From 6efe7b1d8a389855fe47e7833ba09977699f045d Mon Sep 17 00:00:00 2001 From: lauk001 Date: Thu, 8 Dec 2022 14:16:02 +0800 Subject: [PATCH] Submit the deployment Kubernetes documentation in English --- docs/en/graph/kubernetes/k1.PNG | Bin 0 -> 20190 bytes docs/en/graph/kubernetes/k2.PNG | Bin 0 -> 5785 bytes ... the kubernetes cluster based on NestOS.md | 722 ++++++++++++++++++ .../please_translate_documents_to_English.md | 1 - 4 files changed, 722 insertions(+), 1 deletion(-) create mode 100644 docs/en/graph/kubernetes/k1.PNG create mode 100644 docs/en/graph/kubernetes/k2.PNG create mode 100644 docs/en/use_sample/Kubernetes/Deploy the kubernetes cluster based on NestOS.md delete mode 100644 docs/en/use_sample/please_translate_documents_to_English.md diff --git a/docs/en/graph/kubernetes/k1.PNG b/docs/en/graph/kubernetes/k1.PNG new file mode 100644 index 0000000000000000000000000000000000000000..41433cf000eca88945739d8b83613b81c5b8e532 GIT binary patch literal 20190 zcmbrlcT`i~{w*2{pwdKCK)|R-QAz|9L`p;yR1mOHqy(uV9TY@TR78*#IwB=1O{I5` z5|9!)Qj~6Jp(7-akiK8=d(Q8kbMJlcpSQ+ z4)UHSdV2*u%(@jae6m3 zbY4w$eoR!Hp&+l~gW|wyaU^l_y1I(Gtbt{r zFRAC|jGV6o=ck-&yyzMj&0kI1=d*htcG@3Rhbej%Lc1pZH6}m$bY{Yw@l)W#tVttQa@CL~gX17ptz!1VTE+)11oeM+4S-I&;|S!byac)WmTH zo=xoAhOvoN+t{xJ&aFTe!AI2Or*BJExbLcWY)`!XU92dlYwwVezD5Uu|7M-l9B|y& zAN~DthrI`u5l`r&zTFvbjnKVV2i(aP*06(oc_#wG-NnwdgdMb;YPu&S5A1Z zj(+$4 zfl$XG{OF^om+Jcp$28|4viKbk`rNO zM3&|C5&IS1#FT8(-c5n7Lu;`Boh_(!U?*a@x6xA*KROoORYIRpF-kpxF~Z?$27HEf zV6J5Js|0jJ_H)l|Ih&g+~EPfa&6*3eNdbT9MG^`ky6cGru> zuVNl8%0^*N53cWKI9VV+HF|K_Xr}tqKEUiB|4Dl%gSj$f(gn>Y z3MTT_8$2gpctDAYth`%#4{7OA#uiBk_3Ne$hNzza;DEG{y3FzIeHPzRXVy!nZlB}y z+D^PT&_z0JytZs+EWqP1!nGsXU!k!N+jq0m(aPR>&^ZLxccb*WXE~AQJxiTX>W=F! z!_=iFst%as%dt9$5|~A;XNYuNmE{ z6&mTP_EH@*+Smx~#bgeyf8GrQ)FygYEo*0eL)~?;^ zn3KnuCka;o-r9x@+nLGVcF)lgs?AtrN3$Nb@r;Vs#9TnSV3Mmn#mitpypo_+n`9o`)yxS_45^Jzw z!RCPXS;*X$5mg*g3f-jaCi6OOKx8yS*Z-H7+Miwe%-}JPG1-wS=KK3!SBke_$!G@l za{FkS;8|pMp$(!&Ve7}XAx$T*~4-so5}8$?bt``2cN}-fsuDX(>j_0obJBJ zhF4pTro?!A5^vn`J}>Ym!u+!P*Po;dv8jQa(;!fAud}pm&0JnQ?55+qx0D!cW_cxF zzH4gaFgtY4--cSEL|a-V^$sN2mF?cSo)`yCKrdGA=*(wB-_-0M$=|t%9rr(A zob!L%3%yr8JE+QOQ!zuSN7yO{p*UN3X9coD2d-1Db$rt>Pr?11)e+h!$-WgED9A0yQ4_G6O4N^WhAn*xa_hYf^LQQ@NLv zbhdS_VO7$}qb%;Y7+4&tMGuU%#4pLB77FP7Gq&tvbvJ6?8+z58_+y}*4&~EF-t@0_ zM1FfQ?<~!`51ub{BJae~@}Q6Z5AVp}{lLu{x8}r%O8NHwbW&@}sRdLE{*&CwX3K}o z&A071agvbERK)%kkCy$eodMoy%%Cwr5J>5!7|=;}Ij`eCTNGBm6@ZL3@y#I@GK1VA z$(AQjR{5XGbPR^*;mFON&T4pV@d!%o7gic`*$bGWLl3BK4mz_LdYlK_w|)20DX@Ip zr09vWq5NcU+SIq%)jIb2N5^5YlDmaNeZlvU`5C4PCYqNsev7?g){b&+UKoA|C?&g` z(|JIws%_}-Ymh`2kS#yRmSs@rS|5`v=_x1iN){w5%ESX83BJ36mAL|(C}#mPw58qe zQxi2cZH&BW7D=o0JdHoU?pm7tTEKS5^0Acc$aonOQI_FuLTPyt!Bymc%4UyoyhQW|&l&o{2IXtQA?{&(E2$*`YI0yWS$j{f`p^(*TmkU^@!?BNpuHw zZDYk28T-d@>z9kJs^y<3*v6=Hh-iYBh#3*XPxk7NeN=_AV}W00u**uP#+wBGqzM7l za_K!csVF1UYsE%y^BCi@tsSmi^l2clR8y?^%~9R>8?-0F{zBcCOIW|UG`+k5O zUslRir0wnLx!KmVg#vw}n{VDN`Ixc>9{z~6+#e3tS$elGX*G-XM)#tFUP{Mhj9ltU z3!7&-fUsiS;R8Q~k8PiWhOsy=)q#7&BFw65cNA8MV%A~Xzn)RtZI5_c9yiLSr(w*0 zV(KkV9{YRGyCpe0_bi~uM`rp#%4+f_4;HJ$m!0WMczUc;!r1?esCI{U z)sW7uqiUXhDv6>bA={&L&5Y(MMF{yqv3)+id}q8z6xsYOeQyJa$+HFQ*8Fre`CoK} zAMut!i0JZ_&CHJJiv^P@$DP}&c*iU>DMcgyv+Pg-?m*Gz-2vBp2O2I!SzTWFVwR)% zeKWoj1tgWxY|4SG!CKI*U2=&XeZMb^nOKlQ9Q;r&*%@0r*~ftGHO_P=X9+`X_{wKy zO_@i?jstNe9AsK7?Av`IrJ@ZIz0#r9)M51tDvkRDzt>>17>Q~}h27ej@#v~mzelX~ zsBFMnq07WI^Sj7kx_}MqMwL*HfO+Qczd?)>ry6%PI`3c)r+Hs5w%m#LoF;MTZx+0B z7@GAve}X#rVrG5Dr|L9VS4=9np3IEs-;eCgx4?bJaUpksSS9e!M4 z)I#(=d2~6CCzu3-!>|u~a9pX0N0(*ikztu*LhPl{F{q-pq&1o}h$iIT(q<19 z5f<*Ss=rU}yHTh5FnYWyb-1XnYHlTIbNxyRhMVOL&x9|d+_o@Lz_tD3$Fb8>Q1wfn z_5`Sx($n7(>7k$KPnK=zP))HlNnIH(qnd zwAc9eZwsJ9-29}^0%k?Ijsf#i(HwJX&iGp@Q5ck;U(&Pnk(nD=SI^&@@>L_xQu%-}W-`^{pp#*FVR4O5c#n^0z&HxdSexsK^Fjt@R4Yhe zLNsBnP>R=b?uiwAS7DTPlyW&f4G()c_as2L4y?YgFSAoElifc>Jgnlvb{UmT>e8@n ztun4@?%TBuv#GXzeypVBD^$ zXy77^(D;|B>B^5Vu&i23AAv66`m>Pe5ilZ2nBFpRWO*d9l$#nSDzT=;=N3 zy!ZkmnSPg<*)`4bo2CZC@4j#Xwia;o=x9{ii+5a0Rt|7QmK9|^VVu6wp?(o+wYTPY z7N*+nYbxbN+Ny`=(?`bW^dL`B7*`a;{x?)ZbeT+51so(4Zj97CCtlE+@3pum8 zP)n?WA?HzDL!*R~`19#JS>>9e$>0t{hw@cnW~LZEpTu_!wTC>5w>`d&!EIrVTK5&b zd|s2ap_>bqhYI;t%m;qjBA&3K2RSok@|i8A7_;BuP#9YBA#!UL>x98))mRcWHCt~4 zmzK@mKX+E<&iuj7tEq%@));<+-jVnDA(8!o2-;=D8>fLbuMP;~C=R>e9u7bHo_#^n z+#5#FFazGO6<(nv$DtyT_yiLPx3OH=<|(QIL%qvjjFW@B!ziX%e{9e+gZLkpk9Dk5 z7}dz6?BCE&By_}wM8ow+o5~cRdZg7)8XWDFkOcG$pa-BB@wQ8?M#l}^2hncf+3aeVZ$ey;LSG=3qFK zv7bVRI!(U){TD!}%uVX(Ms4Xq2E!JgaJI zZ>Qo$I5RfZKh4u^{K<+dVE`&2$*83(tn0Gwy1`2C=>+DFqGvW^`zcT{gG)+Jg+Ff% zTe^RVVl&gepgiCw^`8inZ`XfbGjR+M%%?jubpK? z9>&oQJVh$KMGvB%-t-H_Jv)^zdyOZ07b{=|obde*X}L(gY86|qrPq)Dy5`jrN(pdS zZ0UOubht_)Spq8>&}lNGj6}ywV`*?77oAU)eWqY%4xOuh&HqE3N3?|eHX+M&$8 zzHEliQkGs>8gZ!28lvz%`n;z3qi>>1 z*aa|m=yqSoY}H&c?!7O?QFI9F1US>e*b0)j&M&wKXLE+?tg_UVr{P97xyAk*FO9if zxMWk&8agYU?UekGRZbUd&=o(ZH2b>UL;q{f$kjr;*Qb%Q0|O@dx$N6t+U}3s-n`a@ zT1aq_qpPm)0PmGiRkL>)@(yx~9;f4wE!70)5d2A_te)?xD@CKoCKqCDGRA_E>Wa4= zm620RR3Pbh>u)`E?WtTYf#N!H z<2GWv3md9GzZ5pZl>Nvyv~p_X3G8i~KUC>n*TlCfwx~E|jrdF{;AC1sQlAN*i3YnH zdFbIn&g!xTi=A%bM7Zm%s__z~bPT(N3ERm05|x2E8}Y2|16z?3BNSO=f_OT{qmy{1 zp=TimUmj;IqInj3!U*_SVn}mMBM*Bk&?0@~blJV(o5Y(2oFKvd6}Yfo8tzX|BrxiV( z8okdsFD7D%0)b>W{4`xi)3){34pE)=t%VpSCI14R#<+ntRPD+JUI~xD1YTpy52m@7 zea9DKbikIVW5Z{8Knl`GkQrpPPY?n#HT>U=U(wHD}S~Bf8Ezr5n zPnBCuUa{D+=8dGmMNUq-N}8KGx{zBIPhC#GF95Q*PTk$Vc|%-4UjH#HJ8dVuS()iU z3t}E0#{q4o7GAH|2Qes~0OBhYR3^WlfY#q5=~otq{2*_L3L88i{xvsP*(nTLJ|;N{#0+dF&wW)tS@6n779*MvC;}bNM#G`CU@c6?aBH1 z^K%Cn^Jp9=;h4U$HS^XsQ3UtZ?rLY${^PQ3@FO=)8?rmE7=aK|q9!