Kubernetes: Instalação Offline ou Instalação usando repositórios privados

From Wiki

Trabalhei em uma empresa onde as regras de segurança bloqueava o acesso a sites/repositórios externos. Essa situação dificulta em muito a instalação do Docker e Kubernetes.

Neste artigo descrevo como driblei essa situação e consegui instalar o meu cluster Kubernetes.

Opção 1 - Download dos arquivos Docker e Kubernetes RPMs - Instalação manual

Docker

Faça o download dos arquivos em uma estação que tenha acesso à Internet 

wget -c https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-18.06.3.ce-3.el7.x86_64.rpm

Copiar via scp para o servidor sem acesso a internet. E executar 

yum -y install docker-ce-18.06.3.ce-3.el7.x86_64.rpm

Kubernetes

Faça o download dos arquivos em uma estação que tenha acesso à Internet 

wget -c https://packages.cloud.google.com/yum/pool/542cbe1b886808a7f025595b2bfe776fd08de5d2dab0a80f22947cf400b89a2c-kubectl-1.11.9-0.x86_64.rpm -O kubectl-1.11.9-0.x86_64.rpm
wget -c https://packages.cloud.google.com/yum/pool/2d3fea397e599d94ec3d67582c522719ca3e9bd946c0f89a33caa07a49e1b883-kubeadm-1.11.9-0.x86_64.rpm -O kubeadm-1.11.9-0.x86_64.rpm
wget -c https://packages.cloud.google.com/yum/pool/b82b358f2951dc396af6e2e56f9b1ca6ab5b494208996a5788682d9e49312d7b-kubelet-1.11.9-0.x86_64.rpm -O kubelet-1.11.9-0.x86_64.rpm

Copiar via scp para o servidor sem acesso a internet. E executar 

yum -y install kubectl-1.11.9-0.x86_64.rpm kubeadm-1.11.9-0.x86_64.rpm kubelet-1.11.9-0.x86_64.rpm


Download da imagens Docker Images

Vamos fazer inicialmente o download da imagens pois será necessário para a instalação do Kubernetes

Pull das imagens

Faça o pull das imagens em uma estação que tenha acesso à Internet 

docker pull gcr.io/google_containers/kube-apiserver-amd64:v1.9.6
docker pull k8s.gcr.io/kube-apiserver-amd64:v1.11.9
docker pull k8s.gcr.io/kube-controller-manager-amd64:v1.11.9
docker pull k8s.gcr.io/kube-scheduler-amd64:v1.11.9
docker pull k8s.gcr.io/kube-proxy-amd64:v1.11.9
docker pull k8s.gcr.io/pause:3.1
docker pull k8s.gcr.io/etcd-amd64:3.2.18
docker pull k8s.gcr.io/coredns:1.1.3
docker pull calico/cni:v3.3.6
docker pull calico/node:v3.3.6
docker pull gcr.io/kubernetes-helm/tiller:v2.11.0
docker pull k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1
docker pull k8s.gcr.io/heapster-amd64:v1.5.4
docker pull k8s.gcr.io/heapster-grafana-amd64:v5.0.4
docker pull k8s.gcr.io/heapster-influxdb-amd64:v1.5.2

Exportando as imagens

Salve as imagens como .tar 

docker save k8s.gcr.io/kube-apiserver-amd64:v1.11.9 -o kube-apiserver-amd64_v1.11.9.tar
docker save k8s.gcr.io/kube-controller-manager-amd64:v1.11.9 -o kube-controller-manager-amd64_v1.11.9.tar
docker save k8s.gcr.io/kube-scheduler-amd64:v1.11.9 -o kube-scheduler-amd64_v1.11.9.tar
docker save k8s.gcr.io/kube-proxy-amd64:v1.11.9 -o kube-proxy-amd64_v1.11.9.tar
docker save k8s.gcr.io/pause:3.1 -o pause_3.1.tar
docker save k8s.gcr.io/etcd-amd64:3.2.18 -o etcd-amd64_3.2.18.tar
docker save k8s.gcr.io/coredns:1.1.3 -o coredns_1.1.3.tar
docker save calico/cni:v3.3.6 -o calico_cni_v3.3.6.tar
docker save calico/node:v3.3.6 -o calico_node_v3.3.6.tar
docker save gcr.io/kubernetes-helm/tiller:v2.11.0 -o tiller_v2.11.0.tar
docker save k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1 -o kubernetes-dashboard-amd64_v1.10.1.tar
docker save k8s.gcr.io/heapster-amd64:v1.5.4 -o heapster-amd64_v1.5.4.tar
docker save k8s.gcr.io/heapster-grafana-amd64:v5.0.4 -o heapster-grafana-amd64_v5.0.4.tar
docker save k8s.gcr.io/heapster-influxdb-amd64:v1.5.2 -o heapster-influxdb-amd64_v1.5.2.tar

Copiar via scp para o servidor com docker.

