国产麒麟(Kylin-Server-10)系统无外网环境安装docker

由于某些原因服务器环境不给开放外网,只能提前在有外网环境准备好相关资源后再部署。
先在有外网环境制作yum安装包,再将压缩包拷贝到无外网环境通过ansible安装docker。

制作ansible、docker离线安装包

ansible离线安装包

#查看依赖包
yum deplist ansible

#拉取ansible所有关联包到/opt/ansible中
yumdownloader ansible  --resolve --destdir=/opt/ansible

#顺便把createrepo也一起,一会一起打包,kylin带桌面已有可跳过
yumdownloader createrepo --resolve --destdir=/opt/ansible

#执行成功后会在/opt/ansible生成一个repodata目录
createrepo /opt/ansible/

#创建离线安装压缩包
cd /opt/ansible
tar zcvf ansible.offline.tar.gz *

docker离线安装包

cd /etc/yum.repos.d
wget https://mirrors.aliyun.com/repo/Centos-7.repo
sed -i 's/$releasever/7/g' /etc/yum.repos.d/Centos-7.repo
wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sed -i 's/$releasever/7/g' /etc/yum.repos.d/docker-ce.repo

yum list docker-ce --showduplicates|sort -r
#查看依赖
yum deplist docker-ce

#下载docker-ce rpm依赖
yumdownloader docker-ce --resolve --destdir=/opt/docker-ce
yumdownloader docker-compose --resolve --destdir=/opt/docker-ce

#打包docker-ce rpm
cd /opt/docker-ce
tar zcvf docker-ce.offline.tar.gz *

无外网环境安装

设置免密

ssh-keygen -t rsa
cat /root/.ssh/id_rsa.pub  >> /root/.ssh/authorized_keys
chmod 0600 /root/.ssh/authorized_keys
#检查
ssh root@192.168.xx.xx date

安装ansible

创建 InstallAnsible.sh 脚本,将ip改为本机ip。

#!/bin/bash
mv /etc/yum.repos.d/kylin_x86_64.repo /etc/yum.repos.d/kylin_x86_64.repo.bak
mkdir -p /opt/ansible
tar -zxvf ansible.offline.tar.gz -C /opt/ansible/
createrepo -po /opt/ansible/ /opt/ansible

cat >/etc/yum.repos.d/ansible.repo<<eof
[ansible]
name=ansible
baseurl=file:///opt/ansible
gpgcheck=0
enabled=1
eof

yum clean all
yum repolist

yum install ansible -y

cat >>/etc/ansible/hosts<<eof
[kylin]
192.168.xx.xx ansible_ssh_user=root ansible_ssh_port=22
eof

拷贝打包的 ansible.offline.tar.gz 文件到要安装到系统后执行如下命令。

sudo chmod +x InstallAnsible.sh
./InstallAnsible.sh

#安装成功查看版本
ansible --version

安装docker

创建 install-docker.yaml 安装脚本

- name: install docker
  gather_facts: false
  hosts: kylin
  remote_user: root
  vars:
    ansible_python_interpreter: /usr/bin/python3
    local_current_dir: "{{ lookup('env', 'PWD') }}"
  tasks:
   - name: test connection
     ping:
   - name: tar docker
     shell: 
       cmd: |
         mkdir -p /opt/docker-ce
         tar -zxvf {{ local_current_dir }}/docker-ce.offline.tar.gz -C /opt/docker-ce/
         createrepo -po /opt/docker-ce/ /opt/docker-ce
   - name: add docker repo
     shell: 
       cmd: |
         cat >/etc/yum.repos.d/docker-ce.repo<<eof
         [docker-ce]
         name=docker-ce
         baseurl=file:///opt/docker-ce
         gpgcheck=0
         enabled=1
         eof
   - name: yum clean
     shell: yum clean all && yum makecache && yum repolist
   - name: setup docker-ce
     yum: name=docker-ce state=present
   - name: setup docker-compose
     yum: name=docker-compose state=present
   - name: start docker
     service: name=docker.service enabled=yes state=started
#ansible-playbook执行安装docker
ansible-playbook install-docker.yaml

使用ansible与docker-compose安装基础服务

先在有外网环境将需要的docker镜像save后,拷贝到无外网环境。

docker save portainer/portainer:latest > /usr/local/src/portainer.tar
docker save redis:latest > /usr/local/src/redis.tar

创建 inf-compose.yaml 文件

version: '3'

services:

  redis:
    image: redis
    restart: always
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /usr/local/dockervol/redis/redis.conf:/etc/redis/redis.conf
      - /usr/local/dockervol/redis/data:/data
    ports:
      - "6379:6379"
    command: 
      redis-server /etc/redis/redis.conf --appendonly yes

创建 run-inf.yaml 文件

- name: run inf
  gather_facts: false
  hosts: kylin
  remote_user: root
  vars:
    ansible_python_interpreter: /usr/bin/python3
    local_current_dir: "{{ lookup('env', 'PWD') }}"
  tasks:
   - name: test connection
     ping:
   - name: check docker image
     shell: docker images | grep portainer
     ignore_errors: True
     register: img_result  #存在 succeeded,不存在 failed
   - name: docker load
     shell: 
       cmd: |
         docker load -i {{ local_current_dir }}/portainer.tar
         docker load -i {{ local_current_dir }}/redis.tar
     when: img_result | failed
   - name: check portainer
     shell: docker ps | grep portainer
     ignore_errors: True
     register: portainer_result
   - name: portainer
     shell: docker run -d -p 9000:9000 --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /usr/local/dockervol/portainer/data:/data --name portainer docker.io/portainer/portainer
     when: portainer_result | failed
   - name: inf compose
     shell: 
       docker-compose -f {{ local_current_dir }}/inf-compose.yaml up -d
#安装基础服务
ansible-playbook run-inf.yaml
posted @ 2023-05-24 19:35  ddrsql  阅读(1383)  评论(0编辑  收藏  举报