@t9ZlNiTh{vp zGWfcZ9V=IcpZb0yiO?fF;HnRwkYcs%Unm9qVMY`W7U{$@A8M6Md>pNL_0$sMK!K2R zsRqeYutDxuYsp<+6-9|%t!L#SYnuD2rdNiVIx6r(eIHOVb?`NLKQj%`ltF*o{p&y!24$h|^K#-YcTx3KR`rk&Jy%wd)JrpF(2npIqP0zD#P7VoEaO^5du z@IGC>x`-r^htfkGjbORC(&Q!tM$<&TyMMet*0+zW0PrR7`n=^V4(j2IymV35HvUYu z(6sVx_0wq~GM;wdJS0m+%C}T7vCB@R{Z)v`NDk?f_TyRF^ALZknWgJhp?&33j=y9d z>}vTRxUL@5NW1DrGSDA$RXUpf{6Wo@paG6;#=76>gnxOPwwK*`eJ#j_b?!;@66SSK zf<$|4pW0vJ((Uwkl%tOZk{^p*#9JJwC2iS>vcdI zI9JT!QFY64u z|Jt(pDOt^joRz1(B3#BCj9pQx6zQ78E3)3P#WI=-S1&x^y!kvC3u9xm3)PZ?V`RaI zN?T_feAUnaGMje<%QM4xUCM@6>%diQ>Fn8On-#mQ!C>*3V`yBXK8GFuOcZ{T@a}lx zw8#cw`24HVuA-OO-vo?5QzrN-vEvvBYMIsIk-?=&k_HoQcsjz6szw!2%0)*{jBWOcpfKaH-rV6 zbFB(Mf5}59VLBSSK^G;GC-SK{ER}NX&)1!(e&UYK8_ii|M-FASrYr9V)ST8BDE6!g zDO1faaC5_GqhYlGH39||U#i+>A@!_xP4RH3yL;cu_@Cn}B#TQh^$6(KLghJsg#uvZ z#4u>erO`Q?OV(oF>y=`?(z8%t94<3TJBztHl7dBGbUeDryrX5L;Z$sjPGYMX?;JIV zoJT4}(MAbj)463^fG*?cNdAkiY3P)SiuzX3o# z2vO`xPW{Cehe^6I+d}4g$0x6%GpHZDMBG_LLQl7S|7qh}1bwsyakIY0KELvtkEATvB!b=E;4*WodSW!_wkZWhhOC@Cy|w1vA6(lkGgfWP2mM>(8B+TDcKzhK!bS)8e4i$*jh^C z>%Mqxu~gv&1I=eD3b44*LfCM}QYUN?QW*=g!5@_ck4kYb`YvR26phFle})UIc|r?V z1JImGOMnfBp?>HnzC!7=*x&d1RgJc@YVB1(ClpnBO^XZwyk}t&pYdx@=9wyf5?!&cq1GFSnD|kGSF=iN*qh}+aacr$>*`O?^lmy9>H4&9>?3)y;~0G zR6We%A3~#o0_WRsAr|yq!!je-6ihVo9T7>(*1Jxt3d-302@^666al4Ze>+z>bDPykNuq3O}Q z@@ijvVtS1L1H~s(QedhdG45yx1dN+^Iyz+`ivWq=VWeldItq;L%*XgGuS^shRor?n z^y#^u9qO|01$JHBy_z~!C-`o&_cQA1GozDAfpX@bGmPZgPLu6gQGSS+9l{|_bamsf zj7yCyOpjor%SA@nq&V#cNsx}+=vpVBaoHu7Ckge;-lCg_{u`7`{{f{N9Z_Dn4W((a zuWx#*tOyr?>^mShY-m{r`$D;|D>(F1S$i7MV4iAlG1m(djj~w70h>V=`GB5$ScCr?uy=Zf4O$bu|jFSFtYxT$aAjPcS#+k@MpsYcfD3-Gp#@&-gpE`P0`x z#gl!Fe~K}c^TzLRlehef*t*j+ImaY(lnrfz2^9Z}CN}@d!!vF@b&={cm^fbJIf^H1#(WcC zkfS&#NJWy^we+guu>jOIYkV1>ZYX{&SNw6a$FZ)O>9P4D=?d1t7l`SauQ(YE@L2f@ z_^9G>7aW{<(*Zca4(L*?E;^;dHv~HjHgDVpZ+N=sGu^bWTlF(3DN?vr~ql@%IUGeqi)zRbQgbP)xL(5 zllEapXH_^MO+O;}p_VIqP(uajM$_f6EL2|I)hz-Y{1q}ITm&hbnLXA{{z4SxWGCs& ztMsA`D|fTW90E4_Adag5AZ>m9!f-iawjAZQbGV|PKkVWdEI14|b#SnJB zEuwSk$HdXL=xj1da_$(2$v2W;KDC$srMIO2NPc@CSRHf2zoB#Cu>ZUl9w$#PM4k*X z>%|J4`WEFFDe()id&XSL%^ui7>p(8Pwsy<_>Qve@u6; z&W()SVL;GLwJU)S?3noatV>uuyPtxDX4cMlK=Oy?r{YoNLl2~wIj6U0HOPYcHA>MT&$D5ECC1FemPFMwZtZw)2JF&^M6?FsoC z^L8C&<{MtGqs-AF%Ri5a_m^GF^%Viges+wz*DrOB)H7isaET87 zWRBln@7kM5c*tC%+EoZP{*FO^+d<8U8tYGOZ^X!G{UZ>UHk^eqZiwoYs0okUD*3qR z_PHTa8PkH3E?%|QK0%@i6h>`NIwNP80qacSyC>@MN*`zcgNU`S*-D%5urO2jlqgn3 zSSCnCO|}>9zu{=naJtL}TNpo>i2VU`pH1z65+%`hC>iAqCq!#-yT-TD> z$`w8I?F9xsnBpqL+&p<<-*A6aXB zEWvYT_^$rnht)cRSzVNsnuj|h47>Qro>qJxc#%Min}@(gt~->^SiJ*!IOF4_^x~hf z=XI364+vJPHL-h`Es5)?(Bp~o&aLaK;WrXH3+(0+3zBe-<(8gJ9ZVyGx=ueZAu0PjEl_KB`ei(VD@LVfFV1ms(`ECNc_FyPu8# z4(Hx_gp?}OP*7EfY$G%M*#^qLT+T_=NF&+xO0EEu&$z1Hq-|714B^*w@O28X%+1#@s*2{L^)LRXByO*N)3#`X*9~Tu=T$r&MY@yzz@!VOk8G{Hgj|()THfc+}x39@)w!q2D|2970%)*2|0h|HH%&&xg9E;}eBaQ&XcX zS?G}}+#{BBYT|`49y_l~B{7I^sxI2;bc5_;=0XeQ7Sapb13Lo0Gb@|ubLPK6(2_$A zG7=L^9L*~EjOm*DwP-sU=F&eJrUFO9bj+sECcY?%m7i~D?&^5^=zphpqnh&c5wR}h z14a#MOLpZQV*Hs6PVJF0Kk3oJw}vuGJ^o&R+9!C+TI@;^3n6z#aBD@JB|;~%=2!t_ zXrskWzrV4bbM&j-(E@$IL=FxY*YVM)*P$iMYqNL%UocNl`3@elIqIApEm+}h##tsI zCg)hpurSe2t<`*)?AZPpCsC6Jcy3Z~enTW+7Wj6tiwwO7Yf-m_Ipc8IrhqHrvDO;_ zrO0wrEav)uk;BHObHW;+Uj9Q7@%`g`yFda>A?ot%$AX33yS-0vYOm(pYy_NILU^J+ zhIeY3KlH-EucId%#f27-P`fU7FToTcIE(zon@?Ij)E`u9k$^>IZk zeHqm(y=cX{UGlkEHqmAzbk|6T#^#FsW?7`$N%oZ6gV_ZaW;_<+elouSAV87Y19J!cPoaQQj( zY|R(oq6LpusIBp@VfjV5L_%sky;G4^TRXNiu5n*wZ{u`|GInn4-9;jEZl`2P#I<7W zjqdQ2ShtzdGONsLg2_iaI~(3CGvJNGm>Q&_^J!%8$_%2aCeWMhHYdx)Q5+KqF7=xO zlldE`pA)YZbw)VcKX*#HWpAV~v?2U-0-;EuWp58pG*MplVX3Tx-^}(S9+Ni&LzQvz z$|VgO8ZWC=O(FC_{7Ke>S*f5l5bO`Lj1r6p4X!7^UJu^C%hqL7h!zV1Go-CN(hy3t z2nccje5fyyyj1jRE&wXkk~Z9+#yj~m!h%2J>-_!&7qMY#?+b~{BbXiT=Af1KZ|>GN zvpzv~J5x5JUM96w#fJ zldQZEY7$)Hqi?celm*T9kj0X2h-0O(t5yTYrwAUFr% z$ttn@xT}Ff)W%9UwZ1t=@Y#hE<}qBnML)jOJwlH?YoH2=Da~3rWeZ(9@#9szCFT*= zK|`bldzXt<`bpNIN#Yrt)PtJxqD%*@9IOlbYE35fM=!SSuD-|CnhP1s_8eU>UWnnl zi?|Zqw~C<-p(Mil^s|_;Hvu6}gVN#|1ERER7NGXkELOuw~yn&&KDRblNVo&KLhcqiJ3^6Nzv}3_n@P^F2oD z^RDy|9r6l*M_sMC@40w!Ru~wF=6X+YdpH(~!`*mOeBTA0$3SPg1b^$6=3D-m7~22> zVfs^GdOl09H_MJC*PXkLaw~bz)|X8X3ukxJpEBL6uv|}pH7b8$=s)DEi%Fb~y4keK zbT#M}S+%@D`|!W1jO5+}@{#_}(M=sUcWP*pNu~8^@ShJT+Sb?~!CCUyJQvOJB)+BL zW8jW@vZg#UVAbvG%9`1vr4ajqGr*mL_-=m)mq*>sVbAVUk$WlzgLVpUW!p9pIF`m; zpzaUa*qmo~l5eGXBOeo$H0Nh;AFF*2mLnVdC0E7*L;tK;uC`hA>Qg#uEo9Um2fJy> z{2c5t!Vvq@PPhM3tdF~L3@oW!uCxnLA67|jc3%pEkKEk<=q%>Y>|dP`@Vt{Nx}z~V z_{tal0cw@80rcKD)yQZWk=2pAtwVNPmJ11Ez=)qz_YR zhC#95gg$Xs6qYTEFCz(?ABUUA%xBy;R_Mg|bDTKV`zCBT>}TUvL(szm3OQ9`yFn7K zc)iS+Kac-&;z+qXW6EN~p^7xPMMy`08mFu0oLiynYrFOZ><}(cj2yT*J!6^&BoY6A z)Rd~4wh6hb0YUinD*U&zl|!7x;k_Suj=g6i)2__-0C<87;%jOBZ&X2{yZ zuHfU4r1BaIcoT=bpia(3&c0w3_Jkp5z(C zF@&9{+wzg_1+#nhk*$CHl@sR{f)^T8Td`3ph>Um4P_@(Kz+o#a2Tfk~gxj+HCVp30 zA)n6VEG6}RiRQmug>NnQqJFz|;01eq5b-^zf@Z!ljCdjCIrYrJKvx@hY&SF=-+4~t za)$&^{SKA5snQLG-*S`CWWSJ~RkGb!7Yw;j$LwEIDrZ9jJ^l0^%J?9UL!WU;`ljSymq%Vv6s=*BjI(T*?Wkm}%HWADJb66>@%GjN zCNmeN)TJJjjjU#c);?Gr7c1qZo^+;$Mi#skW{9A3V>D8s58w%x!U!tdVJ$rh0mZ+s zSdI>xA~1qf`eEKj1+?Gm`H?MPZySz!sGi%4iXvBhVB6#(;g;p>_3Hs;-{Tis|C(X$ zbF452h4&d-KTDQPSlU6F=Knw%62}W81O4yX)Q~`hP$)+e&262ImD%@GaIFT*L&yA( z$@G9(Aw7emv;D%JEVN+o<9rHk_{LJmG`wJx6LzcQ=)=rfH+(-EnvUYw7!