kops 是一个生产级 Kubernetes 集群部署工具,可以在 AWS、GCE、VMWare vSphere 等平台上自动部署高可用的 Kubernetes 集群。主要功能包括

  • 自动部署高可用的 kubernetes 集群
  • 支持从 kube-up 创建的集群升级到 kops 版本
  • dry-run 和自动幂等升级等基于状态同步模型
  • 支持自动生成 AWS CloudFormation 和 Terraform 配置
  • 支持自定义扩展 add-ons
  • 命令行自动补全

安装 kops 和 kubectl

  1. # on macOS
  2. brew install kubectl kops
  3. # on Linux
  4. wget https://github.com/kubernetes/kops/releases/download/1.7.0/kops-linux-amd64
  5. chmod +x kops-linux-amd64
  6. mv kops-linux-amd64 /usr/local/bin/kops

在 AWS 上面部署

首先需要安装 AWS CLI 并配置 IAM:

  1. # install AWS CLI
  2. pip install awscli
  3. # configure iam
  4. aws iam create-group --group-name kops
  5. aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonEC2FullAccess --group-name kops
  6. aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonRoute53FullAccess --group-name kops
  7. aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess --group-name kops
  8. aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/IAMFullAccess --group-name kops
  9. aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/AmazonVPCFullAccess --group-name kops
  10. aws iam create-user --user-name kops
  11. aws iam add-user-to-group --user-name kops --group-name kops
  12. aws iam create-access-key --user-name kops
  13. # configure the aws client to use your new IAM user
  14. aws configure # Use your new access and secret key here
  15. aws iam list-users # you should see a list of all your IAM users here
  16. # Because "aws configure" doesn't export these vars for kops to use, we export them now
  17. export AWS_ACCESS_KEY_ID=<access key>
  18. export AWS_SECRET_ACCESS_KEY=<secret key>

创建 route53 域名

  1. aws route53 create-hosted-zone --name dev.example.com --caller-reference 1

创建 s3 存储 bucket

  1. aws s3api create-bucket --bucket clusters.dev.example.com --region us-east-1
  2. aws s3api put-bucket-versioning --bucket clusters.dev.example.com --versioning-configuration Status=Enabled

部署 Kubernetes 集群

  1. export KOPS_STATE_STORE=s3://clusters.dev.example.com
  2. kops create cluster --zones=us-east-1c useast1.dev.example.com --yes

当然,也可以部署一个高可用的集群

  1. kops create cluster \
  2. --node-count 3 \
  3. --zones us-west-2a,us-west-2b,us-west-2c \
  4. --master-zones us-west-2a,us-west-2b,us-west-2c \
  5. --node-size t2.medium \
  6. --master-size t2.medium \
  7. --topology private \
  8. --networking kopeio-vxlan \
  9. hacluster.example.com

删除集群

  1. kops delete cluster --name ${NAME} --yes

在 GCE 上面部署

  1. # Create cluster in GCE.
  2. # This is an alpha feature.
  3. export KOPS_STATE_STORE="gs://mybucket-kops"
  4. export ZONES=${MASTER_ZONES:-"us-east1-b,us-east1-c,us-east1-d"}
  5. export KOPS_FEATURE_FLAGS=AlphaAllowGCE
  6. kops create cluster kubernetes-k8s-gce.example.com
  7. --zones $ZONES \
  8. --master-zones $ZONES \
  9. --node-count 3
  10. --project my-gce-project \
  11. --image "ubuntu-os-cloud/ubuntu-1604-xenial-v20170202" \
  12. --yes