root@hlmubu1604n1ma:~# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.5 LTS
Release: 16.04
Codename: xenial
root@hlmubu1604n1ma:~# az
/
/ _____ _ _ ___ _
/ / |_ / | | | '__/ _
/ ____ / /| |_| | | | __/
/_/ \_/___|\__,_|_| \___|
Welcome to the cool new Azure CLI!
Use `az --version` to display the current version.
Here are the base commands:
wget https://github.com/Azure/acs-engine/releases/download/v0.18.8/acs-engine-v0.18.8-linux-amd64.tar.gz
tar zxvf acs-engine-v0.18.8-linux-amd64.tar.gz
cd acs-engine-v0.18.8-linux-amd64/
root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64# ./acs-engine version
Version: v0.18.8
GitCommit: 71d88da
GitTreeState: clean
root@hlmubu1604n1ma:~# az cloud set -n AzureChinaCloud
root@hlmubu1604n1ma:~# az login -u "***@***.onmschina.cn"
Password:
[
{
"cloudName": "AzureChinaCloud",
"id": "***",
"isDefault": true,
"name": "He Liming (anitay)",
"state": "Enabled",
"tenantId": "***",
"user": {
"name": "***",
"type": "user"
}
}
]
root@hlmubu1604n1ma:~# az account set --subscription "***"
root@hlmubu1604n1ma:~# az group create -n hlmk8srgt1 -l chinanorth
{
"id": "/subscriptions/***/resourceGroups/hlmk8srgt1",
"location": "chinanorth",
"managedBy": null,
"name": "hlmk8srgt1",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null
}
root@hlmubu1604n1ma:~# az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/***/resourceGroups/hlmk8srgt1"
Retrying role assignment creation: 1/36
Retrying role assignment creation: 2/36
Retrying role assignment creation: 3/36
Retrying role assignment creation: 4/36
Retrying role assignment creation: 5/36
Retrying role assignment creation: 6/36
{
"appId": "***",
"displayName": "azure-cli-2018-09-18-07-49-05",
"name": "http://azure-cli-2018-09-18-07-49-05",
"password": "***", "tenant": "***"
}
备注:记录appId及password的值以备后续使用
{
"apiVersion": "vlabs",
"location": "chinanorth",
"properties" : {
"orchestratorProfile" : {
"orchestratorType" : "Kubernetes",
"kubernetesConfig" : {
"schedulerConfig" : {
"--profiling" : "false"
},
"enableRbac":false,
"apiServerConfig" : {
"--audit-log-path" : "/var/log/audit.log",
"--audit-log-maxage": "30",
"--audit-log-maxsize": "100",
"--audit-log-maxbackup": "10",
"--anonymous-auth":"false",
"--profiling":"false"
},
"addons": [
{
"name":"tiller",
"enabled":false
},
{
"name":"kubernetes-dashboard",
"enabled":false
},
{
"name":"cluster-autoscaler",
"config": {
"maxNodes":"10",
"minNodes":"2"
},
"enabled":true
}
],
"dnsServiceIP" : "10.2.0.240",
"networkPolicy": "calico",
"kubeletConfig" : {
"--make-iptables-util-chains":"true",
"--allow-privileged":"false",
"--keep-terminated-pod-volumes":"false",
"--read-only-port": "0",
"--event-qps": "0",
"--cadvisor-port": "0"
},
"serviceCidr": "10.2.0.0/24",
"controllerManagerConfig": {
"--terminated-pod-gc-threshold": "5000",
"--profiling":"false"
}
},
"orchestratorVersion": "1.10.4"
},
"agentPoolProfiles": [
{
"storageProfile": "ManagedDisks",
"name": "macsetupdeve",
"count": 2,
"osType": "Linux",
"vnetSubnetId": "/subscriptions/***/resourceGroups/hlmk8st1/providers/Microsoft.Network/virtualNetworks/hlmk8svnet/subnets/default",
"vmSize": "Standard_A2_v2",
"availabilityProfile": "VirtualMachineScaleSets"
}
],
"servicePrincipalProfile": {
"clientId": "***",
"secret": "***"
},
"linuxProfile": {
"adminUsername": "stone",
"ssh": {
"publicKeys": [
{
"keyData": "ssh-rsa *** root@hlmubu1604n1ma"
}
]
}
},
"masterProfile": {
"firstConsecutiveStaticIP": "10.2.0.100",
"storageProfile": "ManagedDisks",
"count": 1,
"dnsPrefix": "hlmk8s-mstr000",
"vnetSubnetId": "/subscriptions/***/resourceGroups/hlmk8st1/providers/Microsoft.Network/virtualNetworks/hlmk8svnet/subnets/default",
"vmSize": "Standard_A2_v2"
}
}
}
备注:
clientId为之前记录的appId; secret为之前记录的password; keyData为登陆机器所需的公钥(需要使用ssh-keygen命令生成)
root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64# ./acs-engine generate kubernetes.json
INFO[0000] Generating assets into _output/hlmk8s-mstr001...
root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64# ls
acs-engine kubernetes.json kubernetes.json.bak kubernetes.json.bak1 kubernetes.json.bak2 LICENSE _output README.md translations
root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64# cd _output/
root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64/_output# ls
hlmk8s-mstr000 hlmk8s-mstr001
root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64/_output# cd hlmk8s-mstr001/
root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64/_output/hlmk8s-mstr001# ls
apimodel.json apiserver.key azuredeploy.parameters.json ca.key client.key etcdclient.key etcdpeer0.key etcdserver.key kubectlClient.crt
apiserver.crt azuredeploy.json ca.crt client.crt etcdclient.crt etcdpeer0.crt etcdserver.crt kubeconfig kubectlClient.key
root@hlmubu1604n1ma:~/acs-engine-v0.18.8-linux-amd64/_output/hlmk8s-mstr001# az group deployment create --resource-group hlmk8srgt1 --template-file azuredeploy.json --parameters azuredeploy.parameters.json