-lNDgP&8 zpkh{L^brl&ts-CBJMeh}<3Z5^PB^TMH1W|fA#3hL9`0oqqEtQvHlE)d4xRGd%Ye4e zEA{y_oONICWUROuL)sn@L(qyAK)_%7O0DmQk~-DV*BlY?bG~y8*RV_T?c!LE>j%U( z?Jk&N9;TENtw>!Bt;EW*g6`?H+;e%T{atsW`%Blun4KE0;C?fV)K{$}O05Ou=?3@9 zE{AiGyy~-r3oLBN7FfBk5alupUd60@p0)anKaCxkd%}3UBnoPVp2aF?d_>jM%*=-8 zR;$R*2ImWNjEOk(Fd^2iOQ=H z5V*S?OZ!Ar&w(>jgaG8v=v!x1PsuV&1Nol3Qm}XyVobOeG}N})ihkxT#?{pscIx1x zrVftzWOtY}RswiYR$!d4-cG5#D-OS4n4vm`dZQ+`|8b@({vnMQ({YfH?VeWwS&2|? zqgYY+8=z4%N`puM@*Ca9f)$FjVo#QNJ#r|cEi5jYcY;$^V4#c7*+TOVFF>U^b7ODY z`IivE{!c>WM#~I3{B1=&ih2d{Ze{&nuq47d=_K;Bw4>Vd#r(qhP?iiOg={leP}J$# z4s9M)o8F+z((A%_ZMv6X_FZ?z1Fj-xwNKEYiSrOxjYD1wO78jks;nS0z2zm4c>sAS%(mF}%%Rz%V3 z?vHsXKf*8fhW{wa#wZm68K`lJY+YCe&Nk_21AoTM&v=o6 zex{!VoxpYK7dVhFdcOlVXH$!Y!9C+unAU>4C5wY&$1GqR9E*PUZyW=wX2S8TW1BLaefnQ^!3Jl{*jBYQxgkw}vAK(9j^=!Ks5 z60UIv;y7)AQvqe9Om$Kl8j-0pDDx9_X*r7>XL-cShJall*=b4x-m6-E_l^wM`SS&< zAvjxh(FdGFhl(!v18a^xOH`B%%8*7BU1?Y@C)BDXQ%nFkJ9>-GMXen@5b`?BN1_NIi{w@4?Ut1Wk=_MX!qUnN(*5Xa2Z@1^(pIuN!{lwvLMW{ql7TpiIuyAWj@Gstd z_>T2ZMj(^sMLhPEZ_q3e>VjA$ehpEJ@Fuqp3_gC&G;QcQ=f}(eLW_VbuI~Win@L*HQOsl3H^GD!u4oaR z2OFfKv-*-G^e5XBX5G%cR7ehXVEq+}L$ZQR;m>_n-x51o^Jp+d54J+{*|lw^YJzkS z1KUUY`4iz7P&tbSA5fbCUpU^->@cQ2_GfM-^%ci1*f(VoP9}ux@dHJ0oTnV42G$8S zyST3KFVATt*vZhb?N2*+Yx@adYh9{xI~$DGc*$C(6M8YLKYv0xARclu4G@m8G=(){ z@GKH?DVc+i*(75?=oUK8vnCsA*dR~{YX;<+&Y=>%X2bFtr1oAnH*UDzkN|5MLo#mx z<}-RV8<1}*HTQs)9AZcRAS9W?((XWe8~!~0>gCd|lx*Kdb#lLzW`WYmxH8`jwPzkA zjL`?s_;g>M6~%-^1pm*fnZbY*pjOM4-G7=R`7hzZOtgXWRYQevO!tA6h#Dl%@<`={ z-vOzW;-x0Wf1pnpd4*n@JDlwVOshYS6kYbs_s*3k2mQ5t6*RN z4BMtcXt5o4HBS6Dkai1R2m3x_gwTgz)|Wfwc`X@EfNsMXPzj4kD{0`+iHjf0PWZb; znuuYcu>Q=fyBxT&#}PxzyPrCdT{QBMMX$ z{6OI+@Qd>>`ithPRCFA@HNWv;UtT~KG5qfYUSTC74K`E38aEuunYeI>*$&ruNgrjJ za-Kp7{Aw_6%^}iO>C9LFeF>NQHVLUoiQ;Vg$!q?)V(7+-KJPHDzn7)`8Acg=tg6&!mLYI3jeGXnVFCQmEM}f~sY0H`m4PKGh zSwO%RRHLPIRJmAnV*4`uQOP|ZljWDL$dvDZ9If$$DM|vn+o8v#(kf$;|_feA7GXlAzApl@Tp6Ch;9O9tLlRd z)@D&YdTH!nkp}_xR4H{cScY? zM=eBvA5N(pNJ4JzFJc{ES6*SsUHoh`yeGQSWHH{q@mnl9mm=JCJ_Q zCE~xR=B3 z4XKm2qlls3CcH+Y)f#dNE)hSr-eHO4AIC^&vwk@#oh&H)tt^GGN$I7AGUs2@^ZtQ( zGp5CZzx*D?2&iSPQJ-bbn6{bzaK}fQkeJGVJ1$gkCU?beiLTPzP+xk>^vPK#(el0+ zL=bNG=2{teo|lrJWqsy%O3u_hE!D;4K|JwSJgNJGn`)9Uv-kVvN6jFvioONor&gU5 zUs9n~>g!B0ulDtCq}t~n>!Zs&^iOV2uNquU(c$dNC{F(2cj;FN=Gc$DlWbvI^qPF` zny(cKLHqWOEixAE`-QT;H2m4*5#23Gcm<96xGx z1#2}u_2f)#cE|6hqb>W%xikm=ZbsMPB9}IiJgs2HS?043NHu5zwOo-I-AH1Ov7O2x zWT~xBRk@6Xwb-J`G)NZp@){%@)1Tv30Qp#VL1g^-gaF=UNXUZ{Tvs?zjwV2nY>&!@ zwJ?rs)~OJ6YtL3yjD_oY(?Icaa<$C&_r9*!g~ac^OPgcvD6F;PG4-4vSRV7 z8kb0^y+_AK!h}am^1!kt3SK&XXUO70&ojmrM@=l}R4%a$Umw3e&MDlpEJ;sAH?RZ1 z1;+N)c)|LHj!0KUQH8rEvKd&Cph-Sg=k6bV1UI$(ipsA0$?>HoFPqbWb_Z{xY1QO5 zQLI|1ig7-avb5vaJde9Nk;fe0iBkXQtN3se@tHYZ1aB$z{1ro4GsYe0rzkCskQ?6_ z&z6gBuRYQ7iFzZyq=Byh@0kWJRE>}$2$xz>#E9TaE@fm7gJn+1ad9$ZF9`nj*Y^XB zT(q%}GsObAktY9R+zfrXbdO`$nJE(3f_d)+*tx^+VS%c9ycOkdmsb5H<~B@bj1;Ns*w5j|5b&AT-(Vy@W~qxiU(;I&rSQeT%HvZ z%{?HBH1hY)=*0iAY#Numg?g~!A%T$Z*a=B;KoaaA&&o+CI5NPq?Vlp!bJ}oCy;qf# zEyA5s0)79-mG7r=;>OeX!;MTlb+0oUt?DA?ZOE7!w_Mm(-Y0r zf}mDjQ(YAG@zVN~l5H4Xhf|>xUwoH(B-cW~Sb5iAoTY#rF@Sa;jYAZzXw>J z-)g?d@#1LyhZmOV<=|$o z&&q6?J>%GGk3I?{kO@k|cC^f=W;M;Y>tJXEN1W{vwQa)}JRHp>r|7P-rI*Rt&9wDs z+U(0EPqSx->YsfwC$yHF6^-?E*d16~+jyd=jw;Wq+_d%5f!S&FZna}1?ILunDgGfX zuKPdsjTF`6y`M1n%fYfw8uq(y75z%47Y6I$q58zx!eC=W-Kt4EOex8ja-L$19js>7 z#QyRDHJW+5FSSOQMTS|B1+R+Gh6ZlZ~gMCy^1^dn|wDee4cYCp%{YU3C; zv8Ycn@&93dsZU>9q^OR&RHJ9oY%T9&_RY?1+kRD%`PIKH&~Kvusot$toa9F7hz_AM zd(m!q0L4x}$=TPWqyj`X&>GwDD1>Po-?>(r98siKow|2Gfkv;QdYNv0RXFv2KhW5c_@onFCO zqQ{ zAv%^Lo(?ELgb+3C&}GJmBq48ReZHNX_t&K2#6AT#`A?h5&pq}^bNJbF?0&1rU7+0E z9K*_GCfC%)U#y@^g>N=p>~X2#stUc*zT zv(G;JIqUCtJ?nYav)21QpYP=t5d8SI>EmVS${eca826=Tn9A$Y8ioEk+@Q#_4^ z>X!7_#RN;;4@y#{{zCVZ#Z{;%^#GIoyDCgzdUZDY3*DHnDeN;#rJlhhOA5v_xpa3r zT1JUYyA5{7)M1)`UW~K|lG)X@vdVPsRk)}g0Sb8`0{_Ocl5y!K(KSD5{get;Nw}OX ze?knOc_tqn%S|&1kg5Y9*A)Zvy!xY4nzPpDa6y!LJe98Au8}bVg|qR(&bg=u;;2P zJ6uYw*Qq}yaEOAOp-e&w1uP3(su}D7e&3j!)+f7XbTiTn85=g;+6e|ygk6posnWI+ z0*YrQ@B=;SR-Bxais@0dxA)omxEdxWH!0}ezy4B`nk-V5z4pOan#Y>#4z#li=x#Nh zX2@@tMi2HnFgwyOz1B2sK$rK2_(CHJBXPbti42>FO1fatS4v$F#TH{4A-xAMsYao& zcPh9%Y$Nv(@q%E-`XZC$QlMWznfol>*{8Y-+_ zHV<2jHXRdfhgG`l`)6B9pP9)r-hIKMio^cQH!y;~<@Q*yK`Y9bz|CLu1B$OT5?0L55*oUe<%pL-(4j6wnXfp+S@77(Q2 z;Yg~(DdTels7kC!RC{$VGaBS5`ZpN00ZV zJgEYH>=BF#o2vQJXDo7$)Ai(sAD&E@8lMenT-fr8-|&*`=JCddu2bcmD*c&oTJmATdU*me<}_Ts}-W4B?x7mEDlQL ztpKu8iR$lOz#k`kV0)#@KX|8n&7)3=m_bAv)NuaZ`=;wG7}o46TjDQh#_W7NzllF^ z5p67aSB@_Z)LKV6qN_aJU2f9LinP%3FUtex&6p^O*OC@JLh@HVPB({m*2rS04)E=) z&}~-%5G+wA>D3K7CoHdamrpcu;Kac8&0nIcWh9)rY7NZ~+!-bzWxVllp#1}IrWV$3 z26M?jp19?lP62D;QeH$y_`@b2Qe1*8b{K4(}kqBW zDL80fb_NNv_B5)-AOtL0jm99*=zTBGKiPg3pj%3=4W8e_D^rK&&gU}Jp=I&Ymv5HG z+`$y8MfhI&C{w%yc%oYA8{Zwa1(eKPkF%2N%#NI9_g<^9haC;plsncc|CO zs6saQSJe^aRO^Ux!&b0heYjBi=6NOSb|7bFz+UcXiPB!2uoG-4=gEm_^3jfq>_nX6 P0f!GBcl@V==Z)V0U@*N; literal 0 HcmV?d00001 diff --git a/docs/en/graph/kubernetes/k2.PNG b/docs/en/graph/kubernetes/k2.PNG new file mode 100644 index 0000000000000000000000000000000000000000..f3e13444ba32ef027c8b1cc305ec68b336d4c05f GIT binary patch literal 5785 zcmai&cTf|`x5pC*O%W8h6aj-$6#)eWLP-LM1VKQ>3rGnlRip?CA|*5hq=X_xDG@=6 z(gdkuf)^wdrI%1c?