc/docker/fi

• docker默认以root用户运行，为了安全起见，方便其他用户调用docker api，需要创建一个docker组用户

创建docker配置文件

cat >/etc/docker/daemon.json <

• 这里使用overlay2作为docker数据存储引擎
• 关于docker demon.json参数请参考docker官方文档

创建docker服务启动文件

cat >/usr/lib/systemd/system/docker.service <<"EOF"[Unit]Description=Docker Application Container EngineDocumentation=https://docs.docker.comAfter=network-online.target firewalld.serviceWants=network-online.target[Service]Type=notify# the default is not to use systemd for cgroups because the delegate issues still# exists and systemd currently does not support the cgroup feature set required# for containers run by dockerEnvironmentFile=-/run/flannel/dockerExecStart=/usr/local/bin/dockerd  $DOCKER_NETWORK_OPTIONSExecReload=/bin/kill -s HUP $MAINPID# Having non-zero Limit*s causes performance problems due to accounting overhead# in the kernel. We recommend using cgroups to do container-local accounting.LimitNOFILE=infinityLimitNPROC=infinityLimitCORE=infinity# Uncomment TasksMax if your systemd version supports it.# Only systemd 226 and above support this version.#TasksMax=infinityTimeoutStartSec=0# set delegate yes so that systemd does not reset the cgroups of docker containersDelegate=yes# kill only the docker process, not all processes in the cgroupKillMode=process# restart the docker process if it exits prematurelyRestart=on-failureStartLimitBurst=3StartLimitInterval=60s[Install]WantedBy=multi-user.targetEOF

• 因为使用flannel作为容器的网络方案，所以需要指定flannel的参数配置文件
• flannel配置文件的参数不能和docker demon.json里的配置重复，否则docker服务启动失败；

启动docker服务：

service dokcker start

如服务启动失败，使用journal查看日志

sudo journal -u docker

• 在启动的时候，需要先启动flannel网络服务，然后再启动容器服务；

docker-ce部署完成后，接下来安装kubelet，请参考：kubernetes集群安装指南：kubelet组件部署