kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6262 from qqshfox/patch-3 

Update aws-china.md
This commit is contained in:
Kubernetes Prow Robot 2019-01-03 07:34:48 -08:00 committed by GitHub
parent 654e7c20fe 0cb84f0d79
commit b7caa4fe5b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
docs/aws-china.md
View File

@ -2,10 +2,12 @@
## Getting Started
Kops used to only support Google Cloud DNS and Amazon Route53 to provision a kubernetes cluster. But since 1.6.2 `gossip` has been added which make it possible to provision a cluster without one of those DNS providers. Thanks to `gossip`, it's officially supported to provision a fully-functional kubernetes cluster in AWS China Region [which doesn't have Route53 so far][1] since [1.7][2]. Currently only `cn-north-1` is available but [new region coming *soon*][9]
Kops used to only support Google Cloud DNS and Amazon Route53 to provision a kubernetes cluster. But since 1.6.2 `gossip` has been added which make it possible to provision a cluster without one of those DNS providers. Thanks to `gossip`, it's officially supported to provision a fully-functional kubernetes cluster in AWS China Region [which doesn't have Route53 so far][1] since [1.7][2]. Should support both `cn-north-1` and `cn-northwest-1`, but only `cn-north-1` is tested.
Most of the following procedures to provision a cluster are the same with [the guide to use kops in AWS](aws.md). The differences will be highlighted and the similar parts will be omitted.
*NOTE: THE FOLLOWING PROCEDURES ARE ONLY TESTED WITH KOPS 1.10.0, 1.10.1 AND KUBERNETES 1.9.11, 1.10.12*
### [Install kops](aws.md#install-kops)
### [Install kubectl](aws.md#install-kubectl)
@ -53,9 +55,9 @@ First of all, we have to solve the slow and unstable connection to the internet
### Prepare kops ami
We have to build our own AMI because there is [no official kops ami in AWS China Region][3]. There're two ways to accomplish so.
We have to build our own AMI because there is [no official kops ami in AWS China Regions][3]. There're two ways to accomplish so.
#### ImageBuilder
#### ImageBuilder **RECOMMENDED**
First, launch an instance in a private subnet which accesses the internet fast and stably.
@ -80,25 +82,22 @@ cd ${GOPATH}/src/k8s.io/kube-deploy/imagebuilder
sed -i '' "s|publicIP := aws.StringValue(instance.PublicIpAddress)|publicIP := aws.StringValue(instance.PrivateIpAddress)|" pkg/imagebuilder/aws.go
make
# If the keypair specified is not `$HOME/.ssh/id_rsa`, `aws.yaml` need to be modified to add the full path to the private key.
echo 'SSHPrivateKey: "/absolute/path/to/the/private/key"' >> aws.yaml
# cloud-init is failing due to urllib3 dependency. https://github.com/aws/aws-cli/issues/3678
sed -i '' "s/'awscli'/'awscli==1.16.38'/g" templates/1.9-jessie.yml
${GOPATH}/bin/imagebuilder --config aws.yaml --v=8 --publish=false --replicate=false --up=false --down=false
# If the keypair specified is not `$HOME/.ssh/id_rsa`, the config yaml file need to be modified to add the full path to the private key.
echo 'SSHPrivateKey: "/absolute/path/to/the/private/key"' >> aws-1.9-jessie.yaml
${GOPATH}/bin/imagebuilder --config aws-1.9-jessie.yaml --v=8 --publish=false --replicate=false --up=false --down=false
```
*NOTE*
`imagebuilder` may complain `image not found after build` and the execution fails. But from the logs ahead the exception, we can find the AMI has been registered actually. It seems that the AMI newly created not available yet despite `bootstrap-vz` claims so. [kubernetes/kube-deploy#293](https://github.com/kubernetes/kube-deploy/issues/293).
Wait one minute or so, the AMI should be available finally.
#### Copy AMI from another region
Following [the comment][5] to copy the kops image from another region, e.g. `ap-southeast-1`.
#### Get the AMI id
No matter how to build the AMI, we get an AMI finally, e.g. `k8s-1.7-debian-jessie-amd64-hvm-ebs-2017-09-09`.
No matter how to build the AMI, we get an AMI finally, e.g. `k8s-1.9-debian-jessie-amd64-hvm-ebs-2018-07-18`.
### [Prepare local environment](aws.md#prepare-local-environment)
@ -122,7 +121,7 @@ Below is a `create cluster` command which will create a complete internal cluste
```console
VPC_ID=<vpc id>
VPC_NETWORK_CIDR=<vpc network cidr> # e.g. 172.30.0.0/16
AMI=<owner id/ami name> # e.g. 123456890/k8s-1.7-debian-jessie-amd64-hvm-ebs-2017-09-09
AMI=<owner id/ami name> # e.g. 123456890/k8s-1.9-debian-jessie-amd64-hvm-ebs-2018-07-18
kops create cluster \
--zones ${AWS_REGION}a \
@ -132,7 +131,7 @@ kops create cluster \
--associate-public-ip=false \
--api-loadbalancer-type internal \
--topology private \
--networking weave \
--networking calico \
${NAME}
```
@ -212,11 +211,13 @@ ASSET_BUCKET="some-asset-bucket"
ASSET_PREFIX=""
# Please note that this filename of cni asset may change with kubernetes version
CNI_FILENAME=cni-0799f5732f2a11b329d9e3d51b9c8f2e3759f2ff.tar.gz
# Find this in https://github.com/kubernetes/kops/blob/master/upup/pkg/fi/cloudup/networking.go
CNI_FILENAME=cni-plugins-amd64-v0.6.0.tgz
export KOPS_BASE_URL=https://s3.cn-north-1.amazonaws.com.cn/$ASSET_BUCKET/kops/$KOPS_VERSION/
export CNI_VERSION_URL=https://s3.cn-north-1.amazonaws.com.cn/$ASSET_BUCKET/kubernetes/network-plugins/$CNI_FILENAME
export CNI_ASSET_HASH_STRING=d595d3ded6499a64e8dac02466e2f5f2ce257c9f
## Download assets
@ -296,4 +297,3 @@ It hasn't been tested as this approach was only a PR when the author experimenti
[6]: https://github.com/kubernetes/kops/issues/3088
[7]: https://docs.docker.com/registry/recipes/mirror/#use-case-the-china-registry-mirror
[8]: https://github.com/kubernetes/kops/issues/3236
[9]: https://aws.amazon.com/about-aws/global-infrastructure/