>z*PK$4gHd-MKzGjHC`?4I4(KhEs#?B{&XiL)>>I(6dg2><|a z${2CuE&#wL#hTyX=46cx{z*YB1N6UZqz|a*kyvFdKyG@s^#Fjc=#$4z9IQ2uFT%zj z0N`u=w*&D$CC&hVu(I(DJ=1u}CsGRVgGnLv!oVyC06=gg2=uT09`*lNHF>GQ z{VV~hS&VBFbPKnQUVrDzDQi1Md~oDT_Cd$ruVWu1Gbr?O9EqmM zg#{kOoPwVOP(}(60=fVUs_}nRJdo_vWCyMf))8pFmny{8hX~Jaxjst29XG<0Yh?sm zp8-jo^Ef%>T9xQaeJM71hranRW7sRjxj81t)!uSlu_rZrf9Y_Fr=#eg{&WTh4>zEA zISwR~Bd5{*cb}hcMM5M(XDwatlenX%@6&-Zy=xR=D{w=h`7+=wDX{S?G}2(%IZ+^S z!bKVL{6(4v|X4Elph6<8rKY1pS1!4oN2rRm-zRmhfrb2Y2}6n<}H)M!Q!^3CS8 z_NKPzWL6&xskP(AKlcKGyu*27jY{!f9^1fu0lQuZwcKBK{{zlk1UBgy=#c^!iP+rx zdL`mImf$k+RE@Qk?jGh~U5c8G?vd}}W7E6s7GXbn{GG=FZJAAW9lFZ_6Msl9pzj62lFHyS@B5??VSb(wnVyJg31pUI~Hgai(r*Z@<~g#)9${Ddeauu{DA zkV9isE><>bGEezabhx?KORi=11Z`E<<)U%l&ReNd+VhR5bK=A1JSVhk)*A|}=teg8 zBHNg0t)^~1IW=V34vy=nay6!7-!=j5@f-6Op+QB>cqZV9So==(aBtWZ7jQ`XYkWuM z>mmge%&*Q!>sNW9`|aCZB82*Ul$F`$uMgdsg3DCCYfGa}oe+c^G8x(9Lkx?}3%MT2 zSfItze}!JAex})9W_JD02?FN~TxG58#dH38y0_^^Ydj**9g%7pE%}QTJx9xpx z{phts(duZCYX7zOmzmDp6}Jz}H(~Ajo*RP3dnfTz8()g%fhQU-mqD%Tq+s=DHk@Mf zLOZDO2#5iFdGmXIFwdyR>PV`8to%ZE*RMJ^8c`n=-)&Xq188wAGl##Hcu`>It>&C1 zcp5A<-|s)ZHNGr;0rkFCr-_ezR~6nFk9aIG)UK4fRP1%S=HlJ24kyWeI zG8!)ec`%kCI+_!{LxJq@6uTwDEH-hMtbDezTuAc0T8jz$_noXOtI=`$Pj}ra5lE3k z86mD@4m3OL5!f%xIrK~Om$Zy64qf`SCv}Pa%nMX@UFzfgeQg=y$p!w)4n#ospBH*; zs`8vY=Xo7km6Xk`lk!sdqSorRfU|UaWGCe65IO6FPj9FCW$Qa&{TUZeaG0QxLrdDi)t=lyU}ja4QA9qinH1hUJ`;H*T^S> zkDg4k4`dtOT(Mtsz_fHyay#>;!mlkH&~ zX=_?9X)4|LO{CO9Sp}CM%ym?GBC{HYJ5b3ryRLrQ`gMXW}h(iNJ%wrGhTEL*gvYE&9sykU-PG5NSq! zV_4L5jXE#!0ZApF85RPSzX_e$QG3jr^?W|M$`o;i1_U^X3-*zqQ#d-J*6yo=W zgb5;;e3IB_MVD2jf^vD0M5>5RdidpJAHi=SA<=^PwJ>qMo8Ie?4;6G=(DBU4K5N{U z%|lShRaZu_1~v~R>VQiJ6)qzmGMklpvh!L6S&_W;X4eT3G26c}DnBUdd!RPt#Cs3t z$r*Bkp#kX(xwqIhk^Y$n;mP3Wm6dAy5Rz>{D1JHb-K%H4n0n?2wM_ZBJoo_D6*e{g zR-JZ+VcS->f%^EbFUQv-+g+f-zcA(r2)Mg}MAliyTXK^=pAh!2V~o61zJvteJ?xfH zHAu?B1pc0NW$WT6%MftYwLP!MYV+;zSIxRyPU$AX6U?4@F0i>j{r!Pr>RbL@V(0S8 z?m_z~iJzmEY`dGS%e-*3%zR{en-t`|2a-`(4d~|Th>-1NdlfkhGED8a>iQ{OD(b5Q z^ytBj`-HOTZ#1@?I2uaQm%Q4pbq6{aaWd~KQy0$<%{yQ{%n`d_azl~wOD}S})mtk8 zp17^nJ6}e3Rcx36AyBnTz&NpUV(w=h4fVbzeFp2X`JGmPPj`%&dN4X-$Id6po&G@; z8CoZmwpN8UEu4HB5t8kgXz1n7m*esbmo9CS9o`&#Jkz>biQN9O8aNr_wKph`{DBK= zC`G#SW7lTUZ(@gbKg^(SUuDG3WtTcB#Dm}!4dBe!POC8bYf%fBe;_n+Biw5SGV?0) z88WDC&{XOrNu_Rrhx=#zwRM=XdT&WccAqFwM>yb;)2t`eo=vqoFP6`}g+bH`+Zp4n zAg*4TX4j9P1)NfcI^x`Za=cU%^GvAB$2FJ-(`nKAb(;sB`=dK5hD_{suQ5C!@m~f2 zZ2vD|NQ%M5nN4M}x16Q4m-06nudNh*pOd7yHj>O#UHhy*@KB_WY`N(qL*O zgptIUYS6s+e6cY8iz)opQQXNj&G;K=BpRKIFogAB5x4=)VO!awgVAc0qJET2SAP8= zH~B@+$DH^HpD`nISkg4jb7mY?!z4s;FyvSKN2WTCC9@Pz{u7>bfAXt@2!|kJ6X^6v zJPa>u0=M>MlvU*cimSerAjEPKWjQ!G3LXE6Pf^8M)W@&EluaSVB7RB7rH_y?xnG|F zqUhognsaI$;}p>?gSGHjv2QLjlbJ!BEvg?9`{$Q*curUhnk>}hv z>?@Oyj%8jPS!+3#6o-M!*;n3S!)R~mE>%p~P-x(eONU!|_v2&8xr@MEqtn+HNgo&e zRCRtN&&_@0{i8EHY;eg!!AvVT()4E(-Aa;s^pNlJghn>}5eAWp)XZ~5UYGQVPW#oH zZ6rB+DiN8I&Oc-ozhKQ*cD26N4}z@odlD2w}}~cGi+G+mNP}|e<>#E?(l;vHvp?c%1T@hFYmMXPM-#M8Uqlr) z!AHd@4~H5S?|f7Qi=j-I2J<5E1)sVD9XnN46MddBhIJO2Td?ovMeR^2pEfJM@>^A` zbyf|=+Je5|gRB78T&R*wDnyS!j#{l3pi z`+H2opG(1tuaAHDL0;eCYMJ=_(!29Y39|`hqCmZU%EYpbwAW$ zJTiY!{TO$8rH2TKJxG=<;xKt~)lGpKt5Xg$!4A}|?JmC%(#YQfEq2WU&$_|qpq8*u zND4s?c%C}pnCo6M9$$wd7HU)qo7Evy4J6HQ4{cE+u&nKx}Z&H zL5O!uo#1n>opU+IGTWrXa8cUuybpnx6?&g${%xZoBF*#mk>rtRpZNsiLVuX0ZFOkB za($36^DFpr%vJRwb!-Gxo5RdC>`mcy{!?^cv5CYiH}eMhq9T45WGAB}H-wc23)n(^ zQ2i`5B!AqJtsrn(P0&@g+AoJ)YRJBCtT?CiNxyy?r?*yebttyf)QsZJ+%qFj0tm57 zs#p^!t~*=4)}^7a#uBw4AaqY{U*wUNrAn_3eslM5AMDjWDzE$3;<RhKD|BYl3?r!J;v6(E2f|5MWMW_#r2Fi=p_2_y7V!AWS@@a zf2gG(aB|~_0Fun|J0#yL-`+1+|4cqVlBlRQI(nA+a(B65#`cP%M$fayJKc^PS*`j> zlxGqAA$+!62P7H3N;V#D0uSaFW^rgHbM_h!H^!x)K%2l10J966u7WTI;$dX>^e7F# zkD!H8{4o#^^KX*PY618L9x}V;;_bU&&^|u^@PS<*S=JP};7{|^V`BqoiW?nngGEv8 z0;j|3taV=7LW^Ep5$0-1!Dr1CShxi}lxk_>CJEzXdUx4(?$2ZgF4EkDX;r_Owv63o zbVQHNHj#vXLcQs6ol(KK>E0Q*g!lc<6RR;p9b0tlGs5QkIsx{3TVm*A*6tTb-!}{R zrgtFp+6K^#4vBV+gws_NV*jtC|`9CM^^r_*$-7{C5rhI|GZT>w=+U=ujTF-0$eb&mjD z(1HMqE})NhErPog~}la zfL$|K9_A=_`r*_Xs7+q}CrXINv>R28vOWWLfam$X2-*NS{ypnAtojU3j!X(kj z;V)t`#9S}@%kT}*Vzj_ey9pEzP62MnE>>^1xYHBJoK4zYqKkKu6t`Dn;`GKZfd??w z5@s=%oPwku@pSa!0~^Z`S4J|9OjN`W@Rpm-K${BWS8rQ4_)_g}9M=ddOHbmrl@2i* zu2)+>{{B6|-b?!fxt`kqd!89=w-?Nc)shnbq4jX3@yN=hK5pyyZri=LWKx37faiL+ z5b1mxkfHk#Y-ai^(xwnq`{$B2+aHrFiJ*royogHdrQQ}<(VYi>%SxHL(MRdag1fVZ zZM)a-wg2GwWx*-Mp&w+4s&sJToSbFgiHrC6`1>^31rGCR2AG)>T)4{11Ko!z;DIAI-2sIfBpmYea}P zayjdT&P@)X7=KeVR#C5ri`O?tJnq2Cd>(9nMHewG$;9+< z%GX){W1|8Dyi3|SGQFdV2N*4X7y3z+2JsXe#ohgE%^fD*Y59Xo_N_eC{qop7QEW54 z@yQsYLsn+#RQ!tAZ;oxeTJKX^7={U9aI*8X_1(MTf&8Zg1LGhW=*qIU)a(EYtZ^H} zg)!4rR5>V`v0Ug>f!xKNVm4laHYd!qp2A&QA}W$|8PDujZH@NvWhs>+xTKR<4)%a~ z(_&5_K+0{sB`mLP_CBljr#)LksmVFZDzH{5u^xDdVxqzrD!9+bO1;-3K%kIoO!_wS zz4dbzBA@i;gqsdNy0xG!`F>9Bf$uH#YMA0`@_+A{Bj6O84s0thcv6%~=ObocIJ00l@%I19A?!5s;;A;41TArgD*nZ4B>w{Y;0(D Kqe9;?