kubeedge v1.3.1部署指南

1、准备工作

1.1 kubernetes集群和edge节点

1）需要先安装一个kubernetes集群
2）准备一个edge节点，安装docker
kubernetes集群和docker的安装教程网上有很多，此处不再详述。

1.2 创建安装目录(master节点)

mkdir -p /home/bluejoy/kubeedge/deploy-v1.3.1

1.3 下载kubeedge v1.3.1源码(master节点)

cd /home/bluejoy/kubeedge/deploy-v1.3.1
git clone https://github.com/kubeedge/kubeedge.git
cd kubeedge
git checkout v1.3.1

1.4 下载 kubeedge 1.3.1 版本二进制包(master节点)

cd /home/bluejoy/kubeedge/deploy-v1.3.1
wget https://github.com/kubeedge/kubeedge/releases/download/v1.3.1/kubeedge-v1.3.1-linux-amd64.tar.gz
tar -xzvf kubeedge-v1.3.1-linux-amd64.tar.gz
mv kubeedge-v1.3.1-linux-amd64 kubeedge-v1.3.1

2、kubeedge云端部分配置 (master节点)

2.1 生成证书

kubeedge从1.3.0版本开始不需要手动生成证书，如果已经安装了旧版本，则需要清除 /etc/kubeedge/ca 和 /etc/kubeedge/certs 目录的证书。
1）清除旧版本相关的证书

kubectl delete secret casecret -nkubeedge
kubectl delete secret cloudcoresecret -nkubeedge

如果是首次安装，忽略此步骤即可。
2) 生成证书以支持 kubectl logs 命令
确认 k8s 集群正常运行，本文使用 kubeadm 部署，其证书位于/etc/kubernetes/pki/目录（注：生成证书脚本需要使用/etc/kubernetes/pki/ca.crt和/etc/kubernetes/pki/ca.key文件）。
先设置云端IP：

export CLOUDCOREIPS="192.168.56.105"

生成证书：

mkdir -p /etc/kubeedge/ca
mkdir -p /etc/kubeedge/certs
cd /home/bluejoy/kubeedge/deploy-v1.3.1/tools/
bash certgen.sh stream 

2.2 安装crds

cd /home/bluejoy/kubeedge/deploy-v1.3.1/kubeedge/build/crds/devices
kubectl create -f devices_v1alpha1_devicemodel.yaml
kubectl create -f devices_v1alpha1_device.yaml

cd /home/bluejoy/kubeedge/deploy-v1.3.1/kubeedge/build/crds/reliablesyncs
kubectl create -f cluster_objectsync_v1alpha1.yaml
kubectl create -f objectsync_v1alpha1.yaml

2.3 拷贝二进制程序到/usr/local/bin目录

cp kubeedge/cloud/cloudcore /usr/local/bin/

2.4 配置云端节点

v1.3.1版本的配置文件是由 cloudcore 程序通过执行以下命令生成的：

mkdir -p /etc/kubeedge/config/ 
cloudcore --minconfig > /etc/kubeedge/config/cloudcore.yaml 

修改配置文件：

vim /etc/kubeedge/config/cloudcore.yaml 

# With --minconfig , you can easily used this configurations as reference

# It's useful to users who are new to KubeEdge, and you can modify/create your own configs accordingly. 
# This configuration is suitable for beginners.

apiVersion: cloudcore.config.kubeedge.io/v1alpha1
kind: CloudCore
kubeAPIConfig:
  kubeConfig: /root/.kube/config
  master: "https://192.168.56.105:6443"
leaderelection:
  LeaderElect: false
  LeaseDuration: 0s
  RenewDeadline: 0s
  ResourceLock: ""
  ResourceName: ""
  ResourceNamespace: ""
  RetryPeriod: 0s
modules:
  cloudHub:
    advertiseAddress:
    - 192.168.56.105
    https:
      address: 0.0.0.0
      enable: true
      port: 10002
    nodeLimit: 10
    tlsCAFile: /etc/kubeedge/ca/rootCA.crt
    tlsCAKeyFile: /etc/kubeedge/ca/rootCA.key
    tlsCertFile: /etc/kubeedge/certs/server.crt
    tlsPrivateKeyFile: /etc/kubeedge/certs/server.key
    unixsocket:
      address: unix:///var/lib/kubeedge/kubeedge.sock
      enable: true
    websocket:
      address: 0.0.0.0
      enable: true
      port: 10000

注意根据你的环境修改以下两处地方。
1）kubeConfig的值
2）master的值
3）advertiseAddress的值，修改为master节点的IP

2.5 运行云端部分（master节点）

cloudcore > /var/log/kubeedge/cloudcore.log 2>&1

3、kubeedge边端部分配置

3.1 安装Mosquitto(edge节点)

1）添加 apt-get 源：

add-apt-repository ppa:mosquitto-dev/mosquitto-ppa
apt-get update

2）安装：

apt-get install mosquitto

3.2 拷贝二进制程序到edge节点(master节点)

scp -r /home/bluejoy/kubeedge/deploy-v1.3.1/kubeedge-v1.3.1/edge/edgecore [email protected]:/home/bluejoy/kubeedge/deploy-v1.3.1/bin

