在 Azure Stack Hub 中的 Linux 上安装 AKS 引擎Install the AKS engine on Linux in Azure Stack Hub

可以在 Azure Stack Hub 中使用 Linux 计算机托管 AKS 引擎,以便部署和管理 Kubernetes 群集。You can use a Linux machine in your Azure Stack Hub to host the AKS engine in order to deploy and manage a Kubernetes cluster. 在本文中,我们将介绍如何准备客户端 VM 以便针对联网 Azure Stack Hub 实例和离线 Azure Stack Hub 实例管理群集,如何检查安装,以及如何在 ASDK 上设置客户端 VM。In this article, we look at preparing the client VM to manage your cluster for both connected and disconnected Azure Stack Hub instances, check the install, and setting up the client VM on the ASDK.

准备客户端 VMPrepare the client VM

AKS 引擎是一种命令行工具,用于部署和管理 Kubernetes 群集。The AKS engine is a command-line tool used to deploy and manage your Kubernetes cluster. 可以在 Azure Stack Hub 中的计算机上运行引擎。You can run the engine on a machine in your Azure Stack Hub. 从此计算机中,你将执行 AKS 引擎来部署运行群集所需的 IaaS 资源和软件。From this machine, you will execute the AKS engine to deploy the IaaS resources and software needed to run your cluster. 然后,可以使用运行引擎的计算机在群集上执行管理任务。You can then use the machine running the engine to perform management tasks on your cluster.

选择客户端计算机时,请考虑:When choosing your client machine, consider:

  1. 发生灾难时是否应恢复客户端计算机。If the client machine should be recoverable in case of a disaster.
  2. 如何连接到客户端计算机以及计算机将如何与群集交互。How you will connect to the client machine and how the machine will interact with your cluster.

安装在连接的环境中Install in a connected environment

可以安装客户端 VM,以便在连接到 Internet 的 Azure Stack Hub 上管理 Kubernetes 群集。You can install the client VM to manage your Kubernetes cluster on an Azure Stack Hub connected to the Internet.

  1. 在 Azure Stack Hub 中创建 Linux VM。Create a Linux VM in your Azure Stack Hub. 有关说明,请参阅快速入门:通过使用 Azure Stack Hub 门户创建 Linux 服务器 VMFor instructions, see Quickstart: Create a Linux server VM by using the Azure Stack Hub portal.

  2. 连接到 VM。Connect to your VM.

  3. AKS 引擎和 Azure Stack 版本映射表中查找 AKS 引擎的版本。Find the version of AKS engine in the AKS engine and Azure Stack version mapping table table. AKS 基础映像必须已在 Azure Stack Hub 市场中提供。The AKS Base Image must be available in your Azure Stack Hub Marketplace. 运行该命令时,必须指定版本 --version v0.xx.xWhen running the command, you must specify the version --version v0.xx.x. 如果不指定版本,该命令将安装最新版,这样可能就会需要市场中未提供的 VHD 映像。If you don't specify the version, the command will install the latest version, which may need a VHD image that is not available in your marketplace.

    备注

    可以在 AKS 引擎发行说明中找到 Azure Stack Hub 到 AKS 引擎版本号的映射。You can find the mapping of Azure Stack Hub to AKS engine version number in the AKS engine release notes.

  4. 运行下面的命令:Run the following command:

        curl -o get-akse.sh https://raw.githubusercontent.com/Azure/aks-engine/master/scripts/get-akse.sh
        chmod 700 get-akse.sh
        ./get-akse.sh --version v0.xx.x
    

    备注

    可以在 AKS 引擎发行说明中找到 Azure Stack Hub 到 AKS 引擎版本号的映射。You can find the mapping of Azure Stack Hub to AKS engine version number in the AKS engine release notes.

    备注

    如果此安装方法失败,可以尝试离线环境中的步骤,或者尝试 GoFish(一个备用包管理器)。If you method for installation fails, you can try the steps in the disconnected environment, or Try GoFish, an alternate package manager.

在离线环境中安装Install in a disconnected environment

可以安装客户端 VM 以在与 Internet 断开连接的 Azure Stack Hub 上管理 Kubernetes 群集。You can install the client VM to manage your Kubernetes cluster on an Azure Stack Hub disconnected from the Internet.