^1lFQ$A%>U literal 0 HcmV?d00001 diff --git a/docs/en/use_sample/Kubernetes/Deploy the kubernetes cluster based on NestOS.md b/docs/en/use_sample/Kubernetes/Deploy the kubernetes cluster based on NestOS.md new file mode 100644 index 0000000..10751f3 --- /dev/null +++ b/docs/en/use_sample/Kubernetes/Deploy the kubernetes cluster based on NestOS.md @@ -0,0 +1,722 @@ +# Deploy the kubernetes cluster based on NestOS + +​ + +## Overall Solution + +Kubernetes is a choreography management tool for portable containers. The purpose of this guide is to provide a NestOS solution for rapid containerized deployment of kubernetes. The solution uses the virtualization platform to create multiple NestOS nodes as the validation environment for deploying kubernetes, and pre-configuates the required environment for kubernetes into a yaml file by writing the Ignition file. After the NestOS operating system is installed, resources required for kubernetes are deployed and nodes are created. You can also use this document and the NestOS bare-metal installation documentation to deploy kubernetes in a bare-metal environment. + +- Version Information: + + - NestOS version:22.09 + + - Kubernetes version:v1.23.10 + + - isulad version:2.0.16 + +- Installation Requirements + - 2GB or more RAM per machine + - CPU2 core or higher + - All machines in the cluster are communicating properly + - The host name cannot be the same on the node + - Access the Internet and pull up mirrors + - Disable swap partition + - Close selinux +- Deployment Contents + - NestOS image integrates binary files such as isulad, kubeadm, kubelet, and kubectl + - Deploy the kubernetes Master node + - Deploy the container network plug-in + - Deploy the kubernetes Node and add it to the kubernetes cluster + +## Configure the Kubernetes node + +NestOS implements node batch configuration through the Ignition file mechanism. This section describes the Ignition file generation method and provides an example of the Ignition configuration when deploying kubernetes in a container. The system configuration of the node is as follows: + +| Configuration Items | Instructions | +| ---------------------------- | ------------------------------------------------------------ | +| passwd | Configure node login users and access authentication information | +| hostname | Configure the node hostname | +| The time zone | Configure the default time zone for the node | +| Kernel parameters | The deployment environment requires some kernel parameters to be enabled | +| Close selinux | selinux needs to be closed | +| Setting Time Synchronization | Synchronize the cluster time through the chronyd service | + +### Generating a login Password + +To access the NestOS in password mode, run the following command to generate ${PASSWORD_HASH} for the ignition file configuration: + +``` +openssl passwd -1 -salt yoursalt +``` + +### Generate an ssh key pair + +To access the NestOS in ssh public key mode, run the following command to generate the ssh key pair: + +``` +ssh-keygen -N '' -f /root/.ssh/id_rsa +``` + +View the public key file id_rsa.pub to obtain the ssh public key information for Ignition file configuration: + +``` +cat /root/.ssh/id_rsa.pub +``` + +### Write the butane configuration file + +The following fields need to be configured based on the actual deployment situation. The above section provides the generation method for some fields: + +- ${PASSWORD_HASH}:Login Password +- ${SSH-RSA}:Public key +- ${MASTER_NAME}:Master node hostname +- ${MASTER_IP}:Master node IP +- ${MASTER_SEGMENT}:Master node Network segment +- ${NODE_NAME}:hostname of the work node +- ${NODE_IP}:IP of the work node +- ${GATEWAY}:gateway +- ${service-cidr}:service ip address segment +- ${pod-network-cidr}:pod ip address segment +- ${image-repository}:mirror address +- ${token}:token + +Example of the butane configuration file for the master node: + +```yaml +variant: fcos +version: 1.1.0 +##passwd +passwd: + users: + - name: root + password_hash: "${PASSWORD_HASH}" + "groups": [ + "adm", + "sudo", + "systemd-journal", + "wheel" + ] + ##ssh + ssh_authorized_keys: + - "${SSH-RSA}" +storage: + directories: + - path: /etc/systemd/system/kubelet.service.d + overwrite: true + files: + - path: /etc/hostname + mode: 0644 + contents: + inline: ${MASTER_NAME} + - path: /etc/hosts + mode: 0644 + overwrite: true + contents: + inline: | + 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 + ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 + ${MASTER_IP} ${MASTER_NAME} + ${NODE_IP} ${NODE_NAME} + - path: /etc/NetworkManager/system-connections/ens2.nmconnection + mode: 0600 + overwrite: true + contents: + inline: | + [connection] + id=ens2 + type=ethernet + interface-name=ens2 + [ipv4] + address1=${MASTER_IP}/24,${GATEWAY} + dns=8.8.8.8 + dns-search= + method=manual + - path: /etc/sysctl.d/kubernetes.conf + mode: 0644 + overwrite: true + contents: + inline: | + net.bridge.bridge-nf-call-iptables=1 + net.bridge.bridge-nf-call-ip6tables=1 + net.ipv4.ip_forward=1 + - path: /etc/isulad/daemon.json + mode: 0644 + overwrite: true + contents: + inline: | + { + "exec-opts": ["native.cgroupdriver=systemd"], + "group": "isula", + "default-runtime": "lcr", + "graph": "/var/lib/isulad", + "state": "/var/run/isulad", + "engine": "lcr", + "log-level": "ERROR", + "pidfile": "/var/run/isulad.pid", + "log-opts": { + "log-file-mode": "0600", + "log-path": "/var/lib/isulad", + "max-file": "1", + "max-size": "30KB" + }, + "log-driver": "stdout", + "container-log": { + "driver": "json-file" + }, + "hook-spec": "/etc/default/isulad/hooks/default.json", + "start-timeout": "2m", + "storage-driver": "overlay2", + "storage-opts": [ + "overlay2.override_kernel_check=true" + ], + "registry-mirrors": [ + "docker.io" + ], + "insecure-registries": [ + "${image-repository}" + ], + "pod-sandbox-image": "k8s.gcr.io/pause:3.6", + "native.umask": "secure", + "network-plugin": "cni", + "cni-bin-dir": "/opt/cni/bin", + "cni-conf-dir": "/etc/cni/net.d", + "image-layer-check": false, + "use-decrypted-key": true, + "insecure-skip-verify-enforce": false, + "cri-runtimes": { + "kata": "io.containerd.kata.v2" + } + } + - path: /root/pull_images.sh + mode: 0644 + overwrite: true + contents: + inline: | + #!