集成使用离线docker镜像安装网络插件

roles/calico/defaults/main.yml

@@ -10,8 +10,10 @@ FELIX_LOG_LVL: "warning"
 #IP_AUTODETECTION_METHOD: "interface=eth0"
 IP_AUTODETECTION_METHOD: "can-reach={{ MASTER_IP }}"
 
+# 镜像版本
 calico_node_ver: "v3.0.6"
-
 calico_cni_ver: "v2.0.5"
-
 calico_kube_controller_ver: "v2.0.4"
+
+# 离线镜像tar包
+calico_offline: "calico_{{ calico_node_ver }}.tar"

roles/calico/tasks/main.yml

@@ -2,7 +2,9 @@
   file: name={{ item }} state=directory
   with_items:
   - /etc/calico/ssl
+  - /etc/cni/net.d
   - /opt/kube/kube-system/calico
+  - /opt/kube/images 
 
 - name: 复制CA 证书到calico 证书目录
   copy: src={{ ca_dir }}/ca.pem dest=/etc/calico/ssl/ca.pem
@@ -27,16 +29,34 @@
 - name: 准备 calico rbac文件 
   template: src=calico-rbac.yaml.j2 dest=/opt/kube/kube-system/calico/calico-rbac.yaml
 
-- name: 获取所有已经创建的POD信息
+# 【可选】推送离线docker 镜像，可以忽略执行错误
-  command: "{{ bin_dir }}/kubectl get daemonset -n kube-system"
+- name: 尝试推送离线docker 镜像（若执行失败，可忽略）
-  register: pod_info
+  copy: src={{ base_dir }}/down/{{ item }} dest=/opt/kube/images/{{ item }}
-  run_once: true
+  with_items:
+  - "pause_3.1.tar"
+  - "{{ calico_offline }}"
+  ignore_errors: true
+
+- name: 获取目录下离线镜像信息
+  command: "ls /opt/kube/images"
+  register: image_info
+
+# 如果目录下有离线镜像，就把它导入到node节点上
+- name: 导入 calico的离线镜像（若执行失败，可忽略）
+  shell: "{{ bin_dir }}/docker load -i /opt/kube/images/{{ calico_offline }}"
+  when: 'calico_offline in image_info.stdout'
+  ignore_errors: true
+
+# 如果目录下有离线镜像，就把它导入到node节点上
+- name: 导入 pause的离线镜像（若执行失败，可忽略）
+  shell: "{{ bin_dir }}/docker load -i /opt/kube/images/pause_3.1.tar"
+  when: '"pause_3" in image_info.stdout'
+  ignore_errors: true
 
 # 只需单节点执行一次
 - name: 运行 calico网络
-  shell: "{{ bin_dir }}/kubectl create -f /opt/kube/kube-system/calico/ && sleep 5"
+  shell: "{{ bin_dir }}/kubectl apply -f /opt/kube/kube-system/calico/ && sleep 5"
   run_once: true
-  when: '"calico-node" not in pod_info.stdout'
 
 # 删除原有cni配置
 - name: 删除默认cni配置

roles/flannel/defaults/main.yml

@@ -9,3 +9,6 @@ install_cni_image: "jmgao1983/flannel:v0.10.0-amd64"
 
 #flanneld_image: "quay.io/coreos/flannel:v0.10.0-amd64"
 flanneld_image: "jmgao1983/flannel:v0.10.0-amd64"
+
+# 离线镜像tar包
+flannel_offline: "flannel_v0.10.0-amd64.tar"

roles/flannel/tasks/main.yml

@@ -3,6 +3,7 @@
   with_items:
   - /etc/cni/net.d
   - /opt/kube/kube-system/flannel
+  - /opt/kube/images
 
 - name: 下载flannel cni plugins
   copy: src={{ base_dir }}/bin/{{ item }} dest={{ bin_dir }}/{{ item }} mode=0755
@@ -16,16 +17,34 @@
 - name: 准备 flannel DaemonSet yaml文件
   template: src=kube-flannel.yaml.j2 dest=/opt/kube/kube-system/flannel/kube-flannel.yaml
 