  1. 在可访问 Internet 的计算机上,转到 GitHub Azure/aks-engineFrom a machine with access to the Internet, go to GitHub Azure/aks-engine. 下载用于 Linux 计算机的存档 (*.tar.gz),例如 aks-engine-v0.xx.x-linux-amd64.tar.gzDownload an archive (*.tar.gz) for a Linux machine, for example, aks-engine-v0.xx.x-linux-amd64.tar.gz. 受支持的 Kubernetes 版本表中查找 AKS 引擎的版本。Find the version of AKS engine in the Supported Kubernetes Versions table.

  2. 在 Azure Stack Hub 实例中创建存储帐户,以便使用 AKS 引擎二进制文件上传存档文件 (*.tar.gz)。Create a storage account in your Azure Stack Hub instance to upload the archive file (*.tar.gz) with the AKS engine binary. 有关使用 Azure 存储资源管理器的说明,请参阅 Azure 存储资源管理器与 Azure Stack HubFor instructions on using the Azure Storage Explorer, see Azure Storage Explorer with Azure Stack Hub.

  3. 在 Azure Stack Hub 中创建 Linux VM。Create a Linux VM in your Azure Stack Hub. 有关说明,请参阅快速入门:通过使用 Azure Stack Hub 门户创建 Linux 服务器 VMFor instructions, see Quickstart: Create a Linux server VM by using the Azure Stack Hub portal.

  4. 从上传存档文件 (*.tar.gz) 的 Azure Stack Hub 存储帐户 Blob URL 将文件下载到管理 VM。From the Azure Stack Hub storage account blob URL where you uploaded the archive file (*.tar.gz), download the file to your management VM. 将该存档提取到 /usr/local/bin 目录。Extract the archive to the directory /usr/local/bin.

  5. 连接到 VM。Connect to your VM.

  6. 运行以下命令:Run the following command:

    curl -o aks-engine-v0.xx.x-linux-amd64.tar.gz <httpurl/aks-engine-v0.xx.x-linux-amd64.tar.gz>
    tar xvzf aks-engine-v0.xx.x-linux-amd64.tar.gz -C /usr/local/bin
    

验证安装Verify the installation

设置客户端 VM 后,请检查是否安装了 AKS 引擎。Once your client VM is set up, check that you have installed the AKS engine.

  1. 连接到客户端 VM。Connect to your client VM.

  2. 运行以下命令:Run the following command:

    aks-engine version
    
  3. 如果 Azure 资源管理器终结点使用自签名证书,你需要将根证书显式添加到该计算机的受信任证书存储。If Azure Resource Manager endpoint is using a self-signed certificate, you need to explicitly add the root certificate to trusted certificate store of the machine. 可在 VM 中的此目录下找到根证书:/var/lib/waagent/Certificates.pem。You can find the root certificate in the VM in this directory: /var/lib/waagent/Certificates.pem. 使用以下命令复制该证书文件:Copy the certificate file with the following command:

    sudo cp /var/lib/waagent/Certificates.pem /usr/local/share/ca-certificates/azurestackca.crt 
    sudo update-ca-certificates
    

如果无法验证是否已在客户端 VM 上安装了 AKS 引擎,请参阅 AKS 引擎安装故障排除If you are unable to verify that you have installed the AKS engine on your client VM, see Troubleshoot AKS engine install

ASDK 安装ASDK installation

在 ASDK 上为 AKS 引擎运行客户端 VM 时,需要添加证书。You will need to add a certificate when running the client VM for the AKS engine on the ASDK.

在使用 ASDK 时,如果 Azure 资源管理器终结点使用自签名证书,你需要将此证书显式添加到该计算机的受信任证书存储。When you are using an ASDK your Azure Resource Manager endpoint is using a self-signed certificate, you need explicitly to add this certificate to the machine's trusted certificate store. 可以在 ASDK 中部署的任何 VM 上找到 ASDK 根证书。You can find the ASDK root certificate in any VM you deploy in the ASDK. 例如,在 Ubuntu VM 上,可在 /var/lib/waagent/Certificates.pem 目录中找到根证书。For example, in an Ubuntu VM you will find it in this directory /var/lib/waagent/Certificates.pem.

使用以下命令复制该证书文件:Copy the certificate file with the following command:

sudo cp /var/lib/waagent/Certificates.pem /usr/local/share/ca-certificates/azurestackca.crt

sudo update-ca-certificates

后续步骤Next steps