/bin/sh + KUBE_VERSION=v1.23.10 + KUBE_PAUSE_VERSION=3.6 + ETCD_VERSION=3.5.1-0 + DNS_VERSION=v1.8.6 + CALICO_VERSION=v3.19.4 + username=${image-repository} + images=( + kube-proxy:${KUBE_VERSION} + kube-scheduler:${KUBE_VERSION} + kube-controller-manager:${KUBE_VERSION} + kube-apiserver:${KUBE_VERSION} + pause:${KUBE_PAUSE_VERSION} + etcd:${ETCD_VERSION} + ) + for image in ${images[@]} + do + isula pull ${username}/${image} + isula tag ${username}/${image} k8s.gcr.io/${image} + isula rmi ${username}/${image} + done + isula pull ${username}/coredns:${DNS_VERSION} + isula tag ${username}/coredns:${DNS_VERSION} k8s.gcr.io/coredns/coredns:${DNS_VERSION} + isula rmi ${username}/coredns:${DNS_VERSION} + isula pull calico/node:${CALICO_VERSION} + isula pull calico/cni:${CALICO_VERSION} + isula pull calico/kube-controllers:${CALICO_VERSION} + isula pull calico/pod2daemon-flexvol:${CALICO_VERSION} + touch /var/log/pull-images.stamp + - path: /etc/systemd/system/kubelet.service.d/10-kubeadm.conf + mode: 0644 + contents: + inline: | + # Note: This dropin only works with kubeadm and kubelet v1.11+ + [Service] + Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf" + Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml" + # This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically + EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env + # This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use + # the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file. + EnvironmentFile=-/etc/sysconfig/kubelet + ExecStart= + ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS + - path: /root/init-config.yaml + mode: 0644 + contents: + inline: | + apiVersion: kubeadm.k8s.io/v1beta2 + kind: InitConfiguration + nodeRegistration: + criSocket: /var/run/isulad.sock + name: k8s-master01 + kubeletExtraArgs: + volume-plugin-dir: "/opt/libexec/kubernetes/kubelet-plugins/volume/exec/" + --- + apiVersion: kubeadm.k8s.io/v1beta2 + kind: ClusterConfiguration + controllerManager: + extraArgs: + flex-volume-plugin-dir: "/opt/libexec/kubernetes/kubelet-plugins/volume/exec/" + kubernetesVersion: v1.23.10 + imageRepository: k8s.gcr.io + controlPlaneEndpoint: "${MASTER_IP}:6443" + networking: + serviceSubnet: "${service-cidr}" + podSubnet: "${pod-network-cidr}" + dnsDomain: "cluster.local" + dns: + type: CoreDNS + imageRepository: k8s.gcr.io/coredns + imageTag: v1.8.6 + links: + - path: /etc/localtime + target: ../usr/share/zoneinfo/Asia/Shanghai + +systemd: + units: + - name: kubelet.service + enabled: true + contents: | + [Unit] + Description=kubelet: The Kubernetes Node Agent + Documentation=https://kubernetes.io/docs/ + Wants=network-online.target + After=network-online.target + + [Service] + ExecStart=/usr/bin/kubelet + Restart=always + StartLimitInterval=0 + RestartSec=10 + + [Install] + WantedBy=multi-user.target + + - name: set-kernel-para.service + enabled: true + contents: | + [Unit] + Description=set kernel para for Kubernetes + ConditionPathExists=!/var/log/set-kernel-para.stamp + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=modprobe br_netfilter + ExecStart=sysctl -p /etc/sysctl.d/kubernetes.conf + ExecStart=/bin/touch /var/log/set-kernel-para.stamp + + [Install] + WantedBy=multi-user.target + + - name: pull-images.service + enabled: true + contents: | + [Unit] + Description=pull images for kubernetes + ConditionPathExists=!/var/log/pull-images.stamp + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=systemctl start isulad + ExecStart=systemctl enable isulad + ExecStart=sh /root/pull_images.sh + + [Install] + WantedBy=multi-user.target + + - name: disable-selinux.service + enabled: true + contents: | + [Unit] + Description=disable selinux for kubernetes + ConditionPathExists=!/var/log/disable-selinux.stamp + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=bash -c "sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config" + ExecStart=setenforce 0 + ExecStart=/bin/touch /var/log/disable-selinux.stamp + + [Install] + WantedBy=multi-user.target + + - name: set-time-sync.service + enabled: true + contents: | + [Unit] + Description=set time sync for kubernetes + ConditionPathExists=!/var/log/set-time-sync.stamp + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=bash -c "sed -i '3aserver ntp1.aliyun.com iburst' /etc/chrony.conf" + ExecStart=bash -c "sed -i '24aallow ${MASTER_SEGMENT}' /etc/chrony.conf" + ExecStart=bash -c "sed -i '26alocal stratum 10' /etc/chrony.conf" + ExecStart=systemctl restart chronyd.service + ExecStart=/bin/touch /var/log/set-time-sync.stamp + + [Install] + WantedBy=multi-user.target + + - name: init-cluster.service + enabled: true + contents: | + [Unit] + Description=init kubernetes cluster + Requires=set-kernel-para.service pull-images.service disable-selinux.service set-time-sync.service + After=set-kernel-para.service pull-images.service disable-selinux.service set-time-sync.service + ConditionPathExists=/var/log/set-kernel-para.stamp + ConditionPathExists=/var/log/set-time-sync.stamp + ConditionPathExists=/var/log/disable-selinux.stamp + ConditionPathExists=/var/log/pull-images.stamp + ConditionPathExists=!