-- name: 获取所有已经创建的POD信息
+# 【可选】推送离线docker 镜像，可以忽略执行错误
-  command: "{{ bin_dir }}/kubectl get daemonset -n kube-system"
+- name: 尝试推送离线docker 镜像（若执行失败，可忽略）
-  register: pod_info
+  copy: src={{ base_dir }}/down/{{ item }} dest=/opt/kube/images/{{ item }}
-  run_once: true
+  with_items:
+  - "pause_3.1.tar"
+  - "{{ flannel_offline }}"
+  ignore_errors: true
+
+- name: 获取目录下离线镜像信息
+  command: "ls /opt/kube/images"
+  register: image_info
+
+# 如果目录下有离线镜像，就把它导入到node节点上
+- name: 导入 flannel的离线镜像（若执行失败，可忽略）
+  shell: "{{ bin_dir }}/docker load -i /opt/kube/images/{{ flannel_offline }}"
+  when: 'flannel_offline in image_info.stdout'
+  ignore_errors: true
+
+# 如果目录下有离线镜像，就把它导入到node节点上
+- name: 导入 pause的离线镜像（若执行失败，可忽略）
+  shell: "{{ bin_dir }}/docker load -i /opt/kube/images/pause_3.1.tar"
+  when: '"pause_3" in image_info.stdout'
+  ignore_errors: true
 
 # 只需单节点执行一次
 - name: 运行 flannel网络
-  shell: "{{ bin_dir }}/kubectl create -f /opt/kube/kube-system/flannel/ && sleep 5"
+  shell: "{{ bin_dir }}/kubectl apply -f /opt/kube/kube-system/flannel/ && sleep 5"
   run_once: true
-  when: '"flannel" not in pod_info.stdout'
 
 # 删除原有cni配置
 - name: 删除默认cni配置

roles/kube-router/defaults/main.yml

@@ -13,3 +13,5 @@ FIREWALL_ENABLE: "true"
 IMAGE: "cloudnativelabs/kube-router"
 PullPolicy: "IfNotPresent"
 
+# kube-router 离线镜像tar包
+kuberouter_offline: "kube-router_v0.2.0-beta.7.tar"

roles/kube-router/tasks/main.yml

@@ -3,6 +3,7 @@
   with_items:
   - /etc/cni/net.d
   - /opt/kube/kube-system/kube-router
+  - /opt/kube/images
 
 - name: 下载cni plugins
   copy: src={{ base_dir }}/bin/{{ item }} dest={{ bin_dir }}/{{ item }} mode=0755
@@ -32,16 +33,34 @@
   template: src=kuberouter-all.yaml.j2 dest=/opt/kube/kube-system/kube-router/kuberouter.yaml
   when: 'SERVICE_PROXY == "IPVS"'
 
-- name: 获取所有已经创建的POD信息
+# 【可选】推送离线docker 镜像，可以忽略执行错误
-  command: "{{ bin_dir }}/kubectl get daemonset -n kube-system"
+- name: 尝试推送离线docker 镜像（若执行失败，可忽略）
-  register: pod_info
+  copy: src={{ base_dir }}/down/{{ item }} dest=/opt/kube/images/{{ item }}
-  run_once: true
+  with_items:
+  - "pause_3.1.tar"
+  - "{{ kuberouter_offline }}"
+  ignore_errors: true
+
+- name: 获取目录下离线镜像信息
+  command: "ls /opt/kube/images"
+  register: image_info
+
+# 如果目录下有离线镜像，就把它导入到node节点上
+- name: 导入 kube-router的离线镜像（若执行失败，可忽略）
+  shell: "{{ bin_dir }}/docker load -i /opt/kube/images/{{ kuberouter_offline }}"
+  when: 'kuberouter_offline in image_info.stdout'
+  ignore_errors: true
+
+# 如果目录下有离线镜像，就把它导入到node节点上
+- name: 导入 pause的离线镜像（若执行失败，可忽略）
+  shell: "{{ bin_dir }}/docker load -i /opt/kube/images/pause_3.1.tar"
+  when: '"pause_3" in image_info.stdout'
+  ignore_errors: true
 
 # 只需单节点执行一次
 - name: 运行 kube-router DaemonSet
-  shell: "{{ bin_dir }}/kubectl create -f /opt/kube/kube-system/kube-router/ && sleep 5"
+  shell: "{{ bin_dir }}/kubectl apply -f /opt/kube/kube-system/kube-router/ && sleep 5"
   run_once: true
-  when: '"kube-router" not in pod_info.stdout'
 
 # 删除原有cni配置
 - name: 删除默认cni配置