3.3 拷贝二进制程序到/usr/local/bin目录(edge节点)

cp /home/bluejoy/kubeedge/deploy-v1.3.1/bin/edgecore /usr/local/bin/

3.4 获取 token（master节点）

前文已经运行了云端，会自动产生token，这里要先切换到云端机器，获取 secret，再将 tokendata 内容解码得到 token。示例如下：

kubectl get secret tokensecret -n kubeedge -oyaml

输出：

apiVersion: v1
data:
  tokendata: MDAyZTU0ZDBkYmZmZTUxMjAwMzc5YWY5NDc5NmM1Y2ExMDc1MzIzYWVhZjMzOTUzMWIxMTdlZjQxZGQ3ZTJiMy5leUpoYkdjaU9pSklVekkxTmlJc0luUjVjQ0k2SWtwWFZDSjkuZXlKbGVIQWlPakUxT1RNMU1Ea3dOakY5Lkdwdm11Q1d5cWgzYWZ4Ml93MmN2U1NaMFQtblF1LWF6TElwOHVwR1cweWs=
kind: Secret
metadata:
  creationTimestamp: "2020-06-29T09:24:11Z"
  name: tokensecret
  namespace: kubeedge
  resourceVersion: "4297716"
  selfLink: /api/v1/namespaces/kubeedge/secrets/tokensecret
  uid: c87819c7-61d0-4a49-a420-7fca0359800e
type: Opaque

解码：

echo MDAyZTU0ZDBkYmZmZTUxMjAwMzc5YWY5NDc5NmM1Y2ExMDc1MzIzYWVhZjMzOTUzMWIxMTdlZjQxZGQ3ZTJiMy5leUpoYkdjaU9pSklVekkxTmlJc0luUjVjQ0k2SWtwWFZDSjkuZXlKbGVIQWlPakUxT1RNMU1Ea3dOakY5Lkdwdm11Q1d5cWgzYWZ4Ml93MmN2U1NaMFQtblF1LWF6TElwOHVwR1cweWs= | base64 -d

输出结果为：

002e54d0dbffe51200379af94796c5ca1075323aeaf339531b117ef41dd7e2b3.eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1OTM1MDkwNjF9.GpvmuCWyqh3afx2_w2cvSSZ0T-nQu-azLIp8upGW0yk    

3.5 配置边缘节点(edge节点)

v1.3.1版本的配置文件由 edgecore 程序通过执行以下命令生成的：

mkdir -p /etc/kubeedge/config/
edgecore --minconfig > /etc/kubeedge/config/edgecore.yaml

修改配置文件：

vim /etc/kubeedge/config/edgecore.yaml

# With --minconfig , you can easily used this configurations as reference.
# It's useful to users who are new to KubeEdge, and you can modify/create your own configs accordingly. 
# This configuration is suitable for beginners.

apiVersion: edgecore.config.kubeedge.io/v1alpha1
database:
  dataSource: /var/lib/kubeedge/edgecore.db
kind: EdgeCore
modules:
  edgeHub:
    heartbeat: 15
    httpServer: https://192.168.56.105:10002
    tlsCaFile: /etc/kubeedge/ca/rootCA.crt
    tlsCertFile: /etc/kubeedge/certs/server.crt
    tlsPrivateKeyFile: /etc/kubeedge/certs/server.key
    token: "002e54d0dbffe51200379af94796c5ca1075323aeaf339531b117ef41dd7e2b3.eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1OTM1MDkwNjF9.GpvmuCWyqh3afx2_w2cvSSZ0T-nQu-azLIp8upGW0yk"
    websocket:
      enable: true
      handshakeTimeout: 30
      readDeadline: 15
      server: 192.168.56.105:10000
      writeDeadline: 15
  edged:
    cgroupDriver: cgroupfs
    cgroupRoot: ""
    cgroupsPerQOS: true
    clusterDNS: ""
    clusterDomain: ""
    devicePluginEnabled: false
    dockerAddress: unix:///var/run/docker.sock
    gpuPluginEnabled: false
    hostnameOverride: bluejoy-jing
    interfaceName: enp0s8
    nodeIP: 192.168.56.111
    podSandboxImage: kubeedge/pause:3.1
    remoteImageEndpoint: unix:///var/run/dockershim.sock
    remoteRuntimeEndpoint: unix:///var/run/dockershim.sock
    runtimeType: docker
  eventBus:
    mqttMode: 2
    mqttQOS: 0
    mqttRetain: false
    mqttServerExternal: tcp://127.0.0.1:1883
    mqttServerInternal: tcp://127.0.0.1:1884

注意修改以下几处地方。
1）修改modules.edgehub.httpServer的值为https://192.168.56.105:10002，其中IP为云端master节点的IP
2）修改modules.edgehub.token的值为上一小节中获取到的token
3）修改modules.edgehub.websocket.server的值为192.168.56.105:10000，其中IP为云端master节点的IP地址
4）podSandboxImage，X86平台为podSandboxImage: kubeedge/pause:3.1，ARM 平台根据位数不同，可设为kubeedge/pause-arm:3.1或ubeedge/pause-arm64:3.1。
5）cgroup 驱动默认值为：cgroupDriver: cgroupfs（是否需要修改，需要查看docker info命令，获取自己节点上的值）。
6）网络设备接口名称interfaceName及节点IP地址nodeIP，在运行上述配置文件生成命令时会自动检测获取，一般无须修改，但是我的虚拟机有两块网卡，所以需要修改。
7）hostnameOverride需要修改为edge节点的主机名称。

3.6 运行边缘端（edge节点）

edgecore > /var/log/kubeedge/edgecore.log 2>&1

4、验证部署结果（master节点）

4.1 查看edge节点是否ready

4.2 部署一个deployment进行验证

cd /home/bluejoy/kubeedge/deploy-v1.3.1/kubeedge/build/
kubectl apply -f deployment.yaml

查看pod的部署结果：

4.3 删除deployment

cd /home/bluejoy/kubeedge/deploy-v1.3.1/kubeedge/build/
kubectl delete -f deployment.yaml