/var/log/init-k8s-cluster.stamp + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=kubeadm init --config=/root/init-config.yaml --upload-certs + ExecStart=/bin/touch /var/log/init-k8s-cluster.stamp + + [Install] + WantedBy=multi-user.target + + + - name: install-cni-plugin.service + enabled: true + contents: | + [Unit] + Description=install cni network plugin for kubernetes + Requires=init-cluster.service + After=init-cluster.service + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=bash -c "curl https://docs.projectcalico.org/v3.19/manifests/calico.yaml -o /root/calico.yaml" + ExecStart=/bin/sleep 6 + ExecStart=bash -c "sed -i 's#usr/libexec/#opt/libexec/#g' /root/calico.yaml" + ExecStart=kubectl apply -f /root/calico.yaml --kubeconfig=/etc/kubernetes/admin.conf + + [Install] + WantedBy=multi-user.target + +``` + +Example of a Node butane configuration file: + +```yaml +variant: fcos +version: 1.1.0 +passwd: + users: + - name: root + password_hash: "${PASSWORD_HASH}" + "groups": [ + "adm", + "sudo", + "systemd-journal", + "wheel" + ] + ssh_authorized_keys: + - "${SSH-RSA}" +storage: + directories: + - path: /etc/systemd/system/kubelet.service.d + overwrite: true + files: + - path: /etc/hostname + mode: 0644 + contents: + inline: ${NODE_NAME} + - path: /etc/hosts + mode: 0644 + overwrite: true + contents: + inline: | + 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 + ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 + ${MASTER_IP} ${MASTER_NAME} + ${NODE_IP} ${NODE_NAME} + - path: /etc/NetworkManager/system-connections/ens2.nmconnection + mode: 0600 + overwrite: true + contents: + inline: | + [connection] + id=ens2 + type=ethernet + interface-name=ens2 + [ipv4] + address1=${NODE_IP}/24,${GATEWAY} + dns=8.8.8.8; + dns-search= + method=manual + - path: /etc/sysctl.d/kubernetes.conf + mode: 0644 + overwrite: true + contents: + inline: | + net.bridge.bridge-nf-call-iptables=1 + net.bridge.bridge-nf-call-ip6tables=1 + net.ipv4.ip_forward=1 + - path: /etc/isulad/daemon.json + mode: 0644 + overwrite: true + contents: + inline: | + { + "exec-opts": ["native.cgroupdriver=systemd"], + "group": "isula", + "default-runtime": "lcr", + "graph": "/var/lib/isulad", + "state": "/var/run/isulad", + "engine": "lcr", + "log-level": "ERROR", + "pidfile": "/var/run/isulad.pid", + "log-opts": { + "log-file-mode": "0600", + "log-path": "/var/lib/isulad", + "max-file": "1", + "max-size": "30KB" + }, + "log-driver": "stdout", + "container-log": { + "driver": "json-file" + }, + "hook-spec": "/etc/default/isulad/hooks/default.json", + "start-timeout": "2m", + "storage-driver": "overlay2", + "storage-opts": [ + "overlay2.override_kernel_check=true" + ], + "registry-mirrors": [ + "docker.io" + ], + "insecure-registries": [ + "${image-repository}" + ], + "pod-sandbox-image": "k8s.gcr.io/pause:3.6", + "native.umask": "secure", + "network-plugin": "cni", + "cni-bin-dir": "/opt/cni/bin", + "cni-conf-dir": "/etc/cni/net.d", + "image-layer-check": false, + "use-decrypted-key": true, + "insecure-skip-verify-enforce": false, + "cri-runtimes": { + "kata": "io.containerd.kata.v2" + } + } + - path: /root/pull_images.sh + mode: 0644 + overwrite: true + contents: + inline: | + #!/bin/sh + KUBE_VERSION=v1.23.10 + KUBE_PAUSE_VERSION=3.6 + ETCD_VERSION=3.5.1-0 + DNS_VERSION=v1.8.6 + CALICO_VERSION=v3.19.4 + username=${image-repository} + images=( + kube-proxy:${KUBE_VERSION} + kube-scheduler:${KUBE_VERSION} + kube-controller-manager:${KUBE_VERSION} + kube-apiserver:${KUBE_VERSION} + pause:${KUBE_PAUSE_VERSION} + etcd:${ETCD_VERSION} + ) + for image in ${images[@]} + do + isula pull ${username}/${image} + isula tag ${username}/${image} k8s.gcr.io/${image} + isula rmi ${username}/${image} + done + isula pull ${username}/coredns:${DNS_VERSION} + isula tag ${username}/coredns:${DNS_VERSION} k8s.gcr.io/coredns/coredns:${DNS_VERSION} + isula rmi ${username}/coredns:${DNS_VERSION} + touch /var/log/pull-images.stamp + - path: /etc/systemd/system/kubelet.service.d/10-kubeadm.conf + mode: 0644 + contents: + inline: | + # Note: This dropin only works with kubeadm and kubelet v1.11+ + [Service] + Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf" + Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml" + # This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically + EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env + # This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use + # the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file. + EnvironmentFile=-/etc/sysconfig/kubelet + ExecStart= + ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS + - path: /root/join-config.yaml + mode: 0644 + contents: + inline: | + apiVersion: kubeadm.k8s.io/v1beta3 + caCertPath: /etc/kubernetes/pki/ca.crt + discovery: + bootstrapToken: + apiServerEndpoint: ${MASTER_IP}:6443 + token: ${token} + unsafeSkipCAVerification: true + timeout: 5m0s + tlsBootstrapToken: ${token} + kind: JoinConfiguration + nodeRegistration: + criSocket: /var/run/isulad.sock + imagePullPolicy: IfNotPresent + name: ${NODE_NAME} + taints: null + links: + - path: /etc/localtime + target: ../usr/share/zoneinfo/Asia/Shanghai + +systemd: + units: + - name: kubelet.service + enabled: true + contents: | + [Unit] + Description=kubelet: The Kubernetes Node Agent + Documentation=https://kubernetes.io/docs/ + Wants=network-online.target + After=network-online.target + + [Service] + ExecStart=/usr/bin/kubelet + Restart=always + StartLimitInterval=0 + RestartSec=10 + + [Install] + WantedBy=multi-user.target + + - name: set-kernel-para.service + enabled: true + contents: | + [Unit] + Description=set kernel para for kubernetes + ConditionPathExists=!/var/log/set-kernel-para.stamp + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=modprobe br_netfilter + ExecStart=sysctl -p /etc/sysctl.d/kubernetes.conf + ExecStart=/bin/touch /var/log/set-kernel-para.stamp + + [Install] + WantedBy=multi-user.target + + - name: pull-images.service + enabled: true + contents: | + [Unit] + Description=pull images for kubernetes + ConditionPathExists=!/var/log/pull-images.stamp + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=systemctl start isulad + ExecStart=systemctl enable isulad + ExecStart=sh /root/pull_images.sh + + [Install] + WantedBy=multi-user.target + + - name: disable-selinux.service + enabled: true + contents: | + [Unit] + Description=disable selinux for kubernetes + ConditionPathExists=!/var/log/disable-selinux.stamp + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=bash -c "sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config" + ExecStart=setenforce 0 + ExecStart=/bin/touch /var/log/disable-selinux.stamp + + [Install] + WantedBy=multi-user.target + + - name: set-time-sync.service + enabled: true + contents: | + [Unit] + Description=set time sync for kubernetes + ConditionPathExists=!/var/log/set-time-sync.stamp + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=bash -c "sed -i '3aserver ${MASTER_IP}' /etc/chrony.conf" + ExecStart=systemctl restart chronyd.service + ExecStart=/bin/touch /var/log/set-time-sync.stamp + + [Install] + WantedBy=multi-user.target + + - name: join-cluster.service + enabled: true + contents: | + [Unit] + Description=node join kubernetes cluster + Requires=set-kernel-para.service pull-images.service disable-selinux.service set-time-sync.service + After=set-kernel-para.service pull-images.service disable-selinux.service set-time-sync.service + ConditionPathExists=/var/log/set-kernel-para.stamp + ConditionPathExists=/var/log/set-time-sync.stamp + ConditionPathExists=/var/log/disable-selinux.stamp + ConditionPathExists=/var/log/pull-images.stamp + + [Service] + Type=oneshot + RemainAfterExit=yes + ExecStart=kubeadm join --config=/root/join-config.yaml + + [Install] + WantedBy=multi-user.target + +``` + +### Generate Ignition files + +The Butane configuration is converted to the Ignition configuration command: + +``` +podman run --interactive --rm quay.io/coreos/butane:release --pretty --strict < your_config.bu > transpiled_config.ign +``` + + + +## Create the Kubernetes cluster + +Using the Ignition file configured in the previous section, create the Master node of the k8s cluster with adjustable vcpus, ram, and disk parameters (see the virt-install manual for details) by executing the following command. + +``` +virt-install --name=${NAME} --vcpus=4 --ram=8192 --import --network=bridge=virbr0 --graphics=none --qemu-commandline="-fw_cfg name=opt/com.coreos/config,file=${IGNITION_FILE_PATH}" --disk=size=40,backing_store=${NESTOS_RELEASE_QCOW2_PATH} --network=bridge=virbr1 --disk=size=40 +``` + +After the Master node is successfully installed, a series of environment configuration services will be started in the background of the system. Among them, set-kernel-para.service will configure kernel parameters, and pull-images.service will pull images required by the cluster. disable-selinux.service disables selinux, set-time-sync.service sets time synchronization, and init-cluster.service initializes the cluster. install-cni-plugin.service installs the cni network plug-in. During the cluster deployment process, you need to wait several minutes because the image is to be pulled. + +Run the kubectl get pods -A command to check whether all Pods are in the running state: + +![](/docs/en/graph/kubernetes/k1.PNG) + +To view the token on the Master node, run the following command: + +``` +kubeadm token list +``` + +Add the token information to the ignition file of the work node, and use that ignition file to create work nodes. After a work nodes are created, check whether it is added to the cluster. + +![](/docs/en/graph/kubernetes/k2.PNG) + +Kubernetes is deployed successfully diff --git a/docs/en/use_sample/please_translate_documents_to_English.md b/docs/en/use_sample/please_translate_documents_to_English.md deleted file mode 100644 index f1e8859..0000000 --- a/docs/en/use_sample/please_translate_documents_to_English.md +++ /dev/null @@ -1 +0,0 @@ -Please translate documents to English. \ No newline at end of file -- Gitee