Importando as imagens

Executar o load das imagens provenientes de arquivos tar no master e em cada node. 

docker load -i kube-apiserver-amd64_v1.11.9.tar
docker load -i kube-controller-manager-amd64_v1.11.9.tar
docker load -i kube-scheduler-amd64_v1.11.9.tar
docker load -i kube-proxy-amd64_v1.11.9.tar
docker load -i pause_3.1.tar
docker load -i etcd-amd64_3.2.18.tar
docker load -i coredns_1.1.3.tar
docker load -i calico_cni_v3.3.6.tar
docker load -i calico_node_v3.3.6.tar
docker load -i tiller_v2.11.0.tar
docker load -i kubernetes-dashboard-amd64_v1.10.1.tar
docker load -i heapster-amd64_v1.5.4.tar
docker load -i heapster-grafana-amd64_v5.0.4.tar
docker load -i heapster-influxdb-amd64_v1.5.2.tar


Download de outros arquivos para o Kubernetes

Download dos arquivos 

wget https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml -O rbac-kdd.yaml
wget https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml -O calico.yaml
https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
wget https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/grafana.yaml -O grafana.yaml
wget https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/heapster.yaml -O heapster.yaml
wget https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/influxdb.yaml -O influxdb.yaml
wget https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/rbac/heapster-rbac.yaml -O heapster-rbac.yaml

Copiar via scp para o servidor master0 do Kubernetes.

Opção 2 - Download dos arquivos e montagem de Repositório Privado

Docker

Faça o download dos arquivos em uma estação que tenha acesso à Internet 

mkdir -p /tmp/docker-mirror/linux/centos/7/x86_64/stable/repodata/
mkdir -p /tmp/docker-mirror/linux/centos/7/x86_64/stable/Packages/

cd /tmp/docker-mirror/linux/centos
wget -c https://download.docker.com/linux/centos/gpg

cd /tmp/docker-mirror/linux/centos/7/x86_64/stable/repodata/
wget -c https://download.docker.com/linux/centos/7/x86_64/stable/repodata/repomd.xml
wget -c https://download.docker.com/linux/centos/7/x86_64/stable/repodata/27151177db68b47d024022599f6cdb8d0758feaefd8c65e43e8313af62eed131-filelists.xml.gz
wget -c https://download.docker.com/linux/centos/7/x86_64/stable/repodata/2811439ca3c66a6cb946abe2a8e4cfea7f364e09ca9ab0f4ba10f2333b74b911-filelists.sqlite.bz2
wget -c https://download.docker.com/linux/centos/7/x86_64/stable/repodata/65c4f66e2808d328890505c3c2f13bb35a96f457d1c21a6346191c4dc07e6080-updateinfo.xml.gz
wget -c https://download.docker.com/linux/centos/7/x86_64/stable/repodata/83a7f2e6c4dffb21fe0cc818e572bb4bf2bbb8dbd860dad66179a8bbc06f64d9-other.xml.gz
wget -c https://download.docker.com/linux/centos/7/x86_64/stable/repodata/b292d47325588b6eb4f589e04bbf0f95727fa1755d8fa65d6978e1294f11b167-primary.sqlite.bz2
wget -c https://download.docker.com/linux/centos/7/x86_64/stable/repodata/c2d756b11328eaa080323355c4b1c1d9442bbe8798b183b79fa53841274f1633-other.sqlite.bz2
wget -c https://download.docker.com/linux/centos/7/x86_64/stable/repodata/ff7792a80a96a8fd9eb9843f830bf7ffc031e67eef965d918f724f250b9e38bc-primary.xml.gz

cd /tmp/docker-mirror/linux/centos/7/x86_64/stable/Packages/
wget -c https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-18.06.3.ce-3.el7.x86_64.rpm
wget -c https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-18.09.6-3.el7.x86_64.rpm
wget -c https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-cli-18.09.6-3.el7.x86_64.rpm
wget -c https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.5-3.1.el7.x86_64.rpm

Copiar via scp para o servidor http interno, a url que iremos utilizar será 

http://repomirror.company.com/docker-mirror

Na máquina de destino basta usar

Criar arquivo /etc/yum.repos.d/docker-ce.repo, com o conteúdo: 


[docker-ce]
name=Docker CE Stable - $basearch
#baseurl=https://download.docker.com/linux/centos/7/$basearch/stable
baseurl=http://repomirror.company.com/docker-mirror/linux/centos/7/$basearch/stable/
enabled=1
gpgcheck=1
#gpgkey=https://download.docker.com/linux/centos/gpg
gpgkey=http://repomirror.company.com/docker-mirror/linux/centos/gpg

Instalando os pacotes no CentOS 

yum install -y docker-ce-18.06.3

Kubernetes

Faça o download dos arquivos em uma estação que tenha acesso à Internet 

mkdir -p /tmp/kubernetes-mirror/yum/repos/kubernetes-el7-x86_64/repodata/
mkdir -p /tmp/kubernetes-mirror/yum/pool
mkdir -p /tmp/kubernetes-mirror/yum/doc

cd /tmp/kubernetes-mirror/yum/doc
wget -c https://packages.cloud.google.com/yum/doc/yum-key.gpg 
wget -c https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

cd /tmp/kubernetes-mirror/yum/repos/kubernetes-el7-x86_64/repodata/
wget -c https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64/repodata/filelists.xml
wget -c https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64/repodata/filelists.xml.gz
wget -c https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64/repodata/other.xml
wget -c https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64/repodata/other.xml.gz
wget -c https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64/repodata/primary.xml
wget -c https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64/repodata/primary.xml.gz
wget -c https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64/repodata/repomd.xml
wget -c https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64/repodata/repomd.xml.gz

cd /tmp/kubernetes-mirror/yum/pool
wget -c https://packages.cloud.google.com/yum/pool/542cbe1b886808a7f025595b2bfe776fd08de5d2dab0a80f22947cf400b89a2c-kubectl-1.11.9-0.x86_64.rpm
wget -c https://packages.cloud.google.com/yum/pool/2d3fea397e599d94ec3d67582c522719ca3e9bd946c0f89a33caa07a49e1b883-kubeadm-1.11.9-0.x86_64.rpm
wget -c https://packages.cloud.google.com/yum/pool/b82b358f2951dc396af6e2e56f9b1ca6ab5b494208996a5788682d9e49312d7b-kubelet-1.11.9-0.x86_64.rpm

Copiar via scp para o servidor http interno, a url que iremos utilizar será 

http://repomirror.company.com/kubernetes-mirror

Na máquina de destino basta usar

Criar arquivo /etc/yum.repos.d/kubernetes.repo, com o conteúdo: 

[kubernetes]
name=Kubernetes
#baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
baseurl=https://repomirror.company.com/kubernetes-mirror/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
#gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
gpgkey=https://repomirror.company.com/kubernetes-mirror/yum/doc/yum-key.gpg https://repomirror.company.com/kubernetes-mirror/yum/doc/rpm-package-key.gpg
exclude=kube*

Instalando os pacotes no CentOS 

yum install -y kubelet-1.11.9 kubeadm-1.11.9 kubectl-1.11.9



Download de outros arquivos

cfssl mirror

Download dos arquivos 

mkdir -p /tmp/cfssl-mirror/R1.2
cd /tmp/cfssl-mirror/R1.2
wget -c http://pkg.cfssl.org/R1.2/cfssl_linux-amd64
wget -c http://pkg.cfssl.org/R1.2/cfssljson_linux-amd64
wget -c http://pkg.cfssl.org/R1.2/cfssl-certinfo_linux-amd64
cd ../..

Copiar para o servidor http interno. E utilizar 

wget -c http://<servidor_interno>/cfssl-mirror/R1.2/cfssl_linux-amd64
wget -c http://<servidor_interno>/cfssl-mirror/R1.2/cfssljson_linux-amd64
wget -c http://<servidor_interno>/cfssl-mirror/R1.2/cfssl-certinfo_linux-amd64

Ver também

Retrieved from "https://ebasso.net/wiki/index.php?title=Kubernetes:_Instalação_Offline_ou_Instalação_usando_repositórios_privados&